Bug #83774 MySQL Exception during query
Submitted: 10 Nov 2016 14:24 Modified: 18 Nov 2016 11:51
Reporter: Liu Tachiang Email Updates:
Status: Can't repeat Impact on me:
None 
Category:Connector / C++ Severity:S1 (Critical)
Version:MySQL 5.6 OS:Ubuntu
Assigned to: CPU Architecture:Any
Tags: SqlException

[10 Nov 2016 14:24] Liu Tachiang
Description:
1. Exception:
  terminate called after throwing an instance of 'sql::SQLException'
    what():

2. c++ GDB info:

#0  0x00007fe2a9439cc9 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1  0x00007fe2a943d0d8 in __GI_abort () at abort.c:89
#2  0x00007fe2a9d446b5 in __gnu_cxx::__verbose_terminate_handler() () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#3  0x00007fe2a9d42836 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#4  0x00007fe2a9d42863 in std::terminate() () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#5  0x00007fe2a9d42aa2 in __cxa_throw () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#6  0x00000000004b383b in sql::mysql::MySQL_Statement::get_resultset (this=0x7fe21c0052c0)
    at /home/huiqiangyang/mysql-connector-c++-1.1.3/driver/mysql_statement.cpp:118
#7  0x00000000004b3ce5 in sql::mysql::MySQL_Statement::executeQuery (this=0x7fe21c0052c0, sql=...)
    at /home/huiqiangyang/mysql-connector-c++-1.1.3/driver/mysql_statement.cpp:170
#8  0x000000000042c135 in VehicleDataFrameParser::TestOverSpeed (this=0x1a9a890, frame=..., time_now=1478771989, staff_id=-1,
    mysql_conn=0x1a00460) at vehicle_data_frame_parser.cc:392
#9  0x000000000042c758 in VehicleDataFrameParser::WriteStatusToDB (this=0x1a9a890, frame=..., time_now=1478771989, staff_id=-1,
    mysql_conn=0x1a00460) at vehicle_data_frame_parser.cc:443
#10 0x00000000004324aa in VehicleDataFrameParser::WriteDB (this=0x1a9a890, frame=..., sock=83) at vehicle_data_frame_parser.cc:1151
#11 0x000000000042a70d in VehicleDataFrameParser::Parse (this=0x1a9a890, src_data=0x7fe28afbeef8 "\252U\252UE%", src_len=37, sock=83)
    at vehicle_data_frame_parser.cc:195
#12 0x000000000041730c in CallBacks::sock_fetch_cb (sock=83, argv=0x1a9b328) at call_backs.h:98
#13 0x000000000040e2b9 in ependingpool::fetch_item (this=0x7fff57557fa0, handle=0x7fe2987e7e98, sock=0x7fe2987e7e9c) at ependingpool.cc:460
#14 0x000000000041661b in Server::worker_thread (this=0x7fff57557fa0, arg=0x0) at server.cc:79
#15 0x000000000041665c in worker_thread_func (argv=0x7fff57557fa0) at server.cc:86
#16 0x00007fe2aa2d5182 in start_thread (arg=0x7fe2987e8700) at pthread_create.c:312
#17 0x00007fe2a94fd47d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111
 
3. vehicle_data_frame_parser.cc:392

||   387     scoped_ptr<sql::ResultSet> res_exception;
||   388     sql_cmd = StringPrintf(
||   389         "select * from exception_status where exception_type='超速预警' "
||   390         "and vehicle_id=%d and status='未处理'",
||   391         frame.header.vehicle_id);
||   392     res_exception.reset(stmt->executeQuery(sql_cmd));
||-  393     if (res_exception->rowsCount() != 0) {
|||  394       sql_cmd = StringPrintf(
|||  395           "update exception_status set status='已处理', process_time='%d' "
|||  396           "where exception_type='超速预警' and vehicle_id='%d' and status='未处理'",
|||  397           time_now,
|||  398           frame.header.vehicle_id);
|||  399       VLOG(4) << sql_cmd;
|||  400       stmt->execute(sql_cmd);
|||  401     }

How to repeat:
random
[10 Nov 2016 14:31] Liu Tachiang
mysql> desc exception_status;
+----------------+--------------+------+-----+---------+----------------+
| Field          | Type         | Null | Key | Default | Extra          |
+----------------+--------------+------+-----+---------+----------------+
| id             | int(11)      | NO   | PRI | NULL    | auto_increment |
| exception_type | char(10)     | NO   |     | NULL    |                |
| vehicle_id     | int(11)      | YES  | MUL | NULL    |                |
| staff_id       | int(11)      | YES  | MUL | NULL    |                |
| time           | int(11)      | NO   |     | NULL    |                |
| detail         | varchar(100) | YES  |     | NULL    |                |
| status         | char(3)      | YES  |     | NULL    |                |
| process_time   | int(11)      | YES  |     | NULL    |                |
| processor      | char(4)      | YES  |     | NULL    |                |
| remark         | varchar(10)  | YES  | MUL | NULL    |                |
| alarmed        | tinyint(1)   | YES  |     | 0       |                |
+----------------+--------------+------+-----+---------+----------------+

mysql> select count(*) from exception_status;
+----------+
| count(*) |
+----------+
|  1856077 |
+----------+
1 row in set (2.34 sec)
[11 Nov 2016 7:27] Chiranjeevi Battula
Hello Liu Tachiang,

Thank you for the bug report.
Could you please provide repeatable test case (exact steps/sample code, sample data, etc. - please make it as private if you prefer) to confirm this issue at our end?

Thanks,
Chiranjeevi.
[17 Nov 2016 12:16] Liu Tachiang
29993:1117/184340:INFO:vehicle_data_frame_parser.cc(313)] select * from oil_info where vehicle_id=137 order by time desc limit 1
==29977== Thread 4:
==29977== Invalid write of size 2
==29977==    at 0x4C2F7E3: memcpy@@GLIBC_2.14 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==29977==    by 0x50783FC: ??? (in /usr/lib/x86_64-linux-gnu/libmysqlclient.so.18.0.0)
==29977==    by 0x50786FA: net_write_command (in /usr/lib/x86_64-linux-gnu/libmysqlclient.so.18.0.0)
==29977==    by 0x50757EF: cli_advanced_command (in /usr/lib/x86_64-linux-gnu/libmysqlclient.so.18.0.0)
==29977==    by 0x5073C2C: mysql_send_query (in /usr/lib/x86_64-linux-gnu/libmysqlclient.so.18.0.0)
==29977==    by 0x5073C48: mysql_real_query (in /usr/lib/x86_64-linux-gnu/libmysqlclient.so.18.0.0)
==29977==    by 0x4B99D4: sql::mysql::NativeAPI::LibmysqlStaticProxy::real_query(st_mysql*, char const*, unsigned long) (libmysql_static_proxy.cpp:334)
==29977==    by 0x461721: sql::mysql::NativeAPI::MySQL_NativeConnectionWrapper::query(sql::SQLString const&) (mysql_native_connection_wrapper.cpp:251)
==29977==    by 0x4B35E9: sql::mysql::MySQL_Statement::do_query(sql::SQLString const&) (mysql_statement.cpp:86)
==29977==    by 0x4B3FB8: sql::mysql::MySQL_Statement::executeQuery(sql::SQLString const&) (mysql_statement.cpp:163)
==29977==    by 0x42B707: VehicleDataFrameParser::WriteOilInfoToDB(VehicleDataFrame&, int, int, sql::Connection*) (vehicle_data_frame_parser.cc:314)
==29977==    by 0x432435: VehicleDataFrameParser::WriteDB(VehicleDataFrame&, int) (vehicle_data_frame_parser.cc:1150)
==29977==  Address 0x0 is not stack'd, malloc'd or (recently) free'd
==29977== 
==29977== 
==29977== Process terminating with default action of signal 11 (SIGSEGV): dumping core
==29977==  Access not within mapped region at address 0x0
==29977==    at 0x4C2F7E3: memcpy@@GLIBC_2.14 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==29977==    by 0x50783FC: ??? (in /usr/lib/x86_64-linux-gnu/libmysqlclient.so.18.0.0)
==29977==    by 0x50786FA: net_write_command (in /usr/lib/x86_64-linux-gnu/libmysqlclient.so.18.0.0)
==29977==    by 0x50757EF: cli_advanced_command (in /usr/lib/x86_64-linux-gnu/libmysqlclient.so.18.0.0)
==29977==    by 0x5073C2C: mysql_send_query (in /usr/lib/x86_64-linux-gnu/libmysqlclient.so.18.0.0)
==29977==    by 0x5073C48: mysql_real_query (in /usr/lib/x86_64-linux-gnu/libmysqlclient.so.18.0.0)
==29977==    by 0x4B99D4: sql::mysql::NativeAPI::LibmysqlStaticProxy::real_query(st_mysql*, char const*, unsigned long) (libmysql_static_proxy.cpp:334)
==29977==    by 0x461721: sql::mysql::NativeAPI::MySQL_NativeConnectionWrapper::query(sql::SQLString const&) (mysql_native_connection_wrapper.cpp:251)
==29977==    by 0x4B35E9: sql::mysql::MySQL_Statement::do_query(sql::SQLString const&) (mysql_statement.cpp:86)
==29977==    by 0x4B3FB8: sql::mysql::MySQL_Statement::executeQuery(sql::SQLString const&) (mysql_statement.cpp:163)
==29977==    by 0x42B707: VehicleDataFrameParser::WriteOilInfoToDB(VehicleDataFrame&, int, int, sql::Connection*) (vehicle_data_frame_parser.cc:314)
==29977==    by 0x432435: VehicleDataFrameParser::WriteDB(VehicleDataFrame&, int) (vehicle_data_frame_parser.cc:1150)
==29977==  If you believe this happened as a result of a stack
==29977==  overflow in your program's main thread (unlikely but
==29977==  possible), you can try to increase the size of the
==29977==  main thread stack using the --main-stacksize= flag.
==29977==  The main thread stack size used in this run was 8388608.
[18 Nov 2016 11:51] Chiranjeevi Battula
Hello  Liu Tachiang,

Thank you for your feedback.
I could not repeat this issue at my end with the provided information. 
If you can provide more information, feel free to add it to this bug and change the status back to 'Open'.

Thank you for your interest in MySQL.

Thanks,
Chiranjeevi.