Bug #11535 mysql.exe crashes in any query when built from source
Submitted: 23 Jun 2005 20:32 Modified: 27 Jan 2006 6:10
Reporter: Guilhem Bichot Email Updates:
Status: Duplicate Impact on me:
None 
Category:MySQL Server: Command-line Clients Severity:S3 (Non-critical)
Version:5.0 OS:Windows (windows xp prof SP2)
Assigned to: Assigned Account CPU Architecture:Any

[23 Jun 2005 20:32] Guilhem Bichot
Description:
I build MySQL (Release and Debug) with MS VC++ 8.0 Express Edition Beta 2, using the Platform SDK, as explained here:
 http://lab.msdn.microsoft.com/express/visualc/usingpsdk/default.aspx
(except that I had to manually move bin/ include/ and lib/ from the Platform SDK dir to the VC dir).
It built with only few errors (libmysqld failed). mysqld.exe started ok. mysqldump.exe, mysqladmin.exe too. mysql.exe crashes as soon as I type a query and <Enter>; in the debugger one can see it's an assertion failure in an internal function called by _cgets. The assertion checks if one length argument is <= INT_MAX (2 billion). Possible reason: as linebuffer[0] is a char and is 254, if ever _cgets interprets it as char instead of unsigned char (MSDN says nothing about it), then 254 goes to -3, and if this -3 is cast to unsigned int further in internal calls, it gets greater than INT_MAX.
The crash is repeatable with Release and Debug versions I compiled.

How to repeat:
see description. You probably need to build with the Platform SDK I used, as other colleagues don't get the crash.

Suggested fix:
At least replacing linebuffer[254] by linebuffer[127] fixed the problem.
[25 Jun 2005 15:37] Jorge del Conde
Thanks Guilhem, I was able to reproduce this bug using 5.7 from bk & MSV8
[6 Sep 2005 19:15] Elliot Murphy
I think the fix for bug#12929 would probably fix this crash also.
http://lists.mysql.com/internals/29374
[7 Sep 2005 14:59] Guilhem Bichot
So I should check if I can repeat the crash with a fresh 5.0 tree built under my Windows environment. That will happen in several weeks I think.
[27 Jan 2006 6:10] Elliot Murphy
duplicate of bug#12929