Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-4326

Server crashes in append_query_string on 2nd execution of a PS with string in LIMIT via API

    Details

      Description

      #3  <signal handler called>
      #4  0x000000000077c664 in append_query_string (thd=0x32e7d88, csinfo=0x1, from=0x7f3c80021d70, to=0x7f3cff0cc660) at log_event.cc:602
      #5  0x00000000005a5233 in Item_param::query_val_str (this=0x7f3c80021d60, thd=0x32e7d88, str=0x7f3cff0cc660) at item.cc:3156
      #6  0x00000000007389e7 in insert_params_with_log (stmt=0x7f3c8001d7b8, null_array=0x3364682 "", read_pos=0x3364686 "", data_end=0x3364686 "", query=0x7f3cff0cc7b0) at sql_prepare.cc:807
      #7  0x000000000073dce5 in Prepared_statement::set_parameters (this=0x7f3c8001d7b8, expanded_query=0x7f3cff0cc7b0, packet=0x3364684 "\001\061", packet_end=0x3364686 "") at sql_prepare.cc:3250
      #8  0x000000000073ddc3 in Prepared_statement::execute_loop (this=0x7f3c8001d7b8, expanded_query=0x7f3cff0cc7b0, open_cursor=false, packet=0x3364682 "", packet_end=0x3364686 "") at sql_prepare.cc:3316
      #9  0x000000000073c0da in mysqld_stmt_execute (thd=0x32e7d88, packet_arg=0x3364679 "\002", packet_length=13) at sql_prepare.cc:2519
      #10 0x0000000000688dcf in dispatch_command (command=COM_STMT_EXECUTE, thd=0x32e7d88, packet=0x3364679 "\002", packet_length=13) at sql_parse.cc:1249
      #11 0x0000000000687edc in do_command (thd=0x32e7d88) at sql_parse.cc:906
      #12 0x0000000000684e73 in handle_one_connection (arg=0x32e7d88) at sql_connect.cc:1238
      #13 0x00007f3cfe426e9a in start_thread (arg=0x7f3cff0cd700) at pthread_create.c:308

      Stack trace from:

      revision-id: sergii@pisem.net-20130320202051-m8qdk6zvcci9vr5s
      revno: 3194
      branch-nick: 5.1

      Also reproducible on all of current MariaDB 5.1-10.0, MySQL 5.1-5.6.

      Test case:

      <?php
       
      // Suppressing warning:
      // PHP Warning: mysqli::mysqli(): Headers and client library minor version mismatch. Headers:50167 Library:50307
      $mysqli = @new mysqli( "127.0.0.1", "root", "", "mysql");
      if ($mysqli->connect_errno) {
      echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error;
      }
      $result = mysqli_query( $mysqli, "SELECT VERSION()" );
      print_r( mysqli_fetch_row( $result ) );
       
      mysqli_query( $mysqli, "SET GLOBAL general_log = 1");
      $result = mysqli_query( $mysqli, "SHOW GLOBAL VARIABLES LIKE 'general_log'" );
      print_r( mysqli_fetch_row( $result ) );
       
       
      if (!($stmti = $mysqli->prepare("SELECT * FROM mysql.user LIMIT ?"))) {
      echo "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
      }
       
      $int = 1;
      if (!$stmti->bind_param("i", $int)) {
      echo "Binding parameters failed: (" . $stmti->errno . ") " . $stmti->error;
      }
       
      if (!$stmti->execute()) {
      echo "Execute failed: (" . $stmti->errno . ") " . $stmti->error;
      } else {
      echo "Int Success\n";
      }
       
      if (!$stmti->execute()) {
      echo "Execute failed: (" . $stmti->errno . ") " . $stmti->error;
      } else {
      echo "Int Success\n";
      }
       
      $stmti->free_result();
      $stmti->close();
       
      if (!($stmts = $mysqli->prepare("SELECT * FROM mysql.user LIMIT ?"))) {
      echo "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error;
      }
       
      $str = '1';
      if (!$stmts->bind_param("s", $str)) {
      echo "Binding parameters failed: (" . $stmts->errno . ") " . $stmts->error;
      }
       
      if (!$stmts->execute()) {
      echo "Execute failed: (" . $stmts->errno . ") " . $stmts->error;
      } else {
      echo "Str Success\n";
      }
       
      if (!$stmts->execute()) {
      echo "Execute failed: (" . $stmts->errno . ") " . $stmts->error;
      } else {
      echo "Str Success\n";
      }
       
      $stmts->free_result();
      $stmts->close();
      ?>

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                sanja Oleksandr Byelkin
                Reporter:
                elenst Elena Stepanova
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: