Bug #37669 Server crash by setting "@@session.innodb_table_locks"
Submitted: 26 Jun 2008 14:37 Modified: 28 Jul 2008 15:30
Reporter: Joerg Bruehe Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server Severity:S1 (Critical)
Version:5.1.25 and up OS:Other (Solaris + HP-UX)
Assigned to: Ramil Kalimullin CPU Architecture:Any
Tags: crash
Triage: D1 (Critical) / R1 (None/Negligible) / E1 (None/Negligible)

[26 Jun 2008 14:37] Joerg Bruehe
Description:
This is detected in the 5.1.26 build, it already happened in 5.1.25-rc
(but escaped reporting). That whole test was new in 5.1.25-rc.

This analysis is for 5.1.26 only, not checked against 5.1.25-rc:

The crash goes strictly by platform,
and on the affected platforms *all* test runs crash with the same symptom:

All AMD64 (x86_64):        pass (including Solaris-amd64)
All x86 (32 bit):          pass (including Solaris-x86)
All IA64 (except HP-UX!):  pass (both gcc and icc builds)
All PowerPC (32 + 64 bit): pass (AIX, i5os, OS-X, Linux)
Linux/S390:                pass

SPARC: passes in 32 bit build, fails in 64 bit build

HP-UX: all fail: HP-PA 32 bit, HP-PA 64 bit, and IA64

=====
main.innodb_table_locks_basic  [ fail ]

mysqltest: At line 54: query 'SET @@session.innodb_table_locks = DEFAULT' failed: 2013: Lost connection to My
SQL server during query

The result from queries just before the failure was:
SET @session_start_value = @@session.innodb_table_locks;
SELECT @session_start_value;
@session_start_value
1
SET @global_start_value = @@global.innodb_table_locks;
SELECT @global_start_value;
@global_start_value
1
'#--------------------FN_DYNVARS_046_01------------------------#'
SET @@session.innodb_table_locks = 0;
SET @@session.innodb_table_locks = DEFAULT;

=====

On the affected platforms, "embedded" test runs also crash, but (as usual) they don't give any useful information:

=====
main.innodb_table_locks_basic  [ fail ]

ERROR: mysqltest returned unexpected code 138, it has probably crashed

Stopping All Servers
=====

How to repeat:
Run the test suite ...
[27 Jun 2008 14:45] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/48653

2677 Ramil Kalimullin	2008-06-27
      Fix for bug#37669: Server crash by setting "@@session.innodb_table_locks"
      
      Problem: reading/writing data from/to an address without proper 
      alignment leads to SIGBUS on some platforms.
      
      Fix: avoid that.
[9 Jul 2008 11:52] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/49297

2697 Ramil Kalimullin	2008-07-09
      Fix for bug#37669: Server crash by setting "@@session.innodb_table_locks"
      
      Problem: reading/writing data from/to an address without proper
      alignment leads to SIGBUS on some platforms.
      
      Fix: use the correct data type when dereferencing variable values.
[15 Jul 2008 16:30] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/49774
[22 Jul 2008 18:39] Bugs System
Pushed into 5.1.27
[24 Jul 2008 18:22] Paul Dubois
Noted in 5.1.28 changelog.

Setting the session value of the innodb_table_locks system variable
caused a server crash.

Setting report to Patch Queued pending push of fix into 6.0.x.
[28 Jul 2008 14:06] Georgi Kodinov
Pushed in 6.0.7-alpha
[28 Jul 2008 14:45] Bugs System
Pushed into 6.0.7-alpha  (revid:alik@mysql.com-20080725172155-fnc73o50e4tgl23k) (version source revid:alik@mysql.com-20080725172155-fnc73o50e4tgl23k) (pib:3)
[28 Jul 2008 15:30] Paul Dubois
Noted in 6.0.7 changelog.
[28 Jul 2008 16:45] Bugs System
Pushed into 5.1.28  (revid:davi.arnaut@sun.com-20080722182431-0i2f1yc4uocime9q) (version source revid:davi.arnaut@sun.com-20080722182431-0i2f1yc4uocime9q) (pib:3)
[26 Aug 2008 12:10] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/52550

2724 Alexey Botchkov	2008-08-26 [merge]
      merging
[14 Sep 2008 3:59] Bugs System
Pushed into 6.0.6-alpha  (revid:ramil@mysql.com-20080709115226-dusm7w0izlxhan0a) (version source revid:hakan@mysql.com-20080716175219-8unfm2ikarselqpw) (pib:3)