From 748ef3ec91d35aa6cd5b230c71084f6c83c1c92e Mon Sep 17 00:00:00 2001 From: Eugene Kosov Date: Wed, 16 May 2018 18:11:30 +0300 Subject: [PATCH] MDEV-15991 Server crashes in setup_on_expr upon calling SP or function executing DML on versioned tables Do not try to set versioning conditions on every SP call. It may work incorrectly, but it's a general bug described in MDEV-774. This patch makes system versioning stuff consistent with other code and also fixes a use-after-free bug. Closes #756 --- mysql-test/suite/versioning/r/select.result | 21 +++++++++++++++++++++ mysql-test/suite/versioning/t/select.test | 18 ++++++++++++++++++ sql/sql_class.h | 2 -- sql/sql_select.cc | 2 +- 4 files changed, 40 insertions(+), 3 deletions(-) diff --git a/mysql-test/suite/versioning/r/select.result b/mysql-test/suite/versioning/r/select.result index 80c408980ec..87b8166ef91 100644 --- a/mysql-test/suite/versioning/r/select.result +++ b/mysql-test/suite/versioning/r/select.result @@ -538,6 +538,27 @@ a select * from t1 for system_time from @t2 to @t1; a drop table t1; +# +# MDEV-15991 Server crashes in setup_on_expr upon calling SP or function executing DML on versioned tables +# +create or replace table t1 (i int); +insert into t1 values (1); +create or replace procedure p(n int) +begin +select * from t1; +end $ +call p(1); +i +1 +alter table t1 add system versioning; +call p(2); +i +1 +call p(3); +i +1 +drop procedure p; +drop table t1; call verify_trt_dummy(34); No A B C D 1 1 1 1 1 diff --git a/mysql-test/suite/versioning/t/select.test b/mysql-test/suite/versioning/t/select.test index bb154f0b248..845cf731af1 100644 --- a/mysql-test/suite/versioning/t/select.test +++ b/mysql-test/suite/versioning/t/select.test @@ -348,6 +348,24 @@ select * from t1 for system_time from @t1 to @t2; select * from t1 for system_time from @t2 to @t1; drop table t1; +--echo # +--echo # MDEV-15991 Server crashes in setup_on_expr upon calling SP or function executing DML on versioned tables +--echo # +create or replace table t1 (i int); +insert into t1 values (1); +--delimiter $ +create or replace procedure p(n int) +begin + select * from t1; +end $ +--delimiter ; +call p(1); +alter table t1 add system versioning; +call p(2); +call p(3); +drop procedure p; +drop table t1; + call verify_trt_dummy(34); -- source suite/versioning/common_finish.inc diff --git a/sql/sql_class.h b/sql/sql_class.h index 64b75dbe7be..5adb5bf3823 100644 --- a/sql/sql_class.h +++ b/sql/sql_class.h @@ -1007,8 +1007,6 @@ public: { return state == STMT_PREPARED || state == STMT_EXECUTED; } inline bool is_conventional() const { return state == STMT_CONVENTIONAL_EXECUTION; } - inline bool is_sp_execute() const - { return is_stored_procedure; } inline void* alloc(size_t size) { return alloc_root(mem_root,size); } inline void* calloc(size_t size) diff --git a/sql/sql_select.cc b/sql/sql_select.cc index 99437e52c13..215803c2637 100644 --- a/sql/sql_select.cc +++ b/sql/sql_select.cc @@ -725,7 +725,7 @@ int SELECT_LEX::vers_setup_conds(THD *thd, TABLE_LIST *tables) TABLE_LIST *table; if (!thd->stmt_arena->is_conventional() && - !thd->stmt_arena->is_stmt_prepare() && !thd->stmt_arena->is_sp_execute()) + !thd->stmt_arena->is_stmt_prepare_or_first_sp_execute()) { // statement is already prepared DBUG_RETURN(0);