summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOleksandr Byelkin <sanja@mariadb.com>2019-04-02 15:04:45 +0200
committerOleksandr Byelkin <sanja@mariadb.com>2019-04-02 15:04:45 +0200
commit11fa88ef67bea74bd13ad688938a03d5b266db64 (patch)
tree7be3a6574ff43cfa6fe4d6e0ce2ded45a6fa2985
parenta90622644c11568c2bf982492d2f47bc164ddfef (diff)
downloadmariadb-git-bb-10.4-MDEV-17362.tar.gz
MDEV-17362: SIGSEGV in JOIN::optimize_inner or Assertion `fixed == 0' failed in Item_equal::fix_fields, server crashes after 2nd execution of PSbb-10.4-MDEV-17362
Move reinitialisation of pushdown variables for every query, because it used now not only for derived tables.
Diffstat
-rw-r--r--mysql-test/main/subselect_innodb.result20
-rw-r--r--mysql-test/main/subselect_innodb.test24
-rw-r--r--sql/sql_derived.cc5
-rw-r--r--sql/sql_prepare.cc4
-rw-r--r--sql/sql_select.cc6
5 files changed, 52 insertions, 7 deletions
diff --git a/mysql-test/main/subselect_innodb.result b/mysql-test/main/subselect_innodb.result
index 0eb40c9be00..518158e3a04 100644
--- a/mysql-test/main/subselect_innodb.result
+++ b/mysql-test/main/subselect_innodb.result
@@ -616,3 +616,23 @@ id select_type table type possible_keys key key_len ref rows filtered Extra
Warnings:
Note 1003 select `test`.`t1`.`f1` AS `f1`,`test`.`t2`.`f2` AS `f2`,`test`.`t3`.`f3` AS `f3` from `test`.`t1` join `test`.`t2` semi join (`test`.`t4`) join `test`.`t3` where `test`.`t4`.`f4` = 1 and `test`.`t1`.`f1` >= `test`.`t2`.`f2`
DROP TABLE t1,t2,t3,t4;
+#
+# MDEV-17362: SIGSEGV in JOIN::optimize_inner or Assertion `fixed == 0'
+# failed in Item_equal::fix_fields, server crashes after 2nd execution
+# of PS
+#
+CREATE TABLE t1 (pk int primary key, i1 int, i2 int, v1 varchar(1), v2 varchar(1), KEY i1 (i1), KEY v2 (v2,i1)) ENGINE=InnoDB ;
+INSERT INTO t1 VALUES (12,1,1,'r','r');
+CREATE TABLE t2 (pk int, i1 int, i2 int, v1 varchar(1), v2 varchar(1)) ENGINE=InnoDB ;
+CREATE TABLE t3 (pk int, i1 int, i2 int, v1 varchar(1), v2 varchar(1)) ENGINE=InnoDB ;
+INSERT INTO t3 VALUES (19,1,9,NULL,NULL),(20,5,6,'r','r');
+prepare stmt from "
+SELECT 1 FROM t1
+WHERE t1.pk = t1.i1
+ AND ((t1.pk,t1.i1) IN (SELECT t3.pk, COUNT(t3.pk) FROM t3
+ WHERE EXISTS (SELECT 1 FROM (t1 JOIN t3 ON (t3.i2 = t1.i1)) WHERE t3.v1 = t1.v1)));";
+execute stmt;
+1
+execute stmt;
+1
+drop table t1,t2,t3;
diff --git a/mysql-test/main/subselect_innodb.test b/mysql-test/main/subselect_innodb.test
index 544bcd994ed..214d692e793 100644
--- a/mysql-test/main/subselect_innodb.test
+++ b/mysql-test/main/subselect_innodb.test
@@ -611,3 +611,27 @@ FROM t1
DROP TABLE t1,t2,t3,t4;
+--echo #
+--echo # MDEV-17362: SIGSEGV in JOIN::optimize_inner or Assertion `fixed == 0'
+--echo # failed in Item_equal::fix_fields, server crashes after 2nd execution
+--echo # of PS
+--echo #
+
+CREATE TABLE t1 (pk int primary key, i1 int, i2 int, v1 varchar(1), v2 varchar(1), KEY i1 (i1), KEY v2 (v2,i1)) ENGINE=InnoDB ;
+INSERT INTO t1 VALUES (12,1,1,'r','r');
+
+CREATE TABLE t2 (pk int, i1 int, i2 int, v1 varchar(1), v2 varchar(1)) ENGINE=InnoDB ;
+
+CREATE TABLE t3 (pk int, i1 int, i2 int, v1 varchar(1), v2 varchar(1)) ENGINE=InnoDB ;
+INSERT INTO t3 VALUES (19,1,9,NULL,NULL),(20,5,6,'r','r');
+
+prepare stmt from "
+SELECT 1 FROM t1
+WHERE t1.pk = t1.i1
+ AND ((t1.pk,t1.i1) IN (SELECT t3.pk, COUNT(t3.pk) FROM t3
+ WHERE EXISTS (SELECT 1 FROM (t1 JOIN t3 ON (t3.i2 = t1.i1)) WHERE t3.v1 = t1.v1)));";
+
+execute stmt;
+execute stmt;
+
+drop table t1,t2,t3;
diff --git a/sql/sql_derived.cc b/sql/sql_derived.cc
index 1ad97e4244d..f694707578c 100644
--- a/sql/sql_derived.cc
+++ b/sql/sql_derived.cc
@@ -1294,11 +1294,6 @@ bool mysql_derived_reinit(THD *thd, LEX *lex, TABLE_LIST *derived)
unit->types.empty();
/* for derived tables & PS (which can't be reset by Item_subselect) */
unit->reinit_exec_mechanism();
- for (st_select_lex *sl= unit->first_select(); sl; sl= sl->next_select())
- {
- sl->cond_pushed_into_where= NULL;
- sl->cond_pushed_into_having= NULL;
- }
unit->set_thd(thd);
DBUG_RETURN(FALSE);
}
diff --git a/sql/sql_prepare.cc b/sql/sql_prepare.cc
index 8a722ad3952..c15f3a8c143 100644
--- a/sql/sql_prepare.cc
+++ b/sql/sql_prepare.cc
@@ -3026,6 +3026,10 @@ void reinit_stmt_before_use(THD *thd, LEX *lex)
for (order= win_spec->order_list->first; order; order= order->next)
order->item= &order->item_ptr;
}
+
+ // Reinit Pushdown
+ sl->cond_pushed_into_where= NULL;
+ sl->cond_pushed_into_having= NULL;
}
if (sl->changed_elements & TOUCHED_SEL_DERIVED)
{
diff --git a/sql/sql_select.cc b/sql/sql_select.cc
index e8b092b1b23..197ead809eb 100644
--- a/sql/sql_select.cc
+++ b/sql/sql_select.cc
@@ -13445,8 +13445,10 @@ void JOIN::join_free()
void JOIN::cleanup(bool full)
{
DBUG_ENTER("JOIN::cleanup");
- DBUG_PRINT("enter", ("full %u", (uint) full));
-
+ DBUG_PRINT("enter", ("select: %d (%p) join: %p full: %u",
+ select_lex->select_number, select_lex, this,
+ (uint) full));
+
if (full)
have_query_plan= QEP_DELETED;
View Lorry Controller Status