Bug #52711: Segfault when doing EXPLAIN SELECT with

union...order by (select... where...) The problem is mysql is trying to materialize and cache the scalar sub-queries at JOIN::optimize even for EXPLAIN where the number of columns is totally different from what's expected. Fixed by not executing the scalar subqueries for EXPLAIN.
author: Georgi Kodinov <joro@sun.com> 2010-04-15 17:04:24 +0300
committer: Georgi Kodinov <joro@sun.com> 2010-04-15 17:04:24 +0300
commit: a8ae3cd6e9bf1713ec9508e7639f936c0b97316a (patch)
tree: 3802fe4c126313ee2f05b6b546702a0948f283f6
parent: 5b54e86ec182b77e8937822bc787d1186bd6f779 (diff)
download: mariadb-git-a8ae3cd6e9bf1713ec9508e7639f936c0b97316a.tar.gz
3 files changed, 44 insertions, 1 deletions
diff --git a/mysql-test/r/subselect.result b/mysql-test/r/subselect.result
index d767e741c4d..47a89897daf 100644
--- a/mysql-test/r/subselect.result
+++ b/mysql-test/r/subselect.result
@@ -4717,3 +4717,20 @@ t1_id	total_amount
 DROP TABLE t3;
 DROP TABLE t2;
 DROP TABLE t1;
+#
+# Bug #52711: Segfault when doing EXPLAIN SELECT with 
+#  union...order by (select... where...)
+#
+CREATE TABLE t1 (a VARCHAR(10), FULLTEXT KEY a (a));
+INSERT INTO t1 VALUES (1),(2);
+CREATE TABLE t2 (b INT);
+INSERT INTO t2 VALUES (1),(2);
+# Should not crash
+EXPLAIN
+SELECT * FROM t2 UNION SELECT * FROM t2
+ORDER BY (SELECT * FROM t1 WHERE MATCH(a) AGAINST ('+abc' IN BOOLEAN MODE));
+# Should not crash
+SELECT * FROM t2 UNION SELECT * FROM t2
+ORDER BY (SELECT * FROM t1 WHERE MATCH(a) AGAINST ('+abc' IN BOOLEAN MODE));
+DROP TABLE t1,t2;
+End of 5.1 tests
diff --git a/mysql-test/t/subselect.test b/mysql-test/t/subselect.test
index c58faf60010..1f471b46c4e 100644
--- a/mysql-test/t/subselect.test
+++ b/mysql-test/t/subselect.test
@@ -3701,3 +3701,28 @@ GROUP BY
 DROP TABLE t3;
 DROP TABLE t2;
 DROP TABLE t1;
+
+
+--echo #
+--echo # Bug #52711: Segfault when doing EXPLAIN SELECT with 
+--echo #  union...order by (select... where...)
+--echo #
+
+CREATE TABLE t1 (a VARCHAR(10), FULLTEXT KEY a (a));
+INSERT INTO t1 VALUES (1),(2);
+CREATE TABLE t2 (b INT);
+INSERT INTO t2 VALUES (1),(2);
+
+--echo # Should not crash
+--disable_result_log
+EXPLAIN
+SELECT * FROM t2 UNION SELECT * FROM t2
+  ORDER BY (SELECT * FROM t1 WHERE MATCH(a) AGAINST ('+abc' IN BOOLEAN MODE));
+
+--echo # Should not crash
+SELECT * FROM t2 UNION SELECT * FROM t2
+  ORDER BY (SELECT * FROM t1 WHERE MATCH(a) AGAINST ('+abc' IN BOOLEAN MODE));
+DROP TABLE t1,t2;
+--enable_result_log
+
+--echo End of 5.1 tests
diff --git a/sql/sql_select.cc b/sql/sql_select.cc
index a426f4b68a1..6886db87ddf 100644
--- a/sql/sql_select.cc
+++ b/sql/sql_select.cc
@@ -7210,7 +7210,8 @@ remove_const(JOIN *join,ORDER *first_order, COND *cond,
       *simple_order=0;				// Must do a temp table to sort
     else if (!(order_tables & not_const_tables))
     {
-      if (order->item[0]->with_subselect)
+      if (order->item[0]->with_subselect && 
+          !(join->select_lex->options & SELECT_DESCRIBE))
         order->item[0]->val_str(&order->item[0]->str_value);
       DBUG_PRINT("info",("removing: %s", order->item[0]->full_name()));
       continue;					// skip const item
author	Georgi Kodinov <joro@sun.com>	2010-04-15 17:04:24 +0300
committer	Georgi Kodinov <joro@sun.com>	2010-04-15 17:04:24 +0300
commit	a8ae3cd6e9bf1713ec9508e7639f936c0b97316a (patch)
tree	3802fe4c126313ee2f05b6b546702a0948f283f6
parent	5b54e86ec182b77e8937822bc787d1186bd6f779 (diff)
download	mariadb-git-a8ae3cd6e9bf1713ec9508e7639f936c0b97316a.tar.gz