Commit graph

1327 commits

Author SHA1 Message Date
Michael Widenius
6920457142 Merge with MariaDB 5.1 2011-11-24 18:48:58 +02:00
Michael Widenius
a8d03ab235 Initail merge with MySQL 5.1 (XtraDB still needs to be merged)
Fixed up copyright messages.
2011-11-21 19:13:14 +02:00
Sergey Glukhov
3efbf30457 Bug#12392636 ASSERTION FAILED: SCALE >= 0 && PRECISION > 0 && SCALE <= PRECISION
Assertion happens due to missing NULL value check in
Item_func_round::fix_length_and_dec() function.
The fix: added NULL value check for second parameter.


mysql-test/r/func_math.result:
  test case
mysql-test/t/func_math.test:
  test case
sql/item_func.cc:
  added NULL value check for second parameter.
2011-05-26 14:06:39 +04:00
Guilhem Bichot
12c42b980a Fix for BUG#11755168 '46895: test "outfile_loaddata" fails (reproducible)'.
In sql_class.cc, 'row_count', of type 'ha_rows', was used as last argument for
ER_TRUNCATED_WRONG_VALUE_FOR_FIELD which is
"Incorrect %-.32s value: '%-.128s' for column '%.192s' at row %ld".
So 'ha_rows' was used as 'long'.
On SPARC32 Solaris builds, 'long' is 4 bytes and 'ha_rows' is 'longlong' i.e. 8 bytes.
So the printf-like code was reading only the first 4 bytes.
Because the CPU is big-endian, 1LL is 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x01
so the first four bytes yield 0. So the warning message had "row 0" instead of
"row 1" in test outfile_loaddata.test:
-Warning	1366	Incorrect string value: '\xE1\xE2\xF7' for column 'b' at row 1
+Warning	1366	Incorrect string value: '\xE1\xE2\xF7' for column 'b' at row 0

All error-messaging functions which internally invoke some printf-life function
are potential candidate for such mistakes.
One apparently easy way to catch such mistakes is to use
ATTRIBUTE_FORMAT (from my_attribute.h).
But this works only when call site has both:
a) the format as a string literal
b) the types of arguments.
So:
  func(ER(ER_BLAH), 10);
will silently not be checked, because ER(ER_BLAH) is not known at
compile time (it is known at run-time, and depends on the chosen
language).
And
  func("%s", a va_list argument);
has the same problem, as the *real* type of arguments is not
known at this site at compile time (it's known in some caller).
Moreover,
  func(ER(ER_BLAH));
though possibly correct (if ER(ER_BLAH) has no '%' markers), will not
compile (gcc says "error: format not a string literal and no format
arguments").

Consequences:
1) ATTRIBUTE_FORMAT is here added only to functions which in practice
take "string literal" formats: "my_error_reporter" and "print_admin_msg".
2) it cannot be added to the other functions: my_error(),
push_warning_printf(), Table_check_intact::report_error(),
general_log_print().

To do a one-time check of functions listed in (2), the following
"static code analysis" has been done:
1) replace
  my_error(ER_xxx, arguments for substitution in format)
with the equivalent
  my_printf_error(ER_xxx,ER(ER_xxx), arguments for substitution in
format),
so that we have ER(ER_xxx) and the arguments *in the same call site*
2) add ATTRIBUTE_FORMAT to push_warning_printf(),
Table_check_intact::report_error(), general_log_print()
3) replace ER(xxx) with the hard-coded English text found in
errmsg.txt (like: ER(ER_UNKNOWN_ERROR) is replaced with
"Unknown error"), so that a call site has the format as string literal
4) this way, ATTRIBUTE_FORMAT can effectively do its job
5) compile, fix errors detected by ATTRIBUTE_FORMAT
6) revert steps 1-2-3.
The present patch has no compiler error when submitted again to the
static code analysis above.
It cannot catch all problems though: see Field::set_warning(), in
which a call to push_warning_printf() has a variable error
(thus, not replacable by a string literal); I checked set_warning() calls
by hand though.

See also WL 5883 for one proposal to avoid such bugs from appearing
again in the future.

The issues fixed in the patch are:
a) mismatch in types (like 'int' passed to '%ld')
b) more arguments passed than specified in the format.
This patch resolves mismatches by changing the type/number of arguments,
not by changing error messages of sql/share/errmsg.txt. The latter would be wrong,
per the following old rule: errmsg.txt must be as stable as possible; no insertions
or deletions of messages, no changes of type or number of printf-like format specifiers,
are allowed, as long as the change impacts a message already released in a GA version.
If this rule is not followed:
- Connectors, which use error message numbers, will be confused (by insertions/deletions
of messages)
- using errmsg.sys of MySQL 5.1.n with mysqld of MySQL 5.1.(n+1)
could produce wrong messages or crash; such usage can easily happen if
installing 5.1.(n+1) while /etc/my.cnf still has --language=/path/to/5.1.n/xxx;
or if copying mysqld from 5.1.(n+1) into a 5.1.n installation.
When fixing b), I have verified that the superfluous arguments were not used in the format
in the first 5.1 GA (5.1.30 'bteam@astra04-20081114162938-z8mctjp6st27uobm').
Had they been used, then passing them today, even if the message doesn't use them
anymore, would have been necessary, as explained above.

include/my_getopt.h:
  this function pointer is used only with "string literal" formats, so we can add
  ATTRIBUTE_FORMAT.
mysql-test/collections/default.experimental:
  test should pass now
sql/derror.cc:
  by having a format as string literal, ATTRIBUTE_FORMAT check becomes effective.
sql/events.cc:
  Change justified by the following excerpt from sql/share/errmsg.txt:
  ER_EVENT_SAME_NAME
          eng "Same old and new event name"
  ER_EVENT_SET_VAR_ERROR
          eng "Error during starting/stopping of the scheduler. Error code %u"
sql/field.cc:
  ER_TOO_BIG_SCALE 42000 S1009
          eng "Too big scale %d specified for column '%-.192s'. Maximum is %lu."
  ER_TOO_BIG_PRECISION 42000 S1009
          eng "Too big precision %d specified for column '%-.192s'. Maximum is %lu."
  ER_TOO_BIG_DISPLAYWIDTH 42000 S1009
          eng "Display width out of range for column '%-.192s' (max = %lu)"
sql/ha_ndbcluster.cc:
  ER_OUTOFMEMORY HY001 S1001
          eng "Out of memory; restart server and try again (needed %d bytes)"
  (sizeof() returns size_t)
sql/ha_ndbcluster_binlog.cc:
  Too many arguments for:
  ER_GET_ERRMSG  
          eng "Got error %d '%-.100s' from %s"
  Patch by Jonas Oreland.
sql/ha_partition.cc:
  print_admin_msg() is used only with a literal as format, so ATTRIBUTE_FORMAT
  works.
sql/handler.cc:
  ER_OUTOFMEMORY HY001 S1001
          eng "Out of memory; restart server and try again (needed %d bytes)"
  (sizeof() returns size_t)
sql/item_create.cc:
  ER_TOO_BIG_SCALE 42000 S1009
          eng "Too big scale %d specified for column '%-.192s'. Maximum is %lu."
  ER_TOO_BIG_PRECISION 42000 S1009
          eng "Too big precision %d specified for column '%-.192s'. Maximum is %lu."
  'c_len' and 'c_dec' are char*, passed as %d !! We don't know their value
  (as strtoul() failed), but they are likely big, so we use INT_MAX.
  'len' is ulong.
sql/item_func.cc:
  ER_WARN_DATA_OUT_OF_RANGE 22003 
          eng "Out of range value for column '%s' at row %ld"
  ER_CANT_FIND_UDF  
          eng "Can't load function '%-.192s'"
sql/item_strfunc.cc:
  ER_TOO_BIG_FOR_UNCOMPRESS  
          eng "Uncompressed data size too large; the maximum size is %d (probably, length of uncompressed data was corrupted)"
  max_allowed_packet is ulong.
sql/mysql_priv.h:
  sql_print_message_func is a function _pointer_.
sql/sp_head.cc:
  ER_SP_RECURSION_LIMIT
          eng "Recursive limit %d (as set by the max_sp_recursion_depth variable) was exceeded for routine %.192s"
  max_sp_recursion_depth is ulong
sql/sql_acl.cc:
  ER_PASSWORD_NO_MATCH 42000 
          eng "Can't find any matching row in the user table"
  ER_CANT_CREATE_USER_WITH_GRANT 42000
          eng "You are not allowed to create a user with GRANT"
sql/sql_base.cc:
  ER_NOT_KEYFILE  
          eng "Incorrect key file for table '%-.200s'; try to repair it"
  ER_TOO_MANY_TABLES  
          eng "Too many tables; MySQL can only use %d tables in a join"
  MAX_TABLES is size_t.
sql/sql_binlog.cc:
  ER_UNKNOWN_ERROR  
          eng "Unknown error"
sql/sql_class.cc:
  ER_TRUNCATED_WRONG_VALUE_FOR_FIELD  
          eng "Incorrect %-.32s value: '%-.128s' for column '%.192s' at row %ld"
  WARN_DATA_TRUNCATED 01000 
          eng "Data truncated for column '%s' at row %ld"
sql/sql_connect.cc:
  ER_HANDSHAKE_ERROR 08S01 
          eng "Bad handshake"
  ER_BAD_HOST_ERROR 08S01 
          eng "Can't get hostname for your address"
sql/sql_insert.cc:
  ER_WRONG_VALUE_COUNT_ON_ROW 21S01 
          eng "Column count doesn't match value count at row %ld"
sql/sql_parse.cc:
  ER_WARN_HOSTNAME_WONT_WORK  
          eng "MySQL is started in --skip-name-resolve mode; you must restart it without this switch for this grant to work"
  ER_TOO_HIGH_LEVEL_OF_NESTING_FOR_SELECT
  	eng "Too high level of nesting for select"
  ER_UNKNOWN_ERROR  
          eng "Unknown error"
sql/sql_partition.cc:
  ER_OUTOFMEMORY HY001 S1001
          eng "Out of memory; restart server and try again (needed %d bytes)"
sql/sql_plugin.cc:
  ER_OUTOFMEMORY HY001 S1001
          eng "Out of memory; restart server and try again (needed %d bytes)"
sql/sql_prepare.cc:
  ER_OUTOFMEMORY HY001 S1001
          eng "Out of memory; restart server and try again (needed %d bytes)"
  ER_UNKNOWN_STMT_HANDLER  
          eng "Unknown prepared statement handler (%.*s) given to %s"
  length value (for '%.*s') must be 'int', per the doc of printf()
  and the code of my_vsnprintf().
sql/sql_show.cc:
  ER_OUTOFMEMORY HY001 S1001
          eng "Out of memory; restart server and try again (needed %d bytes)"
sql/sql_table.cc:
  ER_TOO_BIG_FIELDLENGTH 42000 S1009
          eng "Column length too big for column '%-.192s' (max = %lu); use BLOB or TEXT instead"
sql/table.cc:
  ER_NOT_FORM_FILE  
          eng "Incorrect information in file: '%-.200s'"
  ER_COL_COUNT_DOESNT_MATCH_PLEASE_UPDATE
          eng "Column count of mysql.%s is wrong. Expected %d, found %d. Created with MySQL %d, now running %d. Please use mysql_upgrade to fix this error."
  table->s->mysql_version is ulong.
sql/unireg.cc:
  ER_TOO_LONG_TABLE_COMMENT
    eng "Comment for table '%-.64s' is too long (max = %lu)"
  ER_TOO_LONG_FIELD_COMMENT
    eng "Comment for field '%-.64s' is too long (max = %lu)"
  ER_TOO_BIG_ROWSIZE 42000 
          eng "Row size too large. The maximum row size for the used table type, not counting BLOBs, is %ld. You have to change some columns to TEXT or BLOBs"
2011-05-16 22:04:01 +02:00
Michael Widenius
1be5462d59 Merge with MariaDB 5.1 2011-05-03 19:10:10 +03:00
Michael Widenius
e415ba0fb2 Merge with MySQL 5.1.57/58
Moved some BSD string functions from Unireg
2011-05-02 20:58:45 +03:00
Sergey Glukhov
90bbf9d615 Bug#11765923 58937: MANY VALGRIND ERRORS AFTER GROUPING BY RESULT OF DECIMAL COLUMN FUNCTION
Bug#11764671  57533: UNINITIALISED VALUES IN COPY_AND_CONVERT (SQL_STRING.CC) WITH CERTAIN CHA
When ROUND evaluates decimal result it uses Item::decimal
value as fraction value for the result. In some cases
Item::decimal is greater than real result fraction value
and uninitialised memory of result(decimal) buffer can be
used in further calculations. Issue is introduced by
Bug33143 fix. The fix is to remove erroneous assignment.


mysql-test/r/func_math.result:
  test case
mysql-test/t/func_math.test:
  test case
sql/item_func.cc:
  remove erroneous assignment
2011-04-20 11:39:20 +04:00
Sergey Glukhov
47885f552b Bug#11766087 59125: VALGRIND UNINITIALISED VALUE WARNING IN ULL2DEC, LONGLONG2DECIMAL
Valgrind warning happens due to missing NULL value check in
Item_func::val_decimal. The fix is to add this check.


mysql-test/r/func_time.result:
  test case
mysql-test/t/func_time.test:
  test case
sql/item_func.cc:
  added check for NULL value
2011-03-28 17:27:44 +04:00
Sergey Glukhov
a88faf2a4a Bug#11764994 57900: CREATE TABLE .. SELECT ASSERTS SCALE >= 0 && PRECISION > 0 && SCALE <= PR
Assert fails due to overflow which happens in
Item_func_int_val::fix_num_length_and_dec() as
geometry functions have max_length value equal to
max_field_size(4294967295U). The fix is to skip
max_length calculation for some boundary cases.


mysql-test/r/func_math.result:
  test case
mysql-test/t/func_math.test:
  test case
sql/item_func.cc:
  skip max_length calculation
  if argument max_length is near max_field_size.
2011-03-28 12:35:50 +04:00
Sergey Glukhov
ff23f5360e Bug#11766424 59527: DECIMAL_BIN_SIZE: ASSERTION `SCALE >= 0 && PRECISION > 0 && SCALE <= PRE
Assertion happens due to missing initialization of unsigned_flag
for Item_func_set_user_var object. It leads to incorrect
calculation of decimal field size.
The fix is to add initialization of unsigned_flag.


mysql-test/r/variables.result:
  test case
mysql-test/t/variables.test:
  test case
sql/item_func.cc:
  add initialization of unsigned_flag.
2011-03-28 12:28:30 +04:00
Alexander Barkov
1bc5e76efb BUG#11766519 (bug#59648): MY_STRTOLL10_MB2: ASSERTION `(*ENDPTR - S) % 2 == 0' FAILED
Problem: wrong character set pointer was passed to my_strtoll10_mb2,
which led to DBUG_ASSERT failure in some cases.

  @ mysql-test/r/func_encrypt_ucs2.result
  @ mysql-test/t/func_encrypt_ucs2.test
  @ mysql-test/r/ctype_ucs.result
  @ mysql-test/t/ctype_ucs.test
  Adding tests

  @ sql/item_func.cc
  "cs" initialization was wrong (res does not necessarily point to &str_value)

  @ sql/item_strfunc.cc
  Item_func_dec_encrypt::val_str() and Item_func_des_descrypt::val_str()
  did not set character set for tmp_value (the returned value),
  so the old value, which was previously copied from args[1]->val_str(),
  was incorrectly returned with tmp_value.
2011-03-03 15:04:04 +03:00
Michael Widenius
9aa44bb4b3 Fixed wrong alias usage 2011-03-01 23:24:17 +02:00
Michael Widenius
3358cdd504 Merge with 5.1 to get in changes from MySQL 5.1.55 2011-02-28 19:39:30 +02:00
Michael Widenius
869f5d0e81 Merge with alias as String 2011-02-28 13:16:17 +02:00
Michael Widenius
ff3da0f963 Change TABLE->alias to String for less memory reallocation
Changed some String.ptr() -> String.c_ptr() for String that are not guaranteed to end with \0
Removed some c_ptr() usage from parameters to functions that takes ptr & length
Use preallocate buffers to avoid calling malloc() for most operations. 


sql/event_db_repository.cc:
  alias is now a String
sql/event_scheduler.cc:
  c_ptr -> c_ptr_safe() to avoid warnings from valgrind.
sql/events.cc:
  c_ptr -> c_ptr_safe() to avoid warnings from valgrind.
  c_ptr -> ptr() as function takes ptr & length
sql/field.cc:
  alias is now a String
sql/field.h:
  alias is now a String
sql/ha_partition.cc:
  alias is now a String
sql/handler.cc:
  alias is now a String
  ptr() -> c_ptr() as string is not guaranteed to be \0 terminated
sql/item.cc:
  Store error parameter in separarte buffer to ensure correct error message
sql/item_func.cc:
  ptr() -> c_ptr_safe() as string is not guaranteed to be \0 terminated
sql/item_sum.h:
  Use my_strtod() instead of my_atof() to not have to make string \0 terminated
sql/lock.cc:
  alias is now a String
sql/log.cc:
  c_ptr() -> ptr() as function takes ptr & length
sql/log_event.cc:
  c_ptr_quick() -> ptr() as we only want to get the pointer to String buffer
sql/opt_range.cc:
  ptr() -> c_ptr() as string is not guaranteed to be \0 terminated
sql/opt_table_elimination.cc:
  alias is now a String
sql/set_var.cc:
  ptr() -> c_ptr() as string is not guaranteed to be \0 terminated
  c_ptr() -> c_ptr_safe() to avoid warnings from valgrind.
  c_ptr() -> ptr() as function takes ptr & length
  Simplify some code.
sql/sp.cc:
  c_ptr() -> ptr() as function takes ptr & length
sql/sp_rcontext.cc:
  alias is now a String
sql/sql_base.cc:
  alias is now a String.
  Here we win a realloc() for most alias usage.
sql/sql_class.cc:
  Use size descriptor for printf() to avoid accessing bytes outside of buffer
sql/sql_insert.cc:
  Change allocation of TABLE as it's now contains a String
  _ptr() -> ptr() as function takes ptr & length
sql/sql_load.cc:
  Use preallocate buffers to avoid calling malloc() for most operations.
sql/sql_parse.cc:
  Use c_ptr_safe() to ensure string is \0 terminated.
sql/sql_plugin.cc:
  c_ptr_quick() -> ptr() as function takes ptr & length
sql/sql_select.cc:
  alias is now a String
sql/sql_show.cc:
  alias is now a String
sql/sql_string.h:
  Added move() function to change who owns the string (owner does the free)
sql/sql_table.cc:
  alias is now a String
  c_ptr() -> c_ptr_safe() to avoid warnings from valgrind.
sql/sql_test.cc:
  c_ptr() -> c_ptr_safe() to avoid warnings from valgrind.
  alias is now a String
sql/sql_trigger.cc:
  c_ptr() -> c_ptr_safe() to avoid warnings from valgrind.
  Use field->init() to setup pointers to alias.
sql/sql_update.cc:
  alias is now a String
sql/sql_view.cc:
  ptr() -> c_ptr_safe() as string is not guaranteed to be \0 terminated
sql/sql_yacc.yy:
  r() -> c_ptr() as string is not guaranteed to be \0 terminated
sql/table.cc:
  alias is now a String
sql/table.h:
  alias is now a String
storage/federatedx/ha_federatedx.cc:
  Remove extra 1 byte alloc that is automaticly done by strmake()
  Ensure that error message ends with \0
storage/maria/ha_maria.cc:
  alias is now a String
storage/myisam/ha_myisam.cc:
  alias is now a String
2011-02-28 12:48:50 +02:00
Michael Widenius
58bb0769bd Merge with MySQL 5.1.55
- Fixed some issues with partitions and connection_string, which also fixed lp:716890 "Pre- and post-recovery crash in Aria"
- Fixed wrong assert in Aria

Now need to merge with latest xtradb before pushing 

sql/ha_partition.cc:
  Ensure that m_ordered_rec_buffer is not freed before close.
sql/mysqld.cc:
  Changed to use opt_stack_trace instead of opt_pstack.
  Removed references to pstack
sql/partition_element.h:
  Ensure that connect_string is initialized
storage/maria/ma_key_recover.c:
  Fixed wrong assert
2011-02-20 18:51:43 +02:00
Georgi Kodinov
1ec2fccd6d automerge 2011-01-07 15:30:42 +02:00
Michael Widenius
215043b7c2 Merge with 5.1 2011-01-05 16:03:58 +02:00
Kent Boortz
4acfdb9df1 Merge 2010-12-29 00:47:05 +01:00
Kent Boortz
85323eda8a - Added/updated copyright headers
- Removed files specific to compiling on OS/2
- Removed files specific to SCO Unix packaging
- Removed "libmysqld/copyright", text is included in documentation
- Removed LaTeX headers for NDB Doxygen documentation
- Removed obsolete NDB files
- Removed "mkisofs" binaries
- Removed the "cvs2cl.pl" script
- Changed a few GPL texts to use "program" instead of "library"
2010-12-28 19:57:23 +01:00
Igor Babaev
efbb3c6c90 Fixed LP bug (bug ).
When the optimizer creates items out of other items it does
not have to call the fix_fields method. Usually in these
cases it calls quick_fix_field() that just marks the 
created item as fixed. If the created item is an Item_func
object then calling quick_fix_field() works fine if the
arguments of the created functional item are already fixed.
Otherwise some unfixed nodes remain in the item tree and
it triggers an assertion failure whenever the item is 
evaluated.

Fixed the problem by making the method quick_fix_field
virtual and providing an implementation for the class
Item_func objects that recursively calls the method
for unfixed arguments of any functional item.
2010-12-24 15:30:23 -08:00
Sergey Glukhov
bc56dcea9d Bug#57810 case/when/then : Assertion failed: length || !scale
ASSERT happens due to improper calculation of the max_length
in Item_func_div object, if dividend has max_length == 0 then
Item_func_div::max_length is set to 0 under some circumstances.
The fix:
If decimals == NOT_FIXED_DEC then set
Item_func_div::max_length to max possible
DOUBLE length value.


mysql-test/r/func_math.result:
  test case
mysql-test/t/func_math.test:
  test case
sql/item_func.cc:
  The fix:
  If decimals == NOT_FIXED_DEC then set
  Item_func_div::max_length to max possible
  DOUBLE length value.
2010-12-24 14:05:04 +03:00
Georgi Kodinov
2969956def merge 2010-12-17 15:05:50 +02:00
Sergey Glukhov
fcb83cbf15 Fixed following problems:
--Bug#52157 various crashes and assertions with multi-table update, stored function
--Bug#54475 improper error handling causes cascading crashing failures in innodb/ndb
--Bug#57703 create view cause Assertion failed: 0, file .\item_subselect.cc, line 846
--Bug#57352 valgrind warnings when creating view
--Recently discovered problem when a nested materialized derived table is used
  before being populated and it leads to incorrect result

We have several modes when we should disable subquery evaluation.
The reasons for disabling are different. It could be
uselessness of the evaluation as in case of 'CREATE VIEW'
or 'PREPARE stmt', or we should disable subquery evaluation
if tables are not locked yet as it happens in bug#54475, or
too early evaluation of subqueries can lead to wrong result
as it happened in Bug#19077.
Main problem is that if subquery items are treated as const
they are evaluated in ::fix_fields(), ::fix_length_and_dec()
of the parental items as a lot of these methods have
Item::val_...() calls inside.
We have to make subqueries non-const to prevent unnecessary
subquery evaluation. At the moment we have different methods
for this. Here is a list of these modes:

1. PREPARE stmt;
We use UNCACHEABLE_PREPARE flag.
It is set during parsing in sql_parse.cc, mysql_new_select() for
each SELECT_LEX object and cleared at the end of PREPARE in
sql_prepare.cc, init_stmt_after_parse(). If this flag is set
subquery becomes non-const and evaluation does not happen.

2. CREATE|ALTER VIEW, SHOW CREATE VIEW, I_S tables which
   process FRM files
We use LEX::view_prepare_mode field. We set it before
view preparation and check this flag in
::fix_fields(), ::fix_length_and_dec().
Some bugs are fixed using this approach,
some are not(Bug#57352, Bug#57703). The problem here is
that we have a lot of ::fix_fields(), ::fix_length_and_dec()
where we use Item::val_...() calls for const items.

3. Derived tables with subquery = wrong result(Bug19077)
The reason of this bug is too early subquery evaluation.
It was fixed by adding Item::with_subselect field
The check of this field in appropriate places prevents
const item evaluation if the item have subquery.
The fix for Bug19077 fixes only the problem with
convert_constant_item() function and does not cover
other places(::fix_fields(), ::fix_length_and_dec() again)
where subqueries could be evaluated.

Example:
CREATE TABLE t1 (i INT, j BIGINT);
INSERT INTO t1 VALUES (1, 2), (2, 2), (3, 2);
SELECT * FROM (SELECT MIN(i) FROM t1
WHERE j = SUBSTRING('12', (SELECT * FROM (SELECT MIN(j) FROM t1) t2))) t3;
DROP TABLE t1;

4. Derived tables with subquery where subquery
   is evaluated before table locking(Bug#54475, Bug#52157)

Suggested solution is following:

-Introduce new field LEX::context_analysis_only with the following
 possible flags:
 #define CONTEXT_ANALYSIS_ONLY_PREPARE 1
 #define CONTEXT_ANALYSIS_ONLY_VIEW    2
 #define CONTEXT_ANALYSIS_ONLY_DERIVED 4
-Set/clean these flags when we perform
 context analysis operation
-Item_subselect::const_item() returns
 result depending on LEX::context_analysis_only.
 If context_analysis_only is set then we return
 FALSE that means that subquery is non-const.
 As all subquery types are wrapped by Item_subselect
 it allow as to make subquery non-const when
 it's necessary.


mysql-test/r/derived.result:
  test case
mysql-test/r/multi_update.result:
  test case
mysql-test/r/view.result:
  test case
mysql-test/suite/innodb/r/innodb_multi_update.result:
  test case
mysql-test/suite/innodb/t/innodb_multi_update.test:
  test case
mysql-test/suite/innodb_plugin/r/innodb_multi_update.result:
  test case
mysql-test/suite/innodb_plugin/t/innodb_multi_update.test:
  test case
mysql-test/t/derived.test:
  test case
mysql-test/t/multi_update.test:
  test case
mysql-test/t/view.test:
  test case
sql/item.cc:
  --removed unnecessary code
sql/item_cmpfunc.cc:
  --removed unnecessary checks
  --THD::is_context_analysis_only() is replaced with LEX::is_ps_or_view_context_analysis()
sql/item_func.cc:
  --refactored context analysis checks
sql/item_row.cc:
  --removed unnecessary checks
sql/item_subselect.cc:
  --removed unnecessary code
  --added DBUG_ASSERT into Item_subselect::exec()
    which asserts that subquery execution can not happen
    if LEX::context_analysis_only is set, i.e. at context
    analysis stage.
  --Item_subselect::const_item()
    Return FALSE if LEX::context_analysis_only is set.
    It prevents subquery evaluation in ::fix_fields &
    ::fix_length_and_dec at context analysis stage.
sql/item_subselect.h:
  --removed unnecessary code
sql/mysql_priv.h:
  --Added new set of flags.
sql/sql_class.h:
  --removed unnecessary code
sql/sql_derived.cc:
  --added LEX::context_analysis_only analysis intialization/cleanup
sql/sql_lex.cc:
  --init LEX::context_analysis_only field
sql/sql_lex.h:
  --New LEX::context_analysis_only field
sql/sql_parse.cc:
  --removed unnecessary code
sql/sql_prepare.cc:
  --removed unnecessary code
  --added LEX::context_analysis_only analysis intialization/cleanup
sql/sql_select.cc:
  --refactored context analysis checks
sql/sql_show.cc:
  --added LEX::context_analysis_only analysis intialization/cleanup
sql/sql_view.cc:
  --added LEX::context_analysis_only analysis intialization/cleanup
2010-12-14 12:33:03 +03:00
Gleb Shchepa
e5a88caf08 Bug : more user variable fun with multiple
assignments and comparison in query

A query that compares assignments of the same
user variable caused Valgrind warnings: access
to freed memory region.

In case of a DECIMAL argument the assignment
operator (:=) may return a pointer to a stored
value instead of its copy when evaluated.
The next assignment to the same variable may:
 a) overwrite the stored value with a new one
    and return the same pointer or even
 b) reallocate stored value.

Thus, if we evaluate an assignment and keep
the result pointer and then evaluate another
assignment to the same variable, then the
kept result pointer of the first assignment
will point to unexpectedly changed data or
it may be a dead pointer.

That may cause wrong data or crash.

The user_var_entry::val_decimal method has
been modified to copy user variable data.


mysql-test/r/user_var.result:
  Test case for bug .
mysql-test/t/user_var.test:
  Test case for bug .
sql/item_func.cc:
  Bug : more user variable fun with multiple
              assignments and comparison in query
  
  The user_var_entry::val_decimal method has
  been modified to copy user variable data.
2010-12-06 23:38:31 +03:00
Michael Widenius
1e5061fe3b merge with 5.1 2010-11-30 23:11:03 +02:00
Georgi Kodinov
db8bd7beb8 merge 2010-11-26 14:51:48 +02:00
Michael Widenius
1a6373e8e2 Merge with MySQL 5.1.53
Open issues:
- A better fix for ; Igor is working on this
- Test failure in index_merge_innodb.test ; Igor promised to look at this
- Some Innodb tests fails (need to merge with latest xtradb) ; Kristian promised to look at this.
 - Failing tests: innodb_plugin.innodb_bug56143 innodb_plugin.innodb_bug56632 innodb_plugin.innodb_bug56680 innodb_plugin.innodb_bug57255 
- Werror is disabled;  Should be enabled after merge with xtradb.
2010-11-25 00:57:34 +02:00
Tatiana A. Nurnberg
af6ceb2544 merge 2010-11-24 08:50:04 +00:00
Michael Widenius
b52020221e Merge with MySQL 5.1.52 2010-11-23 23:39:59 +02:00
Ramil Kalimullin
55114ee20c Auto-merge with mysql-5.1-bugteam. 2010-11-23 16:08:10 +03:00
Guilhem Bichot
96b0404940 Fix for Bug#56138 "valgrind errors about overlapping memory when double-assigning same variable",
and related small fixes.

mysql-test/t/user_var.test:
  test for bug
sql/field_conv.cc:
  From the C standard, memcpy() has undefined behaviour if to->ptr==from->ptr
sql/item_func.cc:
  In the case of BUG#56138, entry->value==ptr in which case memcpy()
  has undefined results per the C standard.
sql/sql_select.cc:
  Work around a bug in old gcc
2010-11-22 09:57:59 +01:00
unknown
95b37a254b Merge MariaDB 5.1->5.2 2010-11-19 22:33:47 +01:00
Ramil Kalimullin
e4d2fd35a7 Auto-merge from mysql-5.1-bugteam. 2010-11-18 13:40:57 +03:00
unknown
0de9a4abab MWL#74: Shared libmysqld.so library.
Switch makefiles to use libtool to build libmysqld.so, as well as all its
dependencies.

The previous MYSQL_PLUGIN_DEPENDS_ON_MYSQL_INTERNALS() declaration is removed,
as it does not work well with a libtool build. Instead, plugins that need it
can specify an alternate object in MYSQL_PLUGIN_STATIC() that will be used for
embedded library. The plugin must then take care itself of compiling the
special object for embedded, rebuilding the source files previously listed in
MYSQL_PLUGIN_DEPENDS_ON_MYSQL_INTERNALS() with @plugin_embedded_defs@ in
CFLAGS/CXXFLAGS. The extra target @XXX_embedded_static_target@ is available
for the special object, this will be empty when --without-embedded-server.

All in-tree plugins are changed to build their static targets with libtool.
Additional plugins that want to work with libmysqld.so will need to be
similarly modified to build with libtool (or otherwise provide an -fPIC
object). Dynamically loaded plugins are not affected.

The old libraries like libmysys.a, libmyisam.a and similar libraries, which
were installed by `make install` though this is of little use, are still built
and installed to not break package scripts etc. that expect them. These
libraries are kept static to avoid introducing new .so dependencies.

The patch also fixes a handfull of duplicate symbol linker errors, where we
included some object twice during linking; these for one reason or another did
not produce errors before but caused problems on some platforms with this
patch (eg. Mac OS X linker is more strict for shared objects).

This patch only does what is necessary to build libmysqld.so. There are some
more cleanups that are possible now that we are using libtool more fully,
which could done in subsequent patches (though we may not bother as we are
switching from autotools to CMake anyway):

 - In libmysql_r/, we should be able to just link libmysys.la etc, instead of
   symlinking and re-compiling sources into the directory.

 - In libmysql/, we can similarly avoid symlinking and recompiling sources if
   we instead build a libmysys_nothread.la library with appropriate CFLAGS and
   link that.

 - In sql/, we can build a separate target libmysql_int.la with appropriate
   CFLAGS for embedded and use that in libmysqld/ instead of symlinking
   sources.

 - libmysys.a, libmyisam.a and similar libraries could be installed as .so
   also to save on code size; or alternatively could be not installed at all.


client/Makefile.am:
  Updated for using libtool
config/ac-macros/plugins.m4:
  Replace MUSQL_PLUGIN_DEPENDS_ON_MYSQL_INTERNALS with mechanism for plugins
  to specify alternate object for embedded.
configure.in:
  Fix linking duplicate objects related to THREAD_LOBJECTS.
dbug/Makefile.am:
  Updated for using libtool
extra/Makefile.am:
  Fix relative paths.
libmysqld/Makefile.am:
  Build libmysqld.la using libtool
libmysqld/examples/Makefile.am:
  Updated to use libtool
mysys/Makefile.am:
  Updated to use libtool.
  Fix linking duplicate objects related to THREAD_LOBJECTS.
mysys/my_uuid.c:
  Fix conflicting global mutex name by making it static.
regex/Makefile.am:
  Updated to use libtool
sql/Makefile.am:
  Updated to use libtool
sql/item_func.cc:
  Fix conflicting mutex name.
sql/mysql_priv.h:
  Fix conflicting mutex name
sql/mysqld.cc:
  Fix conflicting mutex name.
  Add missing call of my_uuid_end().
storage/archive/Makefile.am:
  Updated to use libtool
storage/archive/plug.in:
  Updated to use libtool
storage/blackhole/Makefile.am:
  Updated to use libtool
storage/blackhole/plug.in:
  Updated to use libtool
storage/csv/Makefile.am:
  Updated to use libtool
storage/csv/plug.in:
  Updated to use libtool
storage/example/Makefile.am:
  Updated to use libtool
storage/federated/Makefile.am:
  Updated to use libtool
storage/federated/plug.in:
  Updated to use libtool
storage/federatedx/Makefile.am:
  Updated to use libtool
storage/federatedx/plug.in:
  Updated to use libtool
storage/heap/Makefile.am:
  Updated to use libtool
storage/heap/plug.in:
  Updated to use libtool
storage/innobase/Makefile.am:
  Updated to use libtool
storage/innobase/plug.in.disabled:
  Updated to use libtool
storage/innodb_plugin/Makefile.am:
  Updated to use libtool
storage/maria/CMakeLists.txt:
  Fix linking duplicate object in maria_dump_log, causes failure on Mac OS X
storage/maria/Makefile.am:
  Updated to use libtool
  Fix linking duplicate object in maria_dump_log, causes link failure on Mac OS X
storage/maria/ma_loghandler.c:
  Move maria_dump_log code to separate file to fix duplicate object link failures.
storage/maria/ma_loghandler.h:
  Move maria_dump_log code to separate file to fix duplicate object link failures.
storage/maria/maria_dump_log.c:
  Move maria_dump_log code to separate file to fix duplicate object link failures.
storage/maria/plug.in:
  Updated to use libtool
storage/myisam/Makefile.am:
  Updated to use libtool
storage/myisam/plug.in:
  Updated to use libtool
storage/myisammrg/Makefile.am:
  Updated to use libtool
storage/myisammrg/plug.in:
  Updated to use libtool
storage/pbxt/plug.in:
  Updated to use libtool
storage/pbxt/src/Makefile.am:
  Updated to use libtool
storage/xtradb/Makefile.am:
  Updated to use libtool
storage/xtradb/plug.in:
  Updated to use libtool
strings/Makefile.am:
  Updated to use libtool
unittest/unit.pl:
  Don't attempt to run libtool internal files as unit tests.
vio/Makefile.am:
  Updated to use libtool
2010-11-17 13:24:20 +01:00
Tatiana A. Nurnberg
c4fa6a3862 Bug#43233: Some server variables are clipped during "update," not "check" stage
Bug#55794: ulonglong options of mysqld show wrong values.

Port the few remaining system variables to the correct mechanism --
range-check in check-stage (and throw error or warning at that point
as needed and depending on STRICTness), update in update stage.
Fix some signedness errors when retrieving sysvar values for display.

mysql-test/r/variables.result:
  Show that we throw warnings or errors depending on strictness
  even for "special" variables now.
mysql-test/t/variables.test:
  Show that we throw warnings or errors depending on strictness
  even for "special" variables now.
sql/item_func.cc:
  show sys_var_ulonglong_ptr and SHOW_LONGLONG type variables as unsigned.
sql/set_var.cc:
  move range-checking from update stage to check stage for the remaining
  few sys-vars that broke the pattern
sql/set_var.h:
  add check functions.
2010-11-11 11:35:48 +00:00
Dmitry Shulga
2c16c7e985 Fixed Bug#57386 - main.execution_constants segfault on MIPS64EL.
sql/item_func.cc:
  Item_func::fix_fields modified: increased minimal required stack
  size in call to check_stack_overrun().
2010-11-10 11:49:37 +06:00
Sergey Glukhov
c7371c9e75 Bug#57477 SIGFPE when dividing a huge number a negative number
The problem is dividing by const value when
the result is out of supported range.
The fix:
-return LONGLONG_MIN if the result is out of supported range for DIV operator.
-return 0 if divisor is -1 for MOD operator.


mysql-test/r/func_math.result:
  test case
mysql-test/t/func_math.test:
  test case
sql/item_func.cc:
  -return LONGLONG_MIN if the result is out of supported range for DIV operator.
  -return 0 if divisor is -1 for MOD operator.
2010-10-27 18:12:10 +04:00
Sergei Golubchik
04a4b43346 merge with 5.1 2010-10-25 15:21:16 +02:00
Sergei Golubchik
745cc74c33 5.1.51 merge 2010-10-19 15:58:35 +02:00
Sergey Glukhov
127c721cef Bug#54484 explain + prepared statement: crash and Got error -1 from storage engine
Subquery executes twice, at top level JOIN::optimize and ::execute stages.
At first execution create_sort_index() function is called and
FT_SELECT object is created and destroyed. HANDLER::ft_handler is cleaned up
in the object destructor and at second execution FT_SELECT::get_next() method
returns error.
The fix is to reinit HANDLER::ft_handler field before re-execution of subquery.


mysql-test/r/fulltext.result:
  test case
mysql-test/t/fulltext.test:
  test case
sql/item_func.cc:
  reinit ft_handler before re-execution of subquery
sql/item_func.h:
  Fixed method name
sql/sql_select.cc:
  reinit ft_handler before re-execution of subquery
2010-10-18 14:47:26 +04:00
Georgi Kodinov
292a72a043 merged mysql-5.1 into mysql-5.1-bugteam 2010-10-05 11:11:56 +03:00
Michael Widenius
ca672e6b61 Automatic merge 2010-10-01 18:27:32 +03:00
Michael Widenius
bdba1d11c4 Change some my_bool in C++ classes and a few functions to bool to detect wrong usage of bool/my_bool.
Fix some bugs where we stored values other than 0 or 1 in my_bool
Fixed some compiler warnings


client/mysql.cc:
  Changed interrupted_query from my_bool to int, as we stored 2 in it.
client/mysqladmin.cc:
  Changed return variable type to same type as function value type
client/mysqltest.cc:
  Changed 'found' to int as we store other values than 0 or 1 into it
  Changed type for parameter of set_reconnect() to match usage.
extra/libevent/evbuffer.c:
  Added __attribute__((unused))
extra/libevent/event.c:
  Added __attribute__((unused))
extra/libevent/signal.c:
  Added __attribute__((unused))
sql/event_data_objects.h:
  my_bool -> bool
sql/event_db_repository.cc:
  my_bool -> bool
sql/event_db_repository.h:
  my_bool -> bool
sql/event_parse_data.h:
  my_bool -> bool
sql/events.cc:
  my_bool -> bool
sql/events.h:
  my_bool -> bool
sql/field.cc:
  my_bool -> bool
sql/field.h:
  my_bool -> bool
sql/hash_filo.h:
  my_bool -> bool
sql/item.cc:
  my_bool -> bool
sql/item.h:
  my_bool -> bool
sql/item_cmpfunc.h:
  my_bool -> bool
  Changed result_for_null_param from my_bool to int as we stored -1 in it.
sql/item_func.cc:
  my_bool -> bool
  Modified udf wrapper functions so that the UDF functions would continue to use my_bool. (To keep compatibility with UDF:s)
sql/item_func.h:
  my_bool -> bool
sql/item_subselect.h:
  my_bool -> bool
sql/item_sum.cc:
  Modified udf wrapper functions so that the UDF functions would continue to use my_bool. (To keep compatibility with UDF:s)
sql/parse_file.h:
  my_bool -> bool
sql/rpl_mi.h:
  my_bool -> bool
sql/sp_rcontext.h:
  my_bool -> bool
sql/sql_analyse.h:
  my_bool -> bool
sql/sql_base.cc:
  Change some assignments so that we don't initialize bool variables with int's.
sql/sql_bitmap.h:
  my_bool -> bool
sql/sql_cache.cc:
  my_bool -> bool
sql/sql_cache.h:
  my_bool -> bool
sql/sql_class.h:
  my_bool -> bool
sql/sql_insert.cc:
  Change some assignments so that we don't initialize bool variables with int's.
sql/sql_prepare.cc:
  my_bool -> bool
sql/table.h:
  my_bool -> bool
storage/maria/ma_check.c:
  Removed duplicate assignment
strings/decimal.c:
  Fixed wrong variable usage.
  Don't do complex arithmetic on bool when simple works.
2010-09-24 01:00:32 +03:00
Sergei Golubchik
a3d80d952d merge with 5.1 2010-09-11 20:43:48 +02:00
Michael Widenius
ad6d95d3cb Merge with MySQL 5.1.50
- Changed to still use bcmp() in certain cases becasue
  - Faster for short unaligneed strings than memcmp()
  - Bettern when using valgrind
- Changed to use my_sprintf() instead of sprintf() to get higher portability for old systems
- Changed code to use MariaDB version of select->skip_record()
- Removed -%::SCCS/s.% from Makefile.am:s to remove automake warnings
2010-08-27 17:12:44 +03:00
Georgi Kodinov
6bea77aefe Bug : create table .. select crashes with when
KILL_BAD_DATA is returned

Two problems discovered with the LEAST()/GREATEST() 
functions:
1. The check for a null value should happen even 
after the second call to val_str() in the args. This is
important because two subsequent calls to the same
Item::val_str() may yield different results.
Fixed by checking for NULL value before dereferencing
the string result.

2. While looping over the arguments and evaluating them 
the loop should stop if there was an error evaluating so far
or the statement was killed. Fixed by checking for error
and bailing out.
2010-08-20 11:52:16 +03:00
Georgi Kodinov
0b7c5f4dcc Bug : LONG BLOB value types are not recognized
Fixed the length of system variables to be 2^24 - 1 
as it is documented for MEDIUMBLOB instead of 
2^24.
2010-08-16 16:43:21 +03:00
Georgi Kodinov
4bf81165e4 Bug and bug
An user assignment variable expression that's 
evaluated in a logical expression context 
(Item::val_bool()) can be pre-calculated in a 
temporary table for GROUP BY.
However when the expression value is used after the
temp table creation it was re-evaluated instead of
being read from the temp table due to a missing 
val_bool_result() method.
Fixed by implementing the method.
2010-08-13 14:18:46 +03:00
Gleb Shchepa
80aa882497 Bug : crash with longblob and union or update with subquery
Queries may crash, if
  1) the GREATEST or the LEAST function has a mixed list of
     numeric and LONGBLOB arguments and
  2) the result of such a function goes through an intermediate
     temporary table.

An Item that references a LONGBLOB field has max_length of
UINT_MAX32 == (2^32 - 1).

The current implementation of GREATEST/LEAST returns REAL
result for a mixed list of numeric and string arguments (that
contradicts with the current documentation, this contradiction
was discussed and it was decided to update the documentation).

The max_length of such a function call was calculated as a
maximum of argument max_length values (i.e. UINT_MAX32).

That max_length value of UINT_MAX32 was used as a length for
the intermediate temporary table Field_double to hold
GREATEST/LEAST function result.

The Field_double::val_str() method call on that field
allocates a String value.

Since an allocation of String reserves an additional byte
for a zero-termination, the size of String buffer was
set to (UINT_MAX32 + 1), that caused an integer overflow:
actually, an empty buffer of size 0 was allocated.

An initialization of the "first" byte of that zero-size
buffer with '\0' caused a crash.

The Item_func_min_max::fix_length_and_dec() has been
modified to calculate max_length for the REAL result like
we do it for arithmetical operators.


******
Bug : crash with longblob and union or update with subquery

Queries may crash, if
  1) the GREATEST or the LEAST function has a mixed list of
     numeric and LONGBLOB arguments and
  2) the result of such a function goes through an intermediate
     temporary table.

An Item that references a LONGBLOB field has max_length of
UINT_MAX32 == (2^32 - 1).

The current implementation of GREATEST/LEAST returns REAL
result for a mixed list of numeric and string arguments (that
contradicts with the current documentation, this contradiction
was discussed and it was decided to update the documentation).

The max_length of such a function call was calculated as a
maximum of argument max_length values (i.e. UINT_MAX32).

That max_length value of UINT_MAX32 was used as a length for
the intermediate temporary table Field_double to hold
GREATEST/LEAST function result.

The Field_double::val_str() method call on that field
allocates a String value.

Since an allocation of String reserves an additional byte
for a zero-termination, the size of String buffer was
set to (UINT_MAX32 + 1), that caused an integer overflow:
actually, an empty buffer of size 0 was allocated.

An initialization of the "first" byte of that zero-size
buffer with '\0' caused a crash.

The Item_func_min_max::fix_length_and_dec() has been
modified to calculate max_length for the REAL result like
we do it for arithmetical operators.



mysql-test/r/func_misc.result:
  Test case for bug .
  
  ******
  Test case for bug .
mysql-test/t/func_misc.test:
  Test case for bug .
  
  ******
  Test case for bug .
sql/item_func.cc:
  Bug : crash with longblob and union or update with subquery
  
  The Item_func_min_max::fix_length_and_dec() has been
  modified to calculate max_length for the REAL result like
  we do it for arithmetical operators.
  
  ******
  Bug : crash with longblob and union or update with subquery
  
  The Item_func_min_max::fix_length_and_dec() has been
  modified to calculate max_length for the REAL result like
  we do it for arithmetical operators.
2010-08-01 22:12:36 +04:00