Commit graph

40101 commits

Author SHA1 Message Date
Staale Smedseng
1ba25ae47c Bug #43414 Parenthesis (and other) warnings compiling MySQL
with gcc 4.3.2
      
This patch fixes a number of GCC warnings about variables used
before initialized. A new macro UNINIT_VAR() is introduced for
use in the variable declaration, and LINT_INIT() usage will be
gradually deprecated. (A workaround is used for g++, pending a
patch for a g++ bug.)
      
GCC warnings for unused results (attribute warn_unused_result)
for a number of system calls (present at least in later
Ubuntus, where the usual void cast trick doesn't work) are
also fixed.


client/mysqlmanager-pwgen.c:
  A fix for warn_unused_result, adding fallback to use of
  srand()/rand() if /dev/random cannot be used. Also actually
  adds calls to rand() in the second branch so that it actually
  creates a random password.
2009-08-28 17:51:31 +02:00
Alfranio Correia
5edd807a7a auto-merge mysql-5.0-bugteam (local) --> mysql-5.0-bugteam 2009-08-28 10:29:04 +01:00
Alfranio Correia
ea06bbd2b0 BUG#46861 Auto-closing of temporary tables broken by replicate-rewrite-db
When a connection is dropped any remaining temporary table is also automatically
dropped and the SQL statement of this operation is written to the binary log in
order to drop such tables on the slave and keep the slave in sync. Specifically,
the current code base creates the following type of statement:
DROP /*!40005 TEMPORARY */ TABLE IF EXISTS `db`.`table`;

Unfortunately, appending the database to the table name in this manner circumvents
the replicate-rewrite-db option (and any options that check the current database).
To solve the issue, we started writing the statement to the binary as follows:
use `db`; DROP /*!40005 TEMPORARY */ TABLE IF EXISTS `table`;
2009-08-27 17:28:09 +01:00
Sergey Glukhov
367c14b854 Bug#46184 Crash, SELECT ... FROM derived table procedure analyze
The crash happens because select_union object is used as result set
for queries which have derived tables.
select_union use temporary table as data storage and if
fields count exceeds 10(count of values for procedure ANALYSE())
then we get a crash on fill_record() function.


mysql-test/r/analyse.result:
  test result
mysql-test/r/subselect.result:
  result fix
mysql-test/t/analyse.test:
  test case
mysql-test/t/subselect.test:
  test fix
sql/sql_yacc.yy:
  The crash happens because select_union object is used as result set
  for queries which have derived tables.
  select_union use temporary table as data storage and if
  fields count exceeds 10(count of values for procedure ANALYSE())
  then we get a crash on fill_record() function.
2009-08-27 15:22:19 +05:00
Georgi Kodinov
7492d622e4 Bug #37044: Read overflow in opt_range.cc found during "make test"
The code was using a special global buffer for the value of IS NULL ranges.
This was not always long enough to be copied by a regular memcpy. As a 
result read buffer overflows may occur.
Fixed by setting the null byte to 1 and setting the rest of the field disk image
to NULL with a bzero (instead of relying on the buffer and memcpy()).
2009-08-24 15:28:03 +03:00
Georgi Kodinov
152943f39f Bug #46807: subselect test fails on PB-2 with a crash
The check for stack overflow was independent of the size of the 
structure stored in the heap. 
Fixed by adding sizeof(PARAM) to the requested free heap size.
2009-08-19 17:53:43 +03:00
Georgi Kodinov
8723e9d226 automerge 2009-08-21 17:12:03 +03:00
Georgi Kodinov
66ce3dee92 Revert of the fix for bug #46019. 2009-08-21 17:10:55 +03:00
Martin Hansson
8f75260b7d Merge. 2009-08-21 14:31:40 +02:00
Martin Hansson
e66fba53a7 Bug#46616: Assertion `!table->auto_increment_field_not_null' on
view manipulations
      
The bespoke flag was not properly reset after last call to 
fill_record. Fixed by resetting in caller mysql_update.

mysql-test/r/auto_increment.result:
  Bug#46616: Test result.
mysql-test/t/auto_increment.test:
  Bug#46616: Test case.
sql/sql_update.cc:
  Bug#46616: Fix.
2009-08-20 13:56:29 +02:00
Georgi Kodinov
0665536995 Bug #46019: ERROR 1356 When selecting from within another
view that has Group By
      
Table access rights checking function check_grant() assumed
that no view is opened when it's called.
This is not true with nested views where the inner view
needs materialization. In this case the view is already 
materialized when check_grant() is called for it.
This caused check_grant() to not look for table level
grants on the materialized view table.
Fixed by checking if a view is already materialized and if 
it is check table level grants using the original table name
(not the ones of the materialized temp table).
2009-08-19 15:14:57 +03:00
Georgi Kodinov
40defb1d53 backport of Chad's fix for bug #39326 to 5.0-bugteam 2009-08-19 10:59:17 +03:00
Georgi Kodinov
171cb67d0f automerge 2009-08-17 17:13:08 +03:00
Davi Arnaut
050c36c7de Bug#46013: rpl_extraColmaster_myisam fails on pb2
Bug#45243: crash on win in sql thread clear_tables_to_lock() -> free()
Bug#45242: crash on win in mysql_close() -> free()
Bug#45238: rpl_slave_skip, rpl_change_master failed (lost connection) for STOP SLAVE
Bug#46030: rpl_truncate_3innodb causes server crash on windows
Bug#46014: rpl_stm_reset_slave crashes the server sporadically in pb2

When killing a user session on the server, it's necessary to
interrupt (notify) the thread associated with the session that
the connection is being killed so that the thread is woken up
if waiting for I/O. On a few platforms (Mac, Windows and HP-UX)
where the SIGNAL_WITH_VIO_CLOSE flag is defined, this interruption
procedure is to asynchronously close the underlying socket of
the connection.

In order to enable this schema, each connection serving thread
registers its VIO (I/O interface) so that other threads can
access it and close the connection. But only the owner thread of
the VIO might delete it as to guarantee that other threads won't
see freed memory (the thread unregisters the VIO before deleting
it). A side note: closing the socket introduces a harmless race
that might cause a thread attempt to read from a closed socket,
but this is deemed acceptable.

The problem is that this infrastructure was meant to only be used
by server threads, but the slave I/O thread was registering the
VIO of a mysql handle (a client API structure that represents a
connection to another server instance) as a active connection of
the thread. But under some circumstances such as network failures,
the client API might destroy the VIO associated with a handle at
will, yet the VIO wouldn't be properly unregistered. This could
lead to accesses to freed data if a thread attempted to kill a
slave I/O thread whose connection was already broken.

There was a attempt to work around this by checking whether
the socket was being interrupted, but this hack didn't work as
intended due to the aforementioned race -- attempting to read
from the socket would yield a "bad file descriptor" error.

The solution is to add a hook to the client API that is called
from the client code before the VIO of a handle is deleted.
This hook allows the slave I/O thread to detach the active vio
so it does not point to freed memory.

server-tools/instance-manager/mysql_connection.cc:
  Add stub method required for linking.
sql-common/client.c:
  Invoke hook.
sql/client_settings.h:
  Export hook.
sql/slave.cc:
  Introduce hook that clears the active VIO before it is freed
  by the client API.
2009-08-13 17:07:20 -03:00
unknown
0d821fafe9 BUG#45516 SQL thread does not use database charset properly
Replication SQL thread does not set database default charset to 
thd->variables.collation_database properly, when executing LOAD DATA binlog.
This bug can be repeated by using "LOAD DATA" command in STATEMENT mode.
        
This patch adds code to find the default character set of the current database 
then assign it to thd->db_charset when slave server begins to execute a relay log.
The test of this bug is added into rpl_loaddata_charset.test
2009-08-12 11:54:05 +08:00
Davi Arnaut
54958e8851 Merge from mysql-5.0-bugteam. 2009-08-11 13:22:28 -03:00
Davi Arnaut
d33a57a694 Fix tree name. 2009-08-11 13:14:27 -03:00
Davi Arnaut
81b5dd8285 Update test case result due to mis-merge. 2009-08-11 13:13:06 -03:00
unknown
a2daa87980 Raise version number after cloning 5.0.85 2009-08-11 07:16:52 +02:00
Davi Arnaut
a51887143a Merge from mysql-5.0-bugteam. 2009-08-10 19:47:28 -03:00
unknown
0a7219d50c Merge 2009-08-10 20:53:26 +02:00
Davi Arnaut
c7163c630a Bug#45010: invalid memory reads during parsing some strange statements
The problem is that the lexer could inadvertently skip over the
end of a query being parsed if it encountered a malformed multibyte
character. A specially crated query string could cause the lexer
to jump up to six bytes past the end of the query buffer. Another
problem was that the laxer could use unfiltered user input as
a signed array index for the parser maps (having upper and lower
bounds 0 and 256 respectively).

The solution is to ensure that the lexer only skips over well-formed
multibyte characters and that the index value of the parser maps
is always a unsigned value.

mysql-test/r/ctype_recoding.result:
  Update test case result: ending backtick is not skipped over anymore.
sql/sql_lex.cc:
  Characters being analyzed must be unsigned as they can be
  used as indexes for the parser maps. Only skip over if the
  string is a valid multi-byte sequence.
tests/mysql_client_test.c:
  Add test case for Bug#45010
2009-08-07 23:32:01 -03:00
Ignacio Galarza
a791f20089 Bug #27535 Installing Windows service with --defaults-file option - quotation marks issues
- Remove offensive quotes.
2009-08-06 10:24:28 -04:00
Davi Arnaut
039a659608 Merge from mysql-5.0-bugteam. 2009-08-04 10:53:15 -03:00
Davi Arnaut
b113183df2 Merge from mysql-5.0. 2009-08-04 10:47:18 -03:00
Alfranio Correia
1dbb3010e7 Post-fix for BUG#43264
Install procedure does not copy *.inc files located under the mysql-test/t directory.
Therefore, this patch moves the rpl_trigger.inc to the mysql-test/include directory.
2009-08-03 14:37:50 +01:00
Alfranio Correia
3e9ddf3da9 auto-merge mysql-5.0-bugteam (local) --> mysql-5.0-bugteam 2009-08-03 10:43:20 +01:00
Alfranio Correia
968ec5eacc BUG#43264 Test rpl_trigger is failing randomly w/ use of copy_file in 5.0
The test case fails sporadically on Windows while trying to overwrite an unused
binary log. The problem stems from the fact that MySQL on Windows does not
immediately unlock/release a file while the process that opened and closed it is
still running. In BUG 38603, this issue was circumvented by stopping the MySQL
process, copying the file and then restarting the MySQL process. 

Unfortunately, such facilities are not available in the 5.0.  Other approaches
such as stopping the slave and issuing change master do not work because the relay
log file and index are not closed when a slave is stopped. So to fix the problem,
we simply don't run on windows the part of the test that was failing.
2009-08-02 23:58:43 +01:00
Ignacio Galarza
09877515f2 Bug#17270 - mysql client tool could not find ../share/charsets folder and fails.
- Define and pass compile time path variables as pre-processor definitions to 
  mimic the makefile build.
- Set new CMake version and policy requirements explicitly.
- Changed DATADIR to MYSQL_DATADIR to avoid conflicting definition in 
  Platform SDK header ObjIdl.h which also defines DATADIR.
2009-07-31 15:22:02 -04:00
Matthias Leich
7fc27f3dd5 Merge latest changes into local tree, no conflicts 2009-07-30 21:38:17 +02:00
Joerg Bruehe
f0d31dbe69 Merge the fix for bug#42213 into 5.0-build. 2009-07-30 17:03:54 +02:00
Matthias Leich
79751dff10 Merge of fix for bug 44493 into GCA tree 2009-07-30 16:24:01 +02:00
Joerg Bruehe
9ff932336e Our autoconf function "MYSQL_STACK_DIRECTION" will not work
correctly if the compiler optimizes too clever.

This has happaned on HP-UX 11.23 (IA64) at optimization
level "+O2", causing bug#42213:
   Check for "stack overrun" doesn't work, server crashes

Fix it by adding a pragma that prevents this optimization.
As a result, it should be safe to use "+O2" on this platform
(unless there is some other, optimizer-related, bug which
is just currently masked because we use resudec optimization).


config/ac-macros/misc.m4:
  Our autoconf function "MYSQL_STACK_DIRECTION" is meant to
  determine whether the stack grows towards higher or towards
  lower addresses.
  It does this by comparing the addresses of a variable
  (which is local to a recursive function) on different
  nesting levels.
  
  This approach requires that the function is really
  implemented as a recursive function, with each nested call
  allocating a new stack frame containing the local variable.
  If, however, the compiler is optimizing so clever that the
  recursive function is implemented by a loop, then this
  test will not produce correct results.
  
  This has happened on HP-UX 11.23 (IA64) when HP's compiler
  was called with optimization "+O2" (not with "+O1"),
  reported as bug#42213.
  
  Rather than starting a race with the compiler and making
  the function so complicated that this optimization does
  not happen, the idea is to prevent the optimization
  by adding a pragma. For HP, this is "#pragma noinline".
  
  If we encounter other compilers which also optimize
  too clever, we may add their pragmas here.
  
  It is a debatable issue whether such pragmas should be
  guarded by conditional compiling or not, the reviewers
  voted to do it.
  It seems HP has different compilers, "ANSI C" and "aCC",
  on the affected platform "__HP_cc" ("ANSI C") is predefined.
  To be on the safe side, the pragma will also take effect
  if HP's "aCC" compiler is used, or any other compiler on HP-UX.
2009-07-30 16:12:26 +02:00
Alexey Kopytov
bac18522e6 Automerge. 2009-07-28 23:14:04 +04:00
Alexey Kopytov
baefaa1e58 Bug #45031: invalid memory reads in my_real_read using protocol
compression 
 
Since uint3korr() may read 4 bytes depending on build flags and 
platform, allocate 1 extra "safety" byte in the network buffer 
for cases when uint3korr() in my_real_read() is called to read
last 3 bytes in the buffer. 
 
It is practically hard to construct a reliable and reasonably 
small test case for this bug as that would require constructing 
input stream such that a certain sequence of bytes in a 
compressed packet happens to be the last 3 bytes of the network 
buffer. 


sql/net_serv.cc:
  Allocate 1 extra "safety" byte in the network buffer for cases 
  when uint3korr() is used to read last 3 bytes in the buffer.
2009-07-28 22:35:55 +04:00
Davi Arnaut
e265609834 Bug#46385: [Warning] option 'max_join_size': unsigned value 18446744073709551615 adjusted t
The maximum value of the max_join_size variable is set by converting
a signed type (long int) with negative value (-1) to a wider unsigned
type (unsigned long long), which yields the largest possible value of
the wider unsigned type -- as per the language conversion rules. But,
depending on build options, the type of the max_join_size might be a
shorter type (ha_rows - unsigned long) which causes the warning to be
thrown once the large value is truncated to fit.

The solution is to ensure that the maximum value of the variable is
always set to the maximum value of integer type of max_join_size.

Furthermore, it would be interesting to always have a fixed type for
this variable, but this would incur in a change of behavior which is
not acceptable for a GA version. See Bug#35346.

sql/mysqld.cc:
  Set max value for type.
2009-07-27 20:31:48 -03:00
Davi Arnaut
d5e84db34c Bug#20023: mysql_change_user() resets the value of SQL_BIG_SELECTS
Post-merge fix: test case could fail due to a conversion of the
max_join_size value to a integer. Fixed by preserving the value
as a string for comparison purposes.

tests/mysql_client_test.c:
  Preserve max_join_size value as a string instead of converting
  it to a integer -- value can be larger then the type used.
2009-07-27 12:31:28 -03:00
Satya B
e8a97ae267 merging with mysql-5.0-bugteam 2009-07-27 11:49:28 +05:30
Gleb Shchepa
dc0a87fdc2 Bug #38816: kill + flush tables with read lock + stored
procedures causes crashes!

The problem of that bugreport was mostly fixed by the
patch for bug 38691.
However, attached test case focused on another crash or
valgrind warning problem: SHOW PROCESSLIST query accesses
freed memory of SP instruction that run in a parallel
connection.

Changes of thd->query/thd->query_length in dangerous
places have been guarded with the per-thread
LOCK_thd_data mutex (the THD::LOCK_delete mutex has been
renamed to THD::LOCK_thd_data).


sql/ha_myisam.cc:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  Modification of THD::query/query_length has been guarded
  with the a THD::set_query() method call/LOCK_thd_data
  mutex.
  Unnecessary locking with the global LOCK_thread_count
  mutex has been removed.
sql/log_event.cc:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  Modification of THD::query/query_length has been guarded
  with the THD::set_query()) method call/LOCK_thd_data
  mutex.
sql/slave.cc:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  Modification of THD::query/query_length has been guarded
  with the THD::set_query() method call/LOCK_thd_data mutex.
  
  The THD::LOCK_delete mutex has been renamed to
  THD::LOCK_thd_data.
sql/sp_head.cc:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  Modification of THD::query/query_length has been guarded
  with the a THD::set_query() method call/LOCK_thd_data
  mutex.
sql/sql_class.cc:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  The new THD::LOCK_thd_data mutex and THD::set_query()
  method has been added to guard modifications of THD::query/
  THD::query_length fields, also the Statement::set_statement()
  method has been overloaded in the THD class.
  
  The THD::LOCK_delete mutex has been renamed to
  THD::LOCK_thd_data.
sql/sql_class.h:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  The new THD::LOCK_thd_data mutex and THD::set_query()
  method has been added to guard modifications of THD::query/
  THD::query_length fields, also the Statement::set_statement()
  method has been overloaded in the THD class.
  
  The THD::LOCK_delete mutex has been renamed to
  THD::LOCK_thd_data.
sql/sql_insert.cc:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  Modification of THD::query/query_length has been guarded
  with the a THD::set_query() method call/LOCK_thd_data
  mutex.
sql/sql_parse.cc:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  Modification of THD::query/query_length has been guarded
  with the a THD::set_query() method call/LOCK_thd_data mutex.
sql/sql_repl.cc:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  The THD::LOCK_delete mutex has been renamed to
  THD::LOCK_thd_data.
sql/sql_show.cc:
  Bug #38816: kill + flush tables with read lock + stored
              procedures causes crashes!
  
  Inter-thread read of THD::query/query_length field has
  been protected with a new per-thread LOCK_thd_data
  mutex in the mysqld_list_processes function.
2009-07-24 20:58:58 +05:00
Alexey Kopytov
85c97e6c69 Automerge. 2009-07-24 16:13:31 +04:00
Alexey Kopytov
885292e424 Bug #46075: Assertion failed: 0, file .\protocol.cc, line 416
In create_myisam_from_heap() mark all errors as fatal except 
HA_ERR_RECORD_FILE_FULL for a HEAP table.

Not doing so could lead to problems, e.g. in a case when a
temporary MyISAM table gets overrun due to its MAX_ROWS limit
while executing INSERT/REPLACE IGNORE ... SELECT. 
The SELECT execution was aborted, but the error was 
converted to a warning due to IGNORE clause, so neither 'ok' 
nor 'error' packet could be sent back to the client. This 
condition led to hanging client when using 5.0 server, or 
assertion failure in 5.1.


mysql-test/r/insert_select.result:
  Added a test case for bug #46075.
mysql-test/t/insert_select.test:
  Added a test case for bug #46075.
sql/sql_select.cc:
  In create_myisam_from_heap() mark all errors as fatal except 
  HA_ERR_RECORD_FILE_FULL for a HEAP table.
2009-07-24 15:50:45 +04:00
V Narayanan
74d4c3315c merging with mysql-5.0-bugteam 2009-07-24 12:28:17 +05:30
Satya B
559e2f1c1e merge to mysql-5.0-bugteam 2009-07-24 11:15:31 +05:30
Staale Smedseng
1e32574c65 Bug #45770 errors reading server SSL files are printed, but
not logged
        
Errors encountered during initialization of the SSL subsystem
are printed to stderr, rather than to the error log.
        
This patch adds a parameter to several SSL init functions to
report the error (if any) out to the caller. The function
init_ssl() in mysqld.cc is moved after the initialization of
the log subsystem, so that any error messages can be logged to
the error log. Printing of messages to stderr has been 
retained to get diagnostic output in a client context.


include/violite.h:
  Adding an enumeration for the various errors that can
  occur during initialization of the SSL module.
sql/mysqld.cc:
  Adding more logging of SSL init errors, and moving
  init_ssl() till after initialization of logging 
  subsystem.
vio/viosslfactories.c:
  Define error strings, provide an access method for these
  strings, and maintain an error parameter in several funcs
  to return the error (if any) to the caller.
2009-07-23 13:38:11 +02:00
MySQL Build Team
924ce2292a Backport into build-200907211706-5.0.82sp1
> ------------------------------------------------------------
> revno: 2792
> revision-id: sergey.glukhov@sun.com-20090703083500-jq8vhw0tqr37j7te
> parent: bernt.johnsen@sun.com-20090703083610-o7l4s8syz05rc4w0
> committer: Sergey Glukhov <Sergey.Glukhov@sun.com>
> branch nick: mysql-5.0-bugteam
> timestamp: Fri 2009-07-03 13:35:00 +0500
> message:
>   Bug#45806 crash when replacing into a view with a join!
>   The crash happend because for views which are joins
>   we have table_list->table == 0 and 
>   table_list->table->'any method' call leads to crash.
>   The fix is to perform table_list->table->file->extra()
>   method for all tables belonging to view.
2009-07-21 20:00:26 +02:00
MySQL Build Team
f6435cbff1 Backport into build-200907211706-5.0.82sp1
> ------------------------------------------------------------
> revno: 2772
> revision-id: joro@sun.com-20090615133815-eb007p5793in33p5
> parent: joro@sun.com-20090612140659-4hj1tta9p8wvcw4k
> committer: Georgi Kodinov <joro@sun.com>
> branch nick: B44810-5.0-bugteam
> timestamp: Mon 2009-06-15 16:38:15 +0300
> message:
>   Bug #44810: index merge and order by with low sort_buffer_size
>   crashes server!
>   
>   The problem affects the scenario when index merge is followed by a filesort
>   and the sort buffer is not big enough for all the sort keys.
>   In this case the filesort function will read the data to the end through the 
>   index merge quick access method (and thus closing the cursor etc), 
>   but will leave the pointer to the quick select method in place.
>   It will then create a temporary file to hold the results of the filesort and
>   will add it as a sort output file (in sort.io_cache).
>   Note that filesort will copy the original 'sort' structure in an automatic
>   variable and restore it after it's done.
>   As a result at exiting filesort() we have a sort.io_cache filled in and 
>   nothing else (as a result of close of the cursors at end of reading data 
>   through index merge).
>   Now create_sort_index() will note that there is a select and will clean it up
>   (as it's been used already by filesort() reading the data in). While doing that
>   a special case in the index merge destructor will clean up the sort.io_cache,
>   assuming it's an output of the index merge method and is not needed anymore.
>   As a result the code that tries to read the data back from the filesort output 
>   will get no data in both memory and disk and will crash.
>         
>   Fixed similarly to how filesort() does it : by copying the sort.io_cache structure
>   to a local variable, removing the pointer to the io_cache (so that it's not freed 
>   by QUICK_INDEX_MERGE_SELECT::~QUICK_INDEX_MERGE_SELECT) and restoring the original 
>   structure (together with the valid pointer) after the cleanup is done.
>   This is a safe thing to do because all the structures are already cleaned up by
>   hitting the end of the index merge's read method (QUICK_INDEX_MERGE_SELECT::get_next()) 
>   and the cleanup code being written in a way that tolerates repeating cleanups.
2009-07-21 19:59:04 +02:00
MySQL Build Team
ae2380452f Backport into build-200907211706-5.0.82sp1
> ------------------------------------------------------------
> revno: 2763
> revision-id: sergey.glukhov@sun.com-20090602063813-33mh88cz5vpa2jqe
> parent: alexey.kopytov@sun.com-20090601124224-zgt3yov9wou590e9
> committer: Sergey Glukhov <Sergey.Glukhov@sun.com>
> branch nick: mysql-5.0-bugteam
> timestamp: Tue 2009-06-02 11:38:13 +0500
> message:
>   Bug#45152 crash with round() function on longtext column in a derived table
>   The crash happens due to wrong max_length value which is set on
>   Item_func_round::fix_length_and_dec() stage. The value is set to
>   args[0]->max_length which is too big in case of LONGTEXT(LONGBLOB) fields.
>   The fix is to set max_length using float_length() function.
2009-07-21 19:56:35 +02:00
MySQL Build Team
ce72b2ddc5 Backport into build-200907211706-5.0.82sp1
> ------------------------------------------------------------
> revno: 2733
> revision-id: gshchepa@mysql.com-20090430192037-9p1etcynkglte2j3
> parent: aelkin@mysql.com-20090430143246-zfqaz0t7uoluzdz2
> committer: Gleb Shchepa <gshchepa@mysql.com>
> branch nick: mysql-5.0-bugteam
> timestamp: Fri 2009-05-01 00:20:37 +0500
> message:
>   Bug #37362: Crash in do_field_eq
>   
>   EXPLAIN EXTENDED of nested query containing a error:
>   
>      1054 Unknown column '...' in 'field list'
>   
>   may cause a server crash.
>   
>   
>   Parse error like described above forces a call to
>   JOIN::destroy() on malformed subquery.
>   That JOIN::destroy function closes and frees temporary
>   tables. However, temporary fields of these tables
>   may be listed in st_select_lex::group_list of outer
>   query, and that st_select_lex may not cleanup them
>   properly. So, after the JOIN::destroy call that
>   st_select_lex::group_list may have Item_field
>   objects with dangling pointers to freed temporary
>   table Field objects. That caused a crash.
2009-07-21 19:55:33 +02:00
unknown
a5c7edf7bc Set version number for mysql-5.0.82sp1 release 2009-07-21 19:50:50 +02:00
Joerg Bruehe
886c982730 Merge the bug fix for 37808 ("make_binary_distribution.sh")
into 5.0-build.
2009-07-21 19:37:28 +02:00