[MDEV-16957] Server crashes in Field_iterator_natural_join::next upon 2nd execution of SP - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Critical
Resolution: Fixed
Affects Version/s: 5.5(EOL), 10.0(EOL), 10.1(EOL), 10.2(EOL), 10.3(EOL)
Fix Version/s: 5.5.62, 10.0.37, 10.1.36, 10.2.18, 10.3.10
Component/s: Stored routines
Labels:
- affects-tests

Description

CREATE TABLE t1 (a INT, b VARCHAR(32));

CREATE PROCEDURE sp() SELECT * FROM t1 AS t1x JOIN t1 AS t1y USING (c);

--error ER_BAD_FIELD_ERROR

CALL sp;

--error ER_BAD_FIELD_ERROR

CALL sp;

# Cleanup

DROP PROCEDURE sp;

DROP TABLE t1;

10.0 9dfef6e29b9
#3 <signal handler called>
#4 0x0000000000732b0c in Field_iterator_natural_join::next (this=0x7f94442b31e0) at /data/src/10.0/sql/table.cc:5371
#5 0x0000000000732f11 in Field_iterator_table_ref::next (this=0x7f94442b3190) at /data/src/10.0/sql/table.cc:5441
#6 0x00000000005f52f5 in mark_common_columns (thd=0x7f943c2a8070, table_ref_1=0x7f943a7b8190, table_ref_2=0x7f943a7b87c0, using_fields=0x7f943a7b8dc0, found_using_fields=0x7f94442b3364) at /data/src/10.0/sql/sql_base.cc:7178
#7 0x00000000005f5ffe in store_top_level_join_columns (thd=0x7f943c2a8070, table_ref=0x7f943a7b8e08, left_neighbor=0x0, right_neighbor=0x0) at /data/src/10.0/sql/sql_base.cc:7591
#8 0x00000000005f6309 in setup_natural_join_row_types (thd=0x7f943c2a8070, from_clause=0x7f943a758518, context=0x7f943a7583c0) at /data/src/10.0/sql/sql_base.cc:7713
#9 0x00000000005f74ae in setup_tables (thd=0x7f943c2a8070, context=0x7f943a7583c0, from_clause=0x7f943a758518, tables=0x7f943a7b8190, leaves=..., select_insert=false, full_table_list=false) at /data/src/10.0/sql/sql_base.cc:8114
#10 0x00000000005f7569 in setup_tables_and_check_access (thd=0x7f943c2a8070, context=0x7f943a7583c0, from_clause=0x7f943a758518, tables=0x7f943a7b8190, leaves=..., select_insert=false, want_access_first=1, want_access=1, full_table_list=false) at /data/src/10.0/sql/sql_base.cc:8158
#11 0x00000000006813f2 in JOIN::prepare (this=0x7f943a7f41e0, rref_pointer_array=0x7f943a758618, tables_init=0x7f943a7b8190, wild_num=1, conds_init=0x0, og_num=0, order_init=0x0, skip_order_by=false, group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x7f943a758370, unit_arg=0x7f943a757c80) at /data/src/10.0/sql/sql_select.cc:720
#12 0x000000000068a896 in mysql_select (thd=0x7f943c2a8070, rref_pointer_array=0x7f943a758618, tables=0x7f943a7b8190, wild_num=1, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147749632, result=0x7f943a7f41c0, unit=0x7f943a757c80, select_lex=0x7f943a758370) at /data/src/10.0/sql/sql_select.cc:3326
#13 0x00000000006809c0 in handle_select (thd=0x7f943c2a8070, lex=0x7f943a757bb8, result=0x7f943a7f41c0, setup_tables_done_option=0) at /data/src/10.0/sql/sql_select.cc:377
#14 0x0000000000654eb3 in execute_sqlcom_select (thd=0x7f943c2a8070, all_tables=0x7f943a7b8190) at /data/src/10.0/sql/sql_parse.cc:5301
#15 0x000000000064d409 in mysql_execute_command (thd=0x7f943c2a8070) at /data/src/10.0/sql/sql_parse.cc:2557
#16 0x000000000097f3fa in sp_instr_stmt::exec_core (this=0x7f943a7b9480, thd=0x7f943c2a8070, nextp=0x7f94442b4a68) at /data/src/10.0/sql/sp_head.cc:3210
#17 0x000000000097eb09 in sp_lex_keeper::reset_lex_and_exec_core (this=0x7f943a7b94c0, thd=0x7f943c2a8070, nextp=0x7f94442b4a68, open_tables=false, instr=0x7f943a7b9480) at /data/src/10.0/sql/sp_head.cc:2977
#18 0x000000000097f0c4 in sp_instr_stmt::execute (this=0x7f943a7b9480, thd=0x7f943c2a8070, nextp=0x7f94442b4a68) at /data/src/10.0/sql/sp_head.cc:3126
#19 0x000000000097ae95 in sp_head::execute (this=0x7f943a757088, thd=0x7f943c2a8070, merge_da_on_success=true) at /data/src/10.0/sql/sp_head.cc:1369
#20 0x000000000097cb49 in sp_head::execute_procedure (this=0x7f943a757088, thd=0x7f943c2a8070, args=0x7f943c2ac6c8) at /data/src/10.0/sql/sp_head.cc:2157
#21 0x0000000000653393 in mysql_execute_command (thd=0x7f943c2a8070) at /data/src/10.0/sql/sql_parse.cc:4727
#22 0x0000000000657d10 in mysql_parse (thd=0x7f943c2a8070, rawbuf=0x7f943a4fa088 "CALL sp", length=7, parser_state=0x7f94442b5640) at /data/src/10.0/sql/sql_parse.cc:6637
#23 0x000000000064a630 in dispatch_command (command=COM_QUERY, thd=0x7f943c2a8070, packet=0x7f943d7e5071 "CALL sp", packet_length=7) at /data/src/10.0/sql/sql_parse.cc:1300
#24 0x0000000000649930 in do_command (thd=0x7f943c2a8070) at /data/src/10.0/sql/sql_parse.cc:1003
#25 0x000000000076ac56 in do_handle_one_connection (thd_arg=0x7f943c2a8070) at /data/src/10.0/sql/sql_connect.cc:1377
#26 0x000000000076a9c8 in handle_one_connection (arg=0x7f943c2a8070) at /data/src/10.0/sql/sql_connect.cc:1292
#27 0x0000000000accd5a in pfs_spawn_thread (arg=0x7f943c1a25f0) at /data/src/10.0/storage/perfschema/pfs.cc:1861
#28 0x00007f9443f32494 in start_thread (arg=0x7f94442b6700) at pthread_create.c:333
#29 0x00007f94422eb93f in clone () from /lib/x86_64-linux-gnu/libc.so.6

Reproducible with at least MyISAM and InnoDB.

On some builds it causes effects described in MDEV-16789, and in general it's similar, only this crashes on all of 5.5-10.3.

Attachments

Issue Links

relates to

MDEV-24935 Server crashes in Field_iterator_natural_join::next or Field_iterator_table_ref::set_field_iterator upon 2nd execution of SP

In Progress

MDEV-16789 Server crash in insert_fields or unexpected ER_NO_TABLES_USED upon 2nd execution of SP

Open

Activity

People

Assignee:: Oleksandr Byelkin

Reporter:: Elena Stepanova

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2018-08-13 00:59

Updated:: 2021-02-21 15:45

Resolved:: 2018-08-31 15:25

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.