ISSUE: Queries with mediumint as column when operated with
long long type of data results in buffer overflow in
store_long function.
The merging rule specified for (MYSQL_TYPE_LONGLONG
MYSQL_TYPE_INT24) is MYSQL_TYPE_LONG. Due to this store_long
function was getting called which resulted in buffer overflow.
SOLUTION:
The correct merging rule for (MYSQL_TYPE_LONGLONG,
MYSQL_TYPE_INT24) should be MYSQL_TYPE_LONGLONG.
So, instead of function store_long, function store_longlong
is called which correctly handles the type MYSQL_TYPE_LONGLONG.
External Bug #23645238 is a duplicate of this issue.
DERIVED TABLE IN JOIN
ISSUE:
------
This problem occurs under the following conditions:
1) A parameter is used in the select-list of a derived table.
2) The derived table is part of a JOIN.
SOLUTION:
---------
When a derived table is materialized, a temporary table is
created. This temporary table creates a field each for the
items in the select-list of the derived table. This set of
fields is later used to setup the join.
Currently no field is created in the temporary table if a
parameter is used in the select-list.
Create a field for the parameter. By default Item_param's
result type in a prepared statement is set to
STRING_RESULT. This can change during the execute phase
depending on the user variable. But since the execute phase
creates its own temporary table, it will be handled
separately.
This is a backport of the fix for BUG#22392374.
During wsrep position recovery, galera_recovery.sh script
redirected mysqld's error log to a temporary file in order
to find the start position. This, however, will not work
if --log-error is configured for the server.
Fixed by using --log-error in command line instead of
redirection.
[Patch contributed by Philippe MARASSE]
The problem was caused by a merged semi-join, which contained a non-merged
semi-join, which used references to the top-level query in the left_expr.
When moving non-merged semi-join from the subquery to its parent, do not
forget to call fix_after_pullout for its Item_subselect. We need to do
that specifically, because non-merged semi-joins do not have their
IN-equality in the WHERE clause at this stage.
Fix get_quick_keys(): When building range tree from a condition
in form
keypart1=const AND (keypart2 < 0 OR keypart2>=0)
the SEL_ARG for keypart2 represents an interval (-inf, +inf).
However, the logic that sets UNIQUE_RANGE flag fails to recognize
this, and sets UNIQUE_RANGE flag if (keypart1, keypart2) covered
a unique key.
As a result, range access executor assumes the interval can have
at most one row and only reads the first row from it.
Transaction replay causes the THD to re-apply the replication
events from execution, using the same path appliers do. While
applying the log events, the THD's timestamp is set to the
timestamp of the event.
Setting the timestamp explicitly causes function NOW() to
always the timestamp that was set. To avoid this behavior we
reset the timestamp after replaying is done.
This changes variable wsrep_max_ws_size so that its value
is linked to the value of provider option repl.max_ws_size.
That is, changing the value of variable wsrep_max_ws_size
will change the value of provider option repl.max_ws_size,
and viceversa.
The writeset size limit is always enforced in the provider,
regardless of which option is used.
This patch includes two fixes:
1) Rollback when wsrep_max_ws_rows is exceeded would not switch
back to previous autocommit mode; and 2) Internal rows counter
would not be reset on implicit commits.
Problem:
In debug builds, there is a chance that an out-of-bounds
read is performed when tables are locked in
LTM_PRELOCKED_UNDER_LOCK_TABLES mode. It can happen because
the debug code uses enum values as index for an array of
mode descriptions, but it only takes into consideration 3
out of 4 of the enum values.
Fix:
This patch fixes it by implementing a getter for the enum which
returns a string representation of the enum,
effectively removing the out-of-bounds read.
Moreover, it also fixes the lock mode descriptions that
would be print out in debug builds.
Commit#ebd24626ca38e7fa1e3da2acdcf88540be70fabe obsoleted the THREAD and
THREAD_SAFE_CLIENT preprocessor symbols. This is not removed in the
sql/net_serv.cc thereby the code that retries on EINTR became dead code.
Remove the THREAD_SAFE_CLIENT preprocessor directive form sql/net_serv.cc.
Also check errno for EINTR only if there is an error in preceding read call.
GET_SERVER_FROM_TABLE_TO_CACHE
Description:- Server received SIG11 in the function,
"get_server_from_table_to_cache()".
Analysis:- Defining a server with a blank name is not
handled properly.
Fix:- Modified "get_server_from_table_to_cache()" to
take care of blank server name.
FROM I_S
Issue:
------
There is a difference in the field type created when the
following DDLs are used:
1) CREATE TABLE t0 AS SELECT NULL;
2) CREATE TABLE t0 AS SELECT GREATEST(NULL,NULL);
The first statement creates field of type Field_string and
the second one creates a field of type Field_null.
This creates a problem when the query mentioned in this bug
is used. Since the null_ptr is calculated differently for
Field_null.
Solution:
---------
When there is a function returning null in the select list
as mentioned above, the field should be of type
Field_string.
This was fixed in 5.6+ as part of Bug#14021323. This is a
backport to mysql-5.5.
An incorrect comment in innodb_bug54044.test has been
corrected in all versions.
* MDEV-10294: Put testname into environment as MTR_TEST_NAME during MTR
* MDEV-10294: restructure mtr to allow --valgrind-option=--tool=XXX
* MDEV-10294: mtr valgrind - supressions all tools + feedback
ASSERTION `0' FAILED ON SELECT AREA
Problem:
Optimizer tries to get the points to calculate area without
checking the return value of uint4korr for 0 "points". As a
result server exits.
Solution:
Check the return value from uint4korr().
