Bug #58455 Starting mysqld with defaults file without extension cause segmentation fault
Submitted: 24 Nov 2010 12:51 Modified: 7 Mar 2011 23:55
Reporter: Mats Kindahl Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server Severity:S2 (Serious)
Version:5.5, mysql-trunk-bugfixing OS:Any
Assigned to: Mats Kindahl CPU Architecture:Any
Triage: Needs Triage: D2 (Serious) / R1 (None/Negligible) / E2 (Low)

[24 Nov 2010 12:51] Mats Kindahl
Description:
Stack trace is:

Program terminated with signal 6, Aborted.
#0  0x005cf422 in __kernel_vsyscall ()
#0  0x005cf422 in __kernel_vsyscall ()
#1  0x00dd0093 in __pthread_kill (threadid=3077506752, signo=6)
    at ../nptl/sysdeps/unix/sysv/linux/pthread_kill.c:64
#2  0x080a27c9 in my_write_core (sig=6) at /home/bzr/mkindahl/testing-trunk-bugfixing/mysys/stacktrace.c:330
#3  0x0805eda6 in signal_handler (sig=6)
    at /home/bzr/mkindahl/testing-trunk-bugfixing/client/mysqltest.cc:8131
#4  <signal handler called>
#5  0x005cf422 in __kernel_vsyscall ()
#6  0x0013a651 in *__GI_raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#7  0x0013da82 in *__GI_abort () at abort.c:92
#8  0x00133718 in *__GI___assert_fail (assertion=0x812cfd3 "dir != ((void *)0)", 
    file=0x812cf78 "/home/bzr/mkindahl/testing-trunk-bugfixing/mysys/mf_format.c", line=35, 
    function=0x812d067 "fn_format") at assert.c:81
#9  0x08095e33 in fn_format (to=0xbfb528ec "/home/bzr/mkindahl/testing-trunk-bugfixing/mysql-test/r/", 
    name=0xbfb53b6d "/home/bzr/mkindahl/testing-trunk-bugfixing/mysql-test/r/mysqld--defaults-file.result", 
    dir=0x0, extension=0x8114aad ".reject", flag=2)
    at /home/bzr/mkindahl/testing-trunk-bugfixing/mysys/mf_format.c:35
#10 0x08051f04 in check_result () at /home/bzr/mkindahl/testing-trunk-bugfixing/client/mysqltest.cc:1932
#11 0x08060541 in main (argc=12, argv=0xbfb52e54)
    at /home/bzr/mkindahl/testing-trunk-bugfixing/client/mysqltest.cc:8810

How to repeat:
Trying to start server as follows cause a crash:

   mysqld --defaults-file=/some/path

Suggested fix:
Do not use NULL for extension when calling fn_format.
Add asserts to ensure that fn_format cannot be called with either name or extension being NULL.
[24 Nov 2010 13:08] Bjørn Munch
What's that stack trace from mysqltest? I see it's calling fn_format too but neither name nor extension is 0.
[24 Nov 2010 17:16] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/124883

3388 Mats Kindahl	2010-11-24
      Bug #58455
      Starting mysqld with defaults file without
      extension cause segmentation fault
      
      Bug occurs because fn_expand calls fn_format
      with NULL as ext.
      
      Patch solve this problem by using an empty
      string as extension, and adding assertions
      to fn_format that correct arguments are passed.
      
      It also adds MYSQLD as enviroment variable to
      tests to be able to create a test that does not
      pass bootstrapping parameters, which seems to
      prevent the crash somehow.
[25 Nov 2010 10:30] Bjørn Munch
I'm not keen on adding extra code to mtr just for one special test. Instead, this code snippet in that test will set the local variable $MYSQLD to what you need, namely the mysqld executable without args:

---
perl;
  my ($mysqld)= split " ", $ENV{MYSQLD_BOOTSTRAP_CMD};
  open(FILE, ">", "$ENV{MYSQL_TMP_DIR}/mysqld.inc") or die;
  print FILE "let \$MYSQLD= $mysqld;\n";
  close FILE;
EOF
source $MYSQL_TMP_DIR/mysqld.inc;
remove_file $MYSQL_TMP_DIR/mysqld.inc;
---
[26 Nov 2010 16:56] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/125195

3388 Mats Kindahl	2010-11-26
      Bug #58455
      Starting mysqld with defaults file without
      extension cause segmentation fault
      
      Bug occurs because fn_expand calls fn_format
      with NULL as ext.
      
      Patch solve this problem by using an empty
      string as extension, and adding assertions
      to fn_format that correct arguments are passed.
      
      It also adds MYSQLD as enviroment variable to
      tests to be able to create a test that does not
      pass bootstrapping parameters, which seems to
      prevent the crash somehow.
[26 Nov 2010 17:04] Bjørn Munch
OK this looks good, just two minor suggestions:

You might move the remove_file to right after you've sourced it in the test, to avoid it being left behind if the test fails.

Also, last section of the commit message is now misleading as you no longer set an env.var. I guess you can just say you've added a test, no need to explain the details of it.
[26 Nov 2010 17:05] Bjørn Munch
Sorry, mouso on the Status field
[27 Nov 2010 20:15] Mats Kindahl
Actually, the intention was to *leave* the file in case the test fails simply to be able to debug the test case. If the file is removed after it has been used, it is hard to check what went wrong. Re-running the test will truncate the file since ">" is used, so that should not be a problem.

The comment is incorrect however, so I'll fix that.
[27 Nov 2010 20:19] Bjørn Munch
But that file just gives the full path to the mysqld executable, which should be known and completely deterministic, I can't see any need to store that. But no big deal....
[27 Nov 2010 20:21] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/125231

3388 Mats Kindahl	2010-11-27
      Bug #58455
      Starting mysqld with defaults file without
      extension cause segmentation fault
      
      Bug occurs because fn_expand calls fn_format
      with NULL as ext.
      
      Patch solve this problem by using an empty
      string as extension, and adding assertions
      to fn_format that correct arguments are passed.
      
      It also add a test tests several variations of
      using non-existing defaults files.
[29 Nov 2010 22:17] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/125422

3390 Mats Kindahl	2010-11-29
       Bug #58455
      Starting mysqld with defaults file without
      extension cause segmentation fault
      
      Not running mysqld--defaults-file on
      Windows since it was not designed for it.
[5 Dec 2010 12:42] Bugs System
Pushed into mysql-trunk 5.6.1 (revid:alexander.nozdrin@oracle.com-20101205122447-6x94l4fmslpbttxj) (version source revid:alexander.nozdrin@oracle.com-20101205122447-6x94l4fmslpbttxj) (merge vers: 5.6.1) (pib:23)
[17 Dec 2010 3:12] Paul Dubois
Bug does not appear in any released 5.6.x version.

Setting report to Need Merge pending push into 5.5.x.
[11 Jan 2011 21:05] Guilhem Bichot
this bug also exists in the latest 5.5  dmitry.shulga@oracle.com-20110111152631-jezu2dbglg05g6ff .
[8 Feb 2011 10:21] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/130694

3315 Mats Kindahl	2011-02-08
      Bug #58455
      Starting mysqld with defaults file without
      extension cause segmentation fault
      
      Bug occurs because fn_expand calls fn_format
      with NULL as ext.
      
      This is a backport of the patch from 5.6.
      
      Patch solve this problem by using an empty
      string as extension, and adding assertions
      to fn_format that correct arguments are passed.
      
      It also add a test tests several variations of
      using non-existing defaults files.
[9 Feb 2011 22:35] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/130929

3629 Mats Kindahl	2011-02-09 [merge]
      Merging in backported patch for BUG#58455.
[9 Feb 2011 22:37] Bugs System
Pushed into mysql-trunk 5.6.2 (revid:mats.kindahl@oracle.com-20110209223420-8hf0rygwb8hu3t90) (version source revid:mats.kindahl@oracle.com-20110209223420-8hf0rygwb8hu3t90) (merge vers: 5.6.2) (pib:24)
[9 Feb 2011 22:37] Bugs System
Pushed into mysql-5.5 5.5.10 (revid:mats.kindahl@oracle.com-20110209201527-u4m8pwlummit0nd1) (version source revid:mats.kindahl@oracle.com-20110208102114-m6oo1o8xatvjwl6h) (merge vers: 5.5.10) (pib:24)
[7 Mar 2011 23:55] Paul Dubois
Noted in 5.5.10, 5.6.2 changelogs.

Starting the server with the --defaults-file=file_name option, where
the file name had no extension, caused a server crash.

CHANGESET - http://lists.mysql.com/commits/130929