MDEV-4316 MariaDB server crash with signal 11

fulltext search was initialized for all MATCH ... AGAINST items at the end of the JOIN::optimize(). But since 5.3 derived tables are initialized lazily on first use, very late in the sub_select(). Skip Item_func_match::init_search initialization if the corresponding table isn't open yet; repeat fulltext initialization for all not-yet-initialized MATCH ... AGAINST items after creating derived tables.
2013-04-06 15:14:46 +02:00 · 2013-04-06 15:14:46 +02:00 · 6770a9a836
commit 6770a9a836
parent 385de8743a
5 changed files with 42 additions and 15 deletions
--- a/mysql-test/r/fulltext_derived_4316.result
+++ b/mysql-test/r/fulltext_derived_4316.result
@ -0,0 +1,8 @@
+create table t1 (ft text) engine=myisam;
+insert into t1 values ('test1'),('test2');
+select distinct match(ft) against("test1" in boolean mode) from
+(select distinct ft from t1) as t;
+match(ft) against("test1" in boolean mode)
+1
+0
+drop table t1;
--- a/mysql-test/t/fulltext_derived_4316.test
+++ b/mysql-test/t/fulltext_derived_4316.test
@ -0,0 +1,14 @@
+#
+# MATCH on the derived tables
+#
+
+#
+# MDEV-4316 MariaDB server crash with signal 11
+#
+
+create table t1 (ft text) engine=myisam;
+insert into t1 values ('test1'),('test2');
+select distinct match(ft) against("test1" in boolean mode) from
+        (select distinct ft from t1) as t; 
+drop table t1;
+
--- a/sql/item_func.cc
+++ b/sql/item_func.cc
@ -5514,15 +5514,12 @@ void Item_func_match::init_search(bool no_order)
 {
  DBUG_ENTER("Item_func_match::init_search");

+  if (!table->file->get_table()) // the handler isn't opened yet
+    DBUG_VOID_RETURN;
+
  /* Check if init_search() has been called before */
  if (ft_handler)
  {
-    /*
-      We should reset ft_handler as it is cleaned up
-      on destruction of FT_SELECT object
-      (necessary in case of re-execution of subquery).
-      TODO: FT_SELECT should not clean up ft_handler.
-    */
    if (join_key)
      table->file->ft_handler= ft_handler;
    DBUG_VOID_RETURN;
@ -5572,6 +5569,10 @@ void Item_func_match::init_search(bool no_order)

  if (join_key && !no_order)
    flags|=FT_SORTED;
+
+  if (key != NO_SUCH_KEY)
+    thd_proc_info(table->in_use, "FULLTEXT initialization");
+
  ft_handler= table->file->ft_init_ext(flags, key, ft_tmp);

  if (join_key)
--- a/sql/sql_base.cc
+++ b/sql/sql_base.cc
@ -9241,7 +9241,6 @@ int init_ftfuncs(THD *thd, SELECT_LEX *select_lex, bool no_order)
    List_iterator<Item_func_match> li(*(select_lex->ftfunc_list));
    Item_func_match *ifm;
    DBUG_PRINT("info",("Performing FULLTEXT search"));
-    thd_proc_info(thd, "FULLTEXT initialization");

    while ((ifm=li++))
      ifm->init_search(no_order);
--- a/sql/sql_select.cc
+++ b/sql/sql_select.cc
@ -10191,6 +10191,11 @@ bool JOIN_TAB::preread_init()
  preread_init_done= TRUE;
  if (select && select->quick)
    select->quick->replace_handler(table->file);
+
+  /* init ftfuns for just initialized derived table */
+  if (table->fulltext_searched)
+    init_ftfuncs(join->thd, join->select_lex, test(join->order));
+
  return FALSE;
 }