Bug #2674 | Crash if return system variable in stored procedures | ||
---|---|---|---|
Submitted: | 8 Feb 2004 10:44 | Modified: | 17 Mar 2004 3:49 |
Reporter: | Peter Gulutzan | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Server | Severity: | S3 (Non-critical) |
Version: | 5.0.0-alpha-debug | OS: | Linux (SuSE 8.2/ Win XP) |
Assigned to: | Bugs System | CPU Architecture: | Any |
[8 Feb 2004 10:44]
Peter Gulutzan
[8 Feb 2004 13:38]
MySQL Verification Team
Thank you for the bug report I was able to repeat also on Windows. Back trace: > mysqld.exe!Field::is_null(unsigned int row_offset=0) Line 136 + 0xc C++ mysqld.exe!Item_field::val() Line 381 + 0xd C++ mysqld.exe!Item_func_sp::val() Line 1118 C++ mysqld.exe!Item_func_sp::val_int() Line 1108 + 0x8 C++ mysqld.exe!Item::send(Protocol * protocol=0x02cf00e8, String * buffer=0x047dec78) Line 1396 + 0x11 C++ mysqld.exe!select_send::send_data(List<Item> & items={...}) Line 643 + 0x19 C++ mysqld.exe!JOIN::exec() Line 1096 + 0x96 C++ mysqld.exe!mysql_select(THD * thd=0x02cef898, Item * * * rref_pointer_array=0x02cefaa0, st_table_list * tables=0x00000000, unsigned int wild_num=0, List<Item> & fields={...}, Item * conds=0x00000000, unsigned int og_num=0, st_order * order=0x00000000, st_order * group=0x00000000, Item * having=0x00000000, st_order * proc_param=0x00000000, unsigned long select_options=8669696, select_result * result=0x02cf20d0, st_select_lex_unit * unit=0x02cef8bc, st_select_lex * select_lex=0x02cef9a8) Line 1618 C++ mysqld.exe!handle_select(THD * thd=0x02cef898, st_lex * lex=0x02cef8b0, select_result * result=0x02cf20d0) Line 194 + 0x89 C++ mysqld.exe!mysql_execute_command(THD * thd=0x02cef898) Line 1917 + 0x11 C++ mysqld.exe!mysql_parse(THD * thd=0x02cef898, char * inBuf=0x02cf1f20, unsigned int length=12) Line 4149 + 0x9 C++ mysqld.exe!dispatch_command(enum_server_command command=COM_QUERY, THD * thd=0x02cef898, char * packet=0x02cf3f69, unsigned int packet_length=13) Line 1396 + 0x1d C++ mysqld.exe!do_command(THD * thd=0x02cef898) Line 1226 + 0x31 C++ mysqld.exe!handle_one_connection(void * arg=0x02cef898) Line 991 + 0x9 C++ mysqld.exe!pthread_start(void * param=0x00e6ffe8) Line 63 + 0x7 C mysqld.exe!_threadstart(void * ptd=0x02cec748) Line 173 + 0xd C kernel32.dll!77e6d33b()
[16 Mar 2004 8:35]
Per-Erik Martin
It seems refering to a system variable in an expression requires the '@@' prefix (in the 4.1 parser already), so the given example crashes due to another bug: BUG#2653: Undeclared variables not detected in stored procedures. However, changing the example to use @@sort_buffer_size instead still crashes the server (but in a completely different part of the code)...
[17 Mar 2004 3:49]
Per-Erik Martin
Thank you for your bug report. This issue has been committed to our source repository of that product and will be incorporated into the next release. If necessary, you can access the source repository and build the latest available version, including the bugfix, yourself. More information about accessing the source trees is available at http://www.mysql.com/doc/en/Installing_source_tree.html Additional info: The testcase is: create function bug2674 () returns int return @@sort_buffer_size; select bug2674();