revision-id: 30d09dd3e0030ba6cc2efd179218100bf188cda2 (mariadb-10.2.31-279-g30d09dd3e00) parent(s): b46b7144d1999d4950a812486f36f2f0d6ab645d author: Varun Gupta committer: Varun Gupta timestamp: 2020-06-17 16:22:11 +0530 message: MDEV-22852: SIGSEGV in sortlength (optimized builds) The issue here is for a DEPENDENT subquery that has an aggregate function in the ORDER BY clause, is wrapped inside an Item_aggregate_ref. For computation of ORDER BY we need to refer to the temp table field corresponding to this item. But in the function make_sortorder, we were explicitly casting Item_aggrgate_ref to Item_sum, which leads to us not getting the temp table field corresponding to the item. --- mysql-test/r/subselect4.result | 12 ++++++++++++ mysql-test/t/subselect4.test | 12 ++++++++++++ sql/filesort.cc | 9 ++++++++- 3 files changed, 32 insertions(+), 1 deletion(-) diff --git a/mysql-test/r/subselect4.result b/mysql-test/r/subselect4.result index 51f199bd1e9..a718895dc34 100644 --- a/mysql-test/r/subselect4.result +++ b/mysql-test/r/subselect4.result @@ -2566,3 +2566,15 @@ SELECT sum(a), t2.a, t2.b FROM t2 HAVING t2.a IN (SELECT t2.b FROM t1); sum(a) a b 6 1 1 DROP TABLE t1,t2; +# +# MDEV-22852: SIGSEGV in sortlength (optimized builds) +# +SET @save_optimizer_switch=@@optimizer_switch; +SET optimizer_switch='subquery_cache=off'; +CREATE TABLE t1 (a INT,b INT); +INSERT INTO t1 VALUES (0,0),(0,0); +SELECT (SELECT DISTINCT t1i.b FROM t1 t1i GROUP BY t1i.a ORDER BY MAX(t1o.b)) FROM t1 AS t1o; +(SELECT DISTINCT t1i.b FROM t1 t1i GROUP BY t1i.a ORDER BY MAX(t1o.b)) +0 +SET @@optimizer_switch= @save_optimizer_switch; +DROP TABLE t1; diff --git a/mysql-test/t/subselect4.test b/mysql-test/t/subselect4.test index 2b3f610d06f..057a4502684 100644 --- a/mysql-test/t/subselect4.test +++ b/mysql-test/t/subselect4.test @@ -2101,3 +2101,15 @@ SET @@sql_select_limit= @save_sql_select_limit; eval EXPLAIN EXTENDED $query; eval $query; DROP TABLE t1,t2; + +--echo # +--echo # MDEV-22852: SIGSEGV in sortlength (optimized builds) +--echo # + +SET @save_optimizer_switch=@@optimizer_switch; +SET optimizer_switch='subquery_cache=off'; +CREATE TABLE t1 (a INT,b INT); +INSERT INTO t1 VALUES (0,0),(0,0); +SELECT (SELECT DISTINCT t1i.b FROM t1 t1i GROUP BY t1i.a ORDER BY MAX(t1o.b)) FROM t1 AS t1o; +SET @@optimizer_switch= @save_optimizer_switch; +DROP TABLE t1; diff --git a/sql/filesort.cc b/sql/filesort.cc index 1df2f93676d..f8952f6d711 100644 --- a/sql/filesort.cc +++ b/sql/filesort.cc @@ -483,7 +483,14 @@ uint Filesort::make_sortorder(THD *thd, JOIN *join, table_map first_table_bit) if (item->type() == Item::FIELD_ITEM) pos->field= ((Item_field*) item)->field; else if (item->type() == Item::SUM_FUNC_ITEM && !item->const_item()) - pos->field= ((Item_sum*) item)->get_tmp_table_field(); + { + // Aggregate, or Item_aggregate_ref + DBUG_ASSERT(first->type() == Item::SUM_FUNC_ITEM || + (first->type() == Item::REF_ITEM && + static_cast<Item_ref*>(first)->ref_type() == + Item_ref::AGGREGATE_REF)); + pos->field= first->get_tmp_table_field(); + } else if (item->type() == Item::COPY_STR_ITEM) { // Blob patch pos->item= ((Item_copy*) item)->get_item();