[CONC-71] mysql_real_query crashes in revision 113 - Jira

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
None
Environment:
revision 113

Description

1)Connect to a mysql server after setting following options
mysql_options(mysql, MYSQL_OPT_RECONNECT,(const char *)"true");
mysql_options(mysql, MYSQL_SET_CHARSET_NAME, "utf8");
mysql_options(mysql, MYSQL_OPT_COMPRESS, 0);
mysql_options(mysql, MYSQL_INIT_COMMAND, "/*!40101 SET SQL_MODE='' */");
mysql_options(mysql, MYSQL_INIT_COMMAND, "/*!40101 set @@session.wait_timeout=28800 */");
2) after successful connection stop the server
3) execute mysql_real_query.

Here is a sample stack trace :

_heap_alloc_base(unsigned int size) Line 55 C
_heap_alloc_dbg_impl(unsigned int nSize, int nBlockUse, const char * szFileName, int nLine, int * errno_tmp) Line 431 + 0x9 bytes C++
_nh_malloc_dbg_impl(unsigned int nSize, int nhFlag, int nBlockUse, const char * szFileName, int nLine, int * errno_tmp) Line 239 + 0x19 bytes C++
_nh_malloc_dbg(unsigned int nSize, int nhFlag, int nBlockUse, const char * szFileName, int nLine) Line 302 + 0x1d bytes C++
malloc(unsigned int nSize) Line 56 + 0x15 bytes C++
my_malloc(unsigned int Size, int MyFlags) Line 36 + 0x9 bytes C
alloc_root(st_mem_root * mem_root, unsigned int Size) Line 81 + 0xb bytes C
mthd_my_read_rows(st_mysql * mysql, st_mysql_field * mysql_fields, unsigned int fields) Line 1195 + 0x31 bytes C
mthd_my_read_query_result(st_mysql * mysql) Line 2274 + 0x18 bytes C
mysql_real_query(st_mysql * mysql, const char * query, unsigned long length) Line 2303 + 0x25 bytes C

Attachments

Activity

Ascending order - Click to sort in descending order

Sudhindra Bhat added a comment - 2014-01-29 10:23

in net.c

function : my_net_read
line number: 812 :

if ((packet_length = my_real_read(net,(size_t *)&complen)) == packet_error)
break;

line 827 :
len= current - start - 4;
line 830 :
if (len != packet_error)

Hence len is never equal to packet_error and this function returns 0xfffffffc even if my_real_read returns packet error.

in mthd_my_read_rows
line number 1188 :
while (*(cp=net->read_pos) != 254 || pkt_len >= 8)

This loop is always true since pkt_len is always 0xfffffffc and not packet_error because condition in line 1231 : " if ((pkt_len=net_safe_read(mysql)) == packet_error) " is never true.

Sudhindra Bhat added a comment - 2014-01-29 10:23 in net.c function : my_net_read line number: 812 : if ((packet_length = my_real_read(net,(size_t *)&complen)) == packet_error) break; line 827 : len= current - start - 4; line 830 : if (len != packet_error) Hence len is never equal to packet_error and this function returns 0xfffffffc even if my_real_read returns packet error. in mthd_my_read_rows line number 1188 : while (*(cp=net->read_pos) != 254 || pkt_len >= 8) This loop is always true since pkt_len is always 0xfffffffc and not packet_error because condition in line 1231 : " if ((pkt_len=net_safe_read(mysql)) == packet_error) " is never true.

Georg Richter added a comment - 2014-02-04 20:16

Fixed in revision 114

Georg Richter added a comment - 2014-02-04 20:16 Fixed in revision 114

People

Assignee:: Georg Richter

Reporter:: Sudhindra Bhat

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2014-01-28 18:55

Updated:: 2014-02-04 20:16

Resolved:: 2014-02-04 20:16

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.

MariaDB Connector/C