From daffceb4e275cb520c7c3277aae420e11c94ca0e Mon Sep 17 00:00:00 2001
From: unknown <evgen@moonbone.local>
Date: Wed, 20 Feb 2008 17:41:39 +0300
Subject: [PATCH 1/2] Bug#33266: Incorrect test case for the bug#31048 failing
 on some platforms.

The test case for the bug#31048 checks that there is no crash on stack
overrun. But due to different stack sizes on different platforms it failed
on some of them.

The new test case check that a query with at least 4 level subquery nesting
works without the stack overrun nesting and other levels of nesting doesn't
cause a crash.


mysql-test/t/subselect.test:
  Corrected test case for the bug#31048.
mysql-test/r/subselect.result:
  Corrected test case for the bug#31048.
---
 mysql-test/r/subselect.result | 128 ++++++++--------------------------
 mysql-test/t/subselect.test   | 124 ++++++++++----------------------
 2 files changed, 69 insertions(+), 183 deletions(-)

diff --git a/mysql-test/r/subselect.result b/mysql-test/r/subselect.result
index 527c45671f4..2de2589fc92 100644
--- a/mysql-test/r/subselect.result
+++ b/mysql-test/r/subselect.result
@@ -4147,103 +4147,37 @@ DROP TABLE t1,t2;
 create table t1(a int,b int,key(a),key(b));
 insert into t1(a,b) values (1,2),(2,1),(2,3),(3,4),(5,4),(5,5),
 (6,7),(7,4),(5,3);
-select sum(a),a from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1
-)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1) 
-group by a;
-sum(a)	a
-select sum(a),a from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1) 
-group by a;
-ERROR HY000: Thread stack overrun detected
-explain select sum(a),a from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 
-)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1) 
-group by a;
-id	select_type	table	type	possible_keys	key	key_len	ref	rows	Extra
-1	PRIMARY	t1	index	a	a	5	NULL	9	Using where; Using index
-2	SUBQUERY	t1	range	a	a	5	NULL	9	Using where; Using temporary; Using filesort
-3	SUBQUERY	t1	range	a	a	5	NULL	9	Using where; Using temporary; Using filesort
-4	SUBQUERY	t1	range	a	a	5	NULL	9	Using where; Using temporary; Using filesort
-5	SUBQUERY	t1	range	a	a	5	NULL	9	Using where; Using temporary; Using filesort
-6	SUBQUERY	t1	range	a	a	5	NULL	9	Using where; Using temporary; Using filesort
-7	SUBQUERY	t1	range	a	a	5	NULL	9	Using where; Using temporary; Using filesort
-8	SUBQUERY	t1	range	a	a	5	NULL	9	Using where; Using temporary; Using filesort
-9	SUBQUERY	t1	range	a	a	5	NULL	9	Using where; Using temporary; Using filesort
-10	SUBQUERY	t1	range	a	a	5	NULL	9	Using where; Using temporary; Using filesort
-11	SUBQUERY	t1	range	a	a	5	NULL	9	Using where; Using temporary; Using filesort
-12	SUBQUERY	t1	range	a	a	5	NULL	1	Using where; Using temporary; Using filesort
-13	SUBQUERY	t1	index	NULL	a	5	NULL	9	Using index
-explain select sum(a),a from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-select sum(a) from t1 
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1
-)group by b limit 1)group by b limit 1)group by b limit 1) 
-group by a;
-ERROR HY000: Thread stack overrun detected
+5
+4
+3
+2
+1
+26
+25
+24
+23
+22
+21
+20
+19
+18
+17
+16
+15
+14
+13
+12
+11
+10
+9
+8
+7
+6
+5
+4
+3
+2
+1
 drop table t1;
 CREATE TABLE t1 (a1 INT, a2 INT);
 CREATE TABLE t2 (b1 INT, b2 INT);
diff --git a/mysql-test/t/subselect.test b/mysql-test/t/subselect.test
index 326d80f84c1..c5edd5414e3 100644
--- a/mysql-test/t/subselect.test
+++ b/mysql-test/t/subselect.test
@@ -3006,92 +3006,44 @@ DROP TABLE t1,t2;
 create table t1(a int,b int,key(a),key(b));
 insert into t1(a,b) values (1,2),(2,1),(2,3),(3,4),(5,4),(5,5),
   (6,7),(7,4),(5,3);
-# test for the stack overflow bug
-select sum(a),a from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1
-  )group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1) 
-group by a;
---replace_regex /overrun.*$/overrun detected/
---error 1436
-select sum(a),a from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1) 
-group by a;
-# test for the memory consumption & subquery slowness bug
-explain select sum(a),a from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 
-  )group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1) 
-group by a;
---replace_regex /overrun.*$/overrun detected/
---error 1436
-explain select sum(a),a from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 where a> ( select sum(a) from t1 where a> (
-  select sum(a) from t1 
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1
-  )group by b limit 1)group by b limit 1)group by b limit 1) 
-group by a;
+
+let $nesting= 26;
+let $should_work_nesting= 5;
+let $start= select sum(a),a from t1 where a> ( select sum(a) from t1 ;
+let $end= )group by a ;
+let $start_app= where a> ( select sum(a) from t1 ;
+let $end_pre= )group by b limit 1 ;
+
+--disable_result_log
+--disable_query_log
+# At least 4 level nesting should work without errors
+while ($should_work_nesting)
+{
+--echo $should_work_nesting
+  eval $start $end;
+  eval explain $start $end;
+  let $start= $start
+  $start_app;
+  let $end= $end_pre
+  $end;
+  dec $should_work_nesting;
+}
+# Other may fail with the 'stack overrun error'
+while ($nesting)
+{
+--echo $nesting
+--error 0,1436
+  eval $start $end;
+--error 0,1436
+  eval explain $start $end;
+  let $start= $start
+  $start_app;
+  let $end= $end_pre
+  $end;
+  dec $nesting;
+}
+--enable_result_log
+--enable_query_log
 drop table t1;
 
 #

From f28612eae272fb56f9bb07bddf31852882af7ed8 Mon Sep 17 00:00:00 2001
From: unknown <gkodinov/kgeorge@magare.gmz>
Date: Thu, 28 Feb 2008 13:31:19 +0200
Subject: [PATCH 2/2] Bug #34747: crash in debug assertion check after derived
 table

Was a double-free of the Unique member of Item_func_group_concat.
This was not causing a crash because the Unique is a descendent of
Sql_alloc.
Fixed to free the Unique only if it was allocated for the instance
of Item_func_group_concat it was referenced from


mysql-test/r/func_gconcat.result:
  Bug #34747: test case
mysql-test/t/func_gconcat.test:
  Bug #34747: test case
sql/item_sum.cc:
  Bug #34747: free the Unique only if it was allocated
  for this instance of Item_func_group_concat
---
 mysql-test/r/func_gconcat.result | 15 +++++++++++++++
 mysql-test/t/func_gconcat.test   | 17 +++++++++++++++++
 sql/item_sum.cc                  |  2 +-
 3 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/mysql-test/r/func_gconcat.result b/mysql-test/r/func_gconcat.result
index 19b5f03de6b..77d11831842 100644
--- a/mysql-test/r/func_gconcat.result
+++ b/mysql-test/r/func_gconcat.result
@@ -931,4 +931,19 @@ SELECT GROUP_CONCAT(DISTINCT b, a ORDER BY b) FROM t1;
 GROUP_CONCAT(DISTINCT b, a ORDER BY b)
 11,22,32
 DROP TABLE t1, t2, t3;
+CREATE TABLE t1(a INT);
+INSERT INTO t1 VALUES (),();
+SELECT s1.d1 FROM
+(
+SELECT
+t1.a as d1,
+GROUP_CONCAT(DISTINCT t1.a) AS d2
+FROM
+t1 AS t1,
+t1 AS t2
+GROUP BY 1
+) AS s1;
+d1
+NULL
+DROP TABLE t1;
 End of 5.0 tests
diff --git a/mysql-test/t/func_gconcat.test b/mysql-test/t/func_gconcat.test
index 84c286e516b..87632fbdbb8 100644
--- a/mysql-test/t/func_gconcat.test
+++ b/mysql-test/t/func_gconcat.test
@@ -640,4 +640,21 @@ SELECT GROUP_CONCAT(DISTINCT b, a ORDER BY b) FROM t1;
 
 DROP TABLE t1, t2, t3;
 
+#
+# Bug #34747: crash in debug assertion check after derived table
+#
+CREATE TABLE t1(a INT);
+INSERT INTO t1 VALUES (),();
+SELECT s1.d1 FROM
+(
+ SELECT
+  t1.a as d1,
+  GROUP_CONCAT(DISTINCT t1.a) AS d2
+ FROM
+  t1 AS t1,
+  t1 AS t2
+ GROUP BY 1
+) AS s1;
+DROP TABLE t1;
+
 --echo End of 5.0 tests
diff --git a/sql/item_sum.cc b/sql/item_sum.cc
index 47a7073c2e7..3d6d46ab3f4 100644
--- a/sql/item_sum.cc
+++ b/sql/item_sum.cc
@@ -3460,6 +3460,6 @@ void Item_func_group_concat::print(String *str)
 
 Item_func_group_concat::~Item_func_group_concat()
 {
-  if (unique_filter) 
+  if (!original && unique_filter)
     delete unique_filter;    
 }