Bug #32083 server crashes on show status when InnoDB is not initialized
Submitted: 3 Nov 2007 22:53 Modified: 25 Feb 2008 19:15
Reporter: Alexey Stroganov Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: InnoDB storage engine Severity:S1 (Critical)
Version:5.0.50 OS:Any
Assigned to: Timothy Smith CPU Architecture:Any
Triage: D1 (Critical)

[3 Nov 2007 22:53] Alexey Stroganov
Description:
I've started server and pointed tmpdir to location that is unwritable,executed 'show status' stmt and server crashes with following backtrace:

(gdb) bt
#0  0x00000000006b3a3a in srv_export_innodb_status () at srv0srv.c:1796
#1  0x000000000063d21f in innodb_export_status () at ha_innodb.cc:6310
#2  0x000000000062d04e in ha_update_statistics () at handler.cc:1159
#3  0x000000000065a9e2 in fill_status (thd=0x12cb6b0, tables=0x130a4e0, cond=0x0) at sql_show.cc:3573
#4  0x000000000065be45 in get_schema_tables_result (join=0x130ab20, executed_place=PROCESSED_BY_JOIN_EXEC)
    at sql_show.cc:4071
#5  0x00000000005b92df in JOIN::exec (this=0x130ab20) at sql_select.cc:1693
#6  0x00000000005baa8d in mysql_select (thd=0x12cb6b0, rref_pointer_array=0x12cd100, tables=0x130a4e0,
    wild_num=0, fields=@0x130ab20, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0,
    select_options=2693024256, result=0x130ab00, unit=0x12ccb28, select_lex=0x12cced8) at sql_select.cc:2279
#7  0x00000000005b5e81 in handle_select (thd=0x12cb6b0, lex=0x12cca98, result=0x130ab00,
    setup_tables_done_option=0) at sql_select.cc:244
#8  0x0000000000582c16 in mysql_execute_command (thd=0x12cb6b0) at sql_parse.cc:2666
#9  0x0000000000588c3c in mysql_parse (thd=0x12cb6b0, inBuf=0x130a1c0 "show status like 'uptime'", length=25,
    found_semicolon=0x40881788) at sql_parse.cc:6094
#10 0x0000000000581331 in dispatch_command (command=COM_QUERY, thd=0x12cb6b0, packet=0x130a1d9 "",
    packet_length=26) at sql_parse.cc:1812
#11 0x0000000000580bbc in do_command (thd=0x12cb6b0) at sql_parse.cc:1586
#12 0x000000000057feb1 in handle_one_connection (arg=0xc24a10) at sql_parse.cc:1197
#13 0x00002b3f4ca14193 in start_thread () from /lib64/libpthread.so.0
#14 0x00002b3f4cf8945d in clone () from /lib64/libc.so.6
#15 0x0000000000000000 in ?? ()

mysqld.err file
/data0/mysql-enterprise-5.0.50-linux-x86_64-glibc23/bin/mysqld-debug: Can't create/write to file '/root/tmp/ibACxcGs' (Errcode: 13)
071103 23:36:07  InnoDB: Error: unable to create temporary file; errno: 13
[New Thread 1082399040 (LWP 14567)]
071103 23:36:07 [Note] /data0/mysql-enterprise-5.0.50-linux-x86_64-glibc23/bin/mysqld-debug: ready for connections.
Version: '5.0.50-enterprise-debug'  socket: '/tmp/mysql.sock'  port: 3306  MySQL Enterprise Server - Debug (Commercial)

In the beginning of err file we see a warning that tmpdir is unwritable but unfortunately later in code this is not taken into account 

Also see BUG#15185 that should fix similar issue more than one year ago.

How to repeat:
start server with unwritable tmpdir:

cd mysql-enterprise-5.0.50-linux-x86_64-glibc23
./bin/mysqld --no-defaults --basedir=.  --datadir=data/ --tmpdir=/root/tmp

execute 'show status' stmt

mysql -uroot -e'show status'
[5 Nov 2007 15:13] Heikki Tuuri
Aleksey,

InnoDB really needs a writable tmpdir. It uses it as a buffer for some printfs.

Assigning this to Marko. Maybe we could catch this and print an error message to the .err log?

Regards,

Heikki
[5 Nov 2007 16:21] Alexey Stroganov
Heikki, Marko,

probably we should somehow disable innodb engine in case of tmpdir is unwritable or at least assert but don't crash.
[7 Jan 2008 13:44] Marko Mäkelä
This bug seems to have been introduced by someone at MySQL AB. The problem is that innodb_export_status is being called, even though InnoDB has not been initialized.

The fix is simple:

Index: ha_innodb.cc
===================================================================
--- ha_innodb.cc	(revision 2222)
+++ ha_innodb.cc	(working copy)
@@ -6339,7 +6339,9 @@ void
 innodb_export_status(void)
 /*======================*/
 {
-  srv_export_innodb_status();
+	if (innodb_inited) {
+		srv_export_innodb_status();
+	}
 }
 
 /****************************************************************************
[7 Jan 2008 13:58] Marko Mäkelä
Sent innodb-5.0-ss2223.tar.gz to MySQL
[9 Jan 2008 17:41] Timothy Smith
Workaround is to use a writable tmp_dir.
[24 Jan 2008 1:20] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/41186

ChangeSet@1.2588, 2008-01-23 18:20:04-07:00, tsmith@ramayana.hindu.god +1 -0
  Applied innodb-5.0-ss2223 snapshot
  
  Fixes:
  
  Bug #32083: server crashes on show status when InnoDB is not initialized
    innodb_export_status(): Check that InnoDB has been initialized
    before invoking srv_export_innodb_status().  (Bug #32083)
    This bug does not exist in MySQL/InnoDB 5.1.
[24 Jan 2008 8:49] Timothy Smith
patch queued to 5.0-build (doesn't affect other versions)
[25 Feb 2008 15:59] Bugs System
Pushed into 5.1.24-rc
[25 Feb 2008 16:04] Bugs System
Pushed into 5.0.58
[25 Feb 2008 16:05] Bugs System
Pushed into 6.0.5-alpha
[25 Feb 2008 19:15] Paul Dubois
Noted in 5.0.58 changelog.

SHOW STATUS caused a server crash if InnoDB had not been initialized.

Fix does not apply to 5.1+.