Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-16789

Server crash in insert_fields or unexpected ER_NO_TABLES_USED upon 2nd execution of SP

    XMLWordPrintable

Details

    • Bug
    • Status: Open (View Workflow)
    • Major
    • Resolution: Unresolved
    • 10.1(EOL), 10.2(EOL), 10.3(EOL)
    • 10.4(EOL)
    • Stored routines
    • None

    Description

      CREATE TABLE t1 (a INT);
      CREATE TABLE t2 (b INT);
      CREATE PROCEDURE p() SELECT * FROM t1 JOIN t2 USING (a);
      --error ER_BAD_FIELD_ERROR
      CALL p;
      --error ER_BAD_FIELD_ERROR
      CALL p;
       
      # Cleanup
      DROP PROCEDURE p;
      DROP TABLE t1, t2;
      

      10.1 debug 4d06b7e1bd

      #3  <signal handler called>
      #4  0x000055e23d9415cd in insert_fields (thd=0x7faa874d5070, context=0x7faa859a78a0, db_name=0x0, table_name=0x0, it=0x7faa90823320, any_privileges=false) at /data/src/10.1/sql/sql_base.cc:8320
      #5  0x000055e23d94024d in setup_wild (thd=0x7faa874d5070, tables=0x7faa859aedf8, fields=..., sum_func_list=0x7faa85953588, wild_num=1) at /data/src/10.1/sql/sql_base.cc:7831
      #6  0x000055e23d9d942d in JOIN::prepare (this=0x7faa85953218, rref_pointer_array=0x7faa859a7af8, tables_init=0x7faa859aedf8, wild_num=1, conds_init=0x0, og_num=0, order_init=0x0, skip_order_by=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x7faa859a7850, unit_arg=0x7faa859a7150) at /data/src/10.1/sql/sql_select.cc:804
      #7  0x000055e23d9e2d9b in mysql_select (thd=0x7faa874d5070, rref_pointer_array=0x7faa859a7af8, tables=0x7faa859aedf8, wild_num=1, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147749632, result=0x7faa859531f8, unit=0x7faa859a7150, select_lex=0x7faa859a7850) at /data/src/10.1/sql/sql_select.cc:3462
      #8  0x000055e23d9d86e0 in handle_select (thd=0x7faa874d5070, lex=0x7faa859a7088, result=0x7faa859531f8, setup_tables_done_option=0) at /data/src/10.1/sql/sql_select.cc:388
      #9  0x000055e23d9a80f1 in execute_sqlcom_select (thd=0x7faa874d5070, all_tables=0x7faa859aedf8) at /data/src/10.1/sql/sql_parse.cc:5944
      #10 0x000055e23d99e584 in mysql_execute_command (thd=0x7faa874d5070) at /data/src/10.1/sql/sql_parse.cc:2990
      #11 0x000055e23dd320be in sp_instr_stmt::exec_core (this=0x7faa859afac0, thd=0x7faa874d5070, nextp=0x7faa90824614) at /data/src/10.1/sql/sp_head.cc:3218
      #12 0x000055e23dd317b0 in sp_lex_keeper::reset_lex_and_exec_core (this=0x7faa859afb00, thd=0x7faa874d5070, nextp=0x7faa90824614, open_tables=false, instr=0x7faa859afac0) at /data/src/10.1/sql/sp_head.cc:2984
      #13 0x000055e23dd31d84 in sp_instr_stmt::execute (this=0x7faa859afac0, thd=0x7faa874d5070, nextp=0x7faa90824614) at /data/src/10.1/sql/sp_head.cc:3134
      #14 0x000055e23dd2d5f6 in sp_head::execute (this=0x7faa859ae088, thd=0x7faa874d5070, merge_da_on_success=true) at /data/src/10.1/sql/sp_head.cc:1315
      #15 0x000055e23dd2f490 in sp_head::execute_procedure (this=0x7faa859ae088, thd=0x7faa874d5070, args=0x7faa874d9838) at /data/src/10.1/sql/sp_head.cc:2102
      #16 0x000055e23d99cbb6 in do_execute_sp (thd=0x7faa874d5070, sp=0x7faa859ae088) at /data/src/10.1/sql/sql_parse.cc:2422
      #17 0x000055e23d9a5d69 in mysql_execute_command (thd=0x7faa874d5070) at /data/src/10.1/sql/sql_parse.cc:5296
      #18 0x000055e23d9abcc0 in mysql_parse (thd=0x7faa874d5070, rawbuf=0x7faa85843088 "CALL p", length=6, parser_state=0x7faa908255e0) at /data/src/10.1/sql/sql_parse.cc:7460
      #19 0x000055e23d99a655 in dispatch_command (command=COM_QUERY, thd=0x7faa874d5070, packet=0x7faa89ff9071 "CALL p", packet_length=6) at /data/src/10.1/sql/sql_parse.cc:1492
      #20 0x000055e23d9993da in do_command (thd=0x7faa874d5070) at /data/src/10.1/sql/sql_parse.cc:1121
      #21 0x000055e23dad348d in do_handle_one_connection (thd_arg=0x7faa874d5070) at /data/src/10.1/sql/sql_connect.cc:1330
      #22 0x000055e23dad31f1 in handle_one_connection (arg=0x7faa874d5070) at /data/src/10.1/sql/sql_connect.cc:1242
      #23 0x000055e23de90868 in pfs_spawn_thread (arg=0x7faa8dc39ef0) at /data/src/10.1/storage/perfschema/pfs.cc:1861
      #24 0x00007faa904a5494 in start_thread (arg=0x7faa90826b00) at pthread_create.c:333
      #25 0x00007faa8e85e93f in clone () from /lib/x86_64-linux-gnu/libc.so.6
      

      10.1 ASAN 4d06b7e1bd

      ==21846==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x55c88a10f24b sp 0x7fc83f5ed5f0 bp 0x000000000000 T6)
          #0 0x55c88a10f24a in insert_fields(THD*, Name_resolution_context*, char const*, char const*, List_iterator<Item>*, bool) /data/src/10.1/sql/sql_base.cc:8320
          #1 0x55c88a110938 in setup_wild(THD*, TABLE_LIST*, List<Item>&, List<Item>*, unsigned int) /data/src/10.1/sql/sql_base.cc:7831
          #2 0x55c88a2d3371 in JOIN::prepare(Item***, TABLE_LIST*, unsigned int, Item*, unsigned int, st_order*, bool, st_order*, Item*, st_order*, st_select_lex*, st_select_lex_unit*) /data/src/10.1/sql/sql_select.cc:804
          #3 0x55c88a30272d in mysql_select(THD*, Item***, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.1/sql/sql_select.cc:3462
          #4 0x55c88a3030a9 in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.1/sql/sql_select.cc:388
          #5 0x55c88a1d26cd in execute_sqlcom_select /data/src/10.1/sql/sql_parse.cc:5944
          #6 0x55c88a1ec8dd in mysql_execute_command(THD*) /data/src/10.1/sql/sql_parse.cc:2990
          #7 0x55c88aa7f60b in sp_instr_stmt::exec_core(THD*, unsigned int*) /data/src/10.1/sql/sp_head.cc:3218
          #8 0x55c88aa96fd0 in sp_lex_keeper::reset_lex_and_exec_core(THD*, unsigned int*, bool, sp_instr*) /data/src/10.1/sql/sp_head.cc:2984
          #9 0x55c88aa97d9a in sp_instr_stmt::execute(THD*, unsigned int*) /data/src/10.1/sql/sp_head.cc:3134
          #10 0x55c88aa8904f in sp_head::execute(THD*, bool) /data/src/10.1/sql/sp_head.cc:1315
          #11 0x55c88aa8d17b in sp_head::execute_procedure(THD*, List<Item>*) /data/src/10.1/sql/sp_head.cc:2102
          #12 0x55c88a1d2b61 in do_execute_sp /data/src/10.1/sql/sql_parse.cc:2422
          #13 0x55c88a1feb18 in mysql_execute_command(THD*) /data/src/10.1/sql/sql_parse.cc:5296
          #14 0x55c88a204a1c in mysql_parse(THD*, char*, unsigned int, Parser_state*) /data/src/10.1/sql/sql_parse.cc:7460
          #15 0x55c88a20b76f in dispatch_command(enum_server_command, THD*, char*, unsigned int) /data/src/10.1/sql/sql_parse.cc:1492
          #16 0x55c88a211e4b in do_command(THD*) /data/src/10.1/sql/sql_parse.cc:1121
          #17 0x55c88a4b7e22 in do_handle_one_connection(THD*) /data/src/10.1/sql/sql_connect.cc:1330
          #18 0x55c88a4b8333 in handle_one_connection /data/src/10.1/sql/sql_connect.cc:1242
          #19 0x55c88ad881e2 in pfs_spawn_thread /data/src/10.1/storage/perfschema/pfs.cc:1861
          #20 0x7fc84bd46493 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7493)
          #21 0x7fc84a0ff93e in __clone (/lib/x86_64-linux-gnu/libc.so.6+0xe893e)
       
      AddressSanitizer can not provide additional info.
      SUMMARY: AddressSanitizer: SEGV /data/src/10.1/sql/sql_base.cc:8320 insert_fields(THD*, Name_resolution_context*, char const*, char const*, List_iterator<Item>*, bool)
      Thread T6 created by T0 here:
          #0 0x7fc84bf7fbba in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x23bba)
          #1 0x55c88ad93a39 in spawn_thread_v1 /data/src/10.1/storage/perfschema/pfs.cc:1911
       
      ==21846==ABORTING
      

      10.1 non-debug 4d06b7e1bd

      mysqltest: At line 7: query 'CALL p' failed with wrong errno 1096: 'No tables used', instead of 1054...
      

      Reproducible with at least MyISAM and InnoDB.
      Not reproducible on 10.0.

      Attachments

        Issue Links

          Activity

            People

              shulga Dmitry Shulga
              elenst Elena Stepanova
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.