MDEV-6985: MariaDB crashes on stored procedure call

unknown · unknown · commit ff5349bd6c4e · 2014-12-17T14:35:13.000+01:00
Item_ident fixed to allow double cleanup().
diff --git a/mysql-test/r/sp-innodb.result b/mysql-test/r/sp-innodb.result
@@ -0,0 +1,32 @@
+drop table if exists t1,t2;
+drop procedure if exists p1;
+#
+#MDEV-6985: MariaDB crashes on stored procedure call
+#
+CREATE TABLE `t1` (
+`ID` int(11) NOT NULL,
+PRIMARY KEY (`ID`)
+) ENGINE=InnoDB;
+CREATE TABLE `t2` (
+`ID` int(11) NOT NULL,
+`DATE` datetime DEFAULT NULL,
+PRIMARY KEY (`ID`)
+) ENGINE=InnoDB;
+CREATE PROCEDURE `p1`()
+BEGIN
+DECLARE _mySelect CURSOR FOR 
+SELECT DISTINCT t1.ID
+FROM t1  
+LEFT JOIN t2 AS t2 ON 
+t2.ID = t1.ID
+AND t2.DATE = (
+SELECT MAX(T3.DATE) FROM t2 AS T3 WHERE T3.ID = t2.ID AND T3.DATE<=NOW()
+)
+WHERE t1.ID = 1;
+OPEN _mySelect;
+CLOSE _mySelect;
+END ;;
+CALL p1();
+CALL p1();
+drop procedure p1;
+drop table t1,t2;
diff --git a/mysql-test/t/sp-innodb.test b/mysql-test/t/sp-innodb.test
@@ -0,0 +1,45 @@
+
+--source include/have_innodb.inc
+
+--disable_warnings
+drop table if exists t1,t2;
+drop procedure if exists p1;
+--enable_warnings
+
+--echo #
+--echo #MDEV-6985: MariaDB crashes on stored procedure call
+--echo #
+CREATE TABLE `t1` (
+  `ID` int(11) NOT NULL,
+  PRIMARY KEY (`ID`)
+) ENGINE=InnoDB;
+
+CREATE TABLE `t2` (
+  `ID` int(11) NOT NULL,
+  `DATE` datetime DEFAULT NULL,
+  PRIMARY KEY (`ID`)
+) ENGINE=InnoDB;
+
+--delimiter ;;
+
+CREATE PROCEDURE `p1`()
+BEGIN
+  DECLARE _mySelect CURSOR FOR 
+	SELECT DISTINCT t1.ID
+	FROM t1  
+		LEFT JOIN t2 AS t2 ON 
+			t2.ID = t1.ID
+			AND t2.DATE = (
+				SELECT MAX(T3.DATE) FROM t2 AS T3 WHERE T3.ID = t2.ID AND T3.DATE<=NOW()
+			)
+	WHERE t1.ID = 1;
+  OPEN _mySelect;
+  CLOSE _mySelect;
+END ;;
+--delimiter ;
+
+CALL p1();
+CALL p1();
+
+drop procedure p1;
+drop table t1,t2;
diff --git a/sql/item.cc b/sql/item.cc
@@ -862,12 +862,20 @@ void Item_ident::cleanup()
 		       field_name ? field_name : "(null)",
                        orig_field_name ? orig_field_name : "(null)"));
 #endif
+  bool was_fixed= fixed;
   Item::cleanup();
   db_name= orig_db_name; 
   table_name= orig_table_name;
   field_name= orig_field_name;
   /* Store if this Item was depended */
-  can_be_depended= test(depended_from);
+  if (was_fixed)
+  {
+    /*
+      We can trust that depended_from set correctly only if this item
+      was fixed
+    */
+    can_be_depended= test(depended_from);
+  }
   DBUG_VOID_RETURN;
 }
 
