Bug #20908 Crash if select @@""
Submitted: 7 Jul 2006 18:38 Modified: 13 Sep 2006 16:49
Reporter: Peter Gulutzan Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server Severity:S3 (Non-critical)
Version:5.1.12-beta-debug OS:Linux (SUSE 10.0 / 64-bit)
Assigned to: Chad MILLER CPU Architecture:Any

[7 Jul 2006 18:38] Peter Gulutzan
Description:
I say:
SELECT @@"";
Crash.

How to repeat:
SELECT @@"";
[7 Jul 2006 22:22] MySQL Verification Team
Thank you for the bug report. I was unable to repeat with latest BK source
on Suse Linux 32-bit. Besides your OS 64-bit, could you please provide
your my.cnf and also if you are able to crash with a fresh tables installed
with mysql_install_db?

Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 2 to server version: 5.1.12-beta-debug

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> SELECT @@"";
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '""' at line 1
mysql> 

Thanks in advance.
[9 Jul 2006 1:45] Peter Gulutzan
I removed my.cnf. It crashes anyway.

I destroyed everything on datadir and ran mysql_install_db again.
It crashes anyway.

I built with BUILD/compile-amd64-max and BUILD/compile-pentium-debug-max.

Many combinations of @@ followed by punctuation will cause it.
Another example;

mysql> select @@&;
ERROR 2013 (HY000): Lost connection to MySQL server during query
[10 Jul 2006 12:05] Tonci Grgin
Hello Peter.
Verified as described on FC5x64 AMD, MySQL server 5.1.12 BK.
bk changes | head
ChangeSet@1.2231, 2006-07-01 19:47:24-04:00, mikael@dator5.(none)
  Merge mronstrom@bk-internal.mysql.com:/home/bk/mysql-5.1
  into  dator5.(none):/home/pappa/bug17138

ChangeSet@1.2226.2.2, 2006-07-01 00:28:04-04:00, mikael@dator5.(none)
  Merge dator5.(none):/home/pappa/bug20583
  into  dator5.(none):/home/pappa/bug17138

ChangeSet@1.2226.3.1, 2006-07-01 00:22:25-04:00, mikael@dator5.(none)
  Merge dator5.(none):/home/pappa/clean-mysql-5.1

More OS info:
[root@FC5X64 mysql51server]# uname --all 
Linux FC5X64 2.6.16-1.2111_FC5 #1 SMP Thu May 4 21:16:04 EDT 2006 x86_64 x86_64
x86_64 GNU/Linux
[root@FC5X64 mysql51server]# /lib/libc.so.6
GNU C Library development release version 2.4, by Roland McGrath et al.
Copyright (C) 2006 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
Compiled by GNU CC version 4.1.0 20060304 (Red Hat 4.1.0-2).
Compiled on a Linux 2.6.9 system on 2006-03-07.
Available extensions:
        The C stubs add-on version 2.1.2.
        crypt add-on version 2.1 by Michael Glad and others
        GNU Libidn by Simon Josefsson
        GNU libio by Per Bothner
        NIS(YP)/NIS+ NSS modules 0.19 by Thorsten Kukuk
        Native POSIX Threads Library by Ulrich Drepper et al
        BIND-8.2.3-T5B
Thread-local storage support included.

Peter, I would like to do one more test when I clean up my FC5 and build newer version, if it's ok by you.
[11 Jul 2006 7:56] Tonci Grgin
Hello. I made some more tests and here's what I've found:
Environment:
munja:/bkrep/mysql-5.1 # bk changes|head
ChangeSet@1.2244, 2006-07-08 10:54:54+02:00, ingo@chilla.local +3 -0
  Merge chilla.local:/home/mydev/mysql-5.1--main
  into  chilla.local:/home/mydev/mysql-5.1-amerge
  MERGE: 1.2235.2.1

ChangeSet@1.2243, 2006-07-08 03:26:13+02:00, tomas@poseidon.ndb.mysql.com +6 -0
  Bug #20843 tests fails randomly with assertion in completeClusterFailed
  Bug #20902 Alter table invalid schema version with statement-based binlogging
  (latter caused by the above)

munja:/bkrep/mysql-5.1 #
Server built on FC5 x64 (details in previous post) fails as reported
Server built on Suse 10 (from same source) is working as expected
5.0.x server built on win32 is working as expected

Results:
*WIN XP host, WIN XP client*
C:\mysql507\bin>mysql -uroot test
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1 to server version: 5.0.23-log

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> select @@"";
ERROR 1193 (HY000): Unknown system variable ''
mysql> select @@@;
ERROR 1193 (HY000): Unknown system variable ''
mysql> quit
Bye

C:\mysql507\bin>

*SUSE 10.0 host, WIN XP client*
C:\mysql507\bin>mysql -uroot -hmunja --port=3307 test
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 2 to server version: 5.1.12-beta

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> select @@"";
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use near '""' a
t line 1
mysql> select @@@;
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that
corresponds to your MySQL server version for the right syntax to use near '@' at
 line 1
mysql> quit
Bye

C:\mysql507\bin>

*SUSE 10.0 host, SUSE 10 client*
munja:/home/Tonci/bkwork/copyto/mysql-5-1 # bin/mysql -uroot --port=3307 --socket=/tmp/mysql.sock
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 3 to server version: 5.1.12-beta

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> use test;
Database changed
mysql> select @@@;
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server 

version for the right syntax to use near '@' at line 1
mysql> select @@"";
ERROR 1064 (42000): You have an error in your SQL syntax; check the manual that corresponds to your MySQL server 

version for the right syntax to use near '""' at line 1
mysql> quit
Bye
munja:/home/Tonci/bkwork/copyto/mysql-5-1 #

I allready verified crash on x64 so I won't repeat the results. For details, see attached zip file. What I changed from last test posted is:
  Pulled new sources
  Cleaned up FC5 machine
  Build with ...debug... script
  Started server with --debug option

Conclusion: I was only able to repeat this crash on x64 platform.
[11 Jul 2006 7:57] Tonci Grgin
Trace and err file

Attachment: 20908-err-trace.zip (application/zip, text), 51.15 KiB.

[14 Aug 2006 21:21] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/10388

ChangeSet@1.2228, 2006-08-14 23:22:04+02:00, cmiller@maint1.mysql.com +2 -0
  Bug #20908: Crash if select @@""
  
  Zero-length variables caused failures when using the length to look
  up the name in a hash.  Instead, signal that no zero-length name can
  ever be found.
[14 Aug 2006 22:33] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/10389

ChangeSet@1.2228, 2006-08-15 00:33:51+02:00, cmiller@maint1.mysql.com +3 -0
  Bug #20908: Crash if select @@""
  
  Zero-length variables caused failures when using the length to look
  up the name in a hash.  Instead, signal that no zero-length name can
  ever be found.
[15 Aug 2006 16:40] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/10490

ChangeSet@1.2228, 2006-08-15 18:41:21+02:00, cmiller@maint1.mysql.com +4 -0
  Bug #20908: Crash if select @@""
  
  Zero-length variables caused failures when using the length to look
  up the name in a hash.  Instead, signal that no zero-length name can
  ever be found and that to encounter one is a syntax error.
[23 Aug 2006 17:01] Timothy Smith
Chad,

Patch is OK with minor caveat.  You've added the "Don't edit this file directly" directive twice.  Perhaps remove the first one?

Thanks,

Timothy
[23 Aug 2006 17:14] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/10782

ChangeSet@1.2228, 2006-08-23 19:14:58+02:00, cmiller@maint1.mysql.com +4 -0
  Bug #20908: Crash if select @@""
  
  Zero-length variables caused failures when using the length to look
  up the name in a hash.  Instead, signal that no zero-length name can
  ever be found and that to encounter one is a syntax error.
[23 Aug 2006 17:49] Chad MILLER
Will be available in 5.0.25 and 5.1.12-beta .  Pushed to team tree.
[31 Aug 2006 11:44] Magnus BlÄudd
Pushed to 5.0.25
[31 Aug 2006 18:42] Paul DuBois
Noted in 5.0.25 changelog.

Setting report back to NDI pending merge to 5.1.
[13 Sep 2006 8:42] Timothy Smith
Pushed to 5.1.12
[13 Sep 2006 16:49] Paul DuBois
Noted in 5.1.12 changelog.