[#MDEV-3984] crash/read of freed memory when changing master with named connection

[MDEV-3984] crash/read of freed memory when changing master with named connection Created: 2012-12-27 Updated: 2013-01-30 Resolved: 2013-01-30
Status:	Closed
Project:	MariaDB Server
Component/s:	None
Affects Version/s:	10.0.0
Fix Version/s:	10.0.2

Type:

Bug

Priority:

Critical

Reporter:

sbester1

Assignee:

Kristian Nielsen

Resolution:

Fixed

Votes:

Labels:

None

Environment:

On Linux, produced valgrind warnings.
On Windows mysqld.exe segfaulted.

Description

How to repeat:
----------------
change master 'abc' to relay_log_file='';

Description:
---------------------
Linux, valgrind output:

Invalid read of size 8
at: mysql_execute_command (sql_parse.cc:2589)
by: mysql_parse (sql_parse.cc:6056)
by: dispatch_command (sql_parse.cc:1216)
by: do_command (sql_parse.cc:945)
by: do_handle_one_connection (sql_connect.cc:1254)
by: handle_one_connection (sql_connect.cc:1168)
by: start_thread (pthread_create.c:309)
by: clone (clone.S:115)
Address 0x15b2dae0 is 0 bytes inside a block of size 16,216 free'd
at: operator delete (vg_replace_malloc.c:480)
by: free_key_master_info (rpl_mi.cc:635)
by: my_hash_delete (hash.c:604)
by: Master_info_index::remove_master_info (rpl_mi.cc:1049)
by: mysql_execute_command (sql_parse.cc:2588)
by: mysql_parse (sql_parse.cc:6056)
by: dispatch_command (sql_parse.cc:1216)
by: do_command (sql_parse.cc:945)
by: do_handle_one_connection (sql_connect.cc:1254)
by: handle_one_connection (sql_connect.cc:1168)
by: start_thread (pthread_create.c:309)
by: clone (clone.S:115)

Windows, call stack:
mysqld.exe!mysql_execute_command()[sql_parse.cc:2592]
mysqld.exe!mysql_parse()[sql_parse.cc:6061]
mysqld.exe!dispatch_command()[sql_parse.cc:1219]
mysqld.exe!do_command()[sql_parse.cc:951]
mysqld.exe!threadpool_process_request()[threadpool_common.cc:225]
mysqld.exe!io_completion_callback()[threadpool_win.cc:568]

Comments

Comment by Sergei Golubchik [ 2012-12-27 ]

Elena, is that applicable to 5.x too?

Comment by Elena Stepanova [ 2012-12-27 ]

No, not applicable to 5.5, named connections came with multi-source replication.
(And there is no crash with "change master to", without a name).
Assigned to Monty for now, please re-assign if needed.

Comment by Kristian Nielsen [ 2013-01-30 ]

Verified as described

Comment by Kristian Nielsen [ 2013-01-30 ]

Fixed and pushed to 10.0-base.
Will be fixed in 10.0 after next merge of 10.0-base to 10.0.

Generated at Thu Feb 08 06:52:50 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[MDEV-3984] crash/read of freed memory when changing master with named connection Created: 2012-12-27 Updated: 2013-01-30 Resolved: 2013-01-30