Bug #11920 MySQL crashes when attached code is executed
Submitted: 13 Jul 2005 18:31 Modified: 20 Jul 2005 1:14
Reporter: Jorge del Conde Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server Severity:S1 (Critical)
Version:5.0.10 OS:Linux (Linux)
Assigned to: Bugs System CPU Architecture:Any

[13 Jul 2005 18:31] Jorge del Conde
Description:
MySQL crashes when the attached code is executed

How to repeat:
Compile the attached file as follows:

session #1
shell1> gcc -g -I {MYSQL_INCLUDE_DIR} jorge.cpp {MYSQL_LIB_DIR}/libmysqlclient.a -lz -lm -lstdc++

session #2
shell2> mysql
mysql2> show databases;
- prints databases

session #1
shell1> a.out

session #2
mysql2> show databases;
/// The following is printed to screen:

mysql> show databases;
ERROR 2006 (HY000): MySQL server has gone away
No connection. Trying to reconnect...
Connection id:    1
Current database: *** NONE ***
[13 Jul 2005 18:32] Jorge del Conde
bug11920.cpp

Attachment: jorge.cpp (text/plain), 10.39 KiB.

[19 Jul 2005 17:26] Patrick Galbraith
started investigating
[19 Jul 2005 22:27] Patrick Galbraith
Summary (read below for details)

It fails on an installed 5.0.7 that I downloaded from MySQL a couple of weeks ago, Mac OSX
It does not fail on a fresh install of 5.0.10 on neither Mac OSX nor Linux on AMD64 (Brian's box)

Notes:

I tested this on max OSX (first on a freshly compiled 5.0.10) and could NOT get it to fail.

(I modified jorge.cpp to print out the number of warning, and port settings)
gcc -g -I /Users/patg/mysql-build/mysql-5.0/include/ jorge.cpp /Users/patg/mysql-build/mysql-5.0/libmysql/.libs/libmysqlclient.a -lz -lm -lstdc++ -o jorge

radha:~/mysql-build/bug_test patg$ mysql -S /tmp/mysqld-5.0-5553.sock 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 26 to server version: 5.0.10-beta-debug

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| test               |
+--------------------+
3 rows in set (0.11 sec)

mysql> \q
Bye
radha:~/mysql-build/bug_test patg$ ./jorge 
Preparing to run  /home/patg/mysql-build/mysql-5.0/client/mysql --host=localhost --socket=/tmp/mysqld-5.0-5553.sock test < /tmp/baan_table_dump
Connected to DB test on socket /tmp/mysqld-5.0-5553.sock port 5553
ready to call mysql_warning count...Done. 0 warnings.
radha:~/mysql-build/bug_test patg$ mysql -S /tmp/mysqld-5.0-5553.sock 
\Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 29 to server version: 5.0.10-beta-debug

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| test               |
+--------------------+
3 rows in set (0.14 sec)

tail end of my trace that xcode is running:

@30   : | | prep_query: SELECT a0.t_empno,MIN(a0.t_projno) FROM tdbtst180000 a0  GROUP BY a0.t_empno
T@30   : | | >mysql_init_query
T@30   : | | <mysql_init_query
T@30   : | | exec_query:: SELECT a0.t_empno,MIN(a0.t_projno) FROM tdbtst180000 a0  GROUP BY a0.t_empno
T@29   : | | <query_cache_end_of_result
T@29   : | info: query ready
T@30   : | | | >Query_cache::store_query
T@30   : | | | <Query_cache::store_query
T@30   : | query: rollback
T@30   : | | >mysql_init_query
T@30   : | | <mysql_init_query
T@30   : | | >query_cache_end_of_result
T@30   : | | <query_cache_end_of_result
T@30   : | info: query ready
T@31   : | query: show databases
T@31   : | | >mysql_init_query
T@31   : | | <mysql_init_query
T@31   : | | | >Query_cache::store_query
T@31   : | | | <Query_cache::store_query
T@31   : | | >query_cache_end_of_result
T@31   : | | <query_cache_end_of_result
T@31   : | info: query ready

Then I tested on an already installed 5.0.7 in /usr/local/mysql, of course modifying jorge.cpp to run on port 3306 (was 5553 for my newly compiled mysql) and no socket, user 'root'.

radha:~/mysql-build/bug_test patg$ gcc -g -I/usr/local/mysql/include/mysql/ jorge.cpp /usr/local/mysql/lib/mysql/libmysqlclient.a -lz -lm -lstdc++ -o jorge

radha:~/mysql-build/bug_test patg$ mysql -u root
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 120 to server version: 5.0.7-beta-debug-log

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| federated          |
| mysql              |
| test               |
+--------------------+
4 rows in set (0.01 sec)

mysql> \q
Bye

radha:~/mysql-build/bug_test patg$ ./jorge 
Preparing to run  mysql --host=localhost test < /tmp/baan_table_dump
Connected to DB test on socket (null) port 5553
ready to call mysql_warning count...Done. 0 warnings.

radha:~/mysql-build/bug_test patg$ mysql -u root
ERROR 2013 (HY000): Lost connection to MySQL server during query

So, it DOES fail on 5.0.7 on Mac OSX.

THEN I tested it (with NO failure) on on Brian's 64-bit AMD with a newly built 5.0.10

[patg@zim ~]$ mysql -S /tmp/mysqld.patg.sock 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 7 to server version: 5.0.10-beta-debug

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| test               |
+--------------------+
3 rows in set (0.00 sec)

mysql> \q
Bye
[patg@zim ~]$ ./jorge 
Preparing to run  /home/patg/mysql-5.0/client/mysql --host=localhost --socket=/tmp/mysqld.patg.sock test < /tmp/baan_table_dump
Connected to DB test on socket /tmp/mysqld.patg.sock port 5553
ready to call mysql_warning count...Done. 0 warnings.
[patg@zim ~]$ mysql -S /tmp/mysqld.patg.sock 
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 10 to server version: 5.0.10-beta-debug

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| mysql              |
| test               |
+--------------------+
3 rows in set (0.01 sec)

gdb window on zim:
Starting program: /home/patg/mysql-5.0/sql/mysqld --gdb --debug --skip-ndbcluster --port=5553 --socket=/tmp/mysqld.patg.sock --datadir=/hom
e/patg/mysql-5.0/mysql-test/var/master-data --character-sets-dir=/home/patg/mysql-5.0/sql/share/charsets --basedir=/home/patg/mysql-5.0/sql
 --language=/home/patg/mysql-5.0/sql/share/english --skip-grant-tables
[Thread debugging using libthread_db enabled]
[New Thread 46912497442336 (LWP 5699)]
[New Thread 1084229984 (LWP 5700)]
[New Thread 1094719840 (LWP 5701)]
[New Thread 1105209696 (LWP 5702)]
[New Thread 1115699552 (LWP 5703)]
050719 14:42:40  InnoDB: Database was not shut down normally!
InnoDB: Starting crash recovery.
InnoDB: Reading tablespace information from the .ibd files...
InnoDB: Restoring possible half-written data pages from the doublewrite
InnoDB: buffer...
050719 14:42:40  InnoDB: Starting log scan based on checkpoint at
InnoDB: log sequence number 0 72253.
InnoDB: Doing recovery: scanned up to log sequence number 0 72253
InnoDB: Last MySQL binlog file position 0 0, file name 
[New Thread 1126189408 (LWP 5704)]
[New Thread 1136679264 (LWP 5705)]
[New Thread 1147169120 (LWP 5706)]
[Thread 1126189408 (zombie) exited]
[New Thread 1157658976 (LWP 5707)]
050719 14:42:40  InnoDB: Started; log sequence number 0 72253
[New Thread 1157859680 (LWP 5708)]
050719 14:42:41 [Note] /home/patg/mysql-5.0/sql/mysqld: ready for connections.
Version: '5.0.10-beta-debug'  socket: '/tmp/mysqld.patg.sock'  port: 5553  Source distribution
[New Thread 1158060384 (LWP 5709)]
[New Thread 1158261088 (LWP 5725)]
[Thread 1158261088 (LWP 5725) exited]
[New Thread 1158261088 (LWP 5726)]
[Thread 1158261088 (LWP 5726) exited]
[New Thread 1158261088 (LWP 5748)]
[Thread 1158261088 (LWP 5748) exited]
[New Thread 1158261088 (LWP 5749)]
[Thread 1158261088 (LWP 5749) exited]

, and cannot get it to fail.
[19 Jul 2005 22:32] Patrick Galbraith
Just noticed in my bug report :

"radha:~/mysql-build/bug_test patg$ ./jorge 
Preparing to run  mysql --host=localhost test < /tmp/baan_table_dump
Connected to DB test on socket (null) port 5553
ready to call mysql_warning count...Done. 0 warnings.
"

This is the one the made it fail - it is NOT connecting to port 5553. That's just a hardcoded number in my printf that I forgot to change:

if (mysql_real_connect(sess_1, HOST_NAME, USER_NAME, USER_PWD, DB_NAME, 3306, UNIX_SOCKET, 0))
  {
    printf("Connected to DB %s on socket %s port %d\n", DB_NAME, UNIX_SOCKET, 5553); 
  }
  else
  {
    printf("Unable to connect to DB %s on socket %s port %d\n", DB_NAME, UNIX_SOCKET, 5553); 
  }

So it did in fact connect to the server on port 3306.
[19 Jul 2005 22:38] Patrick Galbraith
Just to show again (and attach the file I use)

radha:~/mysql-build/bug_test patg$ gcc -g -I/usr/local/mysql/include/mysql/ jorge.cpp /usr/local/mysql/lib/mysql/l
ibmysqlclient.a -lz -lm -lstdc++ -o jorge
radha:~/mysql-build/bug_test patg$ mysql -u root
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 2 to server version: 5.0.7-beta-debug-log

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| federated          |
| mysql              |
| test               |
+--------------------+
4 rows in set (0.00 sec)

mysql> \q
Bye
radha:~/mysql-build/bug_test patg$ ./jorge 
Preparing to run  mysql --host=localhost test < /tmp/baan_table_dump
Connected to DB test on socket (null) port 3306
ready to call mysql_warning count...Done. 0 warnings.
radha:~/mysql-build/bug_test patg$ mysql -u root
<b>ERROR 2013 (HY000): Lost connection to MySQL server during query
radha:~/mysql-build/bug_test patg$ 050720 00:35:50  mysqld restarted</b>

radha:~/mysql-build/bug_test patg$ mysql -u root
Welcome to the MySQL monitor.  Commands end with ; or \g.
Your MySQL connection id is 1 to server version: 5.0.7-beta-debug-log

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> show databases;
+--------------------+
| Database           |
+--------------------+
| information_schema |
| federated          |
| mysql              |
| test               |
+--------------------+
4 rows in set (0.00 sec)
[20 Jul 2005 1:02] Jorge del Conde
analyzing with today's bk pull of 5.0.10
[20 Jul 2005 1:14] Jorge del Conde
I was unable to reproduce this bug with the latest 5.0.10 changeset:

jorge-/my/mysql-5.0> bk changes |head
ChangeSet@1.1957, 2005-07-20 06:59:31+04:00, evgen@moonbone.local
  Merge epotemkin@bk-internal.mysql.com:/home/bk/mysql-5.0
  into moonbone.local:/work/mysql-5.0-bug-11760

ChangeSet@1.1948.3.1, 2005-07-20 06:55:51+04:00, evgen@moonbone.local
  Fix bug #11760 Typo in Item_func_add_time::print() results in NULLs returned
  by subtime() in view
  
  Item_func_add_time::print() were printing arg[0] instead of arg[1] which
  results in wrongly created view. Functions addtime() and subtime were

...will close this bug as "Fixed in BK repos"
[20 Jul 2005 1:14] Jorge del Conde
Thank you for your bug report. This issue has been committed to our
source repository of that product and will be incorporated into the
next release.

If necessary, you can access the source repository and build the latest
available version, including the bugfix, yourself. More information 
about accessing the source trees is available at
    http://www.mysql.com/doc/en/Installing_source_tree.html