| Bug #8888 | Crash with Subselects: SELECT 1 FROM x WHERE (SELECT 1) in (SELECT 1) | ||
|---|---|---|---|
| Submitted: | 2 Mar 2005 12:43 | Modified: | 11 Apr 2005 2:13 |
| Reporter: | Christian Hammers (Silver Quality Contributor) (OCA) | Email Updates: | |
| Status: | Closed | Impact on me: | |
| Category: | MySQL Server | Severity: | S2 (Serious) |
| Version: | 4.1.10 | OS: | |
| Assigned to: | Oleksandr Byelkin | CPU Architecture: | Any |
[2 Mar 2005 12:43]
Christian Hammers
[2 Mar 2005 12:47]
MySQL Verification Team
(gdb) bt
#0 0xb7ceea21 in kill () from /lib/libc.so.6
#1 0xb7e49051 in pthread_kill () from /lib/libpthread.so.0
#2 0xb7e4942b in raise () from /lib/libpthread.so.0
#3 0xb7cee7b4 in raise () from /lib/libc.so.6
#4 0xb7cefc7d in abort () from /lib/libc.so.6
#5 0xb7ce7def in __assert_fail () from /lib/libc.so.6
#6 0x08136a26 in subselect_single_select_engine::cols (this=0x8c39168) at item_subselect.cc:1429
#7 0x081336dc in Item_singlerow_subselect::cols (this=0x8c390d8) at item_subselect.cc:433
#8 0x081359bb in Item_in_subselect::select_transformer (this=0x8c39408, join=0x8c39f60)
at item_subselect.cc:1055
#9 0x0818da81 in JOIN::prepare (this=0x8c39f60, rref_pointer_array=0x8c39294, tables_init=0x0,
wild_num=0, conds_init=0x0, og_num=0, order_init=0x0, group_init=0x0, having_init=0x0,
proc_param_init=0x0, select_lex_arg=0x8c39190, unit_arg=0x8c392c0) at sql_select.cc:305
#10 0x0813606d in subselect_single_select_engine::prepare (this=0x8c394a8)
at item_subselect.cc:1186
#11 0x08132c4f in Item_subselect::fix_fields (this=0x8c39408, thd_param=0x8c34ac0,
tables=0x8c38e00, ref=0x8c39f04) at item_subselect.cc:144
#12 0x08188f0a in setup_conds (thd=0x8c34ac0, tables=0x8c38e00, conds=0x8c39f04)
at sql_base.cc:2639
#13 0x0818d8bf in JOIN::prepare (this=0x8c39548, rref_pointer_array=0x8c34cf4,
tables_init=0x8c38e00, wild_num=0, conds_init=0x8c39408, og_num=0, order_init=0x0,
group_init=0x0, having_init=0x0, proc_param_init=0x0, select_lex_arg=0x8c34bf0,
unit_arg=0x8c34b08) at sql_select.cc:229
#14 0x08190f63 in mysql_select (thd=0x8c34ac0, rref_pointer_array=0x8c34cf4, tables=0x8c38e00,
wild_num=0, fields=@0x8c34c58, conds=0x8c39408, og_num=0, order=0x0, group=0x0, having=0x0,
proc_param=0x0, select_options=8669696, result=0x8c39538, unit=0x8c34b08,
select_lex=0x8c34bf0) at sql_select.cc:1580
#15 0x0818d63c in handle_select (thd=0x8c34ac0, lex=0x8c34afc, result=0x8c39538)
at sql_select.cc:193
#16 0x08169ebc in mysql_execute_command (thd=0x8c34ac0) at sql_parse.cc:2046
#17 0x0816eb82 in mysql_parse (thd=0x8c34ac0,
inBuf=0x8c38d10 "SELECT 1 FROM mysql.user WHERE (SELECT 1) in (SELECT 1)", length=55)
at sql_parse.cc:4148
#18 0x08168a96 in dispatch_command (command=COM_QUERY, thd=0x8c34ac0,
packet=0x8c41c89 "SELECT 1 FROM mysql.user WHERE (SELECT 1) in (SELECT 1)", packet_length=56)
at sql_parse.cc:1507
#19 0x081683b2 in do_command (thd=0x8c34ac0) at sql_parse.cc:1292
#20 0x081678e7 in handle_one_connection (arg=0x8c34ac0) at sql_parse.cc:1024
#21 0xb7e4614b in pthread_start_thread () from /lib/libpthread.so.0
#22 0xb7e461df in pthread_start_thread_event () from /lib/libpthread.so.0
#23 0xb7d7950a in clone () from /lib/libc.so.6
[10 Mar 2005 12:01]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/internals/22890
[10 Mar 2005 12:04]
Oleksandr Byelkin
ChangeSet 1.2189 05/03/10 14:01:22 bell@sanja.is.com.ua +4 -0 fixed left expression of IN/ALL/ANY subquery transformation support (BUG#8888)
[30 Mar 2005 20:14]
Oleksandr Byelkin
Thank you for bugreport. bugfix is pushed into source tree marked as 4.1.11.
[11 Apr 2005 2:13]
Paul DuBois
Noted in 4.1.11 changelog.
