Second crash in select_describe() with nested subqueries

Even after 611690 has been fixed, the following crash is still observed:

#3 0x0828691f in handle_segfault (sig=11) at mysqld.cc:2777
#4 <signal handler called>
#5 0x083311cc in select_describe (join=0xae76e990, need_tmp_table=true, need_order=false, distinct=false, message=0x0) at sql_select.cc:18860
#6 0x083098d2 in JOIN::exec (this=0xae76e990) at sql_select.cc:1976
#7 0x0830bad1 in mysql_select (thd=0x9c2ac58, rref_pointer_array=0xae72e71c, tables=0xae72eb30, wild_num=0, fields=..., conds=0x0, og_num=0, order=0x0,
    group=0x0, having=0x0, proc_param=0x0, select_options=2147764741, result=0xae72f030, unit=0xae72e7b8, select_lex=0xae72e618) at sql_select.cc:2667
#8 0x08332f4a in mysql_explain_union (thd=0x9c2ac58, unit=0xae72e7b8, result=0xae72f030) at sql_select.cc:19315
#9 0x08332c4d in select_describe (join=0xae769af8, need_tmp_table=false, need_order=false, distinct=false, message=0x0) at sql_select.cc:19275
#10 0x083098d2 in JOIN::exec (this=0xae769af8) at sql_select.cc:1976
#11 0x0830bad1 in mysql_select (thd=0x9c2ac58, rref_pointer_array=0xae72df14, tables=0xae72e408, wild_num=0, fields=..., conds=0xae72ed40, og_num=0,
    order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147764740, result=0xae72f030, unit=0xae72dfb0, select_lex=0xae72de10)
    at sql_select.cc:2667
#12 0x08332f4a in mysql_explain_union (thd=0x9c2ac58, unit=0xae72dfb0, result=0xae72f030) at sql_select.cc:19315
#13 0x08332c4d in select_describe (join=0xae764c60, need_tmp_table=false, need_order=false, distinct=false, message=0x88ad5c4 "Impossible WHERE")
    at sql_select.cc:19275
#14 0x0831a5ad in return_zero_rows (join=0xae764c60, result=0xae72f030, tables=0xae72dc00, fields=..., send_row=false, select_options=2147764740,
    info=0x88ad5c4 "Impossible WHERE", having=0x0) at sql_select.cc:8718
#15 0x083094f6 in JOIN::exec (this=0xae764c60) at sql_select.cc:1917
#16 0x0830bad1 in mysql_select (thd=0x9c2ac58, rref_pointer_array=0x9c2c6f4, tables=0xae72dc00, wild_num=0, fields=..., conds=0xae72ef30, og_num=0,
    order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147764740, result=0xae72f030, unit=0x9c2c354, select_lex=0x9c2c5f0)
    at sql_select.cc:2667
#17 0x08332f4a in mysql_explain_union (thd=0x9c2ac58, unit=0x9c2c354, result=0xae72f030) at sql_select.cc:19315
#18 0x082a1e6e in execute_sqlcom_select (thd=0x9c2ac58, all_tables=0xae72dc00) at sql_parse.cc:5049
#19 0x08298ffb in mysql_execute_command (thd=0x9c2ac58) at sql_parse.cc:2234
#20 0x082a4584 in mysql_parse (thd=0x9c2ac58,
    rawbuf=0xae72d9f8 "EXPLAIN SELECT f2 FROM t3 WHERE (\nSELECT MAX( pk ) FROM t1\nWHERE EXISTS (\nSELECT DISTINCT f1\nFROM t2\n)\n) IS NULL", length=112,
    found_semicolon=0xae8ff228) at sql_parse.cc:6077
#21 0x08296c93 in dispatch_command (command=COM_QUERY, thd=0x9c2ac58, packet=0x9c42d49 "", packet_length=113) at sql_parse.cc:1210
#22 0x08296140 in do_command (thd=0x9c2ac58) at sql_parse.cc:903
#23 0x0829321e in handle_one_connection (arg=0x9c2ac58) at sql_connect.cc:1154
#24 0x00821919 in start_thread () from /lib/libpthread.so.0
#25 0x0076acce in clone () from /lib/libc.so.6

test case:

CREATE TABLE t1 ( pk int(11)) ;
INSERT INTO t1 VALUES (29);

CREATE TABLE t2 ( f1 varchar(1)) ;
INSERT INTO t2 VALUES ('f'),('d');

CREATE TABLE t3 ( f2 varchar(1)) ;

EXPLAIN SELECT f2 FROM t3 WHERE (
        SELECT MAX( pk ) FROM t1
        WHERE EXISTS (
                SELECT DISTINCT f1
                FROM t2
        )
) IS NULL ;

bzr version-info:

revision-id: <email address hidden>
date: 2011-02-03 17:00:28 +0200
build-date: 2011-02-08 07:24:53 +0200
revno: 2883
branch-nick: maria-5.3-mwl89