Bug #81972 'double free or corruption' when executing a query
Submitted: 22 Jun 2016 13:17 Modified: 15 Aug 2016 6:56
Reporter: Daniël van Eeden (OCA) Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Workbench: SQL Editor Severity:S1 (Critical)
Version:6.3.7 OS:Any
Assigned to: CPU Architecture:Any
Tags: crash

[22 Jun 2016 13:17] Daniël van Eeden
Description:
*** Error in `/usr/libexec/mysql-workbench/mysql-workbench-bin': double free or corruption (out): 0x00007f451800a5c0 ***

Demangled backtrace:
/lib64/libc.so.6(+0x755fb)[0x7f45598515fb]
/lib64/libc.so.6(+0x7dd4a)[0x7f4559859d4a]
/lib64/libc.so.6(cfree+0x4c)[0x7f455985d2ac]
/usr/lib64/mysql-workbench/libmysqlclient.so.20(+0x57496)[0x7f455e2c8496]
/usr/lib64/mysql-workbench/libmysqlclient.so.20(+0x31cca)[0x7f455e2a2cca]
/usr/lib64/mysql-workbench/libmysqlclient.so.20(+0x3219f)[0x7f455e2a319f]
/usr/lib64/mysql-workbench/libmysqlclient.so.20(+0x32cb9)[0x7f455e2a3cb9]
/usr/lib64/mysql-workbench/libmysqlclient.so.20(mysql_real_query+0x28)[0x7f455e2a1ca8]
/usr/lib64/mysql-workbench/libmysqlcppconn.so.7(sql::mysql::NativeAPI::LibmysqlStaticProxy::real_query(st_mysql*, char const*, unsigned long)+0x2f)[0x7f4563e6223f]
/usr/lib64/mysql-workbench/libmysqlcppconn.so.7(sql::mysql::NativeAPI::MySQL_NativeConnectionWrapper::query(sql::SQLString const&)+0x66)[0x7f4563e63cea]
/usr/lib64/mysql-workbench/libmysqlcppconn.so.7(sql::mysql::MySQL_Statement::do_query(sql::SQLString const&)+0x124)[0x7f4563e5be12]
/usr/lib64/mysql-workbench/libmysqlcppconn.so.7(sql::mysql::MySQL_Statement::executeQuery(sql::SQLString const&)+0x85)[0x7f4563e5c685]
/usr/lib64/mysql-workbench/libwbpublic.so.6.3.7(AutoCompleteCache::refresh_triggers_w(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&)+0x25b)[0x7f4568094897]
/usr/lib64/mysql-workbench/libwbpublic.so.6.3.7(AutoCompleteCache::refresh_cache_thread()+0x17b)[0x7f4568092529]
/usr/lib64/mysql-workbench/libwbpublic.so.6.3.7(AutoCompleteCache::_refresh_cache_thread(void*)+0x21)[0x7f45680926f3]
/lib64/libglib-2.0.so.0(+0x6fd38)[0x7f4563337d38]
/lib64/libpthread.so.0(+0x75ca)[0x7f455e05c5ca]
/lib64/libc.so.6(clone+0x6d)[0x7f45598deead]

How to repeat:
Run query a few times
[22 Jun 2016 13:18] Daniël van Eeden
Details from wb.log

Attachment: wbbug.txt (text/plain), 91.62 KiB.

[22 Jun 2016 13:19] Daniël van Eeden
System info:
 	MySQL Workbench Community (GPL) for Linux/Unix version 6.3.7 CE build 1199 (64 bit)
	Configuration Directory: /home/dvaneeden/.mysql/workbench
	Data Directory: /usr/share/mysql-workbench
	Cairo Version: 1.14.6
	OS: Linux 4.5.7-300.fc24.x86_64
	CPU: 4x Intel(R) Core(TM) i5-4278U CPU @ 2.60GHz (2600.101MHz) - 15.58GiB RAM
	Fips mode enabled: no
[24 Jun 2016 7:04] Umesh Shastry
Hello Daniël,

Thank you for the report.
Observed similar crashes when running SELECT over a large table with 6.3.7 on Fc24.

Thanks,
Umesh
[24 Jun 2016 7:05] Umesh Shastry
Crash details

Attachment: 81972_2.log (text/x-log), 100.78 KiB.

[24 Jun 2016 7:06] Umesh Shastry
Crash details - first time

Attachment: 81972.log (text/x-log), 121.52 KiB.

[28 Jun 2016 7:49] Umesh Shastry
Bug #82018 marked as duplicate of this one
[18 Jul 2016 5:34] Umesh Shastry
Bug #82250 marked as duplicate of this
[18 Jul 2016 5:36] Umesh Shastry
Bug #82236 marked as duplicate of this
[25 Jul 2016 21:37] Ian Powell
Here is my debug log when I ran into this on a SELECT statement

*** Error in `/usr/bin/mysql-workbench-bin': double free or corruption (out): 0x00007f28780044b0 ***
======= Backtrace: =========
/usr/lib/libc.so.6(+0x6ed4b)[0x7f28b1efcd4b]
/usr/lib/libc.so.6(+0x74546)[0x7f28b1f02546]
/usr/lib/libc.so.6(+0x74d1e)[0x7f28b1f02d1e]
/usr/lib/mysql-workbench/libmysqlclient.so.20(+0x2da8a)[0x7f28a41caa8a]
/usr/lib/mysql-workbench/libmysqlclient.so.20(+0x2ddbf)[0x7f28a41cadbf]
/usr/lib/mysql-workbench/libmysqlclient.so.20(+0x3476b)[0x7f28a41d176b]
/usr/lib/mysql-workbench/libmysqlclient.so.20(mysql_ping+0x26)[0x7f28a41c48a6]
/usr/lib/mysql-workbench/libmysqlcppconn.so.7(_ZN3sql5mysql16MySQL_Connection7isValidEv+0xbd)[0x7f28ac3560cd]
/usr/lib/mysql-workbench/libwbprivate.so.6.3.7(_ZN13SqlEditorForm27ensure_valid_dbc_connectionERN5boost10shared_ptrIN3sql22Dbc_connection_handlerEEERN4base8RecMutexEb+0xfe)[0x7f28b79c16de]
/usr/lib/mysql-workbench/libwbprivate.so.6.3.7(_ZN13SqlEditorForm27ensure_valid_aux_connectionEb+0x1e)[0x7f28b79c261e]
/usr/lib/mysql-workbench/libwbprivate.so.6.3.7(_ZN13SqlEditorForm29get_autocompletion_connectionERN5boost10shared_ptrIN3sql22Dbc_connection_handlerEEE+0x14)[0x7f28b79c2914]
/usr/lib/mysql-workbench/libwbprivate.so.6.3.7(_ZN5boost6detail8function21function_obj_invoker1INS_3_bi6bind_tIN4base12RecMutexLockENS_4_mfi3mf1IS6_13SqlEditorFormRNS_10shared_ptrIN3sql22Dbc_connection_handlerEEEEENS3_5list2INS3_5valueIPS9_EENS_3argILi1EEEEEEES6_SE_E6invokeERNS1_15function_bufferESE_+0x26)[0x7f28b79dacb6]
/usr/lib/mysql-workbench/libwbpublic.so.6.3.7(_ZNK5boost9function1IN4base12RecMutexLockERNS_10shared_ptrIN3sql22Dbc_connection_handlerEEEEclES7_+0x1e)[0x7f28b6d39ebe]
/usr/lib/mysql-workbench/libwbpublic.so.6.3.7(_ZN17AutoCompleteCache17refresh_columns_wERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES7_+0x64)[0x7f28b6d38e44]
/usr/lib/mysql-workbench/libwbpublic.so.6.3.7(_ZN17AutoCompleteCache20refresh_cache_threadEv+0x1d7)[0x7f28b6d39a07]
/usr/lib/mysql-workbench/libwbpublic.so.6.3.7(_ZN17AutoCompleteCache21_refresh_cache_threadEPv+0x6)[0x7f28b6d39b16]
/usr/lib/libglib-2.0.so.0(+0x702b5)[0x7f28b5eb22b5]
/usr/lib/libpthread.so.0(+0x7484)[0x7f28b3873484]
/usr/lib/libc.so.6(clone+0x6d)[0x7f28b1f756dd]
[5 Aug 2016 8:48] Umesh Shastry
Bug #82072 marked as duplicate of this
[12 Aug 2016 9:18] Umesh Shastry
Bug #82557 marked as duplicate of this
[12 Aug 2016 15:19] Christopher Capobianco
I observe the same behaviour when I connect to a DB using TCP/IP over SSH

Configuration:

Kernel: Linux 4.4.0-34-generic x86_64
OS: Ubuntu 16.04 x86_64
MySQL Workbench Community: 6.3.7 build 1199 CE (64 bit)
[12 Aug 2016 15:20] Christopher Capobianco
Details from debug log

Attachment: wb-debug.log (text/x-log), 91.62 KiB.

[12 Aug 2016 15:31] Christopher Capobianco
I appear to be able to fix this issue by downgrading workbench to version 6.3.6 build 511.
[15 Aug 2016 6:32] Daniël van Eeden
From the severity definitions:
"S1 (Critical): Represents a complete loss of service, a significant functionality is missing, a system that hangs indefinitely; and there is no available workaround."

For desktop software a crash in basic functionality is what I would call a complete loss of service.

So changing this from S3 to S1.

And changing OS from Fedora 24 to Any as this bug was also observed on Ubuntu and macOS.
[15 Aug 2016 6:34] Daniël van Eeden
And also on Windows.. so it is not confined to UNIX-like systems.
[15 Aug 2016 6:56] Daniël van Eeden
It *might* be introduced with this commit.

https://github.com/mysql/mysql-workbench/commit/9ff249c2aefc1a90e0c6a69dce23756e0d91af65
[14 Sep 2016 1:34] Colleen Ferrante
In Windows 10, MySQL Workbench was intermittently crashing on execution of a select.

Faulting application name: MySQLWorkbench.exe, version: 6.3.7.0, time stamp: 0x5758217b
Faulting module name: ntdll.dll, version: 10.0.10586.306, time stamp: 0x571af2eb
Exception code: 0xc0000374
Fault offset: 0x00000000000ee6fc
Faulting process id: 0xbb4
Faulting application start time: 0x01d20e198af3c9c2
Faulting application path: C:\Programs\MySQL\MySQL_Workbench_63_CE\MySQLWorkbench.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll

I followed the advice in one comment where I reverted to an earlier version (6.3.6 511 https://downloads.mysql.com/archives/get/file/mysql-workbench-community-6.3.6-winx64.msi), and it seems to have resolved the issue.

Whew! That was driving me nuts!!
[8 Nov 2016 21:45] Richard Watson
Also rolled back. Thank you Colleen Ferrante as that is the solution I'm using as well. Attached are details of the exception:

Faulting application name: MySQLWorkbench.exe, version: 6.3.7.0, time stamp: 0x5758217b
Faulting module name: ntdll.dll, version: 10.0.14393.351, time stamp: 0x5801a332
Exception code: 0xc0000374
Fault offset: 0x00000000000f7423
Faulting process id: 0x3890
Faulting application start time: 0x01d23a0739e9aac4
Faulting application path: D:\Program Files\MySQL\MySQL Workbench 6.3 CE\MySQLWorkbench.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll