If a stored function that contains a drop temporary table statement
is invoked by a create temporary table of the same name may cause
a server crash. The problem is that when dropping a table no check
is done to ensure that table is not being used by some outer query
(or outer statement), potentially leaving the outer query with a
reference to a stale (freed) table.
The solution is when dropping a temporary table, always check if
the table is being used by some outer statement as a temporary
table can be dropped inside stored procedures.
The check is performed by looking at the TABLE::query_id value for
temporary tables. To simplify this check and to solve a bug related
to handling of temporary tables in prelocked mode, this patch changes
the way in which this member is used to track the fact that table is
used/unused. Now we ensure that TABLE::query_id is zero for unused
temporary tables (which means that all temporary tables which were
used by a statement should be marked as free for reuse after it's
execution has been completed).
mysql-test/include/handler.inc:
Add test case for side effect of Bug#30882
mysql-test/r/handler_innodb.result:
Add test case result for side effect of Bug#30882
mysql-test/r/handler_myisam.result:
Add test case result for side effect of Bug#30882
mysql-test/r/sp-error.result:
Add test case result for Bug#30882
mysql-test/t/sp-error.test:
Add test case for Bug#30882
sql/event_db_repository.cc:
Update close_thread_tables call, no more default values.
sql/mysql_priv.h:
Remove implicit default parameters values of the close_thread_tables
function as no callers are using it.
sql/slave.cc:
Update close_thread_tables call, no more default values
sql/sp_head.cc:
Update close_thread_tables call, no more default values
sql/sql_base.cc:
Changed the approach to distinguishing currently unused temporary tables.
Now we ensure that such tables always have TABLE::query_id set to 0 and
use this fact to perform checks during opening and dropping of temporary
tables. This means that we have to call close_thread_tables() even for
statements which use only temporary tables. To make this call cheaper,
we re-factored close_thread_tables() to not take LOCK_open unless there
are open base tables.
sql/sql_handler.cc:
Properly close temporary tables associated with a handler.
sql/sql_insert.cc:
close_temporary_table is now merged into drop_temporary_table.
sql/sql_parse.cc:
Now the condition doesn't cover all cases because close_thread_tables()
must be called even for statements that use only temporary tables.
sql/sql_table.cc:
Use drop_temporary_table which perform checks to verify if
the table is not being used. Error path problem is due to
a handler tables issue and is going to be addressed in bug
31397.
sql/table.h:
Rename previously unused clear_query_id and document the usage of
query_id and open_by_handler.
"ALTER SERVER can cause server to crash"
While retrieving values, it would erronously set the socket value
to NULL and attempt to use it in strcmp().
Ensure it is correctly set to "" so that strcmp may not crash.
mysql-test/r/federated_server.result:
results for bug30671
fix inconsistent result
mysql-test/t/federated_server.test:
surplus semicolon
test for bug30671
sql/sql_servers.cc:
bug30671
inside function get_server_from_table_to_cache()
server->socket was being set to NULL instead of empty string
The mysql_change_user command fails to properly update the database pointer
when no database is selected, leading to "use after free" errors. The same
happens on the user privilege pointer in the thread security context.
The solution is to properly reset and update the database name. Also update
the user_priv pointer so that it doesn't point to freed memory.
sql/sql_connect.cc:
After a successful call to check_user() without specifying a new
database name, the previous database thd->db) is freed but the
pointer is not updated to NULL.
sql/sql_parse.cc:
Update the security_ctx->priv_user pointer as it is a alias for
the user security_ctx->user pointer. Also remove unneeded cast,
the x_free macro casts the argument.
into magare.gmz:/home/kgeorge/mysql/work/B31794-5.1-opt
mysql-test/r/func_group.result:
Auto merged
mysql-test/t/func_group.test:
Auto merged
sql/sql_select.cc:
Auto merged
The HAVING clause is subject to the same rules as the SELECT list
about using aggregated and non-aggregated columns.
But this was not enforced when processing implicit grouping from
using aggregate functions.
Fixed by performing the same checks for HAVING as for SELECT.
mysql-test/r/func_group.result:
Bug #31794: test case
mysql-test/t/func_group.test:
Bug #31794: test case
sql/sql_select.cc:
Bug #31794: Check HAVING in addition to SELECT list
there is nothing to recover.
Discovered while working on Bug#12713
sql/sql_table.cc:
Use MYF(0) in my_open() in read_ddl_log_header() called from
execute_ddl_log_recovery() called during the server start up to not
generate an error if no ddl log exists. This is not an erroneous situation,
in fact it's the case in any server statrtup. The error was lost
anyway, since it was pushed into the stack of the artificial thd.
error in mysql_create_frm instead of
direct access to my_error() members.
This is a pre-requisite for the patch for Bug#12713.
sql/unireg.cc:
Use Internal_error_handler mechanism to silence ER_TOO_MANY_FIELDS
error in mysql_create_frm instead of
direct access to my_error() members.
in evaluate_join_record().
A minor cleanup required for the fix for Bug#12713.
sql/sql_select.cc:
Use thd->is_error() instead of direct access to thd->net.report_error
in evaluate_join_record()
SHOW CREATE TRIGGER was not checking for detected errors
opening/reading the trigger file.
Fixed to return the already generated error.
mysql-test/r/trigger.result:
Bug #31866: test case
mysql-test/t/trigger.test:
Bug #31866: test case
sql/sql_show.cc:
Bug #31866: test for error and return it.
during udf initialization. The bug is spotted while working on Bug 12713.
If a user-defined function was used in a SELECT statement, and an
error would occur during UDF initialization, this error would not terminate
execution of the SELECT, but rather would be converted to a warning.
The fix is to use a stack buffer to store the message from udf_init instead
of private my_error() buffer.
mysql-test/r/udf.result:
Update the result to reflect the fix for Bug#32007 select udf_function()
doesn't return an error if error during udf initialization
mysql-test/t/udf.test:
Update the test to reflect the fix for Bug #32007 select udf_function()
doesn't return an error if error during udf initialization
sql/item_func.cc:
A fix for Bug#32007.
net.last_error buffer was used to store the temporary message from udf_init.
Then, when my_error() was called, net.last_error was not empty so
my_error() would conclude that there is already an error in the error stack,
and not "overwrite" it.
However, thd->net.report_error was not set, so the the
SELECT was not aborted.
The fix is to use a stack buffer instead of thd->net.last_error
to store the message from udf_init. The message will end up in
thd->net.last_error anyway after a call to my_error.
check_user()/check_connection()/check_for_max_user_connections().
This is a pre-requisite patch for the fix for Bug#12713 "Error in a stored
function called from a SELECT doesn't cause ROLLBACK of statem"
Implement review comments.
sql/mysql_priv.h:
check_for_max_user_connections() is used in one place only, make it static.
sql/mysqld.cc:
Remove net_printf_error(): a consolidation of error reporting facilities
is necessary to simplify maintenance of the query cache, the
client-server protocol, stored procedure continue handlers.
Rewrite the only place where its use is somewhat justified
(my_error() can not be used since we need to report an error for the thread
that does not exist) with my_snprintf()/net_send_error().
sql/protocol.cc:
Remove net_printf_error().
sql/protocol.h:
Remove net_printf_error().
sql/sql_connect.cc:
Remove net_printf_error(). In check_connection()/check_user()/
check_for_max_user_connections() do not write directly to the network,
but use the standard my_error() mechanism to record an error in THD.
It will be sent to the client by the caller. This was the last place
in the server that would attempt to send an error directly, mainly left
untouched by 5.0 refactoring because it is executed only during
thread startup.
sql/sql_parse.cc:
In the old code, when res was greater than 0, it contained an exact
error code, e.g. ER_OUT_OF_RESOURCES or NO SUCH DATABASE,
or ER_HANDSHAKE_ERROR. I don't know the reason why this error code was
ignored, and instead a generic ER_UNKNOWN_COM_ERROR was pushed into the
error stack, but knowing the relaxed attitude towards preserving the error
codes in the old code, I'm inclinded to think that it was a bug.
After this patch, the most specific error message is already pushed,
so calling my_message() again is useless.
If res is < 0, the error used to be already sent. This is not done
by the new code, but will be done later, in the end
of dispatch_command(). When this is done, clear_error() will be called
for us - it is in the first lines of do_command.
To sum up, this change is to remove COM_CHANGE_USER specific error handling
in favor of the standard one employed for all other COM_* commands.
Add select_send::cleanup.
Fix a compilation warning.
Issues spotted while working on the fix for Bug#12713.
sql-common/client.c:
Fix a warning.
sql/sql_class.cc:
Give a variable a more specific name. Rewrite an incorrect comment.
Add a cleanup for select_send. The only case now this cleanup can be
necessary is when we have a prepared statement inside a stored procedure,
and a continue handler. At first execution, the statement is killed
after having executed select_send::send_fields. At the second execution
it is killed after having executed select_send::send_fields.
sql/sql_class.h:
Rename a member. Add comments.
into stella.local:/home2/mydev/mysql-5.1-axmrg
mysql-test/r/ctype_ucs.result:
Auto merged
mysql-test/t/ctype_ucs.test:
Auto merged
mysql-test/t/variables.test:
Auto merged
sql/ha_partition.cc:
Auto merged
sql/item_func.cc:
Auto merged
sql/sql_yacc.yy:
Auto merged
sql/table.cc:
Auto merged
The new default database engine for altered table was reassigned to
the old one. That's wrong thing by itself, and (as the engine
for a subpartition gets that new value) leads to DBUG_ASSERTION
in mysql_unpack_partition()
mysql-test/r/partition.result:
Bug #31893 Partitions: crash if subpartitions and engine change.
test result
mysql-test/t/partition.test:
Bug #31893 Partitions: crash if subpartitions and engine change.
test case
sql/sql_partition.cc:
Bug #31893 Partitions: crash if subpartitions and engine change.
Don't change part_info->default_engine_type if it's already set
into stella.local:/home2/mydev/mysql-5.0-axmrg
mysql-test/r/ctype_ucs.result:
Auto merged
mysql-test/t/ctype_ucs.test:
Auto merged
sql/item_func.cc:
Auto merged
Dropping users causes huge increase in memory usage because field values were
allocated on the server memory root for temporary usage but never deallocated.
This patch changes the target memory root to be that of the thread handler
instead since this root is cleared between each statement.
sql/sql_acl.cc:
Changed memory root from server life time memory to thread life time memory.
The SET PASSWORD statement is non-transactional (no explicit transaction
boundaries) in nature and hence is forbidden inside stored functions and
triggers, but it weren't being effectively forbidden.
The implemented fix is to issue a implicit commit with every SET PASSWORD
statement, effectively prohibiting these statements in stored functions
and triggers.
mysql-test/r/sp-error.result:
Add test case result for Bug#30904
mysql-test/t/sp-error.test:
Add test case for Bug#30904
sql/sql_lex.h:
Add variable to set that a statement with SET PASSWORD causes a implicit
commit.
sql/sql_parse.cc:
End active transaction in SET PASSWORD.
sql/sql_yacc.yy:
Set the correct flag on SET PASSWORD if inside a SP, thus effectively
prohibiting SET PASSWORD statements in stored functions and triggers.
and convert it to a warning instead of direct manipulation with the
thread error stack.
Fix a bug in handler::print_erorr when a garbled message was
printed for HA_ERR_NO_SUCH_TABLE.
This is a pre-requisite patch for the fix for Bug#12713 Error in a stored
function called from a SELECT doesn't cause ROLLBACK of statem
sql/handler.cc:
Use a standard mechanism to intercept the error message, instead
of direct manipulation with thread error stack.
Fix a bug when for HA_ERR_NO_SUCH_TABLE handler::print_error() would
print a garbled message.
sql/log.cc:
Extend internal error handler interface to carry the message text.
sql/mysqld.cc:
Extend internal error handler interface to carry the message text.
sql/sql_base.cc:
Extend internal error handler interface to carry the message text.
sql/sql_class.cc:
Extend internal error handler interface to carry the message text.
sql/sql_class.h:
Extend internal error handler interface to carry the message text.
sql/sql_error.cc:
Extend internal error handler interface to carry the message text.
into magare.gmz:/home/kgeorge/mysql/work/B31884-5.1-opt
sql/item_subselect.h:
Auto merged
mysql-test/r/subselect.result:
merged the fix for bug 31884 to 5.1-opt
mysql-test/t/subselect.test:
merged the fix for bug 31884 to 5.1-opt
Item_in_subselect's only externally callable method is val_bool().
However the nullability in the wrapper class (Item_in_optimizer) is
established by calling the "forbidden" method val_int().
Fixed to use the correct method (val_bool() ) to establish nullability
of Item_in_subselect in Item_in_optimizer.
mysql-test/r/subselect.result:
Bug #31884: test case
mysql-test/t/subselect.test:
Bug #31884: test case
sql/item_subselect.h:
Bug #31884: Use the correct method to establish nullability
into whalegate.ndb.mysql.com:/home/tomas/mysql-5.1-new-ndb-merge
mysql-test/suite/rpl/r/rpl_bug31076.result:
Auto merged
sql/ha_ndbcluster.cc:
Auto merged
sql/handler.cc:
Auto merged
sql/log_event.cc:
Auto merged
sql/sql_update.cc:
Auto merged
storage/ndb/include/ndbapi/Ndb.hpp:
Auto merged
mysql-test/suite/rpl/t/rpl_bug31076.test:
manual merge
Item_func_inet_ntoa and Item_func_conv inherit 'maybe_null' flag from an
argument, which is wrong.
Both can be NULL with notnull arguments, so that's fixed.
mysql-test/r/func_str.result:
Bug #31758 inet_ntoa, oct crashes server with null+filesort
test case
mysql-test/t/func_str.test:
Bug #31758 inet_ntoa, oct crashes server with null+filesort
test result
sql/item_strfunc.h:
Bug #31758 inet_ntoa, oct crashes server with null+filesort
missing maybe_null flags set for Item_func_inet_ntoa and Item_func_conv
into lambda.weblab:/home/malff/TREE/mysql-5.1-rt-merge
mysql-test/include/mix1.inc:
Auto merged
mysql-test/r/innodb_mysql.result:
Auto merged
mysql-test/r/select.result:
Auto merged
sql/handler.cc:
Auto merged
sql/item.cc:
Auto merged
sql/item_func.cc:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/protocol.cc:
Auto merged
sql/set_var.cc:
Auto merged
sql/sql_base.cc:
Auto merged
sql/sql_class.h:
Auto merged
sql/sql_select.cc:
Auto merged
sql/sql_table.cc:
Auto merged
rebuild the table.
The problem was that ROW_FORMAT clause in ALTER TABLE did not trigger
table reconstruction.
The fix is to rebuild a table if ROW_FORMAT is specified.
mysql-test/include/mix1.inc:
Add a test case for BUG#27610: ALTER TABLE ROW_FORMAT=... does not
rebuild the table.
mysql-test/r/innodb_mysql.result:
Update result file.
sql/sql_table.cc:
Rebuild a table if ROW_FORMAT was specified in ALTER TABLE.
into mysql.com:/home/gluh/MySQL/Merge/5.1-opt
mysql-test/r/type_decimal.result:
Auto merged
mysql-test/t/type_decimal.test:
Auto merged
sql/item_func.cc:
Auto merged
sql/item_func.h:
Auto merged
There are two problems with ROUND(X, D) on an exact numeric
(DECIMAL, NUMERIC type) field of a table:
1) The implementation of the ROUND function would change the number of decimal
places regardless of the value decided upon in fix_length_and_dec. When the
number of decimal places is not constant, this would cause an inconsistent
state where the number of digits was less than the number of decimal places,
which crashes filesort.
Fixed by not allowing the ROUND operation to add any more decimal places than
was decided in fix_length_and_dec.
2) fix_length_and_dec would allow the number of decimals to be greater than
the maximium configured value for constant values of D. This led to the same
crash as in (1).
Fixed by not allowing the above in fix_length_and_dec.
mysql-test/r/type_decimal.result:
Bug#30889: Test result
mysql-test/t/type_decimal.test:
Bug#30889: Test case
sql/item_func.cc:
Bug#30889:
- Avoid setting number of digits after decimal point (scale) higher than its
maximum value.
- Avoid increasing the number of decimal places in ::decimal_op
sql/item_func.h:
Bug#30889: Added comments to the declarations of Item_func_numhybrid::<type>_op
family of methods.
into trift2.:/MySQL/M50/push-5.0
mysql-test/r/derived.result:
Auto merged
mysql-test/r/ps_2myisam.result:
Auto merged
mysql-test/r/ps_3innodb.result:
Auto merged
mysql-test/r/ps_4heap.result:
Auto merged
mysql-test/r/ps_5merge.result:
Auto merged
mysql-test/r/ps_6bdb.result:
Auto merged
mysql-test/r/ps_7ndb.result:
Auto merged
mysql-test/r/sp.result:
Auto merged
mysql-test/r/type_datetime.result:
Auto merged
mysql-test/t/derived.test:
Auto merged
mysql-test/t/sp.test:
Auto merged
sql/field.cc:
Auto merged
sql/item_func.cc:
Auto merged
sql/item_timefunc.cc:
Auto merged
mysql-test/r/type_date.result:
Null-merge 5.0.50 build clone:
The test for bug#31221 is already in the receiving tree.
mysql-test/t/type_date.test:
Null-merge 5.0.50 build clone:
The test for bug#31221 is already in the receiving tree.
into mysql.com:/home/gluh/MySQL/Merge/5.1-opt
mysql-test/r/func_gconcat.result:
Auto merged
mysql-test/t/func_gconcat.test:
Auto merged
sql/item_sum.cc:
Auto merged
The fix is a copy of Martin Friebe's suggestion.
added testing for no_appended which will be false if anything,
including the empty string is in result
mysql-test/r/func_gconcat.result:
test result
mysql-test/t/func_gconcat.test:
test case
sql/item_sum.cc:
added testing for no_appended which will be False if anything,
including the empty string is in result
into polly.(none):/home/kaa/src/opt/mysql-5.1-opt
mysql-test/r/variables.result:
Auto merged
mysql-test/t/variables.test:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/mysqld.cc:
Auto merged
sql/set_var.cc:
Auto merged
into polly.(none):/home/kaa/src/opt/mysql-5.0-opt
mysql-test/r/variables.result:
Auto merged
mysql-test/t/variables.test:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/mysqld.cc:
Auto merged
sql/set_var.cc:
Auto merged
into gleb.loc:/home/uchum/work/bk/5.1-opt
mysql-test/r/type_decimal.result:
Auto merged
mysql-test/t/type_decimal.test:
Auto merged
sql/item.cc:
Auto merged
