Bug #79211 crash from query_cache_limit set to larger than query_cache_size
Submitted: 10 Nov 2015 19:18 Modified: 10 Dec 2015 20:09
Reporter: Ammon Sutherland Email Updates:
Status: No Feedback Impact on me:
None 
Category:MySQL Server Severity:S3 (Non-critical)
Version:5.6.19,5.6.22 OS:Any
Assigned to: CPU Architecture:Any
Tags: crash, qcache, query_cache

[10 Nov 2015 19:18] Ammon Sutherland 
Description:
Having query_cache_limit set to > query_cache_size allows for the system to attempt to put things into the query cache that exceed its limit and a crash ensues.

Note, I was unable to force this to happen on 5.6.23.

Example:

query_cache_size=2M
query_cache_limit=16M

stack_bottom = 2b6f5746fec0 thread_stack 0x40000
/usr/bin/mysqld(my_print_stacktrace+0x2c)[0x8c8a2c]
/usr/bin/mysqld(handle_fatal_signal+0x481)[0x66b2d1]
/lib64/libpthread.so.0(+0xf5b0)[0x2b6941ded5b0]
/usr/bin/mysqld(_ZN11Query_cache27invalidate_query_block_listEP3THDP23Query_cache_block_table+0x9f)[0x6a8e5f]
/usr/bin/mysqld(_ZN11Query_cache16invalidate_tableEP3THDPhj+0x33)[0x6a9003]
/usr/bin/mysqld(_ZN11Query_cache16invalidate_tableEP3THDP10TABLE_LIST+0x25)[0x6a9295]
/usr/bin/mysqld(_ZN11Query_cache10invalidateEP3THDP10TABLE_LISTc+0xc0)[0x6a9390]
/usr/bin/mysqld(_Z12mysql_updateP3THDP10TABLE_LISTR4ListI4ItemES6_PS4_jP8st_ordery15enum_duplicatesbPySB_+0x109d)[0x74c04d]
/usr/bin/mysqld(_Z21mysql_execute_commandP3THD+0x2a4d)[0x6e57fd]
/usr/bin/mysqld(_Z11mysql_parseP3THDPcjP12Parser_state+0x3a8)[0x6e9738]
/usr/bin/mysqld(_Z16dispatch_command19enum_server_commandP3THDPcj+0xfa4)[0x6eae54]
/usr/bin/mysqld(_Z24do_handle_one_connectionP3THD+0x142)[0x6b95d2]
/usr/bin/mysqld(handle_one_connection+0x40)[0x6b9680]
/lib64/libpthread.so.0(+0x7f18)[0x2b6941de5f18]
/lib64/libc.so.6(clone+0x6d)[0x2b6942f2fb2d]

How to repeat:
Enable query cache (query_cache_type=1)

Configure query_cache_limit to 16M, set query_cache_size to 2M, issue some queries that result that exceed 2M in size.

Suggested fix:
Add a check to query_cache_limit to not allow it to be larger than query_cache_size.
[10 Nov 2015 20:09] MySQL Verification Team 
Thank you for the bug report. Please try latest released version 5.6.27 if you wasn't able to repeat with 5.6.23 there is no fix for older version than 5.6.27. Thanks.
[11 Dec 2015 1:00] Bugs System 
No feedback was provided for this bug for over a month, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".