Hi, Oleksandr! On Mar 21, Oleksandr Byelkin wrote:
revision-id: 49a443c53a7f01812299f20e94c7209579efd881 (mariadb-5.5.59-45-g49a443c53a7) parent(s): 0943b33de3daa0fcbf58803be8e991941de63218 author: Oleksandr Byelkin committer: Oleksandr Byelkin timestamp: 2018-03-21 12:13:37 +0100 message:
MDEV-15492: Subquery crash similar to MDEV-10050
Detection of first execution of PS fixed. More debug info.
diff --git a/sql/sql_prepare.cc b/sql/sql_prepare.cc index a3bf9d6c93c..369a9f3a804 100644 --- a/sql/sql_prepare.cc +++ b/sql/sql_prepare.cc @@ -3819,6 +3819,7 @@ bool Prepared_statement::execute(String *expanded_query, bool open_cursor) Statement stmt_backup; Query_arena *old_stmt_arena; bool error= TRUE; + bool qc_executed;
char saved_cur_db_name_buf[SAFE_NAME_LEN+1]; LEX_STRING saved_cur_db_name= @@ -3931,12 +3932,14 @@ bool Prepared_statement::execute(String *expanded_query, bool open_cursor) 1); error= mysql_execute_command(thd); MYSQL_QUERY_EXEC_DONE(error); + qc_executed= FALSE; } else { thd->lex->sql_command= SQLCOM_SELECT; status_var_increment(thd->status_var.com_stat[SQLCOM_SELECT]); thd->update_stats(); + qc_executed= TRUE; } }
mostly ok, but this leaves one code path where qc_executed stays uninitialized. Better assign a default value of FALSE when declaring a variable, and set it to TRUE when really executed. ok to push after that.
@@ -3960,7 +3963,7 @@ bool Prepared_statement::execute(String *expanded_query, bool open_cursor) thd->set_statement(&stmt_backup); thd->stmt_arena= old_stmt_arena;
- if (state == Query_arena::STMT_PREPARED) + if (state == Query_arena::STMT_PREPARED && !qc_executed) state= Query_arena::STMT_EXECUTED;
if (error == 0 && this->lex->sql_command == SQLCOM_CALL)
Regards, Sergei Chief Architect MariaDB and security@mariadb.org