libdrizzle: Re-using a result struct without freeing causes infinite loop
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Drizzle |
Fix Released
|
High
|
Andrew Hutchings | ||
7.0 |
Fix Released
|
High
|
Andrew Hutchings |
Bug Description
From Brian:
Just another note, while looking at this I found that the client seemed to go into a loop of some sort at:
#0 drizzle_result_free (result=0x62f868) at libdrizzle/
#1 0x00007ffff7ddaeb5 in drizzle_
#2 0x00007ffff7dd5ec0 in drizzle_con_free (con=0x627248) at libdrizzle/
#3 0x0000000000406bfa in gearman_
#4 0x0000000000406998 in gearman_
#5 0x0000000000406c67 in gearmand_
Related branches
- Lee Bieber (community): Needs Fixing
-
Diff: 114 lines (+19/-3)4 files modifiedlibdrizzle/conn.c (+12/-0)
plugin/slave/queue_producer.cc (+4/-2)
plugin/transaction_log/utilities/transaction_log_connection.cc (+2/-1)
plugin/transaction_log/utilities/transaction_reader.cc (+1/-0)
I first attempted to fix this by having drizzle_query check if the result struct had a DRIZZLE_ RESULT_ NONE. But when using C++ the status can be random. So fixing by testing if the result pointer is in the list of result sets to be freed.