[MDEV-8688] Wrong result for SELECT..WHERE varchar_column IN (1,2,3) AND varchar_column=' 1'; Created: 2015-08-28  Updated: 2015-09-12  Resolved: 2015-08-29

Status: Closed
Project: MariaDB Server
Component/s: Optimizer
Affects Version/s: 5.1.67, 5.2.14, 5.3.12, 5.5, 10.0, 10.1
Fix Version/s: 10.1.7

Type: Bug Priority: Major
Reporter: Alexander Barkov Assignee: Alexander Barkov
Resolution: Fixed Votes: 0
Labels: propagation, upstream

Issue Links:
Blocks
blocks MDEV-8728 Fix a number of problems in equal fie... Closed

 Description   

This script:

DROP TABLE IF EXISTS t1;
 
CREATE TABLE t1 (a VARCHAR(10) CHARACTER SET cp1251 COLLATE cp1251_ukrainian_ci);
 
INSERT INTO t1 VALUES (' 1'),('`1');
 
SELECT * FROM t1 WHERE a IN (1,2,3);

returns one row:

+------+
 
| a    |
 
+------+
 
|  1   |
 
+------+

Now if I make the condition even stroger:

SELECT * FROM t1 WHERE a IN (1,2,3) AND a=' 1';

It erroneously returns two rows:

+------+
 
| a    |
 
+------+
 
|  1   |
 
| `1   |
 
+------+

It should return one row.

The problem happens in equal fields propagation in this code:

  if (!item || !has_compatible_context(item))
 
    item= this;

Item_func_in does not set cmp_type of args[0], so has_compatible_context() passes and the field gets erroneously replaced to the string constant which makes Item_func_in::val_int() always evaluate to TRUE.

 Comments   
Comment by Alexander Barkov [ 2015-08-28 ]

Another example script:

SET NAMES utf8;
 
DROP TABLE IF EXISTS t1;
 
CREATE TABLE t1 (a VARCHAR(10) CHARACTER SET latin1);
 
INSERT INTO t1 VALUES ('1e1'),('1ë1');
 
SELECT * FROM t1 WHERE a IN (1,2);

returns one row:

+------+
 
| a    |
 
+------+
 
| 1ë1  |
 
+------+

Now if I make the condition even stronger:

SELECT * FROM t1 WHERE a IN (1,2) AND a='1ë1';

it erroneously returns two rows:

+------+
 
| a    |
 
+------+
 
| 1e1  |
 
| 1ë1  |
 
+------+

Generated at Thu Feb 08 07:29:02 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.