Bug #34335 InnoDB: Crash with auto_increment bigint
Submitted: 5 Feb 2008 23:27 Modified: 19 Jun 2010 18:06
Reporter: Peter Gulutzan Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: InnoDB storage engine Severity:S3 (Non-critical)
Version:5.1.24-rc-debug OS:Linux (SUSE 10 64-bit)
Assigned to:
Triage: D1 (Critical)

[5 Feb 2008 23:27] Peter Gulutzan
Description:
I create an InnoDB table with two columns.
One column is BIGINT and AUTO_INCREMENT.
I insert, auto_increment column = 9223372036854775807.
I insert, auto_increment column is NULL.
Crash.

It reminds me of Bug#31860, but the test case for
Bug#31860 works fine now.

How to repeat:
mysql> create table th (s1 bigint primary key auto_increment, s2 varchar(10)) engine=innodb;
Query OK, 0 rows affected (0.02 sec)

mysql> insert into th values (9223372036854775807, null);
Query OK, 1 row affected (0.01 sec)

mysql> insert into th (s2) values ('e');
ERROR 2013 (HY000): Lost connection to MySQL server during query
[5 Feb 2008 23:46] Miguel Solorzano
Thank you for the bug report. Verified as described.

handler.cc
--1869--

 if (nr == ~(ulonglong) 0)
        DBUG_RETURN(HA_ERR_AUTOINC_READ_FAILED);  // Mark failure

 	mysqld.exe!ha_innobase::innobase_get_auto_increment()  + 0x116	C++
 	mysqld.exe!ha_innobase::get_auto_increment()  + 0x45	C++
>	mysqld.exe!handler::update_auto_increment()  Line 1869	C++
 	mysqld.exe!ha_innobase::write_row()  + 0x216	C++
 	mysqld.exe!Item_string::save_in_field(Field * field=0x02c668f8, int no_conversions=0)  Line 4673 + 0x2b	C++
 	mysqld.exe!write_record(THD * thd=0x011296e0, st_table * table=0x0113ffcc, st_copy_info * info=0x0342f29c)  Line 1546 + 0xc	C++
 	mysqld.exe!mysql_insert(THD * thd=0x011296e0, TABLE_LIST * table_list=0x02c5a4d8, List<Item> & fields={...}, List<List<Item> > & values_list={...}, List<Item> & update_fields={...}, List<Item> & update_values={...}, enum_duplicates duplic=DUP_ERROR, int ignore=0)  Line 803 + 0xc	C++
 	mysqld.exe!mysql_execute_command(THD * thd=)  Line 2942 + 0x35	C++
 	mysqld.exe!mysql_parse(THD * thd=0x011296e0, const char * inBuf=0x02c5a418, unsigned int length=32, const char * * found_semicolon=0x0342fac8)  Line 5627	C++
 	mysqld.exe!dispatch_command(enum_server_command command=COM_QUERY, THD * thd=0x011296e0, char * packet=0x02c523e9, unsigned int packet_length=32)  Line 1123	C++
 	mysqld.exe!do_command(THD * thd=0x00000003)  Line 781 + 0xf	C++
 	mysqld.exe!handle_one_connection(void * arg=0x011296e0)  Line 1120 + 0x6	C++
 	mysqld.exe!_pthread_start()  + 0x3b	C
 	mysqld.exe!_threadstart(void * ptd=0x02c49e50)  Line 196 + 0x6	C
 	kernel32.dll!7c80b683()
[6 Feb 2008 13:10] Heikki Tuuri
Sunny,

please check what is the problem.

Regards,

Heikki
[6 Mar 2008 18:05] Heikki Tuuri
Putting the status to Patch approved, since I approved the minimal patch yesterday.
[31 Mar 2008 8:36] Vasil Dimov
Fix for this has been committed in InnoDB 5.1 repo under r2353:

--- cut ---
r2353 | sunny | 2008-03-06 07:23:39 +1100 (Thu, 06 Mar 2008) | 7 lines
 
branches/5.1: Change the InnoDB autoinc type to ulint64. For this added a
new typedef to univ.i (ib_ulonglong). Added checks for overflow and removed
the assertion where it crashed previously, since the type has now changed
to unsigned, it doesn't make sense to check for < 0. Added new tests, to
check for overflow, for the different INT types supported for both
signed and unsigned.
--- cut ---

It is queued with the 5.1 snapshot-r2360.
[1 Apr 2008 13:47] Trudy Pelzer
Pushed into 5.1.24 (per Danny)
[1 Apr 2008 18:19] Paul Dubois
Noted in 5.1.24 changelog.

InnoDB could crash if overflow occurred for an AUTO_INCREMENT column.

Resetting report to Patch queued waiting for push into 6.0.x.
[24 Jun 2008 21:41] Calvin Sun
Merged into 6.0.6-alpha, according to Tim.
[25 Jun 2008 2:00] Paul Dubois
Noted in 6.0.6 changelog.
[5 May 2010 15:01] Bugs System
Pushed into 5.1.47 (revid:joro@sun.com-20100505145753-ivlt4hclbrjy8eye) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)
[6 May 2010 14:07] Paul Dubois
Push resulted from incorporation of InnoDB tree. No changes pertinent to this bug.
Re-closing.
[28 May 2010 5:55] Bugs System
Pushed into mysql-next-mr (revid:alik@sun.com-20100524190136-egaq7e8zgkwb9aqi) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (pib:16)
[28 May 2010 6:24] Bugs System
Pushed into 6.0.14-alpha (revid:alik@sun.com-20100524190941-nuudpx60if25wsvx) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)
[28 May 2010 6:52] Bugs System
Pushed into 5.5.5-m3 (revid:alik@sun.com-20100524185725-c8k5q7v60i5nix3t) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)
[29 May 2010 22:49] Paul Dubois
Push resulted from incorporation of InnoDB tree. No changes pertinent to this bug.
Re-closing.
[17 Jun 2010 11:57] Bugs System
Pushed into 5.1.47-ndb-7.0.16 (revid:martin.skold@mysql.com-20100617114014-bva0dy24yyd67697) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)
[17 Jun 2010 12:36] Bugs System
Pushed into 5.1.47-ndb-6.2.19 (revid:martin.skold@mysql.com-20100617115448-idrbic6gbki37h1c) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)
[17 Jun 2010 13:23] Bugs System
Pushed into 5.1.47-ndb-6.3.35 (revid:martin.skold@mysql.com-20100617114611-61aqbb52j752y116) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)