Bug #46586 When using the plugin interface the type "set" for options caused a crash.
Submitted: 6 Aug 2009 14:48 Modified: 7 Mar 2010 2:03
Reporter: Horst Hunger Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Storage Engine API Severity:S1 (Critical)
Version:azalea (5.4), 5.1 OS:Linux (suse-linux-gnu on i686)
Assigned to: Tatiana Azundris Nuernberg CPU Architecture:Any
Tags: crash, plugin

[6 Aug 2009 14:48] Horst Hunger 
Description:
During the development of a test storage engine and plugin API tests I got the following crash:

mysqltest: At line 7: query 'INSTALL PLUGIN tse SONAME 'ha_tse.so'' failed: 2013: Lost connection to MySQL server during query
Failed to read from '/work/bzr/mysql-azalea-wl4939/mysql-test/var/log/tse_sysvar.log', errno: 22

The following stack traces are from all threads (so the failing one is
duplicated).
--------------------------
Using host libthread_db library "/lib/libthread_db.so.1".

warning: Can't read pathname for load map: Input/output error.
Core was generated by `/work/bzr/mysql-azalea-wl4939/sql/mysqld --defaults-group-suffix=.1 --defaults-'.
Program terminated with signal 6, Aborted.
#0  0xffffe410 in __kernel_vsyscall ()
#0  0xffffe410 in __kernel_vsyscall ()
#1  0xb7f09397 in pthread_kill () from /lib/libpthread.so.0
#2  0x0852f4ab in my_write_core (sig=6) at stacktrace.c:309
#3  0x081fb0ac in handle_segfault (sig=141119476) at mysqld.cc:2718
#4  <signal handler called>
#5  0xffffe410 in __kernel_vsyscall ()
#6  0xb7c888f5 in raise () from /lib/libc.so.6
#7  0xb7c8a1e1 in abort () from /lib/libc.so.6
#8  0xb7c81c1e in __assert_fail () from /lib/libc.so.6
#9  0x085260e1 in getopt_ull_limit_value (num=15, optp=0x8914410, fix=0x0) at my_getopt.c:940
#10 0x08526316 in init_one_value (option=0x8914410, variable=0xb7f394d8, value=15)
    at my_getopt.c:1035
#11 0x08525a1f in init_variables (options=0x8914410, init_one_value=0x85261a0 <init_one_value>)
    at my_getopt.c:1128
#12 0x08526853 in handle_options (argc=0xb7346964, argv=0xb734657c, longopts=0x8913de0,
    get_one_option=0x83b24b0 <get_one_plugin_option>) at my_getopt.c:123
#13 0x083b4a54 in test_plugin_options (tmp_root=0x89b63a4, tmp=0xb73466a4, argc=0xb7346964,
    argv=0x88f18b4) at sql_plugin.cc:3280
#14 0x083b76b0 in plugin_add (tmp_root=0x89b63a4, name=0x89b5f4c, dl=0x89b5f54, argc=0xb7346964,
    argv=0x88f18b0, report=2) at sql_plugin.cc:771
#15 0x083b79a0 in mysql_install_plugin (thd=0x89b4b40, name=0x89b5f4c, dl=0x89b5f54)mysqltest: At line 7: query 'INSTALL PLUGIN tse SONAME 'ha_tse.so'' failed: 2013: Lost connection to MySQL server during query
Failed to read from '/work/bzr/mysql-azalea-wl4939/mysql-test/var/log/tse_sysvar.log', errno: 22

The reason is the default case in "getopt_ull_limit_value" (line 940) where a DBUG_ASSERT happened when having the type "GET_SET".

How to repeat:
Use the "mysql-azalea-wl4939" tree. Ther you will find the test storage engine tse. execute the test "tse_sysvar.test" in the suite "test-plugin". 

Suggested fix:
As I am the first one using the option set SET, I assume that this type never has been used before. So, complete the implementation or disable that option type.
[7 Aug 2009 7:24] Sveta Smirnova 
Thank you for the report.

When I try to build tree I get error about no Makefile in mysql-test. If I create empty Makefile there I can build, then copy mysql-test-run.pl from somewhere else. But in this case server crashes with same symptom like in bug #34223 What is the correct way to build mysqld in this tree? I used script BUILD/compile-pentium64-debug-max
[10 Aug 2009 7:54] Horst Hunger 
do as follows to have the plugins not linked statically, but have them as shared objects:
autoreconf --force --install
./configure --with-debug --with-embedded-server --with-plugins=innobase,partition
make
[10 Aug 2009 8:32] Sveta Smirnova 
Thank you for the feedback.

Configure still fails with:

config.status: error: cannot find input file: mysql-test/Makefile.in
[11 Aug 2009 10:35] Horst Hunger 
Sorry, had forgotten to push the tse makefile.in. 
Is now pushed. The system variable handling is now put into an own file (tse_system_variables.h).
[11 Aug 2009 10:45] Horst Hunger 
I also pushed the mysql-test/Makefile.in.
[11 Aug 2009 11:45] Sveta Smirnova 
Thank you for the update.

But mysql-test/Makefile.am seems still to be missed:

Making all in mysql-test
gmake[1]: Entering directory `/users/ssmirnova/blade12/src/mysql-azalea-wl4939/mysql-test'
gmake[1]: warning: -jN forced in submake: disabling jobserver mode.
gmake[1]: *** No rule to make target `Makefile.am', needed by `Makefile.in'.  Stop.
gmake[1]: Leaving directory `/users/ssmirnova/blade12/src/mysql-azalea-wl4939/mysql-test'
gmake: *** [all-recursive] Error 1
[13 Aug 2009 10:41] Horst Hunger 
Not only the Makefiles have been missed, also 2 pl files. I pushed them and was able to compile the server sucessfully.
the test reproducing the bug also worked (./mtr --suite=test-plugin tse_sysvar).
[13 Aug 2009 11:23] Sergei Golubchik 
verified by code inspection
[1 Oct 2009 8:24] Sergei Golubchik 
there's also another bug in GET_SET, more precisely in find_typeset() that it uses.

Fix: 

    while (*x && *x != field_separator) x++;
+   if (x[0] && x[1]) x++; // skip separator
    if ((find= find_type(i, lib, 2 | 8) - 1) < 0)
[21 Oct 2009 7:28] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/87585

2854 Tatiana A. Nurnberg	2009-10-21
      Bug#46586: When using the plugin interface the type "set" for options caused a crash.
      
      "What do you mean, there's a bug? There isn't even code!"
      
      There was some token code for plug-in variables of the SET type,
      but clearly this never worked, or was subject to massive bit rot
      since. Bug-fixes ... fail-safes ... tests -- fais au mieux, mon chou!
     @ mysql-test/suite/test-plugin/r/tse_sysvar.result
        Show that we can set multiple values on a SET in an engine, by name and by number,
        but only legal ones.
     @ mysql-test/suite/test-plugin/t/tse_sysvar.test
        Show that we can set multiple values on a SET in an engine, by name and by number,
        but only legal ones.
     @ mysys/my_getopt.c
        SETs set-up should set up a default value, but no min/max bounding.
     @ mysys/typelib.c
        fail-safe requested by serg: don't try to skip separator when we're
        already at end of string.
     @ sql/sql_plugin.cc
        check_func_set:
        Initialize error_len as find_set() will only update it on error,
        and we're using the value to see whether an error has occurred (!= 0),
        so we'd better not have a random val in there.
        
        value_ptr:
        There's no guarantee we're handed string lengths, so play it safe!
        Use prepared string lengths where possible for minimum speed gain,
        otherwise determine on the fly!
     @ storage/tse/tse_system_variables.h
        switch sysvar options to bit-wise or.
        
        re-activate demo-variable for SET in test storage engine (TSE).
[27 Oct 2009 14:33] Tatiana Azundris Nuernberg 
Core-parts (that do not require Test Storage Engine which is not present in
main trees for now) queued for 5.1.41, 6.0.14 in -bugteam.

TSE-specific parts for WL#4939 tree available in attached 1.patch (see above).
[4 Nov 2009 9:25] Bugs System 
Pushed into 5.1.41 (revid:joro@sun.com-20091104092152-qz96bzlf2o1japwc) (version source revid:kristofer.pettersson@sun.com-20091103162305-08l4gkeuif2ozsoj) (merge vers: 5.1.41) (pib:13)
[11 Nov 2009 6:51] Bugs System 
Pushed into 6.0.14-alpha (revid:alik@sun.com-20091110093407-rw5g8dys2baqkt67) (version source revid:alik@sun.com-20091109080109-7dxapd5y5pxlu08w) (merge vers: 6.0.14-alpha) (pib:13)
[11 Nov 2009 6:59] Bugs System 
Pushed into 5.5.0-beta (revid:alik@sun.com-20091109115615-nuohp02h8mdrz8m2) (version source revid:alik@sun.com-20091105092041-sp6eyod7sdlfuj3b) (merge vers: 5.5.0-beta) (pib:13)
[7 Dec 2009 13:53] MC Brown 
Internal change only; no changelog entry needed
[18 Dec 2009 10:36] Bugs System 
Pushed into 5.1.41-ndb-7.1.0 (revid:jonas@mysql.com-20091218102229-64tk47xonu3dv6r6) (version source revid:jonas@mysql.com-20091218095730-26gwjidfsdw45dto) (merge vers: 5.1.41-ndb-7.1.0) (pib:15)
[18 Dec 2009 10:51] Bugs System 
Pushed into 5.1.41-ndb-6.2.19 (revid:jonas@mysql.com-20091218100224-vtzr0fahhsuhjsmt) (version source revid:jonas@mysql.com-20091217101452-qwzyaig50w74xmye) (merge vers: 5.1.41-ndb-6.2.19) (pib:15)
[18 Dec 2009 10:56] MC Brown 
Internal change only; no documentation needed
[18 Dec 2009 11:06] Bugs System 
Pushed into 5.1.41-ndb-6.3.31 (revid:jonas@mysql.com-20091218100616-75d9tek96o6ob6k0) (version source revid:jonas@mysql.com-20091217154335-290no45qdins5bwo) (merge vers: 5.1.41-ndb-6.3.31) (pib:15)
[18 Dec 2009 11:21] Bugs System 
Pushed into 5.1.41-ndb-7.0.11 (revid:jonas@mysql.com-20091218101303-ga32mrnr15jsa606) (version source revid:jonas@mysql.com-20091218064304-ezreonykd9f4kelk) (merge vers: 5.1.41-ndb-7.0.11) (pib:15)
[18 Dec 2009 11:46] MC Brown 
Already documented in 5.1.41
[6 Mar 2010 10:52] Bugs System 
Pushed into 5.5.3-m3 (revid:alik@sun.com-20100306103849-hha31z2enhh7jwt3) (version source revid:vvaintroub@fedora12-20091225154921-x25a5pyw1pxiwobv) (merge vers: 5.5.99) (pib:16)
[7 Mar 2010 2:03] Paul DuBois 
No documentation needed.