MDEV-16235 Server crashes in my_utf8_uni or in my_strtod_int upon

SELECT .. LIMIT 0 (new variant) This is another attempt to fix the problem of mdev-14515.
author: Igor Babaev <igor@askmonty.org> 2018-06-11 08:52:26 -0700
committer: Igor Babaev <igor@askmonty.org> 2018-06-11 08:52:49 -0700
commit: 147744d455d57c753ca75fccca106d3326d251ab (patch)
tree: 25e6a3cf7b9c33c60f8a9a41749b652686281df8
parent: ca733d03c82b02cd842ff2a226fee7b12eb86f8d (diff)
download: mariadb-git-147744d455d57c753ca75fccca106d3326d251ab.tar.gz
5 files changed, 24 insertions, 4 deletions
diff --git a/mysql-test/r/having.result b/mysql-test/r/having.result
index 18915da1a09..9e0466efb9f 100644
--- a/mysql-test/r/having.result
+++ b/mysql-test/r/having.result
@@ -712,3 +712,14 @@ a	ct
 4	2
 set sql_mode=@save_sql_mode;
 drop table t1;
+#
+# mdev-16235: impossible HAVING in query without aggregation
+#
+explain extended
+select * from mysql.help_topic where example = 'foo' having description is null;
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	SIMPLE	NULL	NULL	NULL	NULL	NULL	NULL	NULL	NULL	Impossible HAVING
+Warnings:
+Note	1003	select `mysql`.`help_topic`.`help_topic_id` AS `help_topic_id`,`mysql`.`help_topic`.`name` AS `name`,`mysql`.`help_topic`.`help_category_id` AS `help_category_id`,`mysql`.`help_topic`.`description` AS `description`,`mysql`.`help_topic`.`example` AS `example`,`mysql`.`help_topic`.`url` AS `url` from `mysql`.`help_topic` where (`mysql`.`help_topic`.`example` = 'foo') having 0
+select * from mysql.help_topic where example = 'foo' having description is null;
+help_topic_id	name	help_category_id	description	example	url
diff --git a/mysql-test/r/subselect4.result b/mysql-test/r/subselect4.result
index 8973330c7da..f726bcfa15e 100644
--- a/mysql-test/r/subselect4.result
+++ b/mysql-test/r/subselect4.result
@@ -1056,7 +1056,7 @@ EXPLAIN
 SELECT * FROM t1 WHERE (2, 0) NOT IN (SELECT min(f3)+f3, min(f4)+f3+max(f4) FROM t2 WHERE f3 > 10);
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	PRIMARY	NULL	NULL	NULL	NULL	NULL	NULL	NULL	Impossible WHERE
-2	SUBQUERY	NULL	NULL	NULL	NULL	NULL	NULL	NULL	Impossible WHERE noticed after reading const tables
+2	SUBQUERY	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No matching min/max row
 SELECT * FROM t1 WHERE (2, 0) NOT IN (SELECT min(f3)+f3, min(f4)+f3+max(f4) FROM t2 WHERE f3 > 10);
 f1	f2
 SET @@optimizer_switch = 'materialization=off,in_to_exists=on,semijoin=off';
@@ -1147,7 +1147,7 @@ EXPLAIN
 SELECT * FROM t1 WHERE (2, 0) NOT IN (SELECT min(f3)+f3, min(f4)+f3+max(f4) FROM t2 WHERE f3 > 10);
 id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 1	PRIMARY	NULL	NULL	NULL	NULL	NULL	NULL	NULL	Impossible WHERE
-2	SUBQUERY	NULL	NULL	NULL	NULL	NULL	NULL	NULL	Impossible WHERE noticed after reading const tables
+2	SUBQUERY	NULL	NULL	NULL	NULL	NULL	NULL	NULL	No matching min/max row
 SELECT * FROM t1 WHERE (2, 0) NOT IN (SELECT min(f3)+f3, min(f4)+f3+max(f4) FROM t2 WHERE f3 > 10);
 f1	f2
 set @@optimizer_switch=@save_optimizer_switch;
diff --git a/mysql-test/t/having.test b/mysql-test/t/having.test
index a470f462d6a..c8bd47940cc 100644
--- a/mysql-test/t/having.test
+++ b/mysql-test/t/having.test
@@ -744,3 +744,12 @@ SELECT a, COUNT(a) as ct FROM t1 GROUP BY a HAVING ct>0;
 set sql_mode=@save_sql_mode;
 
 drop table t1;
+
+--echo #
+--echo # mdev-16235: impossible HAVING in query without aggregation
+--echo #
+
+explain extended
+select * from mysql.help_topic where example = 'foo' having description is null;
+
+select * from mysql.help_topic where example = 'foo' having description is null;
diff --git a/sql/opt_subselect.cc b/sql/opt_subselect.cc
index a7edd64e68b..ec7b10f20c8 100644
--- a/sql/opt_subselect.cc
+++ b/sql/opt_subselect.cc
@@ -5880,6 +5880,7 @@ bool JOIN::choose_tableless_subquery_plan()
           functions produce empty subquery result. There is no need to further
           rewrite the subquery because it will not be executed at all.
         */
+        exec_const_cond= 0;
         return FALSE;
       }
 
@@ -5911,6 +5912,6 @@ bool JOIN::choose_tableless_subquery_plan()
       tmp_having= having;
     }
   }
-  exec_const_cond= conds;
+  exec_const_cond= zero_result_cause ? 0 : conds;
   return FALSE;
 }
diff --git a/sql/sql_select.cc b/sql/sql_select.cc
index 016dd594e08..b79431ae2f6 100644
--- a/sql/sql_select.cc
+++ b/sql/sql_select.cc
@@ -1147,7 +1147,6 @@ JOIN::optimize()
       {
         DBUG_PRINT("info", ("Zero limit"));
         zero_result_cause= "Zero limit";
-        conds= 0;
       }
       table_count= top_join_tab_count= 0;
       error= 0;
author	Igor Babaev <igor@askmonty.org>	2018-06-11 08:52:26 -0700
committer	Igor Babaev <igor@askmonty.org>	2018-06-11 08:52:49 -0700
commit	147744d455d57c753ca75fccca106d3326d251ab (patch)
tree	25e6a3cf7b9c33c60f8a9a41749b652686281df8
parent	ca733d03c82b02cd842ff2a226fee7b12eb86f8d (diff)
download	mariadb-git-147744d455d57c753ca75fccca106d3326d251ab.tar.gz