• Georgi Kodinov's avatar
    Bug #37348: Crash in or immediately after JOIN::make_sum_func_list · a18639b6
    Georgi Kodinov authored
          
    The optimizer pulls up aggregate functions which should be aggregated in
    an outer select. At some point it may substitute such a function for a field
    in the temporary table. The setup_copy_fields function doesn't take this
    into account and may overrun the copy_field buffer.
          
    Fixed by filtering out the fields referenced through the specialized
    reference for aggregates (Item_aggregate_ref).
    Added an assertion to make sure bugs that cause similar discrepancy 
    don't go undetected.
    
    mysql-test/r/func_group.result:
      Bug #37348: test case
    mysql-test/t/func_group.test:
      Bug #37348: test case
    sql/item.cc:
      Bug #37348: Added a way to distinguish Item_aggregate_ref from the other types of refs
    sql/item.h:
      Bug #37348: Added a way to distinguish Item_aggregate_ref from the other types of refs
    sql/sql_select.cc:
      Bug #37348: 
       - Don't consider copying field references
          seen through Item_aggregate_ref
       - check for discrepancies between the number of expected 
         fields that need copying and the actual fields copied.
    a18639b6
item.h 95.8 KB