Bug #52336 Segfault / crash in 5.1 copy_fields (param=0x9872980) at sql_select.cc:15355
Submitted: 24 Mar 2010 16:00 Modified: 20 Jun 2010 22:45
Reporter: Patrick Crews Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Optimizer Severity:S3 (Non-critical)
Version:5.1-bugteam, 5.5,next-mr,6.0 OS:Any
Assigned to: Sergei Glukhov CPU Architecture:Any
Tags: crash, regression, segfault

[24 Mar 2010 16:00] Patrick Crews 
Description:
This crash is only occurring in 5.1-bugteam, tested against 6.0-codebase-bugfixing and 5.0-bugteam without incident.

Will also try to pinpoint the changeset responsible for this as time permits.

Crash / segfault occurring for this query:
NOTE:  Automated simplification of this query was not working as the simplification turns this into another, separate crash in 5.1  Keeping the original query here and in the test case (apologies for this).

SELECT    MIN(  table1 . `col_int_key` ) AS field1 
FROM ( CC AS table1 RIGHT  JOIN C AS table2 ON (table2 . `col_int_key` = table1 . `col_int_nokey`  ) ) 
WHERE (  ( 'k', 'c' )  IN ( 
SELECT 'e' , 'l' UNION  
SELECT 'j' , 't' ) ) OR ( table1 . `col_int_key` = table1 . `col_int_key` AND table1 . `pk` = 232 ) OR (  table1 . `col_varchar_key`  IN ( 
SELECT   SUBQUERY2_t2 . `col_varchar_key` AS SUBQUERY2_field1 
FROM ( B AS SUBQUERY2_t1 LEFT  JOIN B AS SUBQUERY2_t2 ON (SUBQUERY2_t2 . `pk` = SUBQUERY2_t1 . `col_int_key`  ) ) 
WHERE SUBQUERY2_t1 . `col_varchar_key` <> table1 . `col_varchar_key` AND SUBQUERY2_t1 . `col_varchar_key` < table2 . `col_varchar_key` ) OR table1 . `col_int_key` >= table2 . `col_int_key` )  
HAVING  ( 7, 7 )  IN ( 
SELECT DISTINCT SQL_SMALL_RESULT SUBQUERY3_t1 . `col_int_nokey` AS SUBQUERY3_field1 , SUBQUERY3_t1 . `col_int_nokey` AS SUBQUERY3_field2 
FROM C AS SUBQUERY3_t1 
WHERE SUBQUERY3_t1 . `col_varchar_key` < 'y'   ) 
ORDER BY table1 . `col_datetime_key`  , field1 
LIMIT 2
;

Stacktrace (full output to be attached separately):
Thread 1 (Thread 29203):
#0  0x00d16422 in __kernel_vsyscall ()
#1  0x008b0e93 in __pthread_kill (threadid=3070016368, signo=11) at ../nptl/sysdeps/unix/sysv/linux/pthread_kill.c:64
#2  0x08cbd8a6 in my_write_core (sig=11) at stacktrace.c:329
#3  0x083cfad2 in handle_segfault (sig=11) at mysqld.cc:2570
#4  <signal handler called>
#5  0x0851bd87 in copy_fields (param=0x9872980) at sql_select.cc:15355
#6  0x0850c4d6 in end_write (join=0x9871920, join_tab=0x987142c, end_of_records=false) at sql_select.cc:12413
#7  0x08506d27 in evaluate_join_record (join=0x9871920, join_tab=0x9871298, error=0) at sql_select.cc:11437
#8  0x085065da in sub_select (join=0x9871920, join_tab=0x9871298, end_of_records=false) at sql_select.cc:11317
#9  0x08505a33 in do_select (join=0x9871920, fields=0x0, table=0x984ba08, procedure=0x0) at sql_select.cc:11067
#10 0x084d8475 in JOIN::exec (this=0x986dfc8) at sql_select.cc:1908
#11 0x0833453a in subselect_single_select_engine::exec (this=0x98434e8) at item_subselect.cc:1972
#12 0x08328ad1 in Item_subselect::exec (this=0x9843438) at item_subselect.cc:265
#13 0x0832cb80 in Item_in_subselect::val_bool (this=0x9843438) at item_subselect.cc:865
#14 0x0823e536 in Item::val_bool_result (this=0x9843438) at item.h:745
#15 0x082a4086 in Item_in_optimizer::val_int (this=0x986f240) at item_cmpfunc.cc:1833
#16 0x0850b980 in end_send_group (join=0x9847a38, join_tab=0x9877444, end_of_records=true) at sql_select.cc:12329
#17 0x085063c3 in sub_select (join=0x9847a38, join_tab=0x98772b0, end_of_records=true) at sql_select.cc:11276
#18 0x08505a99 in do_select (join=0x9847a38, fields=0x9848ba0, table=0x0, procedure=0x0) at sql_select.cc:11069
#19 0x084db4a6 in JOIN::exec (this=0x9847a38) at sql_select.cc:2315
#20 0x084dc3dd in mysql_select (thd=0x97e07d8, rref_pointer_array=0x97e1c78, tables=0x9832c70, wild_num=0, fields=..., conds=0x98427c0, 
    og_num=2, order=0x98435f8, group=0x0, having=0x9843438, proc_param=0x0, select_options=2147764736, result=0x9843770, unit=0x97e1910, 
    select_lex=0x97e1b80) at sql_select.cc:2510
#21 0x084cd9c5 in handle_select (thd=0x97e07d8, lex=0x97e18b4, result=0x9843770, setup_tables_done_option=0) at sql_select.cc:269
#22 0x08408425 in execute_sqlcom_select (thd=0x97e07d8, all_tables=0x9832c70) at sql_parse.cc:5052
#23 0x083f5598 in mysql_execute_command (thd=0x97e07d8) at sql_parse.cc:2248
#24 0x0840cb28 in mysql_parse (thd=0x97e07d8, 
    inBuf=0x9832058 "SELECT    MIN(  table1 . `col_int_key` ) AS field1 \nFROM ( CC AS table1 RIGHT  JOIN C AS table2 ON (table2 . `col_int_key` = table1 . `col_int_nokey`  ) ) \nWHERE (  ( 'k', 'c' )  IN ( \nSELECT 'e' , 'l"..., length=1012, found_semicolon=0xb6fcb058)
    at sql_parse.cc:5971
#25 0x083f09d8 in dispatch_command (command=COM_QUERY, thd=0x97e07d8, packet=0x9826111 "", packet_length=1013) at sql_parse.cc:1233
#26 0x083eec2f in do_command (thd=0x97e07d8) at sql_parse.cc:874
#27 0x083eb29b in handle_one_connection (arg=0x97e07d8) at sql_connect.cc:1127
#28 0x008ab80e in start_thread (arg=0xb6fcbb70) at pthread_create.c:300
#29 0x0028c8de in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130

How to repeat:
#/* Server0: MySQL 5.1.46-gcov-debug-log */

/*!50400 SET SESSION optimizer_switch = 'index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on' */;
/*!50400 SET SESSION engine_condition_pushdown = 'ON' */;

#/* Begin test case for query 1 */

--disable_warnings
DROP TABLE /*! IF EXISTS */ CC;
DROP TABLE /*! IF EXISTS */ C;
DROP TABLE /*! IF EXISTS */ B;
--enable_warnings

CREATE TABLE `CC` (
  `pk` int(11) NOT NULL AUTO_INCREMENT,
  `col_int_nokey` int(11) DEFAULT NULL,
  `col_int_key` int(11) DEFAULT NULL,
  `col_datetime_key` datetime DEFAULT NULL,
  `col_varchar_key` varchar(1) DEFAULT NULL,
  PRIMARY KEY (`pk`),
  KEY `col_int_key` (`col_int_key`),
  KEY `col_datetime_key` (`col_datetime_key`),
  KEY `col_varchar_key` (`col_varchar_key`,`col_int_key`)
) ENGINE=MyISAM AUTO_INCREMENT=30 DEFAULT CHARSET=latin1;
INSERT INTO `CC` VALUES (10,7,8,'2002-02-26 06:14:37','v');
INSERT INTO `CC` VALUES (11,1,9,'1900-01-01 00:00:00','r');
INSERT INTO `CC` VALUES (12,5,9,'2006-12-03 09:37:26','a');
INSERT INTO `CC` VALUES (13,3,186,'2008-05-26 12:27:10','m');
INSERT INTO `CC` VALUES (14,6,NULL,'2004-12-14 16:37:30','y');
INSERT INTO `CC` VALUES (15,92,2,'2003-02-11 21:19:41','j');
INSERT INTO `CC` VALUES (16,7,3,'2009-10-18 02:27:49','d');
INSERT INTO `CC` VALUES (17,NULL,0,'2000-09-26 07:45:57','z');
INSERT INTO `CC` VALUES (18,3,133,NULL,'e');
INSERT INTO `CC` VALUES (19,5,1,'2005-11-10 12:40:29','h');
INSERT INTO `CC` VALUES (20,1,8,'2009-04-25 00:00:00','b');
INSERT INTO `CC` VALUES (21,2,5,'2002-11-27 00:00:00','s');
INSERT INTO `CC` VALUES (22,NULL,5,'2004-01-26 20:32:32','e');
INSERT INTO `CC` VALUES (23,1,8,'2007-10-26 11:41:40','j');
INSERT INTO `CC` VALUES (24,0,6,'2005-10-07 00:00:00','e');
INSERT INTO `CC` VALUES (25,210,51,'2000-07-15 05:00:34','f');
INSERT INTO `CC` VALUES (26,8,4,'2000-04-03 16:33:32','v');
INSERT INTO `CC` VALUES (27,7,7,NULL,'x');
INSERT INTO `CC` VALUES (28,5,6,'2001-04-25 01:26:12','m');
INSERT INTO `CC` VALUES (29,NULL,4,'2000-12-27 00:00:00','c');
CREATE TABLE `C` (
  `pk` int(11) NOT NULL AUTO_INCREMENT,
  `col_int_nokey` int(11) DEFAULT NULL,
  `col_int_key` int(11) DEFAULT NULL,
  `col_datetime_key` datetime DEFAULT NULL,
  `col_varchar_key` varchar(1) DEFAULT NULL,
  PRIMARY KEY (`pk`),
  KEY `col_int_key` (`col_int_key`),
  KEY `col_datetime_key` (`col_datetime_key`),
  KEY `col_varchar_key` (`col_varchar_key`,`col_int_key`)
) ENGINE=MyISAM AUTO_INCREMENT=21 DEFAULT CHARSET=latin1;
INSERT INTO `C` VALUES (1,NULL,2,'2004-10-11 18:13:16','w');
INSERT INTO `C` VALUES (2,7,9,NULL,'m');
INSERT INTO `C` VALUES (3,9,3,'1900-01-01 00:00:00','m');
INSERT INTO `C` VALUES (4,7,9,'2009-07-25 00:00:00','k');
INSERT INTO `C` VALUES (5,4,NULL,NULL,'r');
INSERT INTO `C` VALUES (6,2,9,'2008-07-27 00:00:00','t');
INSERT INTO `C` VALUES (7,6,3,'2002-11-13 16:37:31','j');
INSERT INTO `C` VALUES (8,8,8,'1900-01-01 00:00:00','u');
INSERT INTO `C` VALUES (9,NULL,8,'2003-12-10 00:00:00','h');
INSERT INTO `C` VALUES (10,5,53,'2001-12-21 22:38:22','o');
INSERT INTO `C` VALUES (11,NULL,0,'2008-12-13 23:16:44',NULL);
INSERT INTO `C` VALUES (12,6,5,'2005-08-15 12:39:41','k');
INSERT INTO `C` VALUES (13,188,166,NULL,'e');
INSERT INTO `C` VALUES (14,2,3,'2006-09-11 12:06:14','n');
INSERT INTO `C` VALUES (15,1,0,'2007-12-15 12:39:34','t');
INSERT INTO `C` VALUES (16,1,1,'2005-08-09 00:00:00','c');
INSERT INTO `C` VALUES (17,0,9,'2001-09-02 22:50:02','m');
INSERT INTO `C` VALUES (18,9,5,'2005-12-16 22:58:11','y');
INSERT INTO `C` VALUES (19,NULL,6,'2007-04-19 00:19:53','f');
INSERT INTO `C` VALUES (20,4,2,'1900-01-01 00:00:00','d');
CREATE TABLE `B` (
  `pk` int(11) NOT NULL AUTO_INCREMENT,
  `col_int_nokey` int(11) DEFAULT NULL,
  `col_int_key` int(11) DEFAULT NULL,
  `col_datetime_key` datetime DEFAULT NULL,
  `col_varchar_key` varchar(1) DEFAULT NULL,
  PRIMARY KEY (`pk`),
  KEY `col_int_key` (`col_int_key`),
  KEY `col_datetime_key` (`col_datetime_key`),
  KEY `col_varchar_key` (`col_varchar_key`,`col_int_key`)
) ENGINE=MyISAM AUTO_INCREMENT=2 DEFAULT CHARSET=latin1;
INSERT INTO `B` VALUES (1,1,7,'2005-02-05 00:00:00','f');

SELECT    MIN(  table1 . `col_int_key` ) AS field1 
FROM ( CC AS table1 RIGHT  JOIN C AS table2 ON (table2 . `col_int_key` = table1 . `col_int_nokey`  ) ) 
WHERE (  ( 'k', 'c' )  IN ( 
SELECT 'e' , 'l' UNION  
SELECT 'j' , 't' ) ) OR ( table1 . `col_int_key` = table1 . `col_int_key` AND table1 . `pk` = 232 ) OR (  table1 . `col_varchar_key`  IN ( 
SELECT   SUBQUERY2_t2 . `col_varchar_key` AS SUBQUERY2_field1 
FROM ( B AS SUBQUERY2_t1 LEFT  JOIN B AS SUBQUERY2_t2 ON (SUBQUERY2_t2 . `pk` = SUBQUERY2_t1 . `col_int_key`  ) ) 
WHERE SUBQUERY2_t1 . `col_varchar_key` <> table1 . `col_varchar_key` AND SUBQUERY2_t1 . `col_varchar_key` < table2 . `col_varchar_key` ) OR table1 . `col_int_key` >= table2 . `col_int_key` )  
HAVING  ( 7, 7 )  IN ( 
SELECT DISTINCT SQL_SMALL_RESULT SUBQUERY3_t1 . `col_int_nokey` AS SUBQUERY3_field1 , SUBQUERY3_t1 . `col_int_nokey` AS SUBQUERY3_field2 
FROM C AS SUBQUERY3_t1 
WHERE SUBQUERY3_t1 . `col_varchar_key` < 'y'   ) 
ORDER BY table1 . `col_datetime_key`  , field1 
LIMIT 2
;

DROP TABLE CC;
DROP TABLE C;
DROP TABLE B;
#/* End of test case for query 1 */
[24 Mar 2010 16:01] Patrick Crews 
Full backtrace output from this crash

Attachment: bug52336_backtrace.txt (text/plain), 12.06 KiB.
[24 Mar 2010 16:42] Valeriy Kravchuk 
Crash is NOT repeatable for me with recent 5.1.46-debug from mysql-5.1 tree:

...
mysql> INSERT INTO `B` VALUES (1,1,7,'2005-02-05 00:00:00','f');
Query OK, 1 row affected (0.01 sec)

mysql> SELECT    MIN(  table1 . `col_int_key` ) AS field1 
    -> FROM ( CC AS table1 RIGHT  JOIN C AS table2 ON (table2 . `col_int_key` = table1 .
    -> `col_int_nokey`  ) ) 
    -> WHERE (  ( 'k', 'c' )  IN ( 
    -> SELECT 'e' , 'l' UNION  
    -> SELECT 'j' , 't' ) ) OR ( table1 . `col_int_key` = table1 . `col_int_key` AND table1 .
    -> `pk` = 232 ) OR (  table1 . `col_varchar_key`  IN ( 
    -> SELECT   SUBQUERY2_t2 . `col_varchar_key` AS SUBQUERY2_field1 
    -> FROM ( B AS SUBQUERY2_t1 LEFT  JOIN B AS SUBQUERY2_t2 ON (SUBQUERY2_t2 . `pk` =
    -> SUBQUERY2_t1 . `col_int_key`  ) ) 
    -> WHERE SUBQUERY2_t1 . `col_varchar_key` <> table1 . `col_varchar_key` AND SUBQUERY2_t1 .
    -> `col_varchar_key` < table2 . `col_varchar_key` ) OR table1 . `col_int_key` >= table2 .
    -> `col_int_key` )  
    -> HAVING  ( 7, 7 )  IN ( 
    -> SELECT DISTINCT SQL_SMALL_RESULT SUBQUERY3_t1 . `col_int_nokey` AS SUBQUERY3_field1 ,
    -> SUBQUERY3_t1 . `col_int_nokey` AS SUBQUERY3_field2 
    -> FROM C AS SUBQUERY3_t1 
    -> WHERE SUBQUERY3_t1 . `col_varchar_key` < 'y'   ) 
    -> ORDER BY table1 . `col_datetime_key`  , field1 
    -> LIMIT 2
    -> ;
+--------+
| field1 |
+--------+
|      5 |
+--------+
1 row in set (0.01 sec)

mysql> select version();
+--------------+
| version()    |
+--------------+
| 5.1.46-debug |
+--------------+
1 row in set (0.00 sec)
[24 Mar 2010 20:41] MySQL Verification Team 
Thank you for the bug report. Verified as described:

[miguel@hegel ~]$ dbs/5.1-bugteam/libexec/mysqld
100324 17:35:13 [Note] Plugin 'FEDERATED' is disabled.
100324 17:35:13 [Note] Plugin 'ndbcluster' is disabled.
InnoDB: The first specified data file ./ibdata1 did not exist:
InnoDB: a new database to be created!
100324 17:35:13  InnoDB: Setting file ./ibdata1 size to 10 MB
InnoDB: Database physically writes the file full: wait...
100324 17:35:13  InnoDB: Log file ./ib_logfile0 did not exist: new to be created
InnoDB: Setting log file ./ib_logfile0 size to 5 MB
InnoDB: Database physically writes the file full: wait...
100324 17:35:13  InnoDB: Log file ./ib_logfile1 did not exist: new to be created
InnoDB: Setting log file ./ib_logfile1 size to 5 MB
InnoDB: Database physically writes the file full: wait...
InnoDB: Doublewrite buffer not found: creating new
InnoDB: Doublewrite buffer created
InnoDB: Creating foreign key constraint system tables
InnoDB: Foreign key constraint system tables created
100324 17:35:14  InnoDB: Started; log sequence number 0 0
100324 17:35:14 [Note] Event Scheduler: Loaded 0 events
100324 17:35:14 [Note] dbs/5.1-bugteam/libexec/mysqld: ready for connections.
Version: '5.1.46-debug'  socket: '/tmp/mysql.sock'  port: 3306  Source distribution
100324 17:38:43 - mysqld got signal 11 ;
This could be because you hit a bug. It is also possible that this binary
or one of the libraries it was linked against is corrupt, improperly built,
or misconfigured. This error can also be caused by malfunctioning hardware.
We will try our best to scrape up some info that will hopefully help diagnose
the problem, but since we have already crashed, something is definitely wrong
and this may fail.

key_buffer_size=8384512
read_buffer_size=131072
max_used_connections=1
max_threads=151
threads_connected=1
It is possible that mysqld could use up to 
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 338309 K
bytes of memory
Hope that's ok; if not, decrease some variables in the equation.

thd: 0x1e84cc8
Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
stack_bottom = 0x7f02defe5eb8 thread_stack 0x40000
dbs/5.1-bugteam/libexec/mysqld(my_print_stacktrace+0x35)[0xb21539]
dbs/5.1-bugteam/libexec/mysqld(handle_segfault+0x288)[0x6b2586]
/lib64/libpthread.so.0[0x3d6ec0f0f0]
dbs/5.1-bugteam/libexec/mysqld(_Z11copy_fieldsP15TMP_TABLE_PARAM+0x2a)[0x758b09]
dbs/5.1-bugteam/libexec/mysqld[0x750acc]
dbs/5.1-bugteam/libexec/mysqld[0x74e00f]
dbs/5.1-bugteam/libexec/mysqld(_Z10sub_selectP4JOINP13st_join_tableb+0x179)[0x74dcb5]
dbs/5.1-bugteam/libexec/mysqld[0x74d7c0]
dbs/5.1-bugteam/libexec/mysqld(_ZN4JOIN4execEv+0xbc0)[0x734bba]
dbs/5.1-bugteam/libexec/mysqld(_ZN30subselect_single_select_engine4execEv+0x63d)[0x666d61]
dbs/5.1-bugteam/libexec/mysqld(_ZN14Item_subselect4execEv+0x8e)[0x6611a4]
dbs/5.1-bugteam/libexec/mysqld(_ZN17Item_in_subselect8val_boolEv+0x52)[0x662b86]
dbs/5.1-bugteam/libexec/mysqld(_ZN4Item15val_bool_resultEv+0x25)[0x5f4117]
dbs/5.1-bugteam/libexec/mysqld(_ZN17Item_in_optimizer7val_intEv+0x29e)[0x625a5c]
dbs/5.1-bugteam/libexec/mysqld[0x750614]
dbs/5.1-bugteam/libexec/mysqld(_Z10sub_selectP4JOINP13st_join_tableb+0x4d)[0x74db89]
dbs/5.1-bugteam/libexec/mysqld[0x74d7ea]
dbs/5.1-bugteam/libexec/mysqld(_ZN4JOIN4execEv+0x26bb)[0x7366b5]
dbs/5.1-bugteam/libexec/mysqld(_Z12mysql_selectP3THDPPP4ItemP10TABLE_LISTjR4ListIS1_ES2_jP8st_orderSB_S2_SB_yP13select_resultP18st_select_lex_unitP13st_select_lex+0x343)[0x736e77]
dbs/5.1-bugteam/libexec/mysqld(_Z13handle_selectP3THDP6st_lexP13select_resultm+0x1c6)[0x72eaac]
dbs/5.1-bugteam/libexec/mysqld[0x6cd65d]
dbs/5.1-bugteam/libexec/mysqld(_Z21mysql_execute_commandP3THD+0x8de)[0x6c4779]
dbs/5.1-bugteam/libexec/mysqld(_Z11mysql_parseP3THDPKcjPS2_+0x2c2)[0x6cfa67]
dbs/5.1-bugteam/libexec/mysqld(_Z16dispatch_command19enum_server_commandP3THDPcj+0xd52)[0x6c20a5]
dbs/5.1-bugteam/libexec/mysqld(_Z10do_commandP3THD+0x27e)[0x6c105c]
dbs/5.1-bugteam/libexec/mysqld(handle_one_connection+0x14c)[0x6bf3b1]
/lib64/libpthread.so.0[0x3d6ec06a3a]
/lib64/libc.so.6(clone+0x6d)[0x3d6e4de67d]
Trying to get some variables.
Some pointers may be invalid and cause the dump to abort...
thd->query at 0x7f02d0008b48 is an invalid pointer
thd->thread_id=2
thd->killed=NOT_KILLED
The manual page at http://dev.mysql.com/doc/mysql/en/crashing.html contains
information that should help you find out what is causing the crash.
[miguel@hegel ~]$
[29 Mar 2010 11:52] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/104549

3426 Sergey Glukhov	2010-03-29
      Bug#52336 Segfault / crash in 5.1 copy_fields (param=0x9872980) at sql_select.cc:15355
      Two problems fixed:
      -make_cond_for_table erroneously extracted conditions
      as a const cond if there is no const tables.
      -having_value which affectes return_zero_rows()
      function was not set properly in case of
      impossible where.
     @ mysql-test/r/having.result
        test result
     @ mysql-test/t/having.test
        test case
     @ sql/sql_select.cc
        Two problems fixed:
        -make_cond_for_table erroneously extracted conditions
        as a const cond if there is no const tables.
        -having_value which affectes return_zero_rows()
        function was not set properly in case of
        impossible where.
[31 Mar 2010 6:13] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/104671

3433 Sergey Glukhov	2010-03-30
      Bug#52336 Segfault / crash in 5.1 copy_fields (param=0x9872980) at sql_select.cc:15355
      The problem is that we can not use make_cond_for_table().
      This function relies on used_tables() condition
      which is not set properly for subqueries.
      As result subquery is not filtered out.
      The fix is to use remove_eq_conds() function instead
      of make_cond_for_table() func. 'remove_eq_conds()'
      algorithm relies on const_item() value and it allows
      to handle subqueries in right way
     @ mysql-test/r/having.result
        test case
     @ mysql-test/t/having.test
        test case
     @ sql/sql_select.cc
        The fix is to use remove_eq_conds() function instead
        of make_cond_for_table() function.
[31 Mar 2010 14:39] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/104726

3433 Sergey Glukhov	2010-03-30
      Bug#52336 Segfault / crash in 5.1 copy_fields (param=0x9872980) at sql_select.cc:15355
      The problem is that we can not use make_cond_for_table().
      This function relies on used_tables() condition
      which is not set properly for subqueries.
      As result subquery is not filtered out.
      The fix is to use remove_eq_conds() function instead
      of make_cond_for_table() func. 'remove_eq_conds()'
      algorithm relies on const_item() value and it allows
      to handle subqueries in right way.
     @ mysql-test/r/having.result
        test result
     @ mysql-test/t/having.test
        test case
     @ sql/sql_select.cc
        The fix is to use remove_eq_conds() function instead
        of make_cond_for_table() function.
[5 Apr 2010 12:09] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/105021

3443 Sergey Glukhov	2010-04-05
      Bug#52336 Segfault / crash in 5.1 copy_fields (param=0x9872980) at sql_select.cc:15355
      The problem is that we can not use make_cond_for_table().
      This function relies on used_tables() condition
      which is not set properly for subqueries.
      As result subquery is not filtered out.
      The fix is to use remove_eq_conds() function instead
      of make_cond_for_table() func. 'remove_eq_conds()'
      algorithm relies on const_item() value and it allows
      to handle subqueries in right way.
     @ mysql-test/r/having.result
        test case
     @ mysql-test/t/having.test
        test case
     @ sql/sql_select.cc
        The fix is to use remove_eq_conds() function instead
        of make_cond_for_table() function.
[6 Apr 2010 8:00] Bugs System 
Pushed into 5.1.46 (revid:sergey.glukhov@sun.com-20100405111026-7kz1p8qlzglqgfmu) (version source revid:sergey.glukhov@sun.com-20100405111026-7kz1p8qlzglqgfmu) (merge vers: 5.1.46) (pib:16)
[16 Apr 2010 17:25] Paul DuBois 
Not in any released version. No changelog entry needed.
[28 May 2010 6:13] Bugs System 
Pushed into mysql-next-mr (revid:alik@sun.com-20100524190136-egaq7e8zgkwb9aqi) (version source revid:alik@sun.com-20100422150750-vp0n37kp9ywq5ghf) (pib:16)
[28 May 2010 6:41] Bugs System 
Pushed into 6.0.14-alpha (revid:alik@sun.com-20100524190941-nuudpx60if25wsvx) (version source revid:alik@sun.com-20100422150658-fkhgnwwkyugtxrmu) (merge vers: 6.0.14-alpha) (pib:16)
[28 May 2010 7:09] Bugs System 
Pushed into 5.5.5-m3 (revid:alik@sun.com-20100524185725-c8k5q7v60i5nix3t) (version source revid:alexey.kopytov@sun.com-20100411071742-a2o2anlcrj2bq14q) (merge vers: 5.5.4-m3) (pib:16)
[17 Jun 2010 12:19] Bugs System 
Pushed into 5.1.47-ndb-7.0.16 (revid:martin.skold@mysql.com-20100617114014-bva0dy24yyd67697) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)
[17 Jun 2010 13:07] Bugs System 
Pushed into 5.1.47-ndb-6.2.19 (revid:martin.skold@mysql.com-20100617115448-idrbic6gbki37h1c) (version source revid:martin.skold@mysql.com-20100609211156-tsac5qhw951miwtt) (merge vers: 5.1.46-ndb-6.2.19) (pib:16)
[17 Jun 2010 13:47] Bugs System 
Pushed into 5.1.47-ndb-6.3.35 (revid:martin.skold@mysql.com-20100617114611-61aqbb52j752y116) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)