[MDEV-4518] Server crashes in is_white_space when it's run with query cache, charset ucs2 and collation ucs2_unicode_cii Created: 2013-05-14  Updated: 2013-05-17  Resolved: 2013-05-17

Status: Closed
Project: MariaDB Server
Component/s: None
Affects Version/s: 10.0.2, 5.5.31
Fix Version/s: 10.0.3, 5.5.31

Type: Bug Priority: Minor
Reporter: Elena Stepanova Assignee: Alexander Barkov
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Relates

 Description    

#3  <signal handler called>
 
#4  0x00000000005d3490 in is_white_space (c=32 ' ') at /home/elenst/bzr/5.5/sql/sql_cache.cc:441
 
#5  0x00000000005c6920 in has_no_cache_directive (sql=0x7f6f9c006dbe " @@version_comment limit 1") at /home/elenst/bzr/5.5/sql/sql_cache.cc:773
 
#6  0x00000000005c8fc5 in Query_cache::send_result_to_client (this=0x14fd520, thd=0x3568550, org_sql=0x7f6f9c006db8 "select @@version_comment limit 1", query_length=32) at /home/elenst/bzr/5.5/sql/sql_cache.cc:1774
 
#7  0x000000000061caec in mysql_parse (thd=0x3568550, rawbuf=0x7f6f9c006db8 "select @@version_comment limit 1", length=32, parser_state=0x7f6fcffbe540) at /home/elenst/bzr/5.5/sql/sql_parse.cc:5711
 
#8  0x000000000061034e in dispatch_command (command=COM_QUERY, thd=0x3568550, packet=0x36095c1 "select @@version_comment limit 1", packet_length=32) at /home/elenst/bzr/5.5/sql/sql_parse.cc:1068
 
#9  0x000000000060f58f in do_command (thd=0x3568550) at /home/elenst/bzr/5.5/sql/sql_parse.cc:794
 
#10 0x000000000071b1b7 in do_handle_one_connection (thd_arg=0x3568550) at /home/elenst/bzr/5.5/sql/sql_connect.cc:1266
 
#11 0x000000000071ab9e in handle_one_connection (arg=0x3568550) at /home/elenst/bzr/5.5/sql/sql_connect.cc:1181
 
#12 0x00007f6feb591e9a in start_thread (arg=0x7f6fcffbf700) at pthread_create.c:308
 
#13 0x00007f6fea885cbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112

To reproduce, start server with 

--query-cache-size=1048576 --collation-server=ucs2_unicode_ci --character-set-server=ucs2

and try to connect to it with a client (or execute some SELECT, e.g. the same select @@version_comment limit 1 as above).

bzr version-info

revision-id: monty@askmonty.org-20130512082916-vjlzg3tjtlbvnowy
 
revno: 3759
 
branch-nick: 5.5
 

771:static bool has_no_cache_directive(const char *sql)
 
772:{
 
773:  while (is_white_space(*sql))
 
774:    sql++;
 
775:    
776:  if (my_toupper(system_charset_info, sql[0])  == 'S' &&
 
777:      my_toupper(system_charset_info, sql[1])  == 'Q' &&
 
...



 Comments   
Comment by Elena Stepanova [ 2013-05-14 ]

Same with --character-set-server=utf16

Comment by Alexander Barkov [ 2013-05-15 ]

The problem is reproducible with this SELECT query:

CREATE TABLE t1 (a INT);
INSERT INTO t1 VALUES (1),(2),(3),(4);
SELECT * FROM t1;
DROP TABLE t1;

Comment by Alexander Barkov [ 2013-05-15 ]

Patch sent to Sanja for review.

Comment by Alexander Barkov [ 2013-05-15 ]

Please review. Patch sent by email.

Comment by Alexander Barkov [ 2013-05-17 ]

Fixed in 5.5.31

Generated at Thu Feb 08 06:57:03 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.