From: Date: April 6 2008 1:19am
Subject: bk commit into 6.0 tree (sergefp:1.2624) BUG#35767
List-Archive: http://lists.mysql.com/commits/44956
X-Bug: 35767
Message-Id: <20080405231934.4BFA322AF37@pslp.localdomain>

Below is the list of changes that have just been committed into a local
6.0 repository of sergefp.  When sergefp does a push these changes
will be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2008-04-06 03:19:24+04:00, sergefp@stripped +3 -0
  BUG#35767 "Processing of uncorrelated subquery with semi-join cause wrong result and crash"
  - When calling left_expr->fix_fields(), set the context to point to the 
    parent select (as left expression of IN subquery is located in the context
    of the parent select), in the same manner as  Item_in_subselect::
    single_value_transformer does. Also set thd->where appropriately.

  mysql-test/r/subselect_sj2.result@stripped, 2008-04-06 03:19:17+04:00, sergefp@stripped +14 -0
    BUG#35767 "Processing of uncorrelated subquery with semi-join cause wrong result and crash"
    - Testcase

  mysql-test/t/subselect_sj2.test@stripped, 2008-04-06 03:19:17+04:00, sergefp@stripped +23 -0
    BUG#35767 "Processing of uncorrelated subquery with semi-join cause wrong result and crash"
    - Testcase

  sql/sql_select.cc@stripped, 2008-04-06 03:19:17+04:00, sergefp@stripped +11 -4
    BUG#35767 "Processing of uncorrelated subquery with semi-join cause wrong result and crash"
    - When calling left_expr->fix_fields(), set the context to point to the 
      parent select (as left expression of IN subquery is located in the context
      of the parent select), in the same manner as  Item_in_subselect::
      single_value_transformer does. Also set thd->where appropriately.

diff -Nrup a/mysql-test/r/subselect_sj2.result b/mysql-test/r/subselect_sj2.result
--- a/mysql-test/r/subselect_sj2.result	2008-04-06 01:24:22 +04:00
+++ b/mysql-test/r/subselect_sj2.result	2008-04-06 03:19:17 +04:00
@@ -424,3 +424,17 @@ Warnings:
 Note	1276	Field or reference 'test.t0.a' of SELECT #2 was resolved in SELECT #1
 Note	1003	select `test`.`t0`.`a` AS `a` from `test`.`t2` semi join (`test`.`t1`) join `test`.`t0` where ((`test`.`t2`.`b` = `test`.`t1`.`b`) and (`test`.`t1`.`a` = `test`.`t0`.`a`) and (`test`.`t2`.`a` = `test`.`t0`.`a`))
 drop table t0, t1, t2;
+CREATE TABLE t1 (
+id int(11) NOT NULL,
+PRIMARY KEY (id));
+CREATE TABLE t2 (
+id int(11) NOT NULL,
+fid int(11) NOT NULL,
+PRIMARY KEY (id));
+insert into t1 values(1);
+insert into t2 values(1,7503),(2,1);
+explain select count(*) 
+from t1 
+where fid IN (select fid from t2 where (id between 7502 and 8420) order by fid );
+ERROR 42S22: Unknown column 'fid' in 'IN/ALL/ANY subquery'
+drop table t1, t2;
diff -Nrup a/mysql-test/t/subselect_sj2.test b/mysql-test/t/subselect_sj2.test
--- a/mysql-test/t/subselect_sj2.test	2008-04-06 01:24:22 +04:00
+++ b/mysql-test/t/subselect_sj2.test	2008-04-06 03:19:17 +04:00
@@ -569,3 +569,26 @@ t1.b=t2.b);
 
 drop table t0, t1, t2;
 
+#
+# BUG#35767: Processing of uncorrelated subquery with semi-join cause wrong result and crash
+#
+CREATE TABLE t1 (
+  id int(11) NOT NULL,
+  PRIMARY KEY (id));
+
+CREATE TABLE t2 (
+  id int(11) NOT NULL,
+  fid int(11) NOT NULL,
+  PRIMARY KEY (id));
+
+insert into t1 values(1);
+insert into t2 values(1,7503),(2,1);
+
+--error 1054
+explain select count(*) 
+from t1 
+where fid IN (select fid from t2 where (id between 7502 and 8420) order by fid );
+
+drop table t1, t2;
+
+
diff -Nrup a/sql/sql_select.cc b/sql/sql_select.cc
--- a/sql/sql_select.cc	2008-04-06 01:24:22 +04:00
+++ b/sql/sql_select.cc	2008-04-06 03:19:17 +04:00
@@ -579,11 +579,18 @@ JOIN::prepare(Item ***rref_pointer_array
 
         if (thd->stmt_arena->state != Query_arena::PREPARED)
         {
-          if (!in_subs->left_expr->fixed &&
-               in_subs->left_expr->fix_fields(thd, &in_subs->left_expr))
-          {
+          SELECT_LEX *current= thd->lex->current_select;
+          thd->lex->current_select= current->return_after_parsing();
+          char const *save_where= thd->where;
+          thd->where= "IN/ALL/ANY subquery";
+          
+          bool failure= !in_subs->left_expr->fixed &&
+                         in_subs->left_expr->fix_fields(thd, 
+                                                        &in_subs->left_expr);
+          thd->lex->current_select= current;
+          thd->where= save_where;
+          if (failure)
             DBUG_RETURN(-1);
-          }
           /*
             Check that the right part of the subselect contains no more than one
             column. E.g. in SELECT 1 IN (SELECT * ..) the right part is (SELECT * ...)