At file:///home/tsk/mprog/src/10.0-md83/
------------------------------------------------------------
revno: 3551
revision-id: timour@xxxxxxxxxxxx-20130611081135-rge7p00h8e9nhypj
parent: timour@xxxxxxxxxxxx-20130528122232-kisslvdw5vhrna0q
fixes bug: https://mariadb.atlassian.net/browse/MDEV-4612
committer: timour@xxxxxxxxxxxx
branch nick: 10.0-md83
timestamp: Tue 2013-06-11 11:11:35 +0300
message:
MDEV-4612 SQ pushdown: Server crashes in make_join_statistics with materialization+semijoin, IN subqueries, constant table, impossible condition
Analysis:
The subquery materialization execution method subselect_hash_sj_engine::exec()
didn't restore thd->lex->current_select through all return paths. This was
not a problem when the method is called during execution. When a subquery
was executed during the optimization phase of the outer query, current_select
remained to point to the wrong subquery. This resulted in update_ref_and_keys()
getting the wrong number of conditions via thd->lex->current_select->cond_count,
thus allocating a smaller buffer for sargable conditions. This later resulted
in memory overwrite.
Solution:
Make sure that subselect_hash_sj_engine::exec() always restores current_select.
