Details
-
Bug
-
Status: Open (View Workflow)
-
Minor
-
Resolution: Unresolved
-
10.2, 10.3, 10.4
-
None
-
None
Description
./mtr main.set_statement_notembedded_binlog --cursor-protocol |
10.2 9cba6c5aa3b15fffc0ca1 |
main.set_statement_notembedded_binlog [ fail ]
|
|
mysqltest: At line 21: query 'show binlog events limit 5,5' failed: 2014: Commands out of sync; you can't run this command now
|
|
The result from queries just before the failure was:
|
drop table if exists t1;
|
drop view if exists t1;
|
#
|
# MDEV-6948: SET STATEMENT gtid_domain_id = ... FOR has no effect
|
# (same for gtid_seq_no and server_id)
|
#
|
reset master;
|
create table t1 (i int);
|
set gtid_domain_id = 10;
|
insert into t1 values (1),(2);
|
set statement gtid_domain_id = 20 for insert into t1 values (3),(4);
|
show binlog events limit 5,5;
|
=================================================================
|
==18818==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x625000009900 at pc 0x00000045141c bp 0x7ffca630d5e0 sp 0x7ffca630d5d0
|
READ of size 1 at 0x625000009900 thread T0
|
#0 0x45141b in net_field_length /10.2/libmariadb/libmariadb/mariadb_lib.c:287
|
#1 0x45d4af in ma_read_ok_packet /10.2/libmariadb/libmariadb/mariadb_lib.c:2037
|
#2 0x45e55d in mthd_my_read_query_result /10.2/libmariadb/libmariadb/mariadb_lib.c:2146
|
#3 0x469a8e in mysql_next_result /10.2/libmariadb/libmariadb/mariadb_lib.c:3403
|
#4 0x488a92 in mysql_stmt_next_result /10.2/libmariadb/libmariadb/mariadb_stmt.c:2344
|
#5 0x4874d3 in mysql_stmt_internal_reset /10.2/libmariadb/libmariadb/mariadb_stmt.c:2184
|
#6 0x47e1ad in mysql_stmt_close /10.2/libmariadb/libmariadb/mariadb_stmt.c:1391
|
#7 0x41c34e in wrap_mysql_stmt_close(st_mysql_stmt*) /10.2/client/../tests/nonblock-wrappers.h:369
|
#8 0x41f2d9 in close_connections() /10.2/client/mysqltest.cc:1452
|
#9 0x41fabf in free_used_memory() /10.2/client/mysqltest.cc:1505
|
#10 0x41ff36 in cleanup_and_exit /10.2/client/mysqltest.cc:1546
|
#11 0x420576 in really_die(char const*) /10.2/client/mysqltest.cc:1657
|
#12 0x42077c in report_or_die(char const*, ...) /10.2/client/mysqltest.cc:1679
|
#13 0x43f0f2 in handle_error(st_command*, unsigned int, char const*, char const*, st_dynamic_string*) /10.2/client/mysqltest.cc:8159
|
#14 0x43fe73 in run_query_stmt(st_connection*, st_command*, char*, int, st_dynamic_string*, st_dynamic_string*) /10.2/client/mysqltest.cc:8349
|
#15 0x441399 in run_query(st_connection*, st_command*, int) /10.2/client/mysqltest.cc:8750
|
#16 0x44491a in main /10.2/client/mysqltest.cc:9579
|
#17 0x7fa84f30e82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
|
#18 0x419b48 in _start (/10.2/client/mysqltest+0x419b48)
|
|
0x625000009900 is located 0 bytes to the right of 8192-byte region [0x625000007900,0x625000009900)
|
allocated by thread T0 here:
|
#0 0x7fa85095c602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
|
#1 0x4cce37 in ma_net_init /10.2/libmariadb/libmariadb/ma_net.c:83
|
#2 0x457b5f in mthd_my_real_connect /10.2/libmariadb/libmariadb/mariadb_lib.c:1348
|
#3 0x456ddd in mysql_real_connect /10.2/libmariadb/libmariadb/mariadb_lib.c:1203
|
#4 0x41a016 in wrap_mysql_real_connect(st_mysql*, char const*, char const*, char const*, char const*, unsigned int, char const*, unsigned long) /10.2/client/../tests/nonblock-wrappers.h:165
|
#5 0x434d20 in safe_connect(st_mysql*, char const*, char const*, char const*, char const*, char const*, int, char const*) /10.2/client/mysqltest.cc:5706
|
#6 0x443aac in main /10.2/client/mysqltest.cc:9340
|
#7 0x7fa84f30e82f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
|
|
SUMMARY: AddressSanitizer: heap-buffer-overflow /10.2/libmariadb/libmariadb/mariadb_lib.c:287 net_field_length
|
Shadow bytes around the buggy address:
|
0x0c4a7fff92d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
0x0c4a7fff92e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
0x0c4a7fff92f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
0x0c4a7fff9300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
0x0c4a7fff9310: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
|
=>0x0c4a7fff9320:[fa]fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c4a7fff9330: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c4a7fff9340: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c4a7fff9350: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c4a7fff9360: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
0x0c4a7fff9370: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
|
Shadow byte legend (one shadow byte represents 8 application bytes):
|
Addressable: 00
|
Partially addressable: 01 02 03 04 05 06 07
|
Heap left redzone: fa
|
Heap right redzone: fb
|
Freed heap region: fd
|
Stack left redzone: f1
|
Stack mid redzone: f2
|
Stack right redzone: f3
|
Stack partial redzone: f4
|
Stack after return: f5
|
Stack use after scope: f8
|
Global redzone: f9
|
Global init order: f6
|
Poisoned by user: f7
|
Container overflow: fc
|
Array cookie: ac
|
Intra object redzone: bb
|
ASan internal: fe
|
==18818==ABORTING
|