From c1ad5072b842c25732c278f0f7b60bccf8a23a94 Mon Sep 17 00:00:00 2001 From: Sergey Glukhov Date: Mon, 5 Apr 2010 16:10:26 +0500 Subject: Bug#52336 Segfault / crash in 5.1 copy_fields (param=0x9872980) at sql_select.cc:15355 The problem is that we can not use make_cond_for_table(). This function relies on used_tables() condition which is not set properly for subqueries. As result subquery is not filtered out. The fix is to use remove_eq_conds() function instead of make_cond_for_table() func. 'remove_eq_conds()' algorithm relies on const_item() value and it allows to handle subqueries in right way. mysql-test/r/having.result: test case mysql-test/t/having.test: test case sql/sql_select.cc: The fix is to use remove_eq_conds() function instead of make_cond_for_table() function. --- mysql-test/r/having.result | 48 ++++++++++++++++++++++++++++++++++++++++++++-- mysql-test/t/having.test | 45 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 91 insertions(+), 2 deletions(-) (limited to 'mysql-test') diff --git a/mysql-test/r/having.result b/mysql-test/r/having.result index 95893510987..54293e9d02e 100644 --- a/mysql-test/r/having.result +++ b/mysql-test/r/having.result @@ -472,7 +472,7 @@ HAVING (table2.f2 = 8 AND table1.f1 >= 6); id select_type table type possible_keys key key_len ref rows filtered Extra 1 SIMPLE NULL NULL NULL NULL NULL NULL NULL NULL Impossible HAVING noticed after reading const tables Warnings: -Note 1003 select `test`.`table1`.`f1` AS `f1`,'7' AS `f2` from `test`.`t1` `table1` join `test`.`t1` `table2` where ((`test`.`table1`.`f3` = '9')) group by `test`.`table1`.`f1`,'7' having (('7' = 8) and (`test`.`table1`.`f1` >= 6)) +Note 1003 select `test`.`table1`.`f1` AS `f1`,'7' AS `f2` from `test`.`t1` `table1` join `test`.`t1` `table2` where ((`test`.`table1`.`f3` = '9')) group by `test`.`table1`.`f1`,'7' having 0 EXPLAIN EXTENDED SELECT table1.f1, table2.f2 FROM t1 AS table1 @@ -483,6 +483,50 @@ HAVING (table2.f2 = 8); id select_type table type possible_keys key key_len ref rows filtered Extra 1 SIMPLE NULL NULL NULL NULL NULL NULL NULL NULL Impossible HAVING noticed after reading const tables Warnings: -Note 1003 select `test`.`table1`.`f1` AS `f1`,'7' AS `f2` from `test`.`t1` `table1` join `test`.`t1` `table2` where ((`test`.`table1`.`f3` = '9')) group by `test`.`table1`.`f1`,'7' having ('7' = 8) +Note 1003 select `test`.`table1`.`f1` AS `f1`,'7' AS `f2` from `test`.`t1` `table1` join `test`.`t1` `table2` where ((`test`.`table1`.`f3` = '9')) group by `test`.`table1`.`f1`,'7' having 0 DROP TABLE t1; +# +# Bug#52336 Segfault / crash in 5.1 copy_fields (param=0x9872980) at sql_select.cc:15355 +# +CREATE TABLE t1(f1 INT, f2 INT); +INSERT INTO t1 VALUES (10,8); +CREATE TABLE t2 (f1 INT); +INSERT INTO t2 VALUES (5); +SELECT COUNT(f1) FROM t2 +HAVING (7, 9) IN (SELECT f1, MIN(f2) FROM t1); +COUNT(f1) +DROP TABLE t1, t2; +CREATE TABLE t1 (f1 INT, f2 VARCHAR(1)); +INSERT INTO t1 VALUES (16,'f'); +INSERT INTO t1 VALUES (16,'f'); +CREATE TABLE t2 (f1 INT, f2 VARCHAR(1)); +INSERT INTO t2 VALUES (13,'f'); +INSERT INTO t2 VALUES (20,'f'); +CREATE TABLE t3 (f1 INT, f2 VARCHAR(1)); +INSERT INTO t3 VALUES (7,'f'); +SELECT t1.f2 FROM t1 +STRAIGHT_JOIN (t2 JOIN t3 ON t3.f2 = t2.f2 ) ON t3 .f2 = t2 .f2 +HAVING ('v', 'i') NOT IN (SELECT f2, MIN(f2) FROM t1) +ORDER BY f2; +f2 +f +f +f +f +DROP TABLES t1,t2,t3; +# +# Bug#52340 Segfault: read_cached_record (tab=0x94a2634) at sql_select.cc:14411 +# +CREATE TABLE t1 (f1 INT, f2 VARCHAR(1)); +INSERT INTO t1 VALUES (16,'d'); +CREATE TABLE t2 (f1 INT, f2 VARCHAR(1)); +INSERT INTO t2 VALUES (13,'e'); +INSERT INTO t2 VALUES (20,'d'); +SELECT MAX(t2.f2) FROM t2 JOIN t1 ON t1.f2 +HAVING ('e' , 'd') IN +(SELECT ts1.f2, ts2.f2 FROM t2 ts1 JOIN t2 ts2 ON ts1.f1) +ORDER BY t1.f2; +MAX(t2.f2) +NULL +DROP TABLE t1,t2; End of 5.0 tests diff --git a/mysql-test/t/having.test b/mysql-test/t/having.test index b68ba69b975..65bf9518a5c 100644 --- a/mysql-test/t/having.test +++ b/mysql-test/t/having.test @@ -498,4 +498,49 @@ HAVING (table2.f2 = 8); DROP TABLE t1; +--echo # +--echo # Bug#52336 Segfault / crash in 5.1 copy_fields (param=0x9872980) at sql_select.cc:15355 +--echo # +CREATE TABLE t1(f1 INT, f2 INT); +INSERT INTO t1 VALUES (10,8); +CREATE TABLE t2 (f1 INT); +INSERT INTO t2 VALUES (5); + +SELECT COUNT(f1) FROM t2 +HAVING (7, 9) IN (SELECT f1, MIN(f2) FROM t1); + +DROP TABLE t1, t2; + +CREATE TABLE t1 (f1 INT, f2 VARCHAR(1)); +INSERT INTO t1 VALUES (16,'f'); +INSERT INTO t1 VALUES (16,'f'); +CREATE TABLE t2 (f1 INT, f2 VARCHAR(1)); +INSERT INTO t2 VALUES (13,'f'); +INSERT INTO t2 VALUES (20,'f'); +CREATE TABLE t3 (f1 INT, f2 VARCHAR(1)); +INSERT INTO t3 VALUES (7,'f'); + +SELECT t1.f2 FROM t1 +STRAIGHT_JOIN (t2 JOIN t3 ON t3.f2 = t2.f2 ) ON t3 .f2 = t2 .f2 +HAVING ('v', 'i') NOT IN (SELECT f2, MIN(f2) FROM t1) +ORDER BY f2; + +DROP TABLES t1,t2,t3; + +--echo # +--echo # Bug#52340 Segfault: read_cached_record (tab=0x94a2634) at sql_select.cc:14411 +--echo # +CREATE TABLE t1 (f1 INT, f2 VARCHAR(1)); +INSERT INTO t1 VALUES (16,'d'); +CREATE TABLE t2 (f1 INT, f2 VARCHAR(1)); +INSERT INTO t2 VALUES (13,'e'); +INSERT INTO t2 VALUES (20,'d'); + +SELECT MAX(t2.f2) FROM t2 JOIN t1 ON t1.f2 +HAVING ('e' , 'd') IN +(SELECT ts1.f2, ts2.f2 FROM t2 ts1 JOIN t2 ts2 ON ts1.f1) +ORDER BY t1.f2; + +DROP TABLE t1,t2; + --echo End of 5.0 tests -- cgit v1.2.1