From 0e1709bde6df12b392426582764702e736bcbb03 Mon Sep 17 00:00:00 2001
From: Georgi Kodinov <kgeorge@mysql.com>
Date: Fri, 4 Jul 2008 17:02:17 +0300
Subject: Bug#37627: Killing query with sum(exists()) or avg(exists())
 reproducibly crashes server

When there is an error executing EXISTS predicates they return NULL as their string
or decimal value but don't set the NULL value flag.
Fixed by returning 0 (as a decimal or a string) on error exectuting the subquery.
Note that we can't return NULL as EXISTS is not supposed to return NULL.

mysql-test/r/subselect.result:
  Bug#37627: test case
mysql-test/t/subselect.test:
  Bug#37627: test case
sql/item_subselect.cc:
  Bug#37627: return decimal (or string) 0 isntead of a NULL pointer on
  error calculating an EXISTS predicate.
---
 mysql-test/t/subselect.test | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'mysql-test/t/subselect.test')

diff --git a/mysql-test/t/subselect.test b/mysql-test/t/subselect.test
index 85b21c83612..08e0f6592ab 100644
--- a/mysql-test/t/subselect.test
+++ b/mysql-test/t/subselect.test
@@ -3298,3 +3298,19 @@ INSERT INTO t1 VALUES (1), (3);
 SELECT * FROM t2 WHERE b NOT IN (SELECT max(t.c) FROM t1, t1 t WHERE t.c>10);
 
 DROP TABLE t1,t2;
+
+#
+# Bug #37627: Killing query with sum(exists()) or avg(exists()) reproducibly
+# crashes server
+#
+
+CREATE TABLE t1(id INT);
+INSERT INTO t1 VALUES (1),(2),(3),(4);
+INSERT INTO t1 SELECT a.id FROM t1 a,t1 b,t1 c,t1 d;
+INSERT INTO t1 SELECT a.id FROM t1 a,t1 b,t1 c;
+# Setup the mysqld to crash at certain point
+SET SESSION debug="d,subselect_exec_fail";
+SELECT SUM(EXISTS(SELECT RAND() FROM t1)) FROM t1;
+SELECT REVERSE(EXISTS(SELECT RAND() FROM t1));
+SET SESSION debug=DEFAULT;
+DROP TABLE t1;
-- 
cgit v1.2.1