MDEV-35747: Wrong result from prepared TVC with parameter markers#5072
Open
DaveGosselin-MariaDB wants to merge 1 commit into
Open
MDEV-35747: Wrong result from prepared TVC with parameter markers#5072DaveGosselin-MariaDB wants to merge 1 commit into
DaveGosselin-MariaDB wants to merge 1 commit into
Conversation
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request fixes MDEV-35747, which caused prepared statements with Table Value Constructors (TVC) in CTEs to return incorrect results. The implementation reuses Type_holder buffers across executions and refreshes type metadata on each call. Review feedback identifies a critical bug where type_holders is assigned before full initialization, potentially leading to crashes on OOM. Additionally, the review suggests checking for other 'sticky' attributes that might cause metadata corruption and points out a redundant call to set_maybe_null.
The setup of column type information in table_value_constr::prepare() was wrapped in an "if (!holders)" guard so that it runs only once per prepared statement. However, the guard was too wide because it bound the allocation of item holders (which should happen only once) to the collection of type information (which should happen on each execution). This leaves the TVC stuck with whatever placeholder type the parameter had at PREPARE time which may not match the type of the next substitution. A type holder has no actual type at PREPARE time. Its type only becomes known when a value is bound at EXECUTE time. So both the TVC types and the corresponding Item_type_holder instance in the SELECT item list must be computed again on every EXECUTE. This patch separates the work done once per prepared statement from the work done on every execution as implied above.
DaveGosselin-MariaDB
force-pushed
the
10.11-MDEV-35747-with-as-ps
branch
from
f9fe725 to
c44ddd9
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The setup of column type information in table_value_constr::prepare() was wrapped in an "if (!holders)" guard so that it runs only once per prepared statement. However, the guard was too wide because it bound the allocation of item holders (which should happen only once) to the collection of type information (which should happen on each execution).
This leaves the TVC stuck with whatever placeholder type the parameter had at PREPARE time which likely won't match the type of the next substitution (because a type holder has no actual type at PREPARE time). Its type only becomes known when a value is bound at EXECUTE time. So both the TVC types and the corresponding Item_type_holder instance in the SELECT item list must be computed again on every EXECUTE.
This patch does just that, and separates the work done once per prepared statement from the work done on every execution as implied above.