mirror of
https://github.com/MariaDB/server.git
synced 2025-01-19 05:22:25 +01:00
e16953dfd8
mysqld crashed when a long-running explain query was killed from another connection. When the current thread caught a kill signal executing the function best_extension_by_limited_search it just silently returned to the calling function greedy_search without initializing elements of the join->best_positions array. However, the greedy_search function ignored thd->killed status after a calls to the best_extension_by_limited_search function, and after several calls the greedy_search function used an uninitialized data from the join->best_positions[idx] to search position in the join->best_ref array. That search failed, and greedy_search tried to call swap_variables function with NULL argument - that caused a crash.
127 lines
3.5 KiB
Text
127 lines
3.5 KiB
Text
drop table if exists t1, t2, t3;
|
|
create table t1 (kill_id int);
|
|
insert into t1 values(connection_id());
|
|
select ((@id := kill_id) - kill_id) from t1;
|
|
((@id := kill_id) - kill_id)
|
|
0
|
|
kill @id;
|
|
select ((@id := kill_id) - kill_id) from t1;
|
|
((@id := kill_id) - kill_id)
|
|
0
|
|
select @id != connection_id();
|
|
@id != connection_id()
|
|
1
|
|
select 4;
|
|
4
|
|
4
|
|
drop table t1;
|
|
kill (select count(*) from mysql.user);
|
|
ERROR 42000: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'select count(*) from mysql.user)' at line 1
|
|
create table t1 (id int primary key);
|
|
create table t2 (id int unsigned not null);
|
|
insert into t2 select id from t1;
|
|
create table t3 (kill_id int);
|
|
insert into t3 values(connection_id());
|
|
select id from t1 where id in (select distinct id from t2);
|
|
select ((@id := kill_id) - kill_id) from t3;
|
|
((@id := kill_id) - kill_id)
|
|
0
|
|
kill @id;
|
|
Got one of the listed errors
|
|
drop table t1, t2, t3;
|
|
select get_lock("a", 10);
|
|
get_lock("a", 10)
|
|
1
|
|
select get_lock("a", 10);
|
|
get_lock("a", 10)
|
|
NULL
|
|
select 1;
|
|
1
|
|
1
|
|
select RELEASE_LOCK("a");
|
|
RELEASE_LOCK("a")
|
|
1
|
|
create table t1(f1 int);
|
|
create function bug27563() returns int(11)
|
|
deterministic
|
|
begin
|
|
declare continue handler for sqlstate '70100' set @a:= 'killed';
|
|
declare continue handler for sqlexception set @a:= 'exception';
|
|
set @a= get_lock("lock27563", 10);
|
|
return 1;
|
|
end|
|
|
select get_lock("lock27563",10);
|
|
get_lock("lock27563",10)
|
|
1
|
|
insert into t1 values (bug27563());
|
|
ERROR 70100: Query execution was interrupted
|
|
select @a;
|
|
@a
|
|
NULL
|
|
select * from t1;
|
|
f1
|
|
insert into t1 values(0);
|
|
update t1 set f1= bug27563();
|
|
ERROR 70100: Query execution was interrupted
|
|
select @a;
|
|
@a
|
|
NULL
|
|
select * from t1;
|
|
f1
|
|
0
|
|
insert into t1 values(1);
|
|
delete from t1 where bug27563() is null;
|
|
ERROR 70100: Query execution was interrupted
|
|
select @a;
|
|
@a
|
|
NULL
|
|
select * from t1;
|
|
f1
|
|
0
|
|
1
|
|
select * from t1 where f1= bug27563();
|
|
ERROR 70100: Query execution was interrupted
|
|
select @a;
|
|
@a
|
|
NULL
|
|
create procedure proc27563()
|
|
begin
|
|
declare continue handler for sqlstate '70100' set @a:= 'killed';
|
|
declare continue handler for sqlexception set @a:= 'exception';
|
|
select get_lock("lock27563",10);
|
|
select "shouldn't be selected";
|
|
end|
|
|
call proc27563();
|
|
get_lock("lock27563",10)
|
|
NULL
|
|
ERROR 70100: Query execution was interrupted
|
|
select @a;
|
|
@a
|
|
NULL
|
|
create table t2 (f2 int);
|
|
create trigger trg27563 before insert on t1 for each row
|
|
begin
|
|
declare continue handler for sqlstate '70100' set @a:= 'killed';
|
|
declare continue handler for sqlexception set @a:= 'exception';
|
|
set @a:= get_lock("lock27563",10);
|
|
insert into t2 values(1);
|
|
end|
|
|
insert into t1 values(2),(3);
|
|
ERROR 70100: Query execution was interrupted
|
|
select @a;
|
|
@a
|
|
NULL
|
|
select * from t1;
|
|
f1
|
|
0
|
|
1
|
|
select * from t2;
|
|
f2
|
|
select release_lock("lock27563");
|
|
release_lock("lock27563")
|
|
1
|
|
drop table t1, t2;
|
|
drop function bug27563;
|
|
drop procedure proc27563;
|
|
PREPARE stmt FROM 'EXPLAIN SELECT * FROM t1,t2,t3,t4,t5,t6,t7,t8,t9,t10,t11,t12,t13,t14,t15,t16,t17,t18,t19,t20,t21,t22,t23,t24,t25,t26,t27,t28,t29,t30,t31,t32,t33,t34,t35,t36,t37,t38,t39,t40 WHERE a1=a2 AND a2=a3 AND a3=a4 AND a4=a5 AND a5=a6 AND a6=a7 AND a7=a8 AND a8=a9 AND a9=a10 AND a10=a11 AND a11=a12 AND a12=a13 AND a13=a14 AND a14=a15 AND a15=a16 AND a16=a17 AND a17=a18 AND a18=a19 AND a19=a20 AND a20=a21 AND a21=a22 AND a22=a23 AND a23=a24 AND a24=a25 AND a25=a26 AND a26=a27 AND a27=a28 AND a28=a29 AND a29=a30 AND a30=a31 AND a31=a32 AND a32=a33 AND a33=a34 AND a34=a35 AND a35=a36 AND a36=a37 AND a37=a38 AND a38=a39 AND a39=a40 ';
|
|
EXECUTE stmt;
|