Commit 06b86f15 authored by Sergey Glukhov's avatar Sergey Glukhov

Bug#11747970 34660: CRASH WHEN FEDERATED TABLE LOSES CONNECTION DURING INSERT ... SELECT

Problematic query:
insert ignore into `t1_federated` (`c1`) select `c1` from  `t1_local` a
where not exists (select 1 from `t1_federated` b where a.c1 = b.c1);
When this query is killed in another connection it could lead to crash.
The problem is follwing:
An attempt to obtain table statistics for subselect table in killed query
fails with an error. So JOIN::optimize() for subquery is failed but
it does not prevent further subquery evaluation.
At the first subquery execution JOIN::optimize() is called
(see subselect_single_select_engine::exec()) and fails with
an error. 'executed' flag is set to TRUE and it prevents
further subquery evaluation. At the second call
JOIN::optimize() does not happen as 'JOIN::optimized' is TRUE
and in case of uncacheable subquery the 'executed' flag is set
to FALSE before subquery evaluation. So we loose 'optimize stage'
error indication (see subselect_single_select_engine::exec()).
In other words 'executed' flag is used for two purposes, for
error indication at JOIN::optimize() stage and for an
indication of subquery execution. And it seems it's wrong
as the flag could be reset.


mysql-test/r/error_simulation.result:
  test case
mysql-test/t/error_simulation.test:
  test case
sql/item_subselect.cc:
  added new flag subselect_single_select_engine::optimize_error
  which is used for error detection which could happen at optimize
  stage.
sql/item_subselect.h:
  added new flag subselect_single_select_engine::optimize_error
sql/sql_select.cc:
  test case
parent c89d8480
......@@ -83,5 +83,18 @@ a a b filler
SET SESSION debug = DEFAULT;
DROP TABLE t1, t2;
#
# Bug#11747970 34660: CRASH WHEN FEDERATED TABLE LOSES CONNECTION DURING INSERT ... SELECT
#
CREATE TABLE t1(f1 INT, KEY(f1));
CREATE TABLE t2(f1 INT);
INSERT INTO t1 VALUES (1),(2);
INSERT INTO t2 VALUES (1),(2);
SET SESSION debug='d,bug11747970_simulate_error';
INSERT IGNORE INTO t2 SELECT f1 FROM t1 a WHERE NOT EXISTS (SELECT 1 FROM t2 b WHERE a.f1 = b.f1);
Warnings:
Error 1105 Unknown error
SET SESSION debug = DEFAULT;
DROP TABLE t1,t2;
#
# End of 5.1 tests
#
......@@ -89,6 +89,20 @@ SET SESSION debug = DEFAULT;
DROP TABLE t1, t2;
--echo #
--echo # Bug#11747970 34660: CRASH WHEN FEDERATED TABLE LOSES CONNECTION DURING INSERT ... SELECT
--echo #
CREATE TABLE t1(f1 INT, KEY(f1));
CREATE TABLE t2(f1 INT);
INSERT INTO t1 VALUES (1),(2);
INSERT INTO t2 VALUES (1),(2);
SET SESSION debug='d,bug11747970_simulate_error';
INSERT IGNORE INTO t2 SELECT f1 FROM t1 a WHERE NOT EXISTS (SELECT 1 FROM t2 b WHERE a.f1 = b.f1);
SET SESSION debug = DEFAULT;
DROP TABLE t1,t2;
--echo #
--echo # End of 5.1 tests
--echo #
......@@ -1679,7 +1679,7 @@ subselect_single_select_engine(st_select_lex *select,
select_subselect *result_arg,
Item_subselect *item_arg)
:subselect_engine(item_arg, result_arg),
prepared(0), optimized(0), executed(0),
prepared(0), optimized(0), executed(0), optimize_error(0),
select_lex(select), join(0)
{
select_lex->master_unit()->item= item_arg;
......@@ -1689,7 +1689,7 @@ subselect_single_select_engine(st_select_lex *select,
void subselect_single_select_engine::cleanup()
{
DBUG_ENTER("subselect_single_select_engine::cleanup");
prepared= optimized= executed= 0;
prepared= optimized= executed= optimize_error= 0;
join= 0;
result->cleanup();
DBUG_VOID_RETURN;
......@@ -1885,6 +1885,10 @@ int join_read_next_same_or_null(READ_RECORD *info);
int subselect_single_select_engine::exec()
{
DBUG_ENTER("subselect_single_select_engine::exec");
if (optimize_error)
DBUG_RETURN(1);
char const *save_where= thd->where;
SELECT_LEX *save_select= thd->lex->current_select;
thd->lex->current_select= select_lex;
......@@ -1892,12 +1896,15 @@ int subselect_single_select_engine::exec()
{
SELECT_LEX_UNIT *unit= select_lex->master_unit();
DBUG_EXECUTE_IF("bug11747970_simulate_error",
DBUG_SET("+d,bug11747970_raise_error"););
optimized= 1;
unit->set_limit(unit->global_parameters);
if (join->optimize())
{
thd->where= save_where;
executed= 1;
optimize_error= 1;
thd->lex->current_select= save_select;
DBUG_RETURN(join->error ? join->error : 1);
}
......
......@@ -419,6 +419,7 @@ class subselect_single_select_engine: public subselect_engine
my_bool prepared; /* simple subselect is prepared */
my_bool optimized; /* simple subselect is optimized */
my_bool executed; /* simple subselect is executed */
my_bool optimize_error; ///< simple subselect optimization failed
st_select_lex *select_lex; /* corresponding select_lex */
JOIN * join; /* corresponding JOIN structure */
public:
......
......@@ -2677,6 +2677,16 @@ make_join_statistics(JOIN *join, TABLE_LIST *tables_arg, COND *conds,
table_vector[i]=s->table=table=tables->table;
table->pos_in_table_list= tables;
error= table->file->info(HA_STATUS_VARIABLE | HA_STATUS_NO_LOCK);
DBUG_EXECUTE_IF("bug11747970_raise_error",
{
if (!error)
{
my_error(ER_UNKNOWN_ERROR, MYF(0));
goto error;
}
});
if (error)
{
table->file->print_error(error, MYF(0));
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment