From f5e7c56e3254271a434253ae1367a7be7c429f94 Mon Sep 17 00:00:00 2001
From: Oleksandr Byelkin <sanja@mariadb.com>
Date: Thu, 4 May 2023 08:11:00 +0200
Subject: MDEV-31181 Server crash in subselect_uniquesubquery_engine::print
 upon EXPLAIN EXTENDED DELETE

Temporary fix to avoid the server crash.
---
 mysql-test/main/explain_innodb.result | 18 ++++++++++++++++++
 mysql-test/main/explain_innodb.test   | 19 +++++++++++++++++++
 sql/item_subselect.cc                 |  6 ++++++
 3 files changed, 43 insertions(+)

diff --git a/mysql-test/main/explain_innodb.result b/mysql-test/main/explain_innodb.result
index fe51e45e35d..255299cedb9 100644
--- a/mysql-test/main/explain_innodb.result
+++ b/mysql-test/main/explain_innodb.result
@@ -18,3 +18,21 @@ id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
 2	DERIVED	t1	index	NULL	id	53	NULL	1	Using index
 SET GLOBAL slow_query_log = @sql_tmp;
 drop table t1;
+#
+# MDEV-31181: Server crash in subselect_uniquesubquery_engine::print
+# upon EXPLAIN EXTENDED DELETE
+#
+CREATE TABLE t1 (a INT);
+INSERT INTO t1 VALUES (1),(2);
+CREATE TABLE t2 (pk INT PRIMARY KEY);
+INSERT INTO t2 VALUES (1),(2);
+EXPLAIN EXTENDED DELETE FROM t1 WHERE a IN (SELECT pk FROM t2);
+id	select_type	table	type	possible_keys	key	key_len	ref	rows	filtered	Extra
+1	PRIMARY	t1	ALL	NULL	NULL	NULL	NULL	2	100.00	Using where
+2	DEPENDENT SUBQUERY	t2	unique_subquery	PRIMARY	PRIMARY	4	func	1	100.00	Using index
+Warnings:
+Note	1003	/* select#1 */ delete  from `test`.`t1` where <in_optimizer>(`test`.`t1`.`a`,<exists>(<primary_index_lookup>(<cache>(`test`.`t1`.`a`))))
+drop table t1, t2;
+#
+# End of 10.4 tests
+#
diff --git a/mysql-test/main/explain_innodb.test b/mysql-test/main/explain_innodb.test
index 2c29a6e26da..3dcad4c2d49 100644
--- a/mysql-test/main/explain_innodb.test
+++ b/mysql-test/main/explain_innodb.test
@@ -18,3 +18,22 @@ SELECT * FROM (SELECT id FROM t1 GROUP BY id) dt WHERE 1=0;
 
 SET GLOBAL slow_query_log = @sql_tmp;
 drop table t1;
+
+
+--echo #
+--echo # MDEV-31181: Server crash in subselect_uniquesubquery_engine::print
+--echo # upon EXPLAIN EXTENDED DELETE
+--echo #
+
+CREATE TABLE t1 (a INT);
+INSERT INTO t1 VALUES (1),(2);
+CREATE TABLE t2 (pk INT PRIMARY KEY);
+INSERT INTO t2 VALUES (1),(2);
+ 
+EXPLAIN EXTENDED DELETE FROM t1 WHERE a IN (SELECT pk FROM t2);
+
+drop table t1, t2;
+
+--echo #
+--echo # End of 10.4 tests
+--echo #
diff --git a/sql/item_subselect.cc b/sql/item_subselect.cc
index f88e1e7e101..a4a36d96ccc 100644
--- a/sql/item_subselect.cc
+++ b/sql/item_subselect.cc
@@ -4538,6 +4538,12 @@ void subselect_uniquesubquery_engine::print(String *str,
 {
   str->append(STRING_WITH_LEN("<primary_index_lookup>("));
   tab->ref.items[0]->print(str, query_type);
+  if (!tab->table)
+  {
+    // table is not opened so unknown
+    str->append(')');
+    return;
+  }
   str->append(STRING_WITH_LEN(" in "));
   if (tab->table->s->table_category == TABLE_CATEGORY_TEMPORARY)
   {
-- 
cgit v1.2.1