diff options
| author | Chaithra Gopalareddy <chaithra.gopalareddy@oracle.com> | 2012-02-24 11:53:36 +0530 |
|---|---|---|
| committer | Chaithra Gopalareddy <chaithra.gopalareddy@oracle.com> | 2012-02-24 11:53:36 +0530 |
| commit | 6a0d03fce76616dd10e8d6bd83c19af26f8c5874 (patch) | |
| tree | 25f99dbc3f7dafb2ae5ba25a62472d258073829f /mysql-test/t/func_in.test | |
| parent | c2d0fea84e25aca620e7e6922de234e38a24703a (diff) | |
| download | mariadb-git-6a0d03fce76616dd10e8d6bd83c19af26f8c5874.tar.gz | |
Bug#13012483:EXPLAIN EXTENDED, PREPARED STATEMENT, CRASH IN
CHECK_SIMPLE_EQUALITY
PROBLEM:
Crash in "check_simple_equality" when using a subquery with "IN" and
"ALL" in prepare.
ANALYSIS:
Crash can be reproduced using a simplified query like this one:
prepare s from "select 1 from g1 where 1 < all (
select @:=(1 in (select 1 from g1)) from g1)";
This bug is currently present only on 5.5.and 5.1. Its fixed as part
of work log(#1110) in 5.6. We are taking one change to fix this
in 5.5 and 5.1.
Problem seems to be present because we are trying to evaluate "is_null"
on an argument which is part of a subquery
(In Item_is_not_null_test::update_used_tables()).
But the condition to evaluate is only when we do not have a sub query
present, which means to say that "with_subselect" is not set.
With respect to the above query, we create an object of type
"Item_in_optimizer" which by definition is always associated with a
subquery. While in 5.6 we set "with_subselect" to true for
"Item_in_optimizer" object, we do not do the same in 5.5. This results in
the evaluation for "is_null" resulting in a coredump.
So, we are now setting "with_subselect" to true for "Item_in_optimizer"
in 5.1 and 5.5.
mysql-test/r/func_in.result:
Result file changes for the test case added
mysql-test/t/func_in.test:
Test case added for Bug#13012483
sql/item_cmpfunc.h:
Changed Item_in_optimizer::Item_in_optimizer( ) to set "with_subselect"
to true
Diffstat (limited to 'mysql-test/t/func_in.test')
| -rw-r--r-- | mysql-test/t/func_in.test | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/mysql-test/t/func_in.test b/mysql-test/t/func_in.test index 08469b37967..dd4194e2a4e 100644 --- a/mysql-test/t/func_in.test +++ b/mysql-test/t/func_in.test @@ -562,4 +562,17 @@ SELECT 1 IN (YEAR(FROM_UNIXTIME(NULL)) ,1); --echo # +--echo # +--echo # Bug#13012483: EXPLAIN EXTENDED, PREPARED STATEMENT, CRASH IN CHECK_SIMPLE_EQUALITY +--echo # + +CREATE TABLE t1 (a INT); +PREPARE s FROM "SELECT 1 FROM t1 WHERE 1 < ALL (SELECT @:= (1 IN (SELECT 1 FROM t1)) FROM t1)"; +EXECUTE s; + +DROP TABLE t1; + +--echo # End of test BUG#13012483 + +--echo # --echo End of 5.1 tests |