Commit 48c67b2c authored by Georgi Kodinov's avatar Georgi Kodinov

Bug #48458: simple query tries to allocate enormous amount of

  memory

The server was doing a bad class typecast causing setting of 
wrong value for the maximum number of items in an internal
structure used in equality propagation.
Fixed by not doing the wrong typecast and asserting the type
of the Item where it should be done.
parent 154c3480
...@@ -4442,4 +4442,18 @@ ROW(a,a) <=> ROW((SELECT 1 FROM t1 WHERE 1=2),(SELECT 1 FROM t1)) ...@@ -4442,4 +4442,18 @@ ROW(a,a) <=> ROW((SELECT 1 FROM t1 WHERE 1=2),(SELECT 1 FROM t1))
INTO @var0; INTO @var0;
ERROR 21000: Subquery returns more than 1 row ERROR 21000: Subquery returns more than 1 row
DROP TABLE t1; DROP TABLE t1;
#
# Bug #48458: simple query tries to allocate enormous amount of
# memory
#
CREATE TABLE t1(a INT NOT NULL, b YEAR);
INSERT INTO t1 VALUES ();
Warnings:
Warning 1364 Field 'a' doesn't have a default value
CREATE TABLE t2(c INT);
# Should not err out because of out-of-memory
SELECT 1 FROM t2 JOIN t1 ON 1=1
WHERE a != '1' AND NOT a >= b OR NOT ROW(b,a )<> ROW(a,a);
1
DROP TABLE t1,t2;
End of 5.0 tests End of 5.0 tests
...@@ -3783,5 +3783,18 @@ INTO @var0; ...@@ -3783,5 +3783,18 @@ INTO @var0;
DROP TABLE t1; DROP TABLE t1;
--echo #
--echo # Bug #48458: simple query tries to allocate enormous amount of
--echo # memory
--echo #
CREATE TABLE t1(a INT NOT NULL, b YEAR);
INSERT INTO t1 VALUES ();
CREATE TABLE t2(c INT);
--echo # Should not err out because of out-of-memory
SELECT 1 FROM t2 JOIN t1 ON 1=1
WHERE a != '1' AND NOT a >= b OR NOT ROW(b,a )<> ROW(a,a);
DROP TABLE t1,t2;
--echo End of 5.0 tests --echo End of 5.0 tests
...@@ -7535,13 +7535,13 @@ static COND *build_equal_items_for_cond(THD *thd, COND *cond, ...@@ -7535,13 +7535,13 @@ static COND *build_equal_items_for_cond(THD *thd, COND *cond,
{ {
item_equal->fix_length_and_dec(); item_equal->fix_length_and_dec();
item_equal->update_used_tables(); item_equal->update_used_tables();
}
else
item_equal= (Item_equal *) eq_list.pop();
set_if_bigger(thd->lex->current_select->max_equal_elems, set_if_bigger(thd->lex->current_select->max_equal_elems,
item_equal->members()); item_equal->members());
return item_equal; return item_equal;
} }
return eq_list.pop();
}
else else
{ {
/* /*
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment