Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-17055

Server crashes in find_order_in_list upon 2nd (3rd) execution of SP with UPDATE

    XMLWordPrintable

    Details

      Description

      CREATE TABLE t1 (a INT);
      CREATE VIEW v1 AS SELECT * FROM t1;
      CREATE TABLE t2 (c INT);
       
      CREATE PROCEDURE sp() UPDATE v1 SET a = 1 ORDER BY a, b LIMIT 1;
      LOCK TABLE t2 READ;
      --error ER_TABLE_NOT_LOCKED
      CALL sp;
      UNLOCK TABLES;
      --error ER_BAD_FIELD_ERROR
      CALL sp;
      CALL sp;
       
      # Cleanup
      DROP PROCEDURE sp;
      DROP VIEW v1;
      DROP TABLE t1, t2;
      

      10.0 bcc677bb7

      #3  <signal handler called>
      #4  0x00000000006b6642 in find_order_in_list (thd=0x7f1af96a2070, ref_pointer_array=0x7f1af7f5dba8, tables=0x7f1af7f5c088, order=0x7f1af7f5c910, fields=..., all_fields=..., is_group_field=false, add_to_all_fields=true) at /data/src/10.0/sql/sql_select.cc:21526
      #5  0x00000000006b6bd9 in setup_order (thd=0x7f1af96a2070, ref_pointer_array=0x7f1af7f5dba8, tables=0x7f1af7f5c088, fields=..., all_fields=..., order=0x7f1af7f5c910) at /data/src/10.0/sql/sql_select.cc:21670
      #6  0x000000000071a413 in mysql_prepare_update (thd=0x7f1af96a2070, table_list=0x7f1af7f5c088, conds=0x7f1b017e68c8, order_num=2, order=0x7f1af7f5c910) at /data/src/10.0/sql/sql_update.cc:1099
      #7  0x0000000000718236 in mysql_update (thd=0x7f1af96a2070, table_list=0x7f1af7f5c088, fields=..., values=..., conds=0x0, order_num=2, order=0x7f1af7f5c910, limit=1, handle_duplicates=DUP_ERROR, ignore=false, found_return=0x7f1b017e7410, updated_return=0x7f1b017e7408) at /data/src/10.0/sql/sql_update.cc:329
      #8  0x000000000064f164 in mysql_execute_command (thd=0x7f1af96a2070) at /data/src/10.0/sql/sql_parse.cc:3315
      #9  0x000000000097f590 in sp_instr_stmt::exec_core (this=0x7f1af7f5cb58, thd=0x7f1af96a2070, nextp=0x7f1b017e7a68) at /data/src/10.0/sql/sp_head.cc:3210
      #10 0x000000000097ec9f in sp_lex_keeper::reset_lex_and_exec_core (this=0x7f1af7f5cb98, thd=0x7f1af96a2070, nextp=0x7f1b017e7a68, open_tables=false, instr=0x7f1af7f5cb58) at /data/src/10.0/sql/sp_head.cc:2977
      #11 0x000000000097f25a in sp_instr_stmt::execute (this=0x7f1af7f5cb58, thd=0x7f1af96a2070, nextp=0x7f1b017e7a68) at /data/src/10.0/sql/sp_head.cc:3126
      #12 0x000000000097b02b in sp_head::execute (this=0x7f1af7fb3088, thd=0x7f1af96a2070, merge_da_on_success=true) at /data/src/10.0/sql/sp_head.cc:1369
      #13 0x000000000097ccdf in sp_head::execute_procedure (this=0x7f1af7fb3088, thd=0x7f1af96a2070, args=0x7f1af96a66c8) at /data/src/10.0/sql/sp_head.cc:2157
      #14 0x00000000006533e7 in mysql_execute_command (thd=0x7f1af96a2070) at /data/src/10.0/sql/sql_parse.cc:4727
      #15 0x0000000000657d64 in mysql_parse (thd=0x7f1af96a2070, rawbuf=0x7f1af7da4088 "CALL sp", length=7, parser_state=0x7f1b017e8640) at /data/src/10.0/sql/sql_parse.cc:6637
      #16 0x000000000064a684 in dispatch_command (command=COM_QUERY, thd=0x7f1af96a2070, packet=0x7f1afabe5071 "CALL sp", packet_length=7) at /data/src/10.0/sql/sql_parse.cc:1300
      #17 0x0000000000649984 in do_command (thd=0x7f1af96a2070) at /data/src/10.0/sql/sql_parse.cc:1003
      #18 0x000000000076acdc in do_handle_one_connection (thd_arg=0x7f1af96a2070) at /data/src/10.0/sql/sql_connect.cc:1377
      #19 0x000000000076aa4e in handle_one_connection (arg=0x7f1af96a2070) at /data/src/10.0/sql/sql_connect.cc:1292
      #20 0x0000000000accef0 in pfs_spawn_thread (arg=0x7f1af95a2370) at /data/src/10.0/storage/perfschema/pfs.cc:1861
      #21 0x00007f1b0141c494 in start_thread (arg=0x7f1b017e9700) at pthread_create.c:333
      #22 0x00007f1aff7d593f in clone () from /lib/x86_64-linux-gnu/libc.so.6
      

      On 5.5 the stack trace is slightly different:

      5.5 064ba8cc9

      #3  <signal handler called>
      #4  0x00000000006b4b54 in mysql_update (thd=0x7f0572664060, table_list=0x7f0571577078, fields=..., values=..., conds=0x0, order_num=2, order=0x7f0571577648, limit=1, handle_duplicates=DUP_ERROR, ignore=false, found_return=0x7f05782dd698, updated_return=0x7f05782dd690) at /data/src/5.5/sql/sql_update.cc:313
      #5  0x0000000000602334 in mysql_execute_command (thd=0x7f0572664060) at /data/src/5.5/sql/sql_parse.cc:2839
      #6  0x00000000008e2404 in sp_instr_stmt::exec_core (this=0x7f0571577880, thd=0x7f0572664060, nextp=0x7f05782ddc28) at /data/src/5.5/sql/sp_head.cc:3220
      #7  0x00000000008e1bab in sp_lex_keeper::reset_lex_and_exec_core (this=0x7f05715778c0, thd=0x7f0572664060, nextp=0x7f05782ddc28, open_tables=false, instr=0x7f0571577880) at /data/src/5.5/sql/sp_head.cc:2998
      #8  0x00000000008e212c in sp_instr_stmt::execute (this=0x7f0571577880, thd=0x7f0572664060, nextp=0x7f05782ddc28) at /data/src/5.5/sql/sp_head.cc:3144
      #9  0x00000000008ddf95 in sp_head::execute (this=0x7f0571580078, thd=0x7f0572664060, merge_da_on_success=true) at /data/src/5.5/sql/sp_head.cc:1431
      #10 0x00000000008dfcfb in sp_head::execute_procedure (this=0x7f0571580078, thd=0x7f0572664060, args=0x7f0572668020) at /data/src/5.5/sql/sp_head.cc:2197
      #11 0x0000000000605f33 in mysql_execute_command (thd=0x7f0572664060) at /data/src/5.5/sql/sql_parse.cc:4115
      #12 0x000000000060a4a2 in mysql_parse (thd=0x7f0572664060, rawbuf=0x7f0571548078 "CALL sp", length=7, parser_state=0x7f05782de640) at /data/src/5.5/sql/sql_parse.cc:5923
      #13 0x00000000005fe1b7 in dispatch_command (command=COM_QUERY, thd=0x7f0572664060, packet=0x7f057635b061 "CALL sp", packet_length=7) at /data/src/5.5/sql/sql_parse.cc:1066
      #14 0x00000000005fd3a9 in do_command (thd=0x7f0572664060) at /data/src/5.5/sql/sql_parse.cc:793
      #15 0x0000000000700941 in do_handle_one_connection (thd_arg=0x7f0572664060) at /data/src/5.5/sql/sql_connect.cc:1268
      #16 0x00000000007006ce in handle_one_connection (arg=0x7f0572664060) at /data/src/5.5/sql/sql_connect.cc:1184
      #17 0x0000000000a0fe2d in pfs_spawn_thread (arg=0x7f0573376fc0) at /data/src/5.5/storage/perfschema/pfs.cc:1015
      #18 0x00007f0577f11494 in start_thread (arg=0x7f05782df700) at pthread_create.c:333
      #19 0x00007f057692793f in clone () from /lib/x86_64-linux-gnu/libc.so.6
      

      Both debug and non-debug versions are affected.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              sanja Oleksandr Byelkin
              Reporter:
              elenst Elena Stepanova
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: