[Commits] Rev 3738: MDEV-5356: Server crashes in Item_equal::contains on 2nd execution of a PS in file:///home/bell/maria/bzr/work-maria-5.3-MDEV-5356/

sanja at askmonty.org sanja at askmonty.org
Mon Dec 23 15:35:59 EET 2013


At file:///home/bell/maria/bzr/work-maria-5.3-MDEV-5356/

------------------------------------------------------------
revno: 3738
revision-id: sanja at askmonty.org-20131223133520-6hcvv0ntunqb2xj8
parent: sanja at askmonty.org-20131218135951-agw2htf09w418t91
committer: sanja at askmonty.org
branch nick: work-maria-5.3-MDEV-5356
timestamp: Mon 2013-12-23 15:35:20 +0200
message:
  MDEV-5356: Server crashes in Item_equal::contains on 2nd execution of a PS
  THD::thd->activate_stmt_arena_if_needed() should be used to temporary activating statement arena instead of direct usage of THD::set_n_backup_active_arena() because possible such scenario:
  
  1) func1 saves current arena and activates copy1 of statement arena
  2) func2 saves copy1 of statement arena setup by func1 and activates copy2
  3) some changes made for copy 2
  4) func2 stores changed copy2 back to statenet arena and activates copy1
  5) func1 store unchanged copy1 back to statemnt arena (rewrite changed copy 2 so changes become lost) and activates arena which was before.
-------------- next part --------------
=== modified file 'mysql-test/r/derived.result'
--- a/mysql-test/r/derived.result	2013-12-04 14:54:33 +0000
+++ b/mysql-test/r/derived.result	2013-12-23 13:35:20 +0000
@@ -479,5 +479,27 @@ SELECT * FROM
 WHERE tmp.a;
 a	b
 100	200
+#
+# MDEV-5356: Server crashes in Item_equal::contains on 2nd
+# execution of a PS
+#
+CREATE TABLE t1 (a INT, b INT);
+INSERT INTO t1 VALUES (1,2),(3,4);
+CREATE TABLE t2 (c INT);
+INSERT INTO t2 VALUES (5),(6);
+CREATE TABLE t3 (d INT);
+INSERT INTO t3 VALUES (7),(8);
+CREATE PROCEDURE pr()
+UPDATE t3,
+(SELECT c FROM
+(SELECT 1 FROM t1 WHERE a=72 AND NOT b) sq, 
+t2
+) sq2
+SET d=sq2.c;
+CALL pr();
+CALL pr();
+CALL pr();
+drop procedure pr;
+drop table t1,t2,t3;
 # End of 5.3 tests
 set optimizer_switch=@save_derived_optimizer_switch;

=== modified file 'mysql-test/t/derived.test'
--- a/mysql-test/t/derived.test	2013-12-04 14:54:33 +0000
+++ b/mysql-test/t/derived.test	2013-12-23 13:35:20 +0000
@@ -394,6 +394,35 @@ WHERE tmp.b;
 SELECT * FROM 
 ( SELECT 100 a, subsel.b FROM ( SELECT 200 b ) subsel ) tmp
 WHERE tmp.a;
+
+--echo #
+--echo # MDEV-5356: Server crashes in Item_equal::contains on 2nd
+--echo # execution of a PS
+--echo #
+CREATE TABLE t1 (a INT, b INT);
+INSERT INTO t1 VALUES (1,2),(3,4);
+
+CREATE TABLE t2 (c INT);
+INSERT INTO t2 VALUES (5),(6);
+
+CREATE TABLE t3 (d INT);
+INSERT INTO t3 VALUES (7),(8);
+
+CREATE PROCEDURE pr()
+  UPDATE t3,
+    (SELECT c FROM
+      (SELECT 1 FROM t1 WHERE a=72 AND NOT b) sq, 
+      t2
+    ) sq2
+  SET d=sq2.c;
+
+CALL pr();
+CALL pr();
+CALL pr();
+
+drop procedure pr;
+drop table t1,t2,t3;
+
 --echo # End of 5.3 tests
 
 set optimizer_switch=@save_derived_optimizer_switch;

=== modified file 'sql/sql_base.cc'
--- a/sql/sql_base.cc	2013-12-05 19:13:20 +0000
+++ b/sql/sql_base.cc	2013-12-23 13:35:20 +0000
@@ -8050,12 +8050,9 @@ bool setup_tables(THD *thd, Name_resolut
     if (table_list->merge_underlying_list)
     {
       DBUG_ASSERT(table_list->is_merged_derived());
-      Query_arena *arena= thd->stmt_arena, backup;
+      Query_arena *arena, backup;
       bool res;
-      if (arena->is_conventional())
-        arena= 0;                                   // For easier test
-      else
-        thd->set_n_backup_active_arena(arena, &backup);
+      arena= thd->activate_stmt_arena_if_needed(&backup);
       res= table_list->setup_underlying(thd);
       if (arena)
         thd->restore_active_arena(arena, &backup);
@@ -8434,11 +8431,8 @@ void wrap_ident(THD *thd, Item **conds)
 {
   Item_direct_ref_to_ident *wrapper;
   DBUG_ASSERT((*conds)->type() == Item::FIELD_ITEM || (*conds)->type() == Item::REF_ITEM);
-  Query_arena *arena= thd->stmt_arena, backup;
-  if (arena->is_conventional())
-    arena= 0;
-  else
-    thd->set_n_backup_active_arena(arena, &backup);
+  Query_arena *arena, backup;
+  arena= thd->activate_stmt_arena_if_needed(&backup);
   if ((wrapper= new Item_direct_ref_to_ident((Item_ident *)(*conds))))
     (*conds)= (Item*) wrapper;
   if (arena)

=== modified file 'sql/sql_derived.cc'
--- a/sql/sql_derived.cc	2013-12-18 13:59:51 +0000
+++ b/sql/sql_derived.cc	2013-12-23 13:35:20 +0000
@@ -614,11 +614,8 @@ bool mysql_derived_prepare(THD *thd, LEX
           thd->lex->sql_command == SQLCOM_DELETE_MULTI))))
     DBUG_RETURN(FALSE);
 
-  Query_arena *arena= thd->stmt_arena, backup;
-  if (arena->is_conventional())
-    arena= 0;                                   // For easier test
-  else
-    thd->set_n_backup_active_arena(arena, &backup);
+  Query_arena *arena, backup;
+  arena= thd->activate_stmt_arena_if_needed(&backup);
 
   SELECT_LEX *first_select= unit->first_select();
 

=== modified file 'sql/sql_lex.cc'
--- a/sql/sql_lex.cc	2013-12-18 13:59:51 +0000
+++ b/sql/sql_lex.cc	2013-12-23 13:35:20 +0000
@@ -3679,11 +3679,8 @@ void SELECT_LEX::mark_const_derived(bool
 
 bool st_select_lex::save_leaf_tables(THD *thd)
 {
-  Query_arena *arena= thd->stmt_arena, backup;
-  if (arena->is_conventional())
-    arena= 0;                                  
-  else
-    thd->set_n_backup_active_arena(arena, &backup);
+  Query_arena *arena, backup;
+  arena= thd->activate_stmt_arena_if_needed(&backup);
 
   List_iterator_fast<TABLE_LIST> li(leaf_tables);
   TABLE_LIST *table;
@@ -3711,10 +3708,7 @@ bool st_select_lex::save_prep_leaf_table
     return 0;
 
   Query_arena *arena= thd->stmt_arena, backup;
-  if (arena->is_conventional())
-    arena= 0;                                  
-  else
-    thd->set_n_backup_active_arena(arena, &backup);
+  arena= thd->activate_stmt_arena_if_needed(&backup);
 
   List_iterator_fast<TABLE_LIST> li(leaf_tables);
   TABLE_LIST *table;

=== modified file 'sql/sql_select.cc'
--- a/sql/sql_select.cc	2013-12-11 18:13:08 +0000
+++ b/sql/sql_select.cc	2013-12-23 13:35:20 +0000
@@ -999,11 +999,8 @@ JOIN::optimize()
       MEMROOT for prepared statements and stored procedures.
     */
 
-    Query_arena *arena= thd->stmt_arena, backup;
-    if (arena->is_conventional())
-      arena= 0;                                   // For easier test
-    else
-      thd->set_n_backup_active_arena(arena, &backup);
+    Query_arena *arena, backup;
+    arena= thd->activate_stmt_arena_if_needed(&backup);
 
     sel->first_cond_optimization= 0;
 

=== modified file 'sql/sql_view.cc'
--- a/sql/sql_view.cc	2012-04-20 19:09:16 +0000
+++ b/sql/sql_view.cc	2013-12-23 13:35:20 +0000
@@ -1121,11 +1121,7 @@ bool mysql_make_view(THD *thd, File_pars
     will be TRUE as far as we make new table cache).
   */
   old_lex= thd->lex;
-  arena= thd->stmt_arena;
-  if (arena->is_conventional())
-    arena= 0;
-  else
-    thd->set_n_backup_active_arena(arena, &backup);
+  arena= thd->activate_stmt_arena_if_needed(&backup);
 
   /* init timestamp */
   if (!table->timestamp.str)

=== modified file 'sql/table.cc'
--- a/sql/table.cc	2013-12-04 14:54:33 +0000
+++ b/sql/table.cc	2013-12-23 13:35:20 +0000
@@ -3560,7 +3560,7 @@ bool TABLE_LIST::create_field_translatio
   SELECT_LEX *select= get_single_select();
   List_iterator_fast<Item> it(select->item_list);
   uint field_count= 0;
-  Query_arena *arena= thd->stmt_arena, backup;
+  Query_arena *arena, backup;
   bool res= FALSE;
 
   if (thd->stmt_arena->is_conventional() ||
@@ -3598,10 +3598,7 @@ bool TABLE_LIST::create_field_translatio
     return FALSE;
   }
 
-  if (arena->is_conventional())
-    arena= 0;                                   // For easier test
-  else
-    thd->set_n_backup_active_arena(arena, &backup);
+  arena= thd->activate_stmt_arena_if_needed(&backup);
 
   /* Create view fields translation table */
 



More information about the commits mailing list