Bug #42496 server debug assertion after mysql_stmt_fetch is killed
Submitted: 31 Jan 2009 9:48 Modified: 14 Oct 2010 13:27
Reporter: Shane Bester (Platinum Quality Contributor) Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Prepared statements Severity:S2 (Serious)
Version:5.1.30-debug, 5.1.41-debug, 5.1.42-debug OS:Any
Assigned to: Dmitry Shulga CPU Architecture:Any
Tags: KILL

[31 Jan 2009 9:48] Shane Bester 
Description:
mysqld-debug.exe!_NMSG_WRITE()[crt0msg.c:198]
mysqld-debug.exe!abort()[abort.c:68]
mysqld-debug.exe!_wassert()[assert.c:212]
mysqld-debug.exe!Diagnostics_area::set_eof_status()[sql_class.cc:443]
mysqld-debug.exe!my_eof()[sql_class.h:2253]
mysqld-debug.exe!Select_fetch_protocol_binary::send_eof()[sql_prepare.cc:2795]
mysqld-debug.exe!Materialized_cursor::fetch()[sql_cursor.cc:661]
mysqld-debug.exe!mysql_stmt_fetch()[sql_prepare.cc:2561]
mysqld-debug.exe!dispatch_command()[sql_parse.cc:1161]
mysqld-debug.exe!do_command()[sql_parse.cc:857]
mysqld-debug.exe!handle_one_connection()[sql_connect.cc:1115]
mysqld-debug.exe!pthread_start()[my_winthread.c:85]
mysqld-debug.exe!_callthreadstart()[thread.c:295]
mysqld-debug.exe!_threadstart()[thread.c:277]

Trying to get some variables.
Some pointers may be invalid and cause the dump to abort...
thd->query at 0000000004C5D868=select * from `qa06` limit 10

How to repeat:
not sure
[23 Nov 2009 16:29] MySQL Verification Team 
I can repeat this in 5.1.41-debug:

Assertion failed: ! is_set(), file .\sql_class.cc, line 495

This application has requested the Runtime to terminate it in an unusual way.
Please contact the application's support team for more information.

This application has requested the Runtime to terminate it in an unusual way.
Please contact the application's support team for more information.
091123 18:27:18 - mysqld got exception 0x80000003 ;
This could be because you hit a bug. It is also possible that this binary
or one of the libraries it was linked against is corrupt, improperly built,
or misconfigured. This error can also be caused by malfunctioning hardware.
We will try our best to scrape up some info that will hopefully help diagnose
the problem, but since we have already crashed, something is definitely wrong
and this may fail.

key_buffer_size=8384512
read_buffer_size=131072
max_used_connections=7
max_threads=151
threads_connected=7
It is possible that mysqld could use up to
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 338112 K
bytes of memory
Hope that's ok; if not, decrease some variables in the equation.

thd: 0x4cd9038
Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
mysqld-debug.exe!my_sigabrt_handler()[mysqld.cc:2048]
mysqld-debug.exe!raise()[winsig.c:597]
mysqld-debug.exe!abort()[abort.c:78]
mysqld-debug.exe!_wassert()[assert.c:212]
mysqld-debug.exe!Diagnostics_area::set_eof_status()[sql_class.cc:495]
mysqld-debug.exe!my_eof()[sql_class.h:2361]
mysqld-debug.exe!Select_fetch_protocol_binary::send_eof()[sql_prepare.cc:2811]
mysqld-debug.exe!Materialized_cursor::fetch()[sql_cursor.cc:673]
mysqld-debug.exe!mysqld_stmt_fetch()[sql_prepare.cc:2577]
mysqld-debug.exe!dispatch_command()[sql_parse.cc:1192]
mysqld-debug.exe!do_command()[sql_parse.cc:872]
mysqld-debug.exe!handle_one_connection()[sql_connect.cc:1127]
mysqld-debug.exe!pthread_start()[my_winthread.c:85]
mysqld-debug.exe!_callthreadstart()[thread.c:295]
mysqld-debug.exe!_threadstart()[thread.c:277]
kernel32.dll!BaseThreadStart()
Trying to get some variables.
Some pointers may be invalid and cause the dump to abort...
thd->query at 0000000004EF5E88=select * from `qa06` limit 10
thd->thread_id=14
thd->killed=KILL_CONNECTION
The manual page at http://dev.mysql.com/doc/mysql/en/crashing.html contains
information that should help you find out what is causing the crash.

The crash is caused when killing a connection while it's fetching data.. will make a testcase soon.
[23 Nov 2009 16:44] MySQL Verification Team 
another stack trace from similar crash in 5.1.41-debug:

Assertion failed: ! is_set() || can_overwrite_status, file .\sql_class.cc, line 529

mysqld-debug.exe!raise()[winsig.c:597]
mysqld-debug.exe!abort()[abort.c:78]
mysqld-debug.exe!_wassert()[assert.c:212]
mysqld-debug.exe!Diagnostics_area::set_error_status()[sql_class.cc:529]
mysqld-debug.exe!my_message_sql()[mysqld.cc:2918]
mysqld-debug.exe!my_error()[my_error.c:99]
mysqld-debug.exe!net_real_write()[net_serv.cc:672]
mysqld-debug.exe!net_flush()[net_serv.cc:345]
mysqld-debug.exe!Protocol::flush()[protocol.cc:537]
mysqld-debug.exe!mysql_test_select()[sql_prepare.cc:1377]
mysqld-debug.exe!check_prepared_statement()[sql_prepare.cc:1875]
mysqld-debug.exe!Prepared_statement::prepare()[sql_prepare.cc:3068]
mysqld-debug.exe!mysqld_stmt_prepare()[sql_prepare.cc:2094]
mysqld-debug.exe!dispatch_command()[sql_parse.cc:1202]
mysqld-debug.exe!do_command()[sql_parse.cc:872]
mysqld-debug.exe!handle_one_connection()[sql_connect.cc:1127]
mysqld-debug.exe!pthread_start()[my_winthread.c:85]
mysqld-debug.exe!_callthreadstart()[thread.c:295]
mysqld-debug.exe!_threadstart()[thread.c:277]
kernel32.dll!BaseThreadStart()
ariables.
 invalid and cause the dump to abort...
0004DB6EF8=select `c1` from `qa06`
[23 Nov 2009 16:57] MySQL Verification Team 
testcase. run this against a debug build of mysqld, for some minutes.

Attachment: bug42496.c (text/x-csrc), 11.46 KiB.
[23 Nov 2009 17:18] MySQL Verification Team 
i made testcase a bit faster by eliminating 'show processlist' to get the connection to kill. try this if previous is not fast..

Attachment: bug42496.c (text/x-csrc), 11.59 KiB.
[23 Nov 2009 17:45] Valeriy Kravchuk 
I've got a bit different assertion with recent 5.1.42-debug from bzr on Mac OS X:

Version: '5.1.42-debug'  socket: '/tmp/mysql.sock'  port: 3306  Source distribution
Assertion failed: (! is_set() || can_overwrite_status), function unknown function, file sql_class.cc, line 529.
091123 19:41:45 - mysqld got signal 6 ;

but we clearly have a problem here...
[8 Dec 2009 12:09] MySQL Verification Team 
I also got this on 5.1.41-debug with queru cache enabled:
Assertion failed: ! is_set(), file .\sql_class.cc, line 557

mysqld-debug.exe!my_sigabrt_handler()[mysqld.cc:2048]
mysqld-debug.exe!raise()[winsig.c:597]
mysqld-debug.exe!abort()[abort.c:78]
mysqld-debug.exe!_wassert()[assert.c:212]
mysqld-debug.exe!Diagnostics_area::disable_status()[sql_class.cc:557]
mysqld-debug.exe!Query_cache::send_result_to_client()[sql_cache.cc:1627]
mysqld-debug.exe!Prepared_statement::execute()[sql_prepare.cc:3579]
mysqld-debug.exe!Prepared_statement::execute_loop()[sql_prepare.cc:3256]
mysqld-debug.exe!mysqld_stmt_execute()[sql_prepare.cc:2475]
mysqld-debug.exe!dispatch_command()[sql_parse.cc:1187]
mysqld-debug.exe!do_command()[sql_parse.cc:872]
mysqld-debug.exe!handle_one_connection()[sql_connect.cc:1127]
mysqld-debug.exe!pthread_start()[my_winthread.c:85]
mysqld-debug.exe!_callthreadstart()[thread.c:295]
mysqld-debug.exe!_threadstart()[thread.c:277]
[5 Jul 2010 10:17] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/112874

3454 Dmitry Shulga	2010-07-05
      Fixed bug #42496 - the server could crash on a debug assert after a failure
      to write into a closed socket
     @ sql/protocol.cc
        Protocol::flush modified: set thd->main_da.can_overwrite_status= TRUE
        before call to net_flush() in order to prevent crash on assert in case
        of socket write failure, reset it to FALSE when net_flush() returned;
        Protocol::send_fields modified: return from method with error if call to
        my_net_write(), proto.write() or write_eof_packet() failed.
     @ sql/sql_cache.cc
        Query_cache::send_result_to_client modified: set
        thd->main_da.can_overwrite_status= TRUE before call to write
        data to socket and reset it to FALSE when write completed
        (successfully or failure).
     @ sql/sql_cursor.cc
        Materialized_cursor::fetch modified: leave method if call to
        result->send_data() failed.
     @ sql/sql_prepare.cc
        send_prep_stmt() modified: call to thd->main_da.disable_status()
        only if thd->protocol_text.send_fields() completed successfully.
[8 Jul 2010 15:02] Konstantin Osipov 
Sent a review over email, Davi to make the final review.
[21 Jul 2010 7:57] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/114007

3454 Dmitry Shulga	2010-07-21
      Fixed bug #42496 - the server could crash on a debug assert after a failure
      to write into a closed socket
     @ sql/protocol.cc
        Protocol::flush modified: set thd->main_da.can_overwrite_status= TRUE
        before call to net_flush() in order to prevent crash on assert in case
        of socket write failure, reset it to FALSE when net_flush() returned;
        Protocol::send_fields modified: return from method with error if call to
        my_net_write(), proto.write() or write_eof_packet() failed.
     @ sql/sql_cache.cc
        Query_cache::send_result_to_client modified: call to
        thd->main_da.disable_status() only if write to socket
        was successful.
     @ sql/sql_cursor.cc
        Materialized_cursor::fetch modified: leave method if call to
        result->send_data() failed.
     @ sql/sql_prepare.cc
        send_prep_stmt() modified: call to thd->main_da.disable_status()
        only if thd->protocol_text.send_fields() completed successfully.
[3 Aug 2010 17:27] Paul DuBois 
Noted in 5.1.50 changelog.

A debugging assertion could be raised after a write failure to a
closed socket. 

Setting report to Need Merge pending further pushes.
[4 Aug 2010 7:54] Bugs System 
Pushed into mysql-trunk 5.5.6-m3 (revid:alik@sun.com-20100731131027-1n61gseejyxsqk5d) (version source revid:alik@sun.com-20100731074942-o840woifuqioxxe4) (merge vers: 5.5.6-m3) (pib:18)
[4 Aug 2010 8:09] Bugs System 
Pushed into mysql-trunk 5.6.1-m4 (revid:alik@ibmvm-20100804080001-bny5271e65xo34ig) (version source revid:alik@sun.com-20100731075120-qz9z8c25zum2wgmm) (merge vers: 5.6.99-m4) (pib:18)
[4 Aug 2010 8:25] Bugs System 
Pushed into mysql-trunk 5.6.1-m4 (revid:alik@ibmvm-20100804081533-c1d3rbipo9e8rt1s) (version source revid:alik@sun.com-20100731075120-qz9z8c25zum2wgmm) (merge vers: 5.6.99-m4) (pib:18)
[4 Aug 2010 9:04] Bugs System 
Pushed into mysql-next-mr (revid:alik@ibmvm-20100804081630-ntapn8bf9pko9vj3) (version source revid:alik@sun.com-20100731075120-qz9z8c25zum2wgmm) (pib:20)
[4 Aug 2010 23:17] Paul DuBois 
Noted in 5.5.6 changelog.
Bug does not appear in any released 5.6.x version.
[19 Aug 2010 15:42] Bugs System 
Pushed into mysql-5.1 5.1.51 (revid:build@mysql.com-20100819151858-muaaor6jojb5ouzj) (version source revid:build@mysql.com-20100819151858-muaaor6jojb5ouzj) (merge vers: 5.1.51) (pib:20)
[14 Oct 2010 8:36] Bugs System 
Pushed into mysql-5.1-telco-7.0 5.1.51-ndb-7.0.20 (revid:martin.skold@mysql.com-20101014082627-jrmy9xbfbtrebw3c) (version source revid:martin.skold@mysql.com-20101014082627-jrmy9xbfbtrebw3c) (merge vers: 5.1.51-ndb-7.0.20) (pib:21)
[14 Oct 2010 8:51] Bugs System 
Pushed into mysql-5.1-telco-6.3 5.1.51-ndb-6.3.39 (revid:martin.skold@mysql.com-20101014083757-5qo48b86d69zjvzj) (version source revid:martin.skold@mysql.com-20101014083757-5qo48b86d69zjvzj) (merge vers: 5.1.51-ndb-6.3.39) (pib:21)
[14 Oct 2010 9:06] Bugs System 
Pushed into mysql-5.1-telco-6.2 5.1.51-ndb-6.2.19 (revid:martin.skold@mysql.com-20101014084420-y54ecj85j5we27oa) (version source revid:martin.skold@mysql.com-20101014084420-y54ecj85j5we27oa) (merge vers: 5.1.51-ndb-6.2.19) (pib:21)
[14 Oct 2010 13:27] Jon Stephens 
Already documented in the 5.1.50 changelog; no additional changelog entries required. Set back to Closed state.