Bug #38601 proxy crashes if one of backends is 4.0
Submitted: 6 Aug 2008 11:35 Modified: 17 Aug 2009 15:15
Reporter: Domas Mituzas Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Proxy: Core Severity:S2 (Serious)
Version:head OS:Any
Assigned to: MC Brown CPU Architecture:Any

[6 Aug 2008 11:35] Domas Mituzas
Description:
proxy crashes if one of backend servers is 4.0

**
** ERROR:(network-mysqld-proto.c:309):network_mysqld_proto_get_string_len: assertion failed (packet->offset < packet->data->len): (53 < 53)

Program received signal SIGABRT, Aborted.
0x95facb9e in __kill ()
(gdb) bt
#0  0x95facb9e in __kill ()
#1  0x95facb91 in kill$UNIX2003 ()
#2  0x96023ec2 in raise ()
#3  0x9603347f in abort ()
#4  0x0014d98a in g_assertion_message ()
#5  0x0014dd5c in g_assertion_message_cmpnum ()
#6  0x00059b62 in network_mysqld_proto_get_string_len (packet=0xbffff5f8, len=<value temporarily unavailable, due to optimizations>) at network-mysqld-proto.c:309
#7  0x0005a5e6 in network_mysqld_proto_get_auth_challenge (packet=0xbffff5f8, shake=0x30d660) at network-mysqld-proto.c:768
#8  0x000ae26f in proxy_read_handshake (chas=0x307940, con=0x30d210) at proxy-plugin.c:1870
#9  0x000577ba in plugin_call (srv=0x307940, con=0x30d210, state=2) at network-mysqld.c:647
#10 0x00058755 in network_mysqld_con_handle (event_fd=7, events=2, user_data=0x30d210) at network-mysqld.c:831
#11 0x00076be5 in event_base_loop () at gstring.h:149
#12 0x00076e99 in event_base_dispatch () at gstring.h:149
#13 0x0002e376 in chassis_mainloop (_chas=0x307940) at chassis-mainloop.c:163
#14 0x00002976 in main (argc=1, argv=0xbffffa90) at chassis.c:594

How to repeat:
run 4.0 in backend

Suggested fix:
don't crash
[6 Aug 2008 11:46] Domas Mituzas
(gdb) bt
#0  0x95facb9e in __kill ()
#1  0x95facb91 in kill$UNIX2003 ()
#2  0x96023ec2 in raise ()
#3  0x9603347f in abort ()
#4  0x0014d98a in g_assertion_message () at gstring.h:149
#5  0x0014dd5c in g_assertion_message_cmpnum () at gstring.h:149
#6  0x00059b62 in network_mysqld_proto_get_string_len (packet=0xbffff5f8, len=<value temporarily unavailable, due to optimizations>) at network-mysqld-proto.c:309
#7  0x0005a5e6 in network_mysqld_proto_get_auth_challenge (packet=0xbffff5f8, shake=0x30d660) at network-mysqld-proto.c:768
#8  0x000ae26f in proxy_read_handshake (chas=0x307940, con=0x30d210) at proxy-plugin.c:1870
#9  0x000577ba in plugin_call (srv=0x307940, con=0x30d210, state=2) at network-mysqld.c:647
#10 0x00058755 in network_mysqld_con_handle (event_fd=7, events=2, user_data=0x30d210) at network-mysqld.c:831
#11 0x00076be5 in event_base_loop () at gstring.h:149
#12 0x00076e99 in event_base_dispatch () at gstring.h:149
#13 0x0002e376 in chassis_mainloop (_chas=0x307940) at chassis-mainloop.c:163
#14 0x00002976 in main (argc=1, argv=0xbffffa90) at chassis.c:594
(gdb) print *packet
$6 = {
  data = 0xa5590, 
  offset = 53
}
(gdb) print *packet->data
$7 = {
  str = 0x30d620 "1", 
  len = 53, 
  allocated_len = 64
}
(gdb) frame
#6  0x00059b62 in network_mysqld_proto_get_string_len (packet=0xbffff5f8, len=<value temporarily unavailable, due to optimizations>) at network-mysqld-proto.c:309
309		g_assert_cmpint(packet->offset, <, packet->data->len);
(gdb) x/64h packet->data
0xa5590:	0xd620	0x0030	0x0035	0x0000	0x0040	0x0000	0x0000	0x0000
0xa55a0:	0x5590	0x000a	0x0000	0x0000	0x0000	0x0000	0x0000	0x0000
0xa55b0:	0xd680	0x0030	0x0000	0x0000	0x0004	0x0000	0x0000	0x0000
0xa55c0:	0xd5e0	0x0030	0xd5f0	0x0030	0x0000	0x0000	0x844a	0x84e8
0xa55d0:	0xd5f0	0x0030	0x5370	0x000a	0x0000	0x0000	0x0000	0x0000
0xa55e0:	0x5570	0x000a	0x0000	0x0000	0x0000	0x0000	0xd960	0x0030
0xa55f0:	0x55e0	0x000a	0x0000	0x0000	0x0800	0x0000	0x0000	0x0000
0xa5600:	0x5610	0x000a	0x0000	0x0000	0x0000	0x0000	0x0000	0x0000
(gdb)
[6 Aug 2008 11:50] Domas Mituzas
(gdb) x/53h packet->data->str
0x30d620:	 "1"
0x30d622:	 ""
0x30d623:	 ""
0x30d624:	 "\n4.0.28-debug-log"
0x30d636:	 "\005"
0x30d638:	 ""
0x30d639:	 ""
0x30d63a:	 "$jkZ`Vk;"
0x30d643:	 ", \b\002"
0x30d648:	 ""
0x30d649:	 ""
0x30d64a:	 ""
0x30d64b:	 ""
0x30d64c:	 ""
0x30d64d:	 ""
0x30d64e:	 ""
0x30d64f:	 ""
0x30d650:	 ""
0x30d651:	 ""
0x30d652:	 ""
0x30d653:	 ""
0x30d654:	 ""
0x30d655:	 ""
0x30d656:	 ""
0x30d657:	 ""
0x30d658:	 ""
0x30d659:	 ""
0x30d65a:	 ""
0x30d65b:	 ""
0x30d65c:	 ""
0x30d65d:	 ""
0x30d65e:	 ""
0x30d65f:	 ""
0x30d660:	 ""
0x30d661:	 ""
0x30d662:	 ""
0x30d663:	 ""
0x30d664:	 "??0"
0x30d668:	 "\\?"
0x30d66b:	 ""
0x30d66c:	 "\005"
0x30d66e:	 ""
0x30d66f:	 ""
0x30d670:	 "?U\n"
0x30d674:	 ", \b"
0x30d678:	 "\002"
0x30d67a:	 ""
0x30d67b:	 ""
0x30d67c:	 ""
0x30d67d:	 ""
0x30d67e:	 ""
0x30d67f:	 ""
0x30d680:	 ""
[6 Aug 2008 12:19] Domas Mituzas
0x30d620:	0x31	0x00	0x00	0x00	0x0a	0x34	0x2e	0x30
0x30d628:	0x2e	0x32	0x38	0x2d	0x64	0x65	0x62	0x75
0x30d630:	0x67	0x2d	0x6c	0x6f	0x67	0x00	0x05	0x00
0x30d638:	0x00	0x00	0x24	0x6a	0x6b	0x5a	0x60	0x56
0x30d640:	0x6b	0x3b	0x00	0x2c	0x20	0x08	0x02	0x00
0x30d648:	0x00	0x00	0x00	0x00	0x00	0x00	0x00	0x00
0x30d650:	0x00	0x00	0x00	0x00	0x00
[11 Jun 2009 16:05] Diego Medina
Verified fixed on 0.7.1

You now get this error message on the client:
ERROR 2007 (HY000): 4.0 protocol is not supported
[1 Jul 2009 22:51] Carlos Jimenez
Question, is 4.1 suppported?

Please advice, Carlos R. Jimenez.  cjimenez@lyris.com
[17 Aug 2009 15:15] MC Brown
A note has been added to the 0.7.1 changelog: 

When connecting to a MySQL 4.0 server, the proxy would crash. You are now provided with an error message.