From 2a6ac469fc7cd940d7864babafb72798b7643bf3 Mon Sep 17 00:00:00 2001
From: Ramil Kalimullin <ramil@mysql.com>
Date: Fri, 4 Sep 2009 13:14:54 +0500
Subject: Fix for bug#46629: Item_in_subselect::val_int(): Assertion `0' on
 subquery inside a SP

Problem: repeated call of a SP containing an incorrect query with a
subselect may lead to failed ASSERT().

Fix: set proper sublelect's state in case of error occured during
subquery transformation.


mysql-test/r/sp.result:
  Fix for bug#46629: Item_in_subselect::val_int(): Assertion `0'
  on subquery inside a SP
    - test result.
mysql-test/t/sp.test:
  Fix for bug#46629: Item_in_subselect::val_int(): Assertion `0'
  on subquery inside a SP
    - test case.
sql/item_subselect.cc:
  Fix for bug#46629: Item_in_subselect::val_int(): Assertion `0'
  on subquery inside a SP
    - don't set Item_subselect::changed in the Item_subselect::fix_fields()
  if an error occured during subquery transformation.
  That prevents us of further processing incorrect subqueries after
  Item_in_subselect::select_in_like_transformer().
---
 mysql-test/r/sp.result | 16 ++++++++++++++++
 mysql-test/t/sp.test   | 22 ++++++++++++++++++++++
 sql/item_subselect.cc  | 10 ++++------
 3 files changed, 42 insertions(+), 6 deletions(-)

diff --git a/mysql-test/r/sp.result b/mysql-test/r/sp.result
index 3ad556b8c30..67514c314f4 100644
--- a/mysql-test/r/sp.result
+++ b/mysql-test/r/sp.result
@@ -6963,6 +6963,22 @@ CALL p1();
 CALL p1();
 DROP PROCEDURE p1;
 DROP TABLE t1;
+#
+# Bug #46629: Item_in_subselect::val_int(): Assertion `0' 
+# on subquery inside a SP
+#
+CREATE TABLE t1(a INT);
+CREATE TABLE t2(a INT, b INT PRIMARY KEY);
+CREATE PROCEDURE p1 () 
+BEGIN 
+SELECT a FROM t1 A WHERE A.b IN (SELECT b FROM t2 AS B);
+END|
+CALL p1;
+ERROR 42S22: Unknown column 'A.b' in 'IN/ALL/ANY subquery'
+CALL p1;
+ERROR 42S22: Unknown column 'A.b' in 'IN/ALL/ANY subquery'
+DROP PROCEDURE p1;
+DROP TABLE t1, t2;
 # ------------------------------------------------------------------
 # -- End of 5.1 tests
 # ------------------------------------------------------------------
diff --git a/mysql-test/t/sp.test b/mysql-test/t/sp.test
index 5eeac457958..44c4556340e 100644
--- a/mysql-test/t/sp.test
+++ b/mysql-test/t/sp.test
@@ -8242,6 +8242,28 @@ while ($tab_count)
 DROP PROCEDURE p1;
 DROP TABLE t1;
 
+
+--echo #
+--echo # Bug #46629: Item_in_subselect::val_int(): Assertion `0' 
+--echo # on subquery inside a SP
+--echo #
+CREATE TABLE t1(a INT);
+CREATE TABLE t2(a INT, b INT PRIMARY KEY);
+
+DELIMITER |;
+CREATE PROCEDURE p1 () 
+BEGIN 
+  SELECT a FROM t1 A WHERE A.b IN (SELECT b FROM t2 AS B);
+END|
+DELIMITER ;|
+--error ER_BAD_FIELD_ERROR
+CALL p1;
+--error ER_BAD_FIELD_ERROR
+CALL p1;
+DROP PROCEDURE p1;
+DROP TABLE t1, t2;
+
+
 --echo # ------------------------------------------------------------------
 --echo # -- End of 5.1 tests
 --echo # ------------------------------------------------------------------
diff --git a/sql/item_subselect.cc b/sql/item_subselect.cc
index cdb091fa07e..da651cec70c 100644
--- a/sql/item_subselect.cc
+++ b/sql/item_subselect.cc
@@ -155,13 +155,11 @@ bool Item_subselect::fix_fields(THD *thd_param, Item **ref)
   if (check_stack_overrun(thd, STACK_MIN_SIZE, (uchar*)&res))
     return TRUE;
 
-  res= engine->prepare();
-
-  // all transformation is done (used by prepared statements)
-  changed= 1;
-
-  if (!res)
+  if (!(res= engine->prepare()))
   {
+    // all transformation is done (used by prepared statements)
+    changed= 1;
+
     if (substitution)
     {
       int ret= 0;
-- 
cgit v1.2.1