MariaDB

Query_cache::resize() frees memory containing active locks

Bug #782223 reported by Vladislav Vaintroub
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
MariaDB
Fix Released
Medium
Vladislav Vaintroub
MariaDB 5.2

Bug Description

Found when investigating Windows application verifier errors (application verifier is sort-of valgrind).

The callstack leading of "free" containing critical section is:
mysqld!free
  my_no_flags_free
  Query_cache::free_cache
  Query_cache::resize
  fix_query_cache_size
  set_var::update
  sql_set_variables
  mysql_execute_command
  mysql_parse

The callstack of critical section allocation is :
  pthread_cond_init
  my_rwlock_init
  Query_cache_query::init_n_lock
  Query_cache::store_query
  execute_sqlcom_select
  mysql_execute_command
  mysql_parse

Why freeing a heap block containing active critical section is bad
 - in the best case (the critical section is unlocked) it may lead to resource leakage, e.g underlying Windows event objects will be leaked.
- in the worst case (critical section is locked) it could lead to random hangs when the freed memory is again reused for another critical section

Revision history for this message
Vladislav Vaintroub (wlad-montyprogram) wrote :

Release in 5.2.7

Changed in maria:
assignee: nobody → Vladislav Vaintroub (wlad-montyprogram)
importance: Undecided → Medium
status: New → Fix Released
milestone: none → 5.2
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.