Hi! 11.06.2013 11:11, timour@askmonty.org пишет:
At file:///home/tsk/mprog/src/10.0-md83/
------------------------------------------------------------ revno: 3551 revision-id: timour@askmonty.org-20130611081135-rge7p00h8e9nhypj parent: timour@askmonty.org-20130528122232-kisslvdw5vhrna0q fixes bug: https://mariadb.atlassian.net/browse/MDEV-4612 committer: timour@askmonty.org branch nick: 10.0-md83 timestamp: Tue 2013-06-11 11:11:35 +0300 message: MDEV-4612 SQ pushdown: Server crashes in make_join_statistics with materialization+semijoin, IN subqueries, constant table, impossible condition
Analysis: The subquery materialization execution method subselect_hash_sj_engine::exec() didn't restore thd->lex->current_select through all return paths. This was not a problem when the method is called during execution. When a subquery was executed during the optimization phase of the outer query, current_select remained to point to the wrong subquery. This resulted in update_ref_and_keys() getting the wrong number of conditions via thd->lex->current_select->cond_count, thus allocating a smaller buffer for sargable conditions. This later resulted in memory overwrite.
Solution: Make sure that subselect_hash_sj_engine::exec() always restores current_select.
The patch looks OK to push. [skip]