Bug #44151 using handler commands on information_schema tables crashes server
Submitted: 8 Apr 2009 12:53 Modified: 16 May 2009 0:07
Reporter: Shane Bester (Platinum Quality Contributor) Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Information schema Severity:S1 (Critical)
Version:5.0.78,5.1.32, 5.1.33, 5.1.35-bzr, 6.0.9 OS:Any
Assigned to: Sergey Glukhov CPU Architecture:Any
Triage: Triaged: D1 (Critical)

[8 Apr 2009 12:53] Shane Bester
Description:
mysqld.exe!mysql_lock_tables_check()[lock.cc:152]
mysqld.exe!mysql_lock_tables()[lock.cc:208]
mysqld.exe!mysql_ha_read()[sql_handler.cc:475]
mysqld.exe!mysql_execute_command()[sql_parse.cc:3954]
mysqld.exe!mysql_parse()[sql_parse.cc:5835]
mysqld.exe!dispatch_command()[sql_parse.cc:1218]
mysqld.exe!do_command()[sql_parse.cc:857]
mysqld.exe!handle_one_connection()[sql_connect.cc:1115]
mysqld.exe!pthread_start()[my_winthread.c:85]
mysqld.exe!_callthreadstart()[thread.c:295]
mysqld.exe!_threadstart()[thread.c:277]
kernel32.dll!BaseThreadStart()
ariables.
 invalid and cause the dump to abort...
0004C723C8=handler `PROCESSLIST` read `idx0` first

How to repeat:
use information_schema;
handler `PROCESSLIST` open;
handler `PROCESSLIST` read `idx0` first;
handler `PROCESSLIST` read `idx0` next;
handler `PROCESSLIST` read `idx0` last;
handler `PROCESSLIST` close;
[8 Apr 2009 12:59] Valeriy Kravchuk
Thank you for the bug report.
[8 Apr 2009 12:59] Miguel Solorzano
Call stack 5.1 source build

Attachment: callstack-44151.txt (text/plain), 2.65 KiB.

[8 Apr 2009 13:02] Valeriy Kravchuk
Same crash with latest 5.1.35 from bzr on Linux.
[8 Apr 2009 13:03] Dean Ellis
Crashing 5.0.67 too:

HANDLER COLUMNS OPEN;
HANDLER COLUMNS READ FIRST;
[8 Apr 2009 13:12] Shane Bester
5.0.78 crashed too:

handler `ROUTINES` open;
handler `ROUTINES` read `idx0` first;
[10 Apr 2009 10:51] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/71860

2724 Sergey Glukhov	2009-04-10
      Bug#44151 using handler commands on information_schema tables crashes server
      information schema tables are based on internal tmp tables which are removed
      after each statement execution. So HANDLER comands can not be used with
      information schema.
      The fix is to issue an error if HANDLER command is used with I_S.
     @ mysql-test/r/handler.result
        test result
     @ mysql-test/t/handler.test
        test case
     @ sql/sql_handler.cc
        information schema tables are based on internal tmp tables which are removed
        after each statement execution. So HANDLER comands can not be used with
        information schema.
        The fix is to issue an error if HANDLER command is used with I_S.
[13 Apr 2009 8:16] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/71909

2724 Sergey Glukhov	2009-04-13
      Bug#44151 using handler commands on information_schema tables crashes server
      information schema tables are based on internal tmp tables which are removed
      after each statement execution. So HANDLER comands can not be used with
      information schema.
     @ mysql-test/r/handler.result
        test result
     @ mysql-test/t/handler.test
        test case
     @ sql/sql_handler.cc
        information schema tables are based on internal tmp tables which are removed
        after each statement execution. So HANDLER comands can not be used with
        information schema.
[17 Apr 2009 8:41] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/72370

2727 Sergey Glukhov	2009-04-17
      Bug#44151 using handler commands on information_schema tables crashes server
      information schema tables are based on internal tmp tables which are removed
      after each statement execution. So HANDLER comands can not be used with
      information schema.
     @ mysql-test/r/handler.result
        test result
     @ mysql-test/t/handler.test
        test case
     @ sql/sql_handler.cc
        information schema tables are based on internal tmp tables which are removed
        after each statement execution. So HANDLER comands can not be used with
        information schema.
[5 May 2009 18:52] Bugs System
Pushed into 5.0.82 (revid:davi.arnaut@sun.com-20090505184158-dvmedh8n472y8np5) (version source revid:davi.arnaut@sun.com-20090505184158-dvmedh8n472y8np5) (merge vers: 5.0.82) (pib:6)
[5 May 2009 19:40] Bugs System
Pushed into 5.1.35 (revid:davi.arnaut@sun.com-20090505190206-9xmh7dlc6kom8exp) (version source revid:davi.arnaut@sun.com-20090505190206-9xmh7dlc6kom8exp) (merge vers: 5.1.35) (pib:6)
[6 May 2009 14:12] Bugs System
Pushed into 6.0.12-alpha (revid:svoj@sun.com-20090506125450-yokcmvqf2g7jhujq) (version source revid:sergey.glukhov@sun.com-20090417091433-o03d2kliyyazi9mz) (merge vers: 6.0.11-alpha) (pib:6)
[16 May 2009 0:07] Paul Dubois
Noted in 5.0.82, 5.1.35, 6.0.12.

Use of HANDLER statements with INFORMATION_SCHEMA tables caused a
server crash. Now HANDLER is prohibited with such tables.
[15 Jun 2009 8:27] Bugs System
Pushed into 5.1.35-ndb-6.3.26 (revid:jonas@mysql.com-20090615074202-0r5r2jmi83tww6sf) (version source revid:jonas@mysql.com-20090615070837-9pccutgc7repvb4d) (merge vers: 5.1.35-ndb-6.3.26) (pib:6)
[15 Jun 2009 9:06] Bugs System
Pushed into 5.1.35-ndb-7.0.7 (revid:jonas@mysql.com-20090615074335-9hcltksp5cu5fucn) (version source revid:jonas@mysql.com-20090615072714-rmfkvrbbipd9r32c) (merge vers: 5.1.35-ndb-7.0.7) (pib:6)
[15 Jun 2009 9:47] Bugs System
Pushed into 5.1.35-ndb-6.2.19 (revid:jonas@mysql.com-20090615061520-sq7ds4yw299ggugm) (version source revid:jonas@mysql.com-20090615054654-ebgpz7elwu1xj36j) (merge vers: 5.1.35-ndb-6.2.19) (pib:6)
[10 Jul 2009 23:19] Bugs System
Pushed into 5.1.37 (revid:build@mysql.com-20090710231213-9guqdu0avc0uwdkp) (version source revid:build@mysql.com-20090710231213-9guqdu0avc0uwdkp) (merge vers: 5.1.37) (pib:11)
[23 Jul 2009 10:24] Bugs System
Pushed into 5.4.4-alpha (revid:alik@sun.com-20090723102221-ps4uaphwbxzj8p0q) (version source revid:joerg@mysql.com-20090721145751-rqqnhv0kage18wfi) (merge vers: 5.4.4-alpha) (pib:11)
[26 Aug 2009 13:46] Bugs System
Pushed into 5.1.37-ndb-7.0.8 (revid:jonas@mysql.com-20090826132541-yablppc59e3yb54l) (version source revid:jonas@mysql.com-20090826132541-yablppc59e3yb54l) (merge vers: 5.1.37-ndb-7.0.8) (pib:11)
[26 Aug 2009 13:46] Bugs System
Pushed into 5.1.37-ndb-6.3.27 (revid:jonas@mysql.com-20090826105955-bkj027t47gfbamnc) (version source revid:jonas@mysql.com-20090826105955-bkj027t47gfbamnc) (merge vers: 5.1.37-ndb-6.3.27) (pib:11)
[26 Aug 2009 13:48] Bugs System
Pushed into 5.1.37-ndb-6.2.19 (revid:jonas@mysql.com-20090825194404-37rtosk049t9koc4) (version source revid:jonas@mysql.com-20090825194404-37rtosk049t9koc4) (merge vers: 5.1.37-ndb-6.2.19) (pib:11)
[27 Aug 2009 16:33] Bugs System
Pushed into 5.1.35-ndb-7.1.0 (revid:magnus.blaudd@sun.com-20090827163030-6o3kk6r2oua159hr) (version source revid:jonas@mysql.com-20090826132541-yablppc59e3yb54l) (merge vers: 5.1.37-ndb-7.0.8) (pib:11)