SET STATEMENT ... FOR <statement> crashes server if <statement> needs to commit implicitly and fails
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Percona Server moved to https://jira.percona.com/projects/PS |
Fix Released
|
High
|
Laurynas Biveinis | ||
5.1 |
Invalid
|
Undecided
|
Unassigned | ||
5.5 |
Invalid
|
Undecided
|
Unassigned | ||
5.6 |
Fix Released
|
High
|
Laurynas Biveinis |
Bug Description
SET STATEMENT ... FOR <statement> crashes server if <statement> needs to commit implicitly and fails
For example:
CREATE TABLE t1 (a INT PRIMARY KEY) ENGINE=InnoDB;
SET SESSION lock_wait_
BEGIN;
INSERT INTO t1 VALUES (5);
--connect(
--connection con1
FLUSH TABLES WITH READ LOCK;
--connection default
SET STATEMENT max_join_size=0 FOR DROP TABLE t1;
The cause is thd->variables becoming a dangling pointer:
int
mysql_execute_
{
...
struct system_variables *per_query_
...
if (stmt_causes_
...
if (trans_
goto error;
}
...
if (lex->set_statement && !lex->var_
per_
...
error:
...
if (lex->set_statement && !lex->var_
...
free_
thd->variables= *per_query_
my_
...
}
This bug is a sibling of bug 1387951 and bug 1412423. These three bugs represent three different error paths in mysql_execute_
Related branches
- Laurynas Biveinis (community): Approve
-
Diff: 150 lines (+82/-6)3 files modifiedmysql-test/r/percona_statement_set.result (+29/-2)
mysql-test/t/percona_statement_set.test (+48/-2)
sql/sql_parse.cc (+5/-2)
tags: | added: set-statement |
Percona now uses JIRA for bug reports so this bug report is migrated to: https:/ /jira.percona. com/browse/ PS-869