Problem: GROUP BY on empty ucs2 strings crashed server.
Reason: sometimes mi_unique_hash() is executed with
ptr=null and length=0, which means "empty string".
The branch of code handling UCS2 character set
was not safe against ptr=null and fell into and
endless loop even if length=0 because of poiter
arithmetic overflow.
Fix: adding special check for length=0 to avoid pointer arithmetic
overflow.
mysql-test/r/ctype_uca.result:
Adding test case
mysql-test/t/ctype_uca.test:
Adding test case
strings/ctype-uca.c:
Fix my_uca_scanner_init_ucs2 to be safe against
strings with length=0 and ptr=0.
what it actually means (Monty approved the renaming)
- correcting description of transaction_alloc command-line options
(our manual is correct)
- fix for a failure of rpl_trigger.
mysql-test/t/rpl_misc_functions.test:
test was cleaning up only on slave, but it's also needed on master,
otherwise it influences rpl_trigger.test
sql/lock.cc:
clearer name
sql/mysqld.cc:
I checked the code that those two variables are not about binlogging
but about the size of the transaction's memroot which is used
to create savepoint structures and to store list of tables to be invalidated
(for NDB). The manual has a correct description, no need to fix it.
sql/sql_base.cc:
clearer name
sql/sql_derived.cc:
clearer name
sql/sql_select.cc:
clearer name
sql/table.h:
clearer name: TMP_TABLE is used for non-transactional tables.
When the SUBSTRING() function was used over a LONGTEXT field the max_length of
the SUBSTRING() result was wrongly calculated and set to 0. As the max_length
parameter is used while tmp field creation it limits the length of the result
field and leads to printing an empty string instead of the correct result.
Now the Item_func_substr::fix_length_and_dec() function correctly calculates
the max_length parameter.
mysql-test/t/func_str.test:
Added a test case for the bug#15757: Wrong SUBSTRING() result when a tmp table was employed.
mysql-test/r/func_str.result:
Added a test case for the bug#15757: Wrong SUBSTRING() result when a tmp table was employed.
sql/item_strfunc.cc:
Bug#15757: Wrong SUBSTRING() result when a tmp table was employed.
Now the Item_func_substr::fix_length_and_dec() function correctly calculates
the max_length parameter.
into moonbone.local:/mnt/gentoo64/work/25373-bug-5.0-opt-mysql
mysql-test/r/func_str.result:
Auto merged
mysql-test/r/subselect.result:
Auto merged
mysql-test/r/union.result:
Auto merged
sql/item.cc:
Auto merged
Crash happened because the function get_best_group_min_max detected
joins with ROLLUP incorrectly.
mysql-test/r/olap.result:
Added a test case for bug #26830.
mysql-test/t/olap.test:
Added a test case for bug #26830.
away.
Additional fix for bug#22331. Now Item_field prints its value in the case of
the const field.
mysql-test/r/varbinary.result:
Corrected test case after fix for bug#22331.
mysql-test/r/union.result:
Corrected test case after fix for bug#22331.
mysql-test/r/subselect.result:
Corrected test case after fix for bug#22331.
mysql-test/r/func_test.result:
Corrected test case after fix for bug#22331.
mysql-test/r/having.result:
Corrected test case after fix for bug#22331.
mysql-test/r/func_regexp.result:
Corrected test case after fix for bug#22331.
mysql-test/r/func_str.result:
Corrected test case after fix for bug#22331.
mysql-test/r/func_default.result:
Corrected test case after fix for bug#22331.
mysql-test/r/explain.result:
Corrected test case after fix for bug#22331.
sql/sql_union.cc:
Bug#22331: Wrong WHERE in EXPLAIN EXTENDED when all expressions were optimized
away.
Cleanup of the SELECT_LEX::order_list list.
sql/item.h:
Bug#22331: Wrong WHERE in EXPLAIN EXTENDED when all expressions were optimized
away.
Added the print() member function to the Item_field class.
sql/item.cc:
Bug#22331: Wrong WHERE in EXPLAIN EXTENDED when all expressions were optimized
away.
Added the print() member function to the Item_field class.
When rand() is called multiple times inside a stored procedure, the server does
not binlog the correct random seed values.
This patch corrects the problem by resetting rand_used= 0 in
THD::cleanup_after_query() allowing the system to save the random seeds if needed
for each command in a stored procedure body.
However, rand_used is not reset if executing in a stored function or trigger
because these operations are binlogged by call and thus only the calling statement
need detect the call to rand() made by its substatements. These substatements must
not set rand_used to 0 because it would remove the detection of rand() by the
calling statement.
mysql-test/r/rpl_misc_functions.result:
Bug #25543 Replication of wrong values if using rand() in stored procedure
The result file was modified to include the correct processing of the new
additions to the test. The results from execution are written to files on
both the master and the slave. The files are compared to ensure the values
from rand() generated on the master are correctly generated on the slave.
mysql-test/t/rpl_misc_functions.test:
Bug #25543 Replication of wrong values if using rand() in stored procedure
The test was modified to include a test of a stored procedure that calls
the rand() function multiple times.
The results from execution are written to files on both the master and the
slave. The files are compared to ensure the values from rand() generated
on the master are correctly generated on the slave.
sql/sql_class.cc:
Bug #25543 Replication of wrong values if using rand() in stored procedure
The code was modified to reset rand_used so that detection of calls to rand()
will save random seeds if needed by the slave.
into magare.gmz:/home/kgeorge/mysql/autopush/B26281-5.0-opt
sql/item_strfunc.cc:
Auto merged
mysql-test/r/func_str.result:
resolved test merge conflicts
mysql-test/t/func_str.test:
resolved test merge conflicts
Fixed boundry checks in the INSERT() function:
were one off.
mysql-test/r/func_str.result:
Bug #26281: test case
mysql-test/t/func_str.test:
Bug #26281: test case
sql/item_strfunc.cc:
Bug #26281: fixed boundry checks
construct references invalid name.
Derived tables currently cannot use outer references.
Thus there is no outer context for them.
The 4.1 code takes this fact into account while the
Item_field::fix_outer_field code of 5.0 lost the check that blocks
any attempts to resolve names in outer context for derived tables.
mysql-test/r/union.result:
Added a test case for bug #26661.
mysql-test/t/union.test:
Added a test case for bug #26661.
sql/item.cc:
Fixed bug #26661.
Derived tables currently cannot use outer references.
Thus there is no outer context for them.
The 4.1 code takes this fact into account while the
Item_field::fix_outer_field code of 5.0 lost the check that blocks
any attempts to resolve names in outer context for derived tables.
into mysql.com:/home/hf/work/mrg/mysql-5.0-opt
mysql-test/r/order_by.result:
Auto merged
mysql-test/r/subselect.result:
Auto merged
mysql-test/t/order_by.test:
Auto merged
mysql-test/t/sp.test:
Auto merged
sql/item.cc:
Auto merged
sql/item_cmpfunc.cc:
Auto merged
sql/item_cmpfunc.h:
Auto merged
sql/item_func.cc:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/sql_base.cc:
Auto merged
sql/sql_insert.cc:
Auto merged
sql/sql_lex.cc:
Auto merged
sql/sql_lex.h:
Auto merged
sql/sql_load.cc:
Auto merged
sql/sql_parse.cc:
Auto merged
sql/sql_select.cc:
Auto merged
sql/sql_update.cc:
Auto merged
mysql-test/r/func_str.result:
merging
mysql-test/r/sp.result:
merging
mysql-test/r/view.result:
merging
mysql-test/t/func_str.test:
merging
mysql-test/t/view.test:
merging
into quadxeon.mysql.com:/benchmarks/ext3/TOSAVE/tsmith/bk/maint/mrg0306/50
sql/mysqld.cc:
Auto merged
sql/sql_class.cc:
Auto merged
sql/sql_class.h:
Auto merged
sql/sql_parse.cc:
Auto merged
Postfix for bug#22331 for windows platform.
explain.test, explain.result:
Cleanup after bugfix#22331.
mysql-test/t/explain.test:
Cleanup after bugfix#22331.
mysql-test/r/explain.result:
Cleanup after bugfix#22331.
sql/sql_select.cc:
Postfix for bug#22331 for windows platform.
into moonbone.local:/mnt/gentoo64/work/25373-bug-5.0-opt-mysql
mysql-test/r/subselect.result:
Auto merged
sql/sql_lex.h:
Auto merged
sql/sql_select.cc:
Auto merged
sql/sql_lex.cc:
SCCS merged
result.
For built-in functions like sqrt() function names are hard-coded and can be
compared by pointer. But this isn't the case for a used-defined stored
functions - names there are dynamical and should be compared as strings.
Now the Item_func::eq() function employs my_strcasecmp() function to compare
used-defined stored functions names.
mysql-test/t/sp.test:
Added a test case for bug#25373: Stored functions wasn't compared correctly which leads to a wrong result.
mysql-test/r/sp.result:
Added a test case for bug#25373: Stored functions wasn't compared correctly which leads to a wrong result.
sql/item_func.cc:
Bug#25373: Stored functions wasn't compared correctly which leads to a wrong
result.
Now the Item_func::eq() function employs my_strcasecmp() function to compare
used-defined stored functions names.
away.
During optimization stage the WHERE conditions can be changed or even
be removed at all if they know for sure to be true of false. Thus they aren't
showed in the EXPLAIN EXTENDED which prints conditions after optimization.
Now if all elements of an Item_cond were removed this Item_cond is substituted
for an Item_int with the int value of the Item_cond.
If there were conditions that were totally optimized away then values of the
saved cond_value and having_value will be printed instead.
mysql-test/t/explain.test:
Added a test case for the bug#22331: Wrong WHERE in EXPLAIN EXTENDED when all expressions were optimized away.
mysql-test/r/subselect.result:
Corrected test case result after fix for bug#22331.
mysql-test/r/func_test.result:
Corrected test case result after fix for bug#22331.
mysql-test/r/explain.result:
Added a test case for the bug#22331: Wrong WHERE in EXPLAIN EXTENDED when all expressions were optimized away.
sql/sql_select.cc:
Bug#22331: Wrong WHERE in EXPLAIN EXTENDED when all expressions were optimized
away.
Now if all elements of an Item_cond were removed this Item_cond is substituted
for an Item_int with the int value of the Item_cond.
If there were conditions that were totally optimized away then values of the
saved cond_value and having_value will be printed instead.
sql/sql_lex.h:
Bug#22331: Wrong WHERE in EXPLAIN EXTENDED when all expressions were optimized
away.
The cond_value and the having_value variables are
added to the SELECT_LEX class.
sql/sql_lex.cc:
Bug#22331: Wrong WHERE in EXPLAIN EXTENDED when all expressions were optimized
away.
The initialization of the cond_value and the having_value variables.
sql/sql_select.h:
Bug#22331: Wrong WHERE in EXPLAIN EXTENDED when all expressions were optimized
away.
Now having_value is also stored in the JOIN class.
- When attempting to associate a Windows File handle to a C run-time file
handle there is an upper bound. Once reached, the newly created handles
will cause a memory leak since they are not properly associated with a
handle that can later be cleaned up.
mysys/my_open.c:
Bug#25222 Win32 HANDLE leak in my_sopen()
- Check for failure in _open_osfhandle and close allocated HANDLE on failure.
into bodhi.local:/opt/local/work/mysql-5.0-26750
sql/mysqld.cc:
Auto merged
sql/sql_class.cc:
Auto merged
sql/sql_parse.cc:
Auto merged
sql/sql_class.h:
Manual merge.
fixes).
The legend: on a replication slave, in case a trigger creation
was filtered out because of application of replicate-do-table/
replicate-ignore-table rule, the parsed definition of a trigger was not
cleaned up properly. LEX::sphead member was left around and leaked
memory. Until the actual implementation of support of
replicate-ignore-table rules for triggers by the patch for Bug 24478 it
was never the case that "case SQLCOM_CREATE_TRIGGER"
was not executed once a trigger was parsed,
so the deletion of lex->sphead there worked and the memory did not leak.
The fix:
The real cause of the bug is that there is no 1 or 2 places where
we can clean up the main LEX after parse. And the reason we
can not have just one or two places where we clean up the LEX is
asymmetric behaviour of MYSQLparse in case of success or error.
One of the root causes of this behaviour is the code in Item::Item()
constructor. There, a newly created item adds itself to THD::free_list
- a single-linked list of Items used in a statement. Yuck. This code
is unaware that we may have more than one statement active at a time,
and always assumes that the free_list of the current statement is
located in THD::free_list. One day we need to be able to explicitly
allocate an item in a given Query_arena.
Thus, when parsing a definition of a stored procedure, like
CREATE PROCEDURE p1() BEGIN SELECT a FROM t1; SELECT b FROM t1; END;
we actually need to reset THD::mem_root, THD::free_list and THD::lex
to parse the nested procedure statement (SELECT *).
The actual reset and restore is implemented in semantic actions
attached to sp_proc_stmt grammar rule.
The problem is that in case of a parsing error inside a nested statement
Bison generated parser would abort immediately, without executing the
restore part of the semantic action. This would leave THD in an
in-the-middle-of-parsing state.
This is why we couldn't have had a single place where we clean up the LEX
after MYSQLparse - in case of an error we needed to do a clean up
immediately, in case of success a clean up could have been delayed.
This left the door open for a memory leak.
One of the following possibilities were considered when working on a fix:
- patch the replication logic to do the clean up. Rejected
as breaks module borders, replication code should not need to know the
gory details of clean up procedure after CREATE TRIGGER.
- wrap MYSQLparse with a function that would do a clean up.
Rejected as ideally we should fix the problem when it happens, not
adjust for it outside of the problematic code.
- make sure MYSQLparse cleans up after itself by invoking the clean up
functionality in the appropriate places before return. Implemented in
this patch.
- use %destructor rule for sp_proc_stmt to restore THD - cleaner
than the prevoius approach, but rejected
because needs a careful analysis of the side effects, and this patch is
for 5.0, and long term we need to use the next alternative anyway
- make sure that sp_proc_stmt doesn't juggle with THD - this is a
large work that will affect many modules.
Cleanup: move main_lex and main_mem_root from Statement to its
only two descendants Prepared_statement and THD. This ensures that
when a Statement instance was created for purposes of statement backup,
we do not involve LEX constructor/destructor, which is fairly expensive.
In order to track that the transformation produces equivalent
functionality please check the respective constructors and destructors
of Statement, Prepared_statement and THD - these members were
used only there.
This cleanup is unrelated to the patch.
sql/log_event.cc:
THD::main_lex is private and should not be used.
sql/mysqld.cc:
Move MYSQLerror to sql_yacc.yy as it depends on LEX headers now.
sql/sql_class.cc:
Cleanup: move main_lex and main_mem_root to THD and Prepared_statement
sql/sql_class.h:
Cleanup: move main_lex and main_mem_root to THD and Prepared_statement
sql/sql_lex.cc:
Implement st_lex::restore_lex()
sql/sql_lex.h:
Declare st_lex::restore_lex().
sql/sql_parse.cc:
Consolidate the calls to unit.cleanup() and deletion of lex->sphead
in mysql_parse (COM_QUERY handler)
sql/sql_prepare.cc:
No need to delete lex->sphead to restore memory roots now in case of a
parse error - this is done automatically inside MYSQLparse
sql/sql_trigger.cc:
This code could lead to double deletion apparently, as in case
of an error lex.sphead was never reset.
sql/sql_yacc.yy:
Trap all returns from the parser to ensure that MySQL-specific cleanup
is invoked: we need to restore the global state of THD and LEX in
case of a parsing error. In case of a parsing success this happens as
part of normal grammar reduction process.
