[redland-dev] Redland MySQL double free()

Christopher Schmidt crschmidt at crschmidt.net
Sun Dec 19 13:38:32 PST 2004 

On Sun, Dec 19, 2004 at 09:52:07PM +0100, Morten Frederiksen wrote:
> Hi,
> 
> On Sunday 19 December 2004 21:16, Christopher Schmidt wrote:
> > #7  0x401ff6bf in free () from /lib/libc.so.6
> > #8  0x406c91d2 in my_no_flags_free () from /usr/lib/libmysqlclient.so.12
> > #9  0x406c35ba in mysql_free_result () from
> > /usr/lib/libmysqlclient.so.12
> > #10 0x4035b167 in
> > librdf_storage_mysql_find_statements_in_context_finished
> > (context=0x80bbd08) at rdf_storage_mysql.c:1736
> > #11 0x4034f87c in librdf_free_stream (stream=0x80bc208) at
> > rdf_stream.c:118
> > #12 0x40352c37 in rasqal_redland_finish_triples_match (rtm=0x0,
> > user_data=0x80bbff0) at rdf_query_rasqal.c:399
> > #13 0x407482b6 in rasqal_free_triples_match (rtm=0x80a6870) at
> > rasqal_engine.c:376
> I just went through the relevant code in rdf_storage_mysql.c and I couldn't 
> find anything wrong.
> 
> However, if the function 
> librdf_storage_mysql_find_statements_in_context_finished is called once too 
> many, it might lead to the described result, since mysql_free_result doesn't 
> nullify a released result set pointer.
> 
> So, you may want to check that out by putting a "sos->results=0;" line after 
> the one with "mysql_free_result(sos->results);", it might just help (and 
> certainly wont do any harm).

This turns it into:

#7  0x401ff6bf in free () from /lib/libc.so.6
#8  0x40341d1c in librdf_free_statement (statement=0x75fb)
    at rdf_statement.c:249
#9  0x4035a3a4 in 
librdf_storage_mysql_find_statements_in_context_finished (
    context=0x80b8058) at rdf_storage_mysql.c:1749
#10 0x4034f518 in librdf_free_stream (stream=0x80b8440) at 
rdf_stream.c:123
#11 0x403528db in rasqal_redland_finish_triples_match (rtm=0x0, 
    user_data=0x80b7e30) at rdf_query_rasqal.c:407
#12 0x4082a2e6 in rasqal_free_triples_match (rtm=0x80b7ab8)
    at rasqal_engine.c:460

(matching the part of the output that you were looking at).

This is with Rasqal 0.9.4

-- 
Christopher Schmidt

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.gnomehack.com/pipermail/redland-dev/attachments/20041219/25afecf8/attachment.pgp

More information about the redland-dev mailing list