From: Date: September 30 2008 8:09am
Subject: bzr push into mysql-5.0-bugteam branch (holyfoot:2685) Bug#37949
List-Archive: http://lists.mysql.com/commits/54719
X-Bug: 37949
Message-Id: <20080930060927.3105D2C380C0@hfmain.localdomain>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

 2685 Alexey Botchkov	2008-09-29
      Bug#37949 Crash if argument to SP is a subquery that returns more than one row 
           JOIN for the subselect wasn't cleaned if we came upon an error
           during sub_select() execution. That leads to the assertion failure
           in close_thread_tables()
      
           part of the 6.0 code backported
      
      per-file comments:
        mysql-test/r/sp-error.result
      Bug#37949 Crash if argument to SP is a subquery that returns more than one row 
          test result
      
        mysql-test/t/sp-error.test
      Bug#37949 Crash if argument to SP is a subquery that returns more than one row 
          test case
      
        sql/sp_head.cc
      Bug#37949 Crash if argument to SP is a subquery that returns more than one row 
          lex->unit.cleanup() call added if not substatement
modified:
  mysql-test/r/sp-error.result
  mysql-test/t/sp-error.test
  sql/sp_head.cc

=== modified file 'mysql-test/r/sp-error.result'
--- a/mysql-test/r/sp-error.result	2008-01-23 20:26:41 +0000
+++ b/mysql-test/r/sp-error.result	2008-09-29 14:11:34 +0000
@@ -1513,3 +1513,10 @@ end loop label1;
 end loop;
 end|
 ERROR 42000: End-label label1 without match
+CREATE TABLE t1 (a INT)|
+INSERT INTO t1 VALUES (1),(2)|
+CREATE PROCEDURE p1(a INT) BEGIN END|
+CALL p1((SELECT * FROM t1))|
+ERROR 21000: Subquery returns more than 1 row
+DROP PROCEDURE IF EXISTS p1|
+DROP TABLE t1|

=== modified file 'mysql-test/t/sp-error.test'
--- a/mysql-test/t/sp-error.test	2008-01-23 20:26:41 +0000
+++ b/mysql-test/t/sp-error.test	2008-09-29 14:11:34 +0000
@@ -2173,6 +2173,14 @@ begin
     end loop;
 end|
 
+CREATE TABLE t1 (a INT)|
+INSERT INTO t1 VALUES (1),(2)|
+CREATE PROCEDURE p1(a INT) BEGIN END|
+--error ER_SUBQUERY_NO_1_ROW
+CALL p1((SELECT * FROM t1))|
+DROP PROCEDURE IF EXISTS p1|
+DROP TABLE t1|
+
 delimiter ;|
 
 #

=== modified file 'sql/sp_head.cc'
--- a/sql/sp_head.cc	2008-08-11 16:10:00 +0000
+++ b/sql/sp_head.cc	2008-09-29 14:11:34 +0000
@@ -1762,7 +1762,11 @@ sp_head::execute_procedure(THD *thd, Lis
       we'll leave it here.
     */
     if (!thd->in_sub_stmt)
-      close_thread_tables(thd, 0, 0);
+    {
+      thd->lex->unit.cleanup();
+      close_thread_tables(thd);            
+      thd->rollback_item_tree_changes();
+    }
 
     DBUG_PRINT("info",(" %.*s: eval args done", m_name.length, m_name.str));
   }