From fcd99c156ba85af9af11c41a0ad8c5abe25e2b8e Mon Sep 17 00:00:00 2001 From: Sergey Glukhov Date: Wed, 5 Oct 2011 13:28:20 +0400 Subject: [PATCH] Bug#11747970 34660: CRASH WHEN FEDERATED TABLE LOSES CONNECTION DURING INSERT ... SELECT Problematic query: insert ignore into `t1_federated` (`c1`) select `c1` from `t1_local` a where not exists (select 1 from `t1_federated` b where a.c1 = b.c1); When this query is killed in another connection it could lead to crash. The problem is follwing: An attempt to obtain table statistics for subselect table in killed query fails with an error. So JOIN::optimize() for subquery is failed but it does not prevent further subquery evaluation. At the first subquery execution JOIN::optimize() is called (see subselect_single_select_engine::exec()) and fails with an error. 'executed' flag is set to TRUE and it prevents further subquery evaluation. At the second call JOIN::optimize() does not happen as 'JOIN::optimized' is TRUE and in case of uncacheable subquery the 'executed' flag is set to FALSE before subquery evaluation. So we loose 'optimize stage' error indication (see subselect_single_select_engine::exec()). In other words 'executed' flag is used for two purposes, for error indication at JOIN::optimize() stage and for an indication of subquery execution. And it seems it's wrong as the flag could be reset. --- mysql-test/r/error_simulation.result | 13 +++++++++++++ mysql-test/t/error_simulation.test | 14 ++++++++++++++ sql/item_subselect.cc | 13 ++++++++++--- sql/item_subselect.h | 1 + sql/sql_select.cc | 10 ++++++++++ 5 files changed, 48 insertions(+), 3 deletions(-) diff --git a/mysql-test/r/error_simulation.result b/mysql-test/r/error_simulation.result index b6b79cb596b..f1835186787 100644 --- a/mysql-test/r/error_simulation.result +++ b/mysql-test/r/error_simulation.result @@ -83,5 +83,18 @@ a a b filler SET SESSION debug = DEFAULT; DROP TABLE t1, t2; # +# Bug#11747970 34660: CRASH WHEN FEDERATED TABLE LOSES CONNECTION DURING INSERT ... SELECT +# +CREATE TABLE t1(f1 INT, KEY(f1)); +CREATE TABLE t2(f1 INT); +INSERT INTO t1 VALUES (1),(2); +INSERT INTO t2 VALUES (1),(2); +SET SESSION debug='d,bug11747970_simulate_error'; +INSERT IGNORE INTO t2 SELECT f1 FROM t1 a WHERE NOT EXISTS (SELECT 1 FROM t2 b WHERE a.f1 = b.f1); +Warnings: +Error 1105 Unknown error +SET SESSION debug = DEFAULT; +DROP TABLE t1,t2; +# # End of 5.1 tests # diff --git a/mysql-test/t/error_simulation.test b/mysql-test/t/error_simulation.test index f6edacfaa29..95ec2c5b21d 100644 --- a/mysql-test/t/error_simulation.test +++ b/mysql-test/t/error_simulation.test @@ -89,6 +89,20 @@ SET SESSION debug = DEFAULT; DROP TABLE t1, t2; + +--echo # +--echo # Bug#11747970 34660: CRASH WHEN FEDERATED TABLE LOSES CONNECTION DURING INSERT ... SELECT +--echo # +CREATE TABLE t1(f1 INT, KEY(f1)); +CREATE TABLE t2(f1 INT); +INSERT INTO t1 VALUES (1),(2); +INSERT INTO t2 VALUES (1),(2); +SET SESSION debug='d,bug11747970_simulate_error'; +INSERT IGNORE INTO t2 SELECT f1 FROM t1 a WHERE NOT EXISTS (SELECT 1 FROM t2 b WHERE a.f1 = b.f1); +SET SESSION debug = DEFAULT; +DROP TABLE t1,t2; + + --echo # --echo # End of 5.1 tests --echo # diff --git a/sql/item_subselect.cc b/sql/item_subselect.cc index 10dd6c93717..2fa0178ed8c 100644 --- a/sql/item_subselect.cc +++ b/sql/item_subselect.cc @@ -1679,7 +1679,7 @@ subselect_single_select_engine(st_select_lex *select, select_subselect *result_arg, Item_subselect *item_arg) :subselect_engine(item_arg, result_arg), - prepared(0), optimized(0), executed(0), + prepared(0), optimized(0), executed(0), optimize_error(0), select_lex(select), join(0) { select_lex->master_unit()->item= item_arg; @@ -1689,7 +1689,7 @@ subselect_single_select_engine(st_select_lex *select, void subselect_single_select_engine::cleanup() { DBUG_ENTER("subselect_single_select_engine::cleanup"); - prepared= optimized= executed= 0; + prepared= optimized= executed= optimize_error= 0; join= 0; result->cleanup(); DBUG_VOID_RETURN; @@ -1885,6 +1885,10 @@ int join_read_next_same_or_null(READ_RECORD *info); int subselect_single_select_engine::exec() { DBUG_ENTER("subselect_single_select_engine::exec"); + + if (optimize_error) + DBUG_RETURN(1); + char const *save_where= thd->where; SELECT_LEX *save_select= thd->lex->current_select; thd->lex->current_select= select_lex; @@ -1892,12 +1896,15 @@ int subselect_single_select_engine::exec() { SELECT_LEX_UNIT *unit= select_lex->master_unit(); + DBUG_EXECUTE_IF("bug11747970_simulate_error", + DBUG_SET("+d,bug11747970_raise_error");); + optimized= 1; unit->set_limit(unit->global_parameters); if (join->optimize()) { thd->where= save_where; - executed= 1; + optimize_error= 1; thd->lex->current_select= save_select; DBUG_RETURN(join->error ? join->error : 1); } diff --git a/sql/item_subselect.h b/sql/item_subselect.h index 74bbec626c1..65b415b44e9 100644 --- a/sql/item_subselect.h +++ b/sql/item_subselect.h @@ -419,6 +419,7 @@ class subselect_single_select_engine: public subselect_engine my_bool prepared; /* simple subselect is prepared */ my_bool optimized; /* simple subselect is optimized */ my_bool executed; /* simple subselect is executed */ + my_bool optimize_error; ///< simple subselect optimization failed st_select_lex *select_lex; /* corresponding select_lex */ JOIN * join; /* corresponding JOIN structure */ public: diff --git a/sql/sql_select.cc b/sql/sql_select.cc index 516c9c37473..bf0cd7c9db8 100644 --- a/sql/sql_select.cc +++ b/sql/sql_select.cc @@ -2677,6 +2677,16 @@ make_join_statistics(JOIN *join, TABLE_LIST *tables_arg, COND *conds, table_vector[i]=s->table=table=tables->table; table->pos_in_table_list= tables; error= table->file->info(HA_STATUS_VARIABLE | HA_STATUS_NO_LOCK); + + DBUG_EXECUTE_IF("bug11747970_raise_error", + { + if (!error) + { + my_error(ER_UNKNOWN_ERROR, MYF(0)); + goto error; + } + }); + if (error) { table->file->print_error(error, MYF(0));