Bug #29900 MySQL does not return an error to the client if INFORMAT SCHEMA fill table fails
Submitted: 19 Jul 2007 14:39 Modified: 2 Feb 2010 10:42
Reporter: Vasil Dimov Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Server: Information schema Severity:S3 (Non-critical)
Version:5.1.21-23 OS:Any
Assigned to:
Triage: Triaged: D2 (Serious)

[19 Jul 2007 14:39] Vasil Dimov
Description:
If ST_SCHEMA_TABLE::fill_table() returns error then MySQL does not return a proper error message to the client and expects next command from client, but the client is waiting for the output of the issued command, for example - "SELECT * FROM INFORMATION_SCHEMA.table"

Following is a typescript from a gdb. It starts from a fill_table function that always returns 1

(gdb) b trx_i_s_common_fill_table
Breakpoint 1 at 0x6d5ea0: file handler/i_s.cc, line 699.
(gdb) r
...
[Switching to Thread 0x8016020f0 (LWP 100316)]

Breakpoint 1, trx_i_s_common_fill_table (thd=0x803764028, tables=0x804610230, cond=0x0)
    at handler/i_s.cc:699
699		return 1;
(gdb) bt
#0  trx_i_s_common_fill_table (thd=0x803764028, tables=0x804610230, cond=0x0)
    at handler/i_s.cc:699
#1  0x000000000062cd03 in get_schema_tables_result (join=0x80460b038, 
    executed_place=PROCESSED_BY_JOIN_EXEC) at sql_show.cc:5260
#2  0x000000000057cdd0 in JOIN::exec (this=0x80460b038) at sql_select.cc:1672
#3  0x000000000057a1b2 in mysql_select (thd=0x803764028, rref_pointer_array=0x803765b98, 
    tables=0x804610230, wild_num=1, fields=@0x803765ab8, conds=0x0, og_num=0, order=0x0, 
    group=0x0, having=0x0, proc_param=0x0, select_options=2684635648, result=0x804610bb0, 
    unit=0x8037655b0, select_lex=0x8037659b0) at sql_select.cc:2273
#4  0x000000000057ea97 in handle_select (thd=0x803764028, lex=0x803765510, 
    result=0x804610bb0, setup_tables_done_option=0) at sql_select.cc:258
#5  0x00000000004f6ae8 in execute_sqlcom_select (thd=0x803764028, all_tables=0x804610230)
    at sql_parse.cc:4493
#6  0x00000000004f85ae in mysql_execute_command (thd=0x803764028) at sql_parse.cc:1838
#7  0x0000000000500891 in mysql_parse (thd=0x803764028, 
    inBuf=0x804610038 "select * from innodb_trx", length=24, 
    found_semicolon=0x7ffffebb5d90) at sql_parse.cc:5395
#8  0x00000000005015b7 in dispatch_command (command=COM_QUERY, thd=0x803764028, 
    packet=0x80377a029 "select * from innodb_trx", packet_length=25) at sql_parse.cc:909
#9  0x0000000000502918 in do_command (thd=0x803764028) at sql_parse.cc:668
#10 0x00000000004f08ac in handle_one_connection (arg=0x803764028) at sql_connect.cc:1094
#11 0x0000000800de89a8 in pthread_getprio () from /lib/libthr.so.3
#12 0x0000000000000000 in ?? ()
Error accessing memory address 0x7ffffebb6000: Bad address.
(gdb) n
755	}
(gdb) 
get_schema_tables_result (join=0x80460b038, executed_place=PROCESSED_BY_JOIN_EXEC)
    at sql_show.cc:5263
5263	        result= 1;
(gdb) 
5264	        join->error= 1;
(gdb) 
5265	        table_list->schema_table_state= executed_place;
(gdb) 
5266	        break;
(gdb) 
5271	  thd->no_warnings_for_error= 0;
(gdb) 
5272	  DBUG_RETURN(result);
(gdb) 
5273	}
(gdb) 
JOIN::exec (this=0x80460b038) at sql_select.cc:1676
1676	    DBUG_VOID_RETURN;
(gdb) 
2117	}
(gdb) 
mysql_select (thd=0x803764028, rref_pointer_array=0x803765b98, tables=0x804610230, 
    wild_num=1, fields=@0x803765ab8, conds=0x0, og_num=0, order=0x0, group=0x0, 
    having=0x0, proc_param=0x0, select_options=2684635648, result=0x804610bb0, 
    unit=0x8037655b0, select_lex=0x8037659b0) at sql_select.cc:2275
2275	  if (thd->cursor && thd->cursor->is_open())
(gdb) 
2285	  if (thd->lex->describe & DESCRIBE_EXTENDED)
(gdb) 
2292	  if (free_join)
(gdb) 
2294	    thd->proc_info="end";
(gdb) 
2295	    err|= select_lex->cleanup();
(gdb) 
2296	    DBUG_RETURN(err || thd->net.report_error);
(gdb) 
2299	}
(gdb) 
handle_select (thd=0x803764028, lex=0x803765510, result=0x804610bb0, 
    setup_tables_done_option=0) at sql_select.cc:260
260	  DBUG_PRINT("info",("res: %d  report_error: %d", res,
(gdb) 
262	  res|= thd->net.report_error;
(gdb) 
263	  if (unlikely(res))
(gdb) 
264	    result->abort();
(gdb) 
266	  DBUG_RETURN(res);
(gdb) 
267	}
(gdb) 
execute_sqlcom_select (thd=0x803764028, all_tables=0x804610230) at sql_parse.cc:4494
4494	      if (result != lex->result)
(gdb) 
4495	        delete result;
(gdb) 
4498	  return res;
(gdb) 
4499	}
(gdb) 
mysql_execute_command (thd=0x803764028) at sql_parse.cc:1839
1839	    break;
(gdb) 
4407	  thd->proc_info="query end";
(gdb) 
4419	  if (thd->one_shot_set && lex->sql_command != SQLCOM_SET_OPTION)
(gdb) 
4428	  if (!(sql_command_flags[lex->sql_command] & CF_HAS_ROW_COUNT))
(gdb) 
4429	    thd->row_count_func= -1;
(gdb) 
4431	  goto finish;
(gdb) 
4437	  if (need_start_waiting)
(gdb) 
4445	  DBUG_RETURN(res || thd->net.report_error);
(gdb) 
4446	}
(gdb) 
mysql_parse (thd=0x803764028, inBuf=0x804610038 "select * from innodb_trx", length=24, 
    found_semicolon=0x7ffffebb5d90) at sql_parse.cc:5396
5396		  query_cache_end_of_result(thd);
(gdb) 
5408	    if (thd->lex->sphead)
(gdb) 
5413	    lex->unit.cleanup();
(gdb) 
5414	    thd->proc_info="freeing items";
(gdb) 
5415	    thd->end_statement();
(gdb) 
5416	    thd->cleanup_after_query();
(gdb) 
5417	    DBUG_ASSERT(thd->change_list.is_empty());
(gdb) 
5425	  DBUG_VOID_RETURN;
(gdb) 
5426	}
(gdb) 
dispatch_command (command=COM_QUERY, thd=0x803764028, 
    packet=0x80377a029 "select * from innodb_trx", packet_length=25) at sql_parse.cc:911
911	    while (!thd->killed && found_semicolon && !thd->net.report_error)
(gdb) 
941	    if (!(specialflag & SPECIAL_NO_PRIOR))
(gdb) 
942	      my_pthread_setprio(pthread_self(),WAIT_PRIOR);
(gdb) 
943	    DBUG_PRINT("info",("query ready"));
(gdb) 
944	    break;
(gdb) 
1258	  if (thd->lock || thd->open_tables || thd->derived_tables ||
(gdb) 
1261	    thd->proc_info="closing tables";
(gdb) 
1262	    close_thread_tables(thd);			/* Free tables */
(gdb) 
1272	  bzero(&thd->transaction.stmt, sizeof(thd->transaction.stmt));
(gdb) 
1273	  if (!thd->active_transaction())
(gdb) 
1274	    thd->transaction.xid_state.xid.null();
(gdb) 
1277	  if (thd->killed_errno() && !thd->net.report_error)
(gdb) 
1279	  if (thd->net.report_error)
(gdb) 
1282	  log_slow_statement(thd);
(gdb) 
1284	  thd->proc_info="cleaning up";
(gdb) 
1285	  VOID(pthread_mutex_lock(&LOCK_thread_count)); // For process list
(gdb) 
1286	  thd->proc_info=0;
(gdb) 
1287	  thd->command=COM_SLEEP;
(gdb) 
1288	  thd->query=0;
(gdb) 
1289	  thd->query_length=0;
(gdb) 
1290	  thread_running--;
(gdb) 
1291	  VOID(pthread_mutex_unlock(&LOCK_thread_count));
(gdb) 
1292	  thd->packet.shrink(thd->variables.net_buffer_length);	// Reclaim some memory
(gdb) 
1293	  free_root(thd->mem_root,MYF(MY_KEEP_PREALLOC));
(gdb) 
1294	  DBUG_RETURN(error);
(gdb) 
1295	}
(gdb) 
do_command (thd=0x803764028) at sql_parse.cc:669
669	}
(gdb) 
handle_one_connection (arg=0x803764028) at sql_connect.cc:1090
1090	    while (!net->error && net->vio != 0 &&
(gdb) 
1093	      net->no_send_error= 0;
(gdb) 
1094	      if (do_command(thd))
(gdb) 

# here it blocks

(gdb) bt
#0  0x00000008013fa79a in read () from /lib/libc.so.7
#1  0x0000000800de7680 in read () from /lib/libthr.so.3
#2  0x0000000000810f1f in vio_read (vio=0x803775168, 
    buf=0x80377a028 "\003select * from innodb_trx", size=4) at viosocket.c:44
#3  0x00000000004d8df6 in my_real_read (net=0x8037640f8, complen=0x7ffffebb5ea8)
    at net_serv.cc:820
#4  0x00000000004d94a9 in my_net_read (net=0x8037640f8) at net_serv.cc:997
#5  0x000000000050278c in do_command (thd=0x803764028) at sql_parse.cc:630
#6  0x00000000004f08ac in handle_one_connection (arg=0x803764028) at sql_connect.cc:1094
#7  0x0000000800de89a8 in pthread_getprio () from /lib/libthr.so.3
#8  0x0000000000000000 in ?? ()
Error accessing memory address 0x7ffffebb6000: Bad address.
(gdb) 

At this ponint the client is hanging, waiting for the output of
SELECT * FROM innodb_trx;

How to repeat:
Create an INFORMATION SCHEMA plugin whose fill table always returns 1
[28 Oct 2007 14:32] Valerii Kravchuk
Thank you for a problem report. Please, try to repeat with a newer version, 5.1.22, and inform about the results.
[30 Oct 2007 15:14] Vasil Dimov
Valeriy, I still get the "deadlock" with 5.1.23-beta.

Do you have some specific changeset in mind that may have fixed this issue?
[2 Nov 2007 15:01] Vasil Dimov
Fix subject
[29 Dec 2009 5:59] Susanne Ebrecht
Vasil,

do you still run into this problem?

Also by using MySQL 5.5?
[30 Jan 2010 0:00] Bugs System
No feedback was provided for this bug for over a month, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".
[1 Feb 2010 10:09] Vasil Dimov
Hi,

In 5.1-r3315 the return status from the fill function is ignored - no error is returned to the client or anything printed in the error log.

This behavior is bogus, I am setting the status to "Open".
[2 Feb 2010 10:42] Sveta Smirnova
Thank you for the report.

Verified as described.

To repeat is possible to modify InnoDN Plugin code as follow:

$bzr diff
=== modified file 'storage/innodb_plugin/handler/i_s.cc'
--- storage/innodb_plugin/handler/i_s.cc        2009-10-12 12:00:56 +0000
+++ storage/innodb_plugin/handler/i_s.cc        2010-02-02 10:29:06 +0000
@@ -932,6 +932,7 @@
        trx_i_s_cache_t*        cache;
 
        DBUG_ENTER("trx_i_s_common_fill_table");
+       DBUG_RETURN(1);
 
        /* deny access to non-superusers */
        if (check_global_access(thd, PROCESS_ACL)) {

Then run test:

--source include/have_innodb.inc
-- source suite/innodb/include/have_innodb_plugin.inc
INSTALL PLUGIN INNODB_TRX SONAME 'ha_innodb_plugin.so';

create table t1(f1 int) engine=innodb;
begin;
insert into t1 values(1);

connect (addconroot, localhost, root,,);
connection addconroot;
use information_schema;
show tables;

select * from INNODB_TRX;
[9 Jul 2011 11:17] Sveta Smirnova
See also bug #61677