[MDEV-22001] Server crashes in st_select_lex_unit::exclude_level upon execution of SP - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Blocker
Resolution: Fixed
Affects Version/s: 10.4(EOL), 10.5, 10.6, 10.7(EOL), 10.8(EOL), 10.9(EOL)
Fix Version/s: 10.4.26, 10.5.17, 10.6.9, 10.7.5, 10.8.4, 10.9.2, 10.10.0
Component/s: Stored routines
Labels:
None

Description

--delimiter $

BEGIN NOT ATOMIC DECLARE a INT DEFAULT 0 IN ( SELECT 1 ) OR 2 ; END $

--delimiter ;

10.4 81f70001
#3 <signal handler called>
#4 0x000055e312d9eca8 in st_select_lex_unit::exclude_level (this=0x7f3bb800a900) at /data/src/10.4/sql/sql_lex.cc:2706
#5 0x000055e31322061e in subselect_single_select_engine::exclude (this=0x7f3bb800b318) at /data/src/10.4/sql/item_subselect.cc:4388
#6 0x000055e313211840 in Item_subselect::fix_fields (this=0x7f3bb800b0f8, thd_param=0x7f3bb8000af0, ref=0x7f3bb800b3f8) at /data/src/10.4/sql/item_subselect.cc:309
#7 0x000055e31321d9cc in Item_in_subselect::fix_fields (this=0x7f3bb800b0f8, thd_arg=0x7f3bb8000af0, ref=0x7f3bb800b3f8) at /data/src/10.4/sql/item_subselect.cc:3382
#8 0x000055e312cbcfc9 in Item::fix_fields_if_needed (this=0x7f3bb800b0f8, thd=0x7f3bb8000af0, ref=0x7f3bb800b3f8) at /data/src/10.4/sql/item.h:958
#9 0x000055e312cbcff7 in Item::fix_fields_if_needed_for_scalar (this=0x7f3bb800b0f8, thd=0x7f3bb8000af0, ref=0x7f3bb800b3f8) at /data/src/10.4/sql/item.h:962
#10 0x000055e312d41a55 in Item::fix_fields_if_needed_for_bool (this=0x7f3bb800b0f8, thd=0x7f3bb8000af0, ref=0x7f3bb800b3f8) at /data/src/10.4/sql/item.h:966
#11 0x000055e31318ae22 in Item_cond::fix_fields (this=0x7f3bb8130c00, thd=0x7f3bb8000af0, ref=0x7f3bb800b458) at /data/src/10.4/sql/item_cmpfunc.cc:4845
#12 0x000055e312cbcfc9 in Item::fix_fields_if_needed (this=0x7f3bb8130c00, thd=0x7f3bb8000af0, ref=0x7f3bb800b458) at /data/src/10.4/sql/item.h:958
#13 0x000055e312cdb13c in THD::sp_fix_func_item (this=0x7f3bb8000af0, it_addr=0x7f3bb800b458) at /data/src/10.4/sql/sp_head.cc:356
#14 0x000055e312cdb06a in THD::sp_prepare_func_item (this=0x7f3bb8000af0, it_addr=0x7f3bb800b458, cols=1) at /data/src/10.4/sql/sp_head.cc:342
#15 0x000055e3130f7df8 in Field::sp_prepare_and_store_item (this=0x7f3bb8015e58, thd=0x7f3bb8000af0, value=0x7f3bb800b458) at /data/src/10.4/sql/field.cc:1353
#16 0x000055e312cdb321 in THD::sp_eval_expr (this=0x7f3bb8000af0, result_field=0x7f3bb8015e58, expr_item_ptr=0x7f3bb800b458) at /data/src/10.4/sql/sp_head.cc:390
#17 0x000055e312cf5557 in sp_rcontext::set_variable (this=0x7f3bb8014a28, thd=0x7f3bb8000af0, idx=0, value=0x7f3bb800b458) at /data/src/10.4/sql/sp_rcontext.cc:638
#18 0x000055e312ce5115 in sp_instr_set::exec_core (this=0x7f3bb800b410, thd=0x7f3bb8000af0, nextp=0x7f3bcf6e4914) at /data/src/10.4/sql/sp_head.cc:3713
#19 0x000055e312ce437f in sp_lex_keeper::reset_lex_and_exec_core (this=0x7f3bb800b460, thd=0x7f3bb8000af0, nextp=0x7f3bcf6e4914, open_tables=true, instr=0x7f3bb800b410) at /data/src/10.4/sql/sp_head.cc:3415
#20 0x000055e312ce5055 in sp_instr_set::execute (this=0x7f3bb800b410, thd=0x7f3bb8000af0, nextp=0x7f3bcf6e4914) at /data/src/10.4/sql/sp_head.cc:3700
#21 0x000055e312cde267 in sp_head::execute (this=0x7f3bb80094b8, thd=0x7f3bb8000af0, merge_da_on_success=true) at /data/src/10.4/sql/sp_head.cc:1361
#22 0x000055e312ce109b in sp_head::execute_procedure (this=0x7f3bb80094b8, thd=0x7f3bb8000af0, args=0x7f3bb80058e0) at /data/src/10.4/sql/sp_head.cc:2366
#23 0x000055e312dd128b in do_execute_sp (thd=0x7f3bb8000af0, sp=0x7f3bb80094b8) at /data/src/10.4/sql/sql_parse.cc:3014
#24 0x000055e312ddb982 in mysql_execute_command (thd=0x7f3bb8000af0) at /data/src/10.4/sql/sql_parse.cc:5713
#25 0x000055e312de2a01 in mysql_parse (thd=0x7f3bb8000af0, rawbuf=0x7f3bb80132f0 "BEGIN NOT ATOMIC DECLARE a INT DEFAULT 0 IN ( SELECT 1 ) OR 2 ; END", length=67, parser_state=0x7f3bcf6e6160, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:7900
#26 0x000055e312dcdbd0 in dispatch_command (command=COM_QUERY, thd=0x7f3bb8000af0, packet=0x7f3bb8136171 "BEGIN NOT ATOMIC DECLARE a INT DEFAULT 0 IN ( SELECT 1 ) OR 2 ; END ", packet_length=68, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:1842
#27 0x000055e312dcc25d in do_command (thd=0x7f3bb8000af0) at /data/src/10.4/sql/sql_parse.cc:1360
#28 0x000055e312f5570f in do_handle_one_connection (connect=0x55e316727520) at /data/src/10.4/sql/sql_connect.cc:1412
#29 0x000055e312f5545e in handle_one_connection (arg=0x55e316727520) at /data/src/10.4/sql/sql_connect.cc:1316
#30 0x000055e31395dd6d in pfs_spawn_thread (arg=0x55e31663b4b0) at /data/src/10.4/storage/perfschema/pfs.cc:1869
#31 0x00007f3bdb5004a4 in start_thread (arg=0x7f3bcf6e7700) at pthread_create.c:456
#32 0x00007f3bd9634d0f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97

Also reproducible upon execution of a traditional (named) stored procedure.
Reproducible on 10.4, 10.5, debug and non-debug alike.
Not reproducible on 10.3.

Attachments

Issue Links

is duplicated by

MDEV-26410 MariaDB server crash in st_select_lex_unit::exclude_level

Closed

Activity

People

Assignee:: Dmitry Shulga

Reporter:: Elena Stepanova

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 2020-03-22 16:30

Updated:: 2022-07-12 10:55

Resolved:: 2022-07-12 10:55

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.