[Commits] Rev 3583: Fix of MDEV-3874: Server crashes in Item_field::print on a SELECT from a MERGE view with materialization+semijoin, subquery, ORDER BY. in file:///home/bell/maria/bzr/work-maria-5.5-MDEV-3874/

sanja at montyprogram.com sanja at montyprogram.com
Mon Nov 26 21:22:45 EET 2012


At file:///home/bell/maria/bzr/work-maria-5.5-MDEV-3874/

------------------------------------------------------------
revno: 3583
revision-id: sanja at montyprogram.com-20121126192244-n72kylth08bvlaop
parent: sergii at pisem.net-20121122104355-tivqceyimgljbdxc
committer: sanja at montyprogram.com
branch nick: work-maria-5.5-MDEV-3874
timestamp: Mon 2012-11-26 21:22:44 +0200
message:
  Fix of MDEV-3874: Server crashes in Item_field::print on a SELECT from a MERGE view with materialization+semijoin, subquery, ORDER BY.
  
  The problem was that in debugging binaries it try to print item to assign human readable name to the item.
  But subquery item was already freed (join_free/cleanup with full cleanup) so Item_field refers to temporary
  table which memory had been already freed.
-------------- next part --------------
=== modified file 'mysql-test/r/view.result'
--- a/mysql-test/r/view.result	2012-10-18 21:33:06 +0000
+++ b/mysql-test/r/view.result	2012-11-26 19:22:44 +0000
@@ -4825,4 +4825,36 @@ drop tables t1,t2;
 # -----------------------------------------------------------------
 # -- End of 5.3 tests.
 # -----------------------------------------------------------------
+#
+# MDEV-3874: Server crashes in Item_field::print on a SELECT
+# from a MERGE view with materialization+semijoin, subquery, ORDER BY
+#
+SET @save_optimizer_switch_MDEV_3874=@@optimizer_switch;
+SET optimizer_switch = 'materialization=on,semijoin=on';
+CREATE TABLE t1 (a INT) ENGINE=MyISAM;
+INSERT INTO t1 VALUES (1),(7);
+CREATE TABLE t2 (b INT) ENGINE=MyISAM;
+INSERT INTO t2 VALUES (4),(6);
+CREATE TABLE t3 (c INT) ENGINE=MyISAM;
+INSERT INTO t3 VALUES (1),(2);
+CREATE ALGORITHM=MERGE VIEW v1 AS SELECT  
+( SELECT a FROM t1 WHERE ( 1, 1 ) IN ( 
+SELECT b, c FROM t2, t3 HAVING c > 2 ) ) AS field1, 
+b + c AS field2 
+FROM t2, t3 AS table1
+GROUP BY field1, field2 ORDER BY field1;
+Warnings:
+Warning	1354	View merge algorithm can't be used here for now (assumed undefined algorithm)
+SELECT * FROM v1;
+field1	field2
+NULL	5
+NULL	7
+NULL	6
+NULL	8
+drop view v1;
+drop table t1,t2,t3;
+SET optimizer_switch=@save_optimizer_switch_MDEV_3874;
+# -----------------------------------------------------------------
+# -- End of 5.5 tests.
+# -----------------------------------------------------------------
 SET optimizer_switch=@save_optimizer_switch;

=== modified file 'mysql-test/t/view.test'
--- a/mysql-test/t/view.test	2012-10-18 21:33:06 +0000
+++ b/mysql-test/t/view.test	2012-11-26 19:22:44 +0000
@@ -4751,4 +4751,39 @@ drop tables t1,t2;
 --echo # -- End of 5.3 tests.
 --echo # -----------------------------------------------------------------
 
+--echo #
+--echo # MDEV-3874: Server crashes in Item_field::print on a SELECT
+--echo # from a MERGE view with materialization+semijoin, subquery, ORDER BY
+--echo #
+SET @save_optimizer_switch_MDEV_3874=@@optimizer_switch;
+
+SET optimizer_switch = 'materialization=on,semijoin=on';
+
+CREATE TABLE t1 (a INT) ENGINE=MyISAM;
+INSERT INTO t1 VALUES (1),(7);
+
+CREATE TABLE t2 (b INT) ENGINE=MyISAM;
+INSERT INTO t2 VALUES (4),(6);
+
+CREATE TABLE t3 (c INT) ENGINE=MyISAM;
+INSERT INTO t3 VALUES (1),(2);
+
+
+CREATE ALGORITHM=MERGE VIEW v1 AS SELECT  
+( SELECT a FROM t1 WHERE ( 1, 1 ) IN ( 
+SELECT b, c FROM t2, t3 HAVING c > 2 ) ) AS field1, 
+b + c AS field2 
+FROM t2, t3 AS table1
+GROUP BY field1, field2 ORDER BY field1;
+
+SELECT * FROM v1;
+
+drop view v1;
+drop table t1,t2,t3;
+SET optimizer_switch=@save_optimizer_switch_MDEV_3874;
+
+--echo # -----------------------------------------------------------------
+--echo # -- End of 5.5 tests.
+--echo # -----------------------------------------------------------------
+
 SET optimizer_switch=@save_optimizer_switch;

=== modified file 'sql/sql_select.cc'
--- a/sql/sql_select.cc	2012-11-22 09:19:31 +0000
+++ b/sql/sql_select.cc	2012-11-26 19:22:44 +0000
@@ -2074,6 +2074,7 @@ JOIN::reinit()
                                     ULL(0));
 
   first_record= 0;
+  cleaned= false;
 
   if (exec_tmp_table1)
   {
@@ -10623,6 +10624,7 @@ void JOIN::cleanup(bool full)
       {
 	tab->cleanup();
       }
+      cleaned= true;
     }
     else
     {
@@ -22409,6 +22411,17 @@ void st_select_lex::print(THD *thd, Stri
 
   str->append(STRING_WITH_LEN("select "));
 
+  if (join && join->cleaned)
+  {
+    /*
+      JOIN already cleaned up so it is dangerous to print items
+      because temporary tables they pointed on could be freed.
+    */
+    str->append('#');
+    str->append(select_number);
+    return;
+  }
+
   /* First add options */
   if (options & SELECT_STRAIGHT_JOIN)
     str->append(STRING_WITH_LEN("straight_join "));

=== modified file 'sql/sql_select.h'
--- a/sql/sql_select.h	2012-11-04 15:09:46 +0000
+++ b/sql/sql_select.h	2012-11-26 19:22:44 +0000
@@ -1141,6 +1141,8 @@ public:
   bool          skip_sort_order;
 
   bool need_tmp, hidden_group_fields;
+  /* TRUE if there was full cleunap of the JOIN */
+  bool cleaned;
   DYNAMIC_ARRAY keyuse;
   Item::cond_result cond_value, having_value;
   List<Item> all_fields; ///< to store all fields that used in query
@@ -1268,6 +1270,7 @@ public:
     zero_result_cause= 0;
     optimized= 0;
     initialized= 0;
+    cleaned= 0;
     cond_equal= 0;
     having_equal= 0;
     exec_const_cond= 0;



More information about the commits mailing list