Bug #27592 stack overrun when storing datetime value using prepared statements
Submitted: 2 Apr 2007 16:00 Modified: 23 Jun 2007 8:53
Reporter: Shane Bester (Platinum Quality Contributor) Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Prepared statements Severity:S3 (Non-critical)
Version:5.0.40 OS:Microsoft Windows (win xp 64-bit)
Assigned to: Alexander Nozdrin CPU Architecture:Any

[2 Apr 2007 16:00] Shane Bester
Description:
After running a few hundred insert prepared statements, a visual studio stack violation warning pops up and mysqld-debug.exe crashes.  It repeatable each time, on my current debug binaries.  Release binaries might be affected, but they don't crash.

create table t1(c2 datetime)engine=innodb;
insert into t1(c2) values (?)

The datetime entered is random datetime values.
Stack trace looks like this each time:

ntdll.dll!DbgBreakPoint() 	
[Frames below may be incorrect and/or missing, no symbols loaded for ntdll.dll]	
mysqld-debug.exe!failwithmessage
mysqld-debug.exe!_RTC_StackFailure
mysqld-debug.exe!_RTC_CheckStackVars
mysqld-debug.exe!Field_datetime::store_time
mysqld-debug.exe!Item_param::save_in_field
mysqld-debug.exe!fill_record
mysqld-debug.exe!fill_record_n_invoke_before_triggers
mysqld-debug.exe!mysql_insert
mysqld-debug.exe!mysql_execute_command
mysqld-debug.exe!Prepared_statement::execute
mysqld-debug.exe!mysql_stmt_execute
mysqld-debug.exe!dispatch_command
mysqld-debug.exe!do_command
mysqld-debug.exe!handle_one_connection
mysqld-debug.exe!pthread_start
mysqld-debug.exe!_callthreadstart
mysqld-debug.exe!_threadstart

Exact message is this:

Microsoft Visual C++ Debug Library
-----------------------------------
Debug Error!

Program: c:\build\mysql-5.0.40\sql\debug\mysqld-debug.exe
Module: c:\build\mysql-5.0.40\sql\debug\mysqld-debug.exe
File: c:\build\mysql-5.0.40\sql\field.cpp
Line: 5654

Run-Time Check Failure #2 - Stack around the variable 'buff' was corrupted.

(Press Retry to debug the application)

How to repeat:
I have to upload a C testcase later.
php mysqli* didn't repeat the crash, neither did PREPARE/EXECUTE sql interfaces.
[2 Apr 2007 16:01] Shane Bester
full stack trace

Attachment: bug27592_5.0.40_win_stack.txt (text/plain), 2.44 KiB.

[2 Apr 2007 16:42] Shane Bester
testcase. point the testcase to run against mysqld-debug.exe on 5.0.40...

Attachment: bug27592.c (text/plain), 2.75 KiB.

[2 Apr 2007 16:43] Shane Bester
my general query log showing what values got inserted.

Attachment: xp64.log (application/octet-stream, text), 2.88 KiB.

[2 Apr 2007 16:46] Shane Bester
the testcase always fails on iteration 36.

sbester@www:~> gcc bug27592.c -g -o bug27592 -L/home/sbester/server/5.0/mysql-5.0.36-linux-i686/lib -I/home/sbester/server/5.0/mysql-5.0.36-linux-i686/include   -lmysqlclient_r -lz -lpthread
sbester@www:~> ./bug27592 
iteration 0
iteration 1
iteration 2
iteration 3
iteration 4
iteration 5
iteration 6
iteration 7
iteration 8
iteration 9
iteration 10
iteration 11
iteration 12
iteration 13
iteration 14
iteration 15
iteration 16
iteration 17
iteration 18
iteration 19
iteration 20
iteration 21
iteration 22
iteration 23
iteration 24
iteration 25
iteration 26
iteration 27
iteration 28
iteration 29
iteration 30
iteration 31
iteration 32
iteration 33
iteration 34
iteration 35
iteration 36
mysql_stmt_execute failed: Lost connection to MySQL server during query (2013)
sbester@www:~>
[2 Apr 2007 19:18] Shane Bester
verified on todays 5.0BK source on windows.
[28 May 2007 16:25] Shane Bester
changing char buff[19]; to char buff[20]; in int Field_datetime::store_time(TIME *ltime,timestamp_type time_type) fixes the problem on my side.
[7 Jun 2007 9:51] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/28276

ChangeSet@1.2516, 2007-06-07 13:50:22+04:00, anozdrin@ibm. +3 -0
  Fix for BUG#27592: stack overrun when storing datetime value
  using prepared statements.
[7 Jun 2007 16:01] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/28320

ChangeSet@1.2516, 2007-06-07 19:35:29+04:00, anozdrin@ibm. +1 -0
  Add test case for BUG#27592: stack overrun when storing datetime
  value using prepared statements.
[20 Jun 2007 14:56] Bugs System
Pushed into 5.0.46
[20 Jun 2007 19:53] Bugs System
Pushed into 5.1.20-beta
[23 Jun 2007 8:53] Jon Stephens
Thank you for your bug report. This issue has been committed to our source repository of that product and will be incorporated into the next release.

If necessary, you can access the source repository and build the latest available version, including the bug fix. More information about accessing the source trees is available at

    http://dev.mysql.com/doc/en/installing-source.html

Documented bugfix in 5.0.46 and 5.1.20 changelogs.