MySQL Lists are EOL. Please join:

List:Commits« Previous MessageNext Message »
From:Sergey Petrunia Date:April 28 2008 11:00pm
Subject:bk commit into 6.0 tree (sergefp:1.2628) BUG#33245
View as plain text  
Below is the list of changes that have just been committed into a local
6.0 repository of sergefp.  When sergefp does a push these changes
will be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2008-04-29 03:00:37+04:00, sergefp@stripped +9 -0
  BUG#33245: Crash on VIEW referencing FROM table in an IN clause:
  - Initialize thd->thd_marker.emb_on_expr_nest before we process derived tables/VIEWs. The processing
    may invoke in_subquery_predicate->fix_fields() which required thd->thd_marker to have correct value
  - Code cleanup: make thd->thd_marker a union with a member having meaningful type/name

  mysql-test/r/subselect_sj2.result@stripped, 2008-04-29 03:00:23+04:00, sergefp@stripped +7 -0
    BUG#33245: Crash on VIEW referencing FROM table in an IN clause:
    - Testcase

  mysql-test/t/subselect_sj2.test@stripped, 2008-04-29 03:00:23+04:00, sergefp@stripped +12 -0
    BUG#33245: Crash on VIEW referencing FROM table in an IN clause:
    - Testcase

  sql/item_cmpfunc.cc@stripped, 2008-04-29 03:00:23+04:00, sergefp@stripped +3 -3
    BUG#33245: Crash on VIEW referencing FROM table in an IN clause:
    - Code cleanup: make thd->thd_marker a union with a member having meaningful type/name

  sql/item_func.cc@stripped, 2008-04-29 03:00:23+04:00, sergefp@stripped +3 -3
    BUG#33245: Crash on VIEW referencing FROM table in an IN clause:
    - Code cleanup: make thd->thd_marker a union with a member having meaningful type/name

  sql/sql_base.cc@stripped, 2008-04-29 03:00:23+04:00, sergefp@stripped +5 -5
    BUG#33245: Crash on VIEW referencing FROM table in an IN clause:
    - Code cleanup: make thd->thd_marker a union with a member having meaningful type/name

  sql/sql_class.h@stripped, 2008-04-29 03:00:24+04:00, sergefp@stripped +12 -1
    BUG#33245: Crash on VIEW referencing FROM table in an IN clause:
    - Code cleanup: make thd->thd_marker a union with a member having meaningful type/name

  sql/sql_parse.cc@stripped, 2008-04-29 03:00:24+04:00, sergefp@stripped +1 -0
    BUG#33245: Crash on VIEW referencing FROM table in an IN clause:
    - Initialize thd->thd_marker.emb_on_expr_nest before we process derived tables/VIEWs. The processing
      may invoke in_subquery_predicate->fix_fields() which required thd->thd_marker to have correct value

  sql/sql_prepare.cc@stripped, 2008-04-29 03:00:24+04:00, sergefp@stripped +1 -1
    BUG#33245: Crash on VIEW referencing FROM table in an IN clause:
    - Code cleanup: make thd->thd_marker a union with a member having meaningful type/name

  sql/sql_select.cc@stripped, 2008-04-29 03:00:24+04:00, sergefp@stripped +2 -3
    BUG#33245: Crash on VIEW referencing FROM table in an IN clause:
    - Code cleanup: make thd->thd_marker a union with a member having meaningful type/name

diff -Nrup a/mysql-test/r/subselect_sj2.result b/mysql-test/r/subselect_sj2.result
--- a/mysql-test/r/subselect_sj2.result	2008-04-26 06:09:13 +04:00
+++ b/mysql-test/r/subselect_sj2.result	2008-04-29 03:00:23 +04:00
@@ -1,4 +1,5 @@
 drop table if exists t0, t1, t2, t3;
+drop view if exists v1;
 create table t0 (a int);
 insert into t0 values (0),(1),(2),(3),(4),(5),(6),(7),(8),(9);
 create table t1 (
@@ -544,3 +545,9 @@ Alice
 Betty
 Don
 DROP TABLE t1, t2, t3;
+CREATE TABLE t1 (f1 INT NOT NULL);
+CREATE VIEW v1 (a) AS SELECT f1 IN (SELECT f1 FROM t1) FROM t1;
+SELECT * FROM v1;
+a
+drop view v1;
+drop table t1;
diff -Nrup a/mysql-test/t/subselect_sj2.test b/mysql-test/t/subselect_sj2.test
--- a/mysql-test/t/subselect_sj2.test	2008-04-26 06:09:13 +04:00
+++ b/mysql-test/t/subselect_sj2.test	2008-04-29 03:00:23 +04:00
@@ -4,6 +4,7 @@
 --source include/have_innodb.inc
 --disable_warnings
 drop table if exists t0, t1, t2, t3;
+drop view if exists v1;
 --enable_warnings
 
 
@@ -699,4 +700,15 @@ WHERE EMPNUM IN
         WHERE PTYPE = 'Design'));
 
 DROP TABLE t1, t2, t3;
+
+#
+# BUG#33245 "Crash on VIEW referencing FROM table in an IN clause"
+# 
+--disconnect default
+--connect (default,localhost,root,,test)
+CREATE TABLE t1 (f1 INT NOT NULL);
+CREATE VIEW v1 (a) AS SELECT f1 IN (SELECT f1 FROM t1) FROM t1;
+SELECT * FROM v1;
+drop view v1;
+drop table t1;
 
diff -Nrup a/sql/item_cmpfunc.cc b/sql/item_cmpfunc.cc
--- a/sql/item_cmpfunc.cc	2008-04-01 14:44:59 +04:00
+++ b/sql/item_cmpfunc.cc	2008-04-29 03:00:23 +04:00
@@ -3910,7 +3910,7 @@ Item_cond::fix_fields(THD *thd, Item **r
   DBUG_ASSERT(fixed == 0);
   List_iterator<Item> li(list);
   Item *item;
-  void *orig_thd_marker= thd->thd_marker;
+  TABLE_LIST *save_emb_on_expr_nest= thd->thd_marker.emb_on_expr_nest;
 #ifndef EMBEDDED_LIBRARY
   uchar buff[sizeof(char*)];			// Max local vars in function
 #endif
@@ -3918,7 +3918,7 @@ Item_cond::fix_fields(THD *thd, Item **r
   const_item_cache= 1;
 
   if (functype() == COND_OR_FUNC)
-    thd->thd_marker= 0;
+    thd->thd_marker.emb_on_expr_nest= NULL;
   /*
     and_table_cache is the value that Item_cond_or() returns for
     not_null_tables()
@@ -3977,7 +3977,7 @@ Item_cond::fix_fields(THD *thd, Item **r
       maybe_null=1;
   }
   thd->lex->current_select->cond_count+= list.elements;
-  thd->thd_marker= orig_thd_marker;
+  thd->thd_marker.emb_on_expr_nest= save_emb_on_expr_nest;
   fix_length_and_dec();
   fixed= 1;
   return FALSE;
diff -Nrup a/sql/item_func.cc b/sql/item_func.cc
--- a/sql/item_func.cc	2008-04-17 18:31:38 +04:00
+++ b/sql/item_func.cc	2008-04-29 03:00:23 +04:00
@@ -150,11 +150,11 @@ Item_func::fix_fields(THD *thd, Item **r
 {
   DBUG_ASSERT(fixed == 0);
   Item **arg,**arg_end;
-  void *save_thd_marker= thd->thd_marker;
+  TABLE_LIST *save_emb_on_expr_nest= thd->thd_marker.emb_on_expr_nest;
 #ifndef EMBEDDED_LIBRARY			// Avoid compiler warning
   uchar buff[STACK_BUFF_ALLOC];			// Max argument in function
 #endif
-  thd->thd_marker= 0;
+  thd->thd_marker.emb_on_expr_nest= NULL;
   used_tables_cache= not_null_tables_cache= 0;
   const_item_cache=1;
 
@@ -200,7 +200,7 @@ Item_func::fix_fields(THD *thd, Item **r
   if (thd->is_error()) // An error inside fix_length_and_dec occured
     return TRUE;
   fixed= 1;
-  thd->thd_marker= save_thd_marker;
+  thd->thd_marker.emb_on_expr_nest= save_emb_on_expr_nest;
   return FALSE;
 }
 
diff -Nrup a/sql/sql_base.cc b/sql/sql_base.cc
--- a/sql/sql_base.cc	2008-04-14 14:10:00 +04:00
+++ b/sql/sql_base.cc	2008-04-29 03:00:23 +04:00
@@ -7672,7 +7672,7 @@ int setup_conds(THD *thd, TABLE_LIST *ta
   SELECT_LEX *select_lex= thd->lex->current_select;
   Query_arena *arena= thd->stmt_arena, backup;
   TABLE_LIST *table= NULL;	// For HP compilers
-  void *save_thd_marker= thd->thd_marker;
+  TABLE_LIST *save_emb_on_expr_nest= thd->thd_marker.emb_on_expr_nest;
   /*
     it_is_update set to TRUE when tables of primary SELECT_LEX (SELECT_LEX
     which belong to LEX, i.e. most up SELECT) will be updated by
@@ -7703,7 +7703,7 @@ int setup_conds(THD *thd, TABLE_LIST *ta
       goto err_no_arena;
   }
 
-  thd->thd_marker= (void*)1;
+  thd->thd_marker.emb_on_expr_nest= (TABLE_LIST*)1;
   if (*conds)
   {
     thd->where="where clause";
@@ -7711,7 +7711,7 @@ int setup_conds(THD *thd, TABLE_LIST *ta
 	(*conds)->check_cols(1))
       goto err_no_arena;
   }
-  thd->thd_marker= save_thd_marker;
+  thd->thd_marker.emb_on_expr_nest= save_emb_on_expr_nest;
 
   /*
     Apply fix_fields() to all ON clauses at all levels of nesting,
@@ -7727,7 +7727,7 @@ int setup_conds(THD *thd, TABLE_LIST *ta
       if (embedded->on_expr)
       {
         /* Make a join an a expression */
-        thd->thd_marker= (void*)embedded;
+        thd->thd_marker.emb_on_expr_nest= embedded;
         thd->where="on clause";
         if (!embedded->on_expr->fixed &&
             embedded->on_expr->fix_fields(thd, &embedded->on_expr) ||
@@ -7752,7 +7752,7 @@ int setup_conds(THD *thd, TABLE_LIST *ta
       }
     }
   }
-  thd->thd_marker= save_thd_marker;
+  thd->thd_marker.emb_on_expr_nest= save_emb_on_expr_nest;
 
   if (!thd->stmt_arena->is_conventional())
   {
diff -Nrup a/sql/sql_class.h b/sql/sql_class.h
--- a/sql/sql_class.h	2008-04-14 14:10:01 +04:00
+++ b/sql/sql_class.h	2008-04-29 03:00:24 +04:00
@@ -1336,7 +1336,18 @@ public:
   Ha_data ha_data[MAX_HA];
 
   /* Place to store various things */
-  void *thd_marker;
+  union 
+  { 
+    /*
+      Used by subquery optimizations to inform subquery->fix_fields() calls 
+      where the subquery predicates are located.
+        (TABLE_LIST*) 1   - the predicate is an AND-part of the WHERE
+        join nest pointer - the predicate is an AND-part of ON expression
+                            of a join nest   
+        NULL              - for all other locations
+    */
+    TABLE_LIST *emb_on_expr_nest;
+  } thd_marker;
 #ifndef MYSQL_CLIENT
   int binlog_setup_trx_data();
 
diff -Nrup a/sql/sql_parse.cc b/sql/sql_parse.cc
--- a/sql/sql_parse.cc	2008-04-21 11:30:30 +04:00
+++ b/sql/sql_parse.cc	2008-04-29 03:00:24 +04:00
@@ -4768,6 +4768,7 @@ static bool execute_sqlcom_select(THD *t
       param->select_limit=
         new Item_int((ulonglong) thd->variables.select_limit);
   }
+  thd->thd_marker.emb_on_expr_nest= NULL;
   if (!(res= open_and_lock_tables(thd, all_tables)))
   {
     if (lex->describe)
diff -Nrup a/sql/sql_prepare.cc b/sql/sql_prepare.cc
--- a/sql/sql_prepare.cc	2008-04-21 11:30:30 +04:00
+++ b/sql/sql_prepare.cc	2008-04-29 03:00:24 +04:00
@@ -1292,7 +1292,7 @@ static int mysql_test_select(Prepared_st
     goto error;
 
   thd->used_tables= 0;                        // Updated by setup_fields
-  thd->thd_marker= 0;
+  thd->thd_marker.emb_on_expr_nest= 0;
 
   /*
     JOIN::prepare calls
diff -Nrup a/sql/sql_select.cc b/sql/sql_select.cc
--- a/sql/sql_select.cc	2008-04-26 06:09:13 +04:00
+++ b/sql/sql_select.cc	2008-04-29 03:00:24 +04:00
@@ -268,7 +268,6 @@ bool handle_select(THD *thd, LEX *lex, s
   {
     SELECT_LEX_UNIT *unit= &lex->unit;
     unit->set_limit(unit->global_parameters);
-    thd->thd_marker= 0;
     /*
       'options' of mysql_select will be set in JOIN, as far as JOIN for
       every PS/SP execution new, we will not need reset this flag if 
@@ -569,7 +568,7 @@ JOIN::prepare(Item ***rref_pointer_array
           !select_lex->master_unit()->first_select()->next_select() &&  // 2
           !select_lex->group_list.elements && !order &&                 // 3
           !having && !select_lex->with_sum_func &&                      // 4
-          thd->thd_marker &&                                            // 5
+          thd->thd_marker.emb_on_expr_nest &&                           // 5
           select_lex->outer_select()->join &&                           // (*)
           select_lex->master_unit()->first_select()->leaf_tables &&     // (**) 
           do_semijoin &&
@@ -606,7 +605,7 @@ JOIN::prepare(Item ***rref_pointer_array
 
         /* Register the subquery for further processing */
         select_lex->outer_select()->join->sj_subselects.append(thd->mem_root, in_subs);
-        in_subs->expr_join_nest= (TABLE_LIST*)thd->thd_marker;
+        in_subs->expr_join_nest= thd->thd_marker.emb_on_expr_nest;
       }
       else
       {
Thread
bk commit into 6.0 tree (sergefp:1.2628) BUG#33245Sergey Petrunia29 Apr