Commit 57b3fefa authored by Sergey Petrunya's avatar Sergey Petrunya

BUG#882994: Crash in QUICK_RANGE_SELECT::reset with derived_with_keys

- The bug was caused by the following scenario:
  = a quick select is created with get_quick_select_for_ref. The quick 
    select refers to temporary (derived) table. It saves table->file, which
    refers to a ha_heap object.
  = When temp table is populated, ha_heap reaches max. size and is converted
    to a ha_myisam.  However, quick->file remains pointing to where ha_heap 
    was. 
  = Attempt to use the quick select causes crash.
- Fixed by introducing QUICK_SELECT_I::replace_handler(). Note that it will 
  not work for index_merge quick selects. Which is fine, because these
  quick selects are never created for derived tables.
parent 3694bb90
...@@ -1828,4 +1828,37 @@ USA Miami Miami ...@@ -1828,4 +1828,37 @@ USA Miami Miami
USA Miami Miami USA Miami Miami
SET @@tmp_table_size=default; SET @@tmp_table_size=default;
drop table t1,t2,t3; drop table t1,t2,t3;
#
# BUG#882994: Crash in QUICK_RANGE_SELECT::reset with derived_with_keys
#
CREATE TABLE t2 (
pk varchar(33),
col_varchar_key varchar(3) NOT NULL,
col_varchar_nokey varchar(52) NOT NULL);
INSERT INTO t2 VALUES ('NICSpanish','NIC','Spanish'),
('NERHausa','NER','Hausa'),('NGAJoruba','NGA','Joruba'),
('NIUNiue','NIU','Niue'),('NFKEnglish','NFK','English'),
('NORNorwegian','NOR','Norwegian'),('CIVAkan','CIV','Akan'),
('OMNArabic','OMN','Arabic'),('PAKPunjabi','PAK','Punjabi'),
('PLWPalau','PLW','Palau'),('PANSpanish','PAN','Spanish'),
('PNGPapuan Langua','PNG','Papuan Languages'), ('PRYSpanish','PRY','Spanish'),
('PERSpanish','PER','Spanish'), ('PCNPitcairnese','PCN','Pitcairnese'),
('MNPPhilippene La','MNP','Philippene Langu'),('PRTPortuguese','PRT','Portuguese'),
('PRISpanish','PRI','Spanish'),('POLPolish','POL','Polish'),('GNQFang','GNQ','Fang');
CREATE TABLE t1 ( col_varchar_nokey varchar(52) NOT NULL ) ;
INSERT INTO t1 VALUES ('Chinese'),('English'),('French'),('German'),
('Italian'),('Japanese'),('Korean'),('Polish'),('Portuguese'),('Spanish'),
('Tagalog'),('Vietnamese');
CREATE TABLE t3 ( col_varchar_key varchar(52)) ;
INSERT INTO t3 VALUES ('United States');
set @tmp_882994= @@max_heap_table_size;
set max_heap_table_size=1;
SELECT *
FROM t3 JOIN
( SELECT t2.* FROM t1, t2 ) AS alias2
ON ( alias2.col_varchar_nokey = t3.col_varchar_key )
ORDER BY CONCAT(alias2.col_varchar_nokey);
col_varchar_key pk col_varchar_key col_varchar_nokey
set max_heap_table_size= @tmp_882994;
drop table t1,t2,t3;
set optimizer_switch=@exit_optimizer_switch; set optimizer_switch=@exit_optimizer_switch;
...@@ -1221,5 +1221,45 @@ SET @@tmp_table_size=default; ...@@ -1221,5 +1221,45 @@ SET @@tmp_table_size=default;
drop table t1,t2,t3; drop table t1,t2,t3;
--echo #
--echo # BUG#882994: Crash in QUICK_RANGE_SELECT::reset with derived_with_keys
--echo #
CREATE TABLE t2 (
pk varchar(33),
col_varchar_key varchar(3) NOT NULL,
col_varchar_nokey varchar(52) NOT NULL);
INSERT INTO t2 VALUES ('NICSpanish','NIC','Spanish'),
('NERHausa','NER','Hausa'),('NGAJoruba','NGA','Joruba'),
('NIUNiue','NIU','Niue'),('NFKEnglish','NFK','English'),
('NORNorwegian','NOR','Norwegian'),('CIVAkan','CIV','Akan'),
('OMNArabic','OMN','Arabic'),('PAKPunjabi','PAK','Punjabi'),
('PLWPalau','PLW','Palau'),('PANSpanish','PAN','Spanish'),
('PNGPapuan Langua','PNG','Papuan Languages'), ('PRYSpanish','PRY','Spanish'),
('PERSpanish','PER','Spanish'), ('PCNPitcairnese','PCN','Pitcairnese'),
('MNPPhilippene La','MNP','Philippene Langu'),('PRTPortuguese','PRT','Portuguese'),
('PRISpanish','PRI','Spanish'),('POLPolish','POL','Polish'),('GNQFang','GNQ','Fang');
CREATE TABLE t1 ( col_varchar_nokey varchar(52) NOT NULL ) ;
INSERT INTO t1 VALUES ('Chinese'),('English'),('French'),('German'),
('Italian'),('Japanese'),('Korean'),('Polish'),('Portuguese'),('Spanish'),
('Tagalog'),('Vietnamese');
CREATE TABLE t3 ( col_varchar_key varchar(52)) ;
INSERT INTO t3 VALUES ('United States');
set @tmp_882994= @@max_heap_table_size;
--disable_warnings
set max_heap_table_size=1;
--enable_warnings
SELECT *
FROM t3 JOIN
( SELECT t2.* FROM t1, t2 ) AS alias2
ON ( alias2.col_varchar_nokey = t3.col_varchar_key )
ORDER BY CONCAT(alias2.col_varchar_nokey);
set max_heap_table_size= @tmp_882994;
drop table t1,t2,t3;
# The following command must be the last one the file # The following command must be the last one the file
set optimizer_switch=@exit_optimizer_switch; set optimizer_switch=@exit_optimizer_switch;
...@@ -354,6 +354,12 @@ class QUICK_SELECT_I ...@@ -354,6 +354,12 @@ class QUICK_SELECT_I
Table record buffer used by this quick select. Table record buffer used by this quick select.
*/ */
uchar *record; uchar *record;
virtual void replace_handler(handler *new_file)
{
DBUG_ASSERT(0); /* Only supported in QUICK_RANGE_SELECT */
}
#ifndef DBUG_OFF #ifndef DBUG_OFF
/* /*
Print quick select information to DBUG_FILE. Caller is responsible Print quick select information to DBUG_FILE. Caller is responsible
...@@ -449,6 +455,7 @@ class QUICK_RANGE_SELECT : public QUICK_SELECT_I ...@@ -449,6 +455,7 @@ class QUICK_RANGE_SELECT : public QUICK_SELECT_I
#ifndef DBUG_OFF #ifndef DBUG_OFF
void dbug_dump(int indent, bool verbose); void dbug_dump(int indent, bool verbose);
#endif #endif
virtual void replace_handler(handler *new_file) { file= new_file; }
private: private:
/* Default copy ctor used by QUICK_SELECT_DESC */ /* Default copy ctor used by QUICK_SELECT_DESC */
friend class TRP_ROR_INTERSECT; friend class TRP_ROR_INTERSECT;
......
...@@ -9701,6 +9701,8 @@ bool JOIN_TAB::preread_init() ...@@ -9701,6 +9701,8 @@ bool JOIN_TAB::preread_init()
derived, DT_CREATE | DT_FILL)) derived, DT_CREATE | DT_FILL))
return TRUE; return TRUE;
preread_init_done= TRUE; preread_init_done= TRUE;
if (select && select->quick)
select->quick->replace_handler(table->file);
return FALSE; return FALSE;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment