From: Chaithra Gopalareddy Date: February 24 2012 6:35am Subject: bzr push into mysql-5.1 branch (chaithra.gopalareddy:3694 to 3695) Bug#13012483 List-Archive: http://lists.mysql.com/commits/143063 X-Bug: 13012483 Message-Id: <201202240635.q1O6Zh35017770@acsmt357.oracle.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit 3695 Chaithra Gopalareddy 2012-02-24 Bug#13012483:EXPLAIN EXTENDED, PREPARED STATEMENT, CRASH IN CHECK_SIMPLE_EQUALITY PROBLEM: Crash in "check_simple_equality" when using a subquery with "IN" and "ALL" in prepare. ANALYSIS: Crash can be reproduced using a simplified query like this one: prepare s from "select 1 from g1 where 1 < all ( select @:=(1 in (select 1 from g1)) from g1)"; This bug is currently present only on 5.5.and 5.1. Its fixed as part of work log(#1110) in 5.6. We are taking one change to fix this in 5.5 and 5.1. Problem seems to be present because we are trying to evaluate "is_null" on an argument which is part of a subquery (In Item_is_not_null_test::update_used_tables()). But the condition to evaluate is only when we do not have a sub query present, which means to say that "with_subselect" is not set. With respect to the above query, we create an object of type "Item_in_optimizer" which by definition is always associated with a subquery. While in 5.6 we set "with_subselect" to true for "Item_in_optimizer" object, we do not do the same in 5.5. This results in the evaluation for "is_null" resulting in a coredump. So, we are now setting "with_subselect" to true for "Item_in_optimizer" in 5.1 and 5.5. @ mysql-test/r/func_in.result Result file changes for the test case added @ mysql-test/t/func_in.test Test case added for Bug#13012483 @ sql/item_cmpfunc.h Changed Item_in_optimizer::Item_in_optimizer( ) to set "with_subselect" to true modified: mysql-test/r/func_in.result mysql-test/t/func_in.test sql/item_cmpfunc.h 3694 Vasil Dimov 2012-02-21 Fix Bug#13639142 64128: INNODB ERROR IN SERVER LOG OF INNODB_BUG34300 Suppress innodb_bug34300 from failing if InnoDB prints: 120221 11:05:03 InnoDB: ERROR: the age of the last checkpoint is 9439048, InnoDB: which exceeds the log group capacity 9433498. by default the log capacity is 2 log files, 5 MB each. modified: mysql-test/suite/innodb/t/innodb_bug34300.test mysql-test/suite/innodb_plugin/t/innodb_bug34300.test === modified file 'mysql-test/r/func_in.result' --- a/mysql-test/r/func_in.result 2011-04-12 09:51:36 +0000 +++ b/mysql-test/r/func_in.result 2012-02-24 06:23:36 +0000 @@ -776,4 +776,14 @@ SELECT 1 IN (YEAR(FROM_UNIXTIME(NULL)) , 1 IN (YEAR(FROM_UNIXTIME(NULL)) ,1) 1 # +# +# Bug#13012483: EXPLAIN EXTENDED, PREPARED STATEMENT, CRASH IN CHECK_SIMPLE_EQUALITY +# +CREATE TABLE t1 (a INT); +PREPARE s FROM "SELECT 1 FROM t1 WHERE 1 < ALL (SELECT @:= (1 IN (SELECT 1 FROM t1)) FROM t1)"; +EXECUTE s; +1 +DROP TABLE t1; +# End of test BUG#13012483 +# End of 5.1 tests === modified file 'mysql-test/t/func_in.test' --- a/mysql-test/t/func_in.test 2011-04-12 09:51:36 +0000 +++ b/mysql-test/t/func_in.test 2012-02-24 06:23:36 +0000 @@ -562,4 +562,17 @@ SELECT 1 IN (YEAR(FROM_UNIXTIME(NULL)) , --echo # +--echo # +--echo # Bug#13012483: EXPLAIN EXTENDED, PREPARED STATEMENT, CRASH IN CHECK_SIMPLE_EQUALITY +--echo # + +CREATE TABLE t1 (a INT); +PREPARE s FROM "SELECT 1 FROM t1 WHERE 1 < ALL (SELECT @:= (1 IN (SELECT 1 FROM t1)) FROM t1)"; +EXECUTE s; + +DROP TABLE t1; + +--echo # End of test BUG#13012483 + +--echo # --echo End of 5.1 tests === modified file 'sql/item_cmpfunc.h' --- a/sql/item_cmpfunc.h 2011-06-30 15:37:13 +0000 +++ b/sql/item_cmpfunc.h 2012-02-24 06:23:36 +0000 @@ -254,7 +254,7 @@ public: Item_in_optimizer(Item *a, Item_in_subselect *b): Item_bool_func(a, my_reinterpret_cast(Item *)(b)), cache(0), save_cache(0), result_for_null_param(UNKNOWN) - {} + { with_subselect= true; } bool fix_fields(THD *, Item **); bool fix_left(THD *thd, Item **ref); bool is_null(); No bundle (reason: useless for push emails).