mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2025-02-02 20:11:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
175601 commits 2794 branches 343 tags 1.5 GiB
Commit graph

2150 commits

Author SHA1 Message Date
Sergei Golubchik
5e0038b376 cleanup: remove Regexp_processor_pcre::m_subpatterns_needed 
it's unused now.
 2017-05-29 21:07:54 +02:00
Sergei Golubchik
2372bfaa7b MDEV-12942 REGEXP_INSTR returns 1 when using brackets 
always use full m_SubStrVec length in pcre_exec, we don't know
how many subexpressions user's regexp will have
 2017-05-29 21:07:54 +02:00
Marko Mäkelä
13a350ac29 Merge 10.0 into 10.1 2017-05-19 12:29:37 +03:00
Sergei Golubchik
52aa200919 MDEV-12420 max_recursive_iterations did not prevent a stack-overflow and segfault 
post-review fixes
* move pcre-specific variable out of mysys
* don't use current_thd
* move a commonly used macro to my_sys.h
* remove new sysvar
 2017-05-15 22:23:10 +02:00
Daniel Black
fbc057ad36 MDEV-12420: add full list of pcre error messages 2017-05-15 22:23:10 +02:00
Daniel Black
d672f88ef7 MDEV-12420: PCRE stack overflow 
It was possible to construct a PCRE expression that exceeded the stack.
resulting in a crash:

With fix:

MariaDB [(none)]> SELECT 1
    -> FROM dual
    -> WHERE ('Alpha,Bravo,Charlie,Delta,Echo,Foxtrot,StrataCentral,Golf,Hotel,India,Juliet,Kilo,Lima,Mike,StrataL3,November,Oscar,StrataL2,Sand,P3,P4SwitchTest,Arsys,Poppa,ExtensionMgr,Arp,Quebec,Romeo,StrataApiV2,PtReyes,Sierra,SandAcl,Arrow,Artools,BridgeTest,Tango,SandT,PAlaska,Namespace,Agent,Qos,PatchPanel,ProjectReport,Ark,Gimp,Agent,SliceAgent,Arnet,Bgp,Ale,Tommy,Central,AsicPktTestLib,Hsc,SandL3,Abuild,Pca9555,Standby,ControllerDut,CalSys,SandLib,Sb820,PointV2,BfnLib,Evpn,BfnSdk,Sflow,ManagementActive,AutoTest,GatedTest,Bgp,Sand,xinetd,BfnAgentLib,bf-utils,Hello,BfnState,Eos,Artest,Qos,Scd,ThermoMgr,Uniform,EosUtils,Eb,FanController,Central,BfnL3,BfnL2,tcp_wrappers,Victor,Environment,Route,Failover,Whiskey,Xray,Gimp,BfnFixed,Strata,SoCal,XApi,Msrp,XpProfile,tcpdump,PatchPanel,ArosTest,FhTest,Arbus,XpAcl,MacConc,XpApi,telnet,QosTest,Alpha2,BfnVlan,Stp,VxlanControllerTest,MplsAgent,Bravo2,Lanz,BfnMbb,Intf,XCtrl,Unicast,SandTunnel,L3Unicast,Ipsec,MplsTest,Rsvp,EthIntf,StageMgr,Sol,MplsUtils,Nat,Ira,P4NamespaceDut,Counters,Charlie2,Aqlc,Mlag,Power,OpenFlow,Lag,RestApi,BfdTest,strongs,Sfa,CEosUtils,Adt746,MaintenanceMode,MlagDut,EosImage,IpEth,MultiProtocol,Launcher,Max3179,Snmp,Acl,IpEthTest,PhyEee,bf-syslibs,tacc,XpL2,p4-ar-switch,p4-bf-switch,LdpTest,BfnPhy,Mirroring,Phy6,Ptp'
    ->
    -> REGEXP '^((?!\b(Strata|StrataApi|StrataApiV2)\b).)*$');
Empty set, 1 warning (0.00 sec)

MariaDB [(none)]> show warnings;
+---------+------+---------------------------------------------------------+
| Level   | Code | Message                                                 |
+---------+------+---------------------------------------------------------+
| Warning | 1139 | Got error 'pcre_exec: Internal error (-21)' from regexp |
+---------+------+---------------------------------------------------------+
 2017-05-15 22:23:10 +02:00
Marko Mäkelä
ad0c218a44 Merge 10.0 into 10.1 
Also, implement MDEV-11027 a little differently from 5.5 and 10.0:

recv_apply_hashed_log_recs(): Change the return type back to void
(DB_SUCCESS was always returned).

Report progress also via systemd using sd_notifyf().
 2017-03-09 08:53:08 +02:00
Tor Didriksen
e823023e4b Bug#18411494 WRONG COMPARSION ON BIG DECIMAL VALUES 
Problem: integer literals may be converted to floats for
comparison with decimal data. If the integers are large,
we may lose precision, and give wrong results.

Fix: for
  <non-const decimal expression> <cmp> <const string expression>
  or
  <const string expression> <cmp> <non-const decimal expression>
we override the compare_type chosen by item_cmp_type(), and
do comparison as decimal rather than float.

(cherry picked from commit 1cf3489ba4 and edited by Johannes Weißl <jargon@molb.org>)
 2017-03-06 23:36:48 +04:00
Sergei Golubchik
f7d030489d Merge branch '10.0' into 10.1 2017-01-17 20:17:35 +01:00
Sergei Golubchik
6728aae3b3 Merge branch '5.5' into 10.0 2017-01-17 16:22:25 +01:00
Sergei Golubchik
798fcb5416 bugfix: cmp_item_row::alloc_comparators() allocated on the wrong arena 
it used current_thd->alloc() and allocated on the thd's execution arena,
not on table->expr_arena.

Remove THD::arena_for_cached_items that is temporarily set in
update_virtual_fields(), and replaces THD arena in get_datetime_value().
Instead set THD arena to table->expr_arena for the whole  duration
of update_virtual_fields()
 2017-01-15 00:11:50 +01:00
Sergei Golubchik
67e2028161 MDEV-9690 concurrent queries with virtual columns crash in temporal code 
Item_func_le included Arg_comparator. Arg_comparator remembered
the current_thd during fix_fields and used that value during
execution to allocate Item_cache in get_datetime_value().
But for vcols fix_fields and val_int can happen in different threads.

Same bug for Item_func_in using in_datetime or cmp_item_datetime,
both also remembered current_thd at fix_fields() to use it later
for get_datetime_value().

As a fix, these objects no longer remember the current_thd,
and get_datetime_value() uses current_thd at run time. This
should not increase the number of current_thd calls much, as
Item_cache is created only once anyway.
 2017-01-15 00:11:02 +01:00
Alexander Barkov
f0d8a4d29e MDEV-11219 main.null fails in buldbot and outside with ps-protocol 2016-11-03 22:02:24 +04:00
Oleksandr Byelkin
9ff9acb307 MDEV-10716: Assertion `real_type() != FIELD_ITEM' failed in Item_ref::build_equal_items(THD*, COND_EQUAL*, bool, COND_EQUAL**) 
Degenerated condition in AND should be treated in the same
way as in WHERE/HAVING alone (i.e reference should be
processed as well as fields)
 2016-09-28 21:12:48 +02:00
Alexander Barkov
3ccf8218bc Partial backporting of 7b50447aa6 
(MDEV-9407, MDEV-9408) from 10.1

Needed to fix MDEV-10317 easier.
 2016-07-03 11:20:46 +04:00
Alexander Barkov
a87507eec3 MDEV-9712 Performance degradation of nested NULLIF 
10.1 introduced a problem:
Execution time for various recursive stages
(walk, update_used_table, and propagate_equal_fields)
in NULLIF is O(recursion_level^2), because complexity is
doubled on every recursion level when we copy args[0] to args[2].

This change fixes to avoid unnecessary recursion in:
- Item_func_nullif::walk
- Item_func_nullif::update_used_tables
- Item_func_nullif::propagate_equal_fields
when possible.
 2016-05-05 15:39:04 +04:00
Sergei Golubchik
87e3e67f43 Merge branch '10.0' into 10.1 2016-05-04 15:23:26 +02:00
Sergei Golubchik
872649c7ba Merge branch '5.5' into 10.0 2016-04-26 23:05:26 +02:00
Alexander Barkov
3f0d07e55b MDEV-9372 select 100 between 1 and 9223372036854775808 returns false 
Integer comparison of INT expressions with different signess in BETWEEN
is not safe. Switching to DECIMAL comparison in case if INT arguments
have different signess.
 2016-04-22 16:04:20 +04:00
Alexander Barkov
9a987142f9 MDEV-9745 Crash with CASE WHEN TRUE THEN COALESCE(CAST(NULL AS UNSIGNED)) ELSE 4 END 
This is a backport of the patch for MDEV-9653 (fixed earlier in 10.1.13).

The code in Item_func_case::fix_length_and_dec() did not
calculate max_length and decimals properly.

In case of any numeric result (DECIMAL, REAL, INT) a generic method
Item_func_case::agg_num_lengths() was called, which could erroneously result
into a DECIMAL item with max_length==0 and decimals==0, so the constructor of
Field_new_decimals tried to create a field of DECIMAL(0,0) type,
which caused a crash.

Unlike Item_func_case, the code responsible for merging attributes in
Item_func_coalesce::fix_length_and_dec() works fine: it has specific execution
branches for all distinct numeric types and correctly creates a DECIMAL(1,0)
column instead of DECIMAL(0,0) for the same set of arguments.

The fix does the following:
- Moves the attribute merging code from Item_func_coalesce::fix_length_and_dec()
  to a new method Item_func_hybrid_result_type::fix_attributes()
- Removes the wrong code from Item_func_case::fix_length_and_dec()
  and reuses fix_attributes() in both Item_func_coalesce::fix_length_and_dec()
  and Item_func_case::fix_length_and_dec()
- Fixes count_real_length() and count_decimal_length() to get an array
  of Items as an argument, instead of using Item::args directly.
  This is needed for Item_func_case::fix_length_and_dec().
- Moves methods Item_func::count_xxx_length() from "public" to "protected".
- Removes Item_func_case::agg_num_length(), as it's not used any more.
- Additionally removes Item_func_case::agg_str_length(),
  as it also was not used (dead code).
 2016-04-20 08:53:30 +04:00
Alexander Barkov
6fd54c01bb MDEV-9521 Least function returns 0000-00-00 for null date columns instead of null 
Item_func_ifnull::date_op() and Item_func_coalesce::date_op() could
erroneously return 0000-00-00 instead of NULL when get_date()
was called with the TIME_FUZZY_DATES flag, e.g. from LEAST().
 2016-04-18 23:15:15 +04:00
Alexander Barkov
9476854211 MDEV-9369 IN operator with ( num, NULL ) gives inconsistent result 
Based on this commit into MySQL-5.7:
> commit 8e51b845aafc8b4cdebd763c8aebda262ac2d4cd
> Author: Guilhem Bichot <guilhem.bichot@oracle.com>
> Date:   Mon Nov 4 15:44:55 2013 +0100
>
>    Bug#13944462 'NULL IN (XX)' RETURNS WRONG RESULTS
 2016-03-21 11:21:44 +04:00
Alexander Barkov
b25373beb5 MDEV-9653 Assertion `length || !scale' failed in uint my_decimal_length_to_precision(uint, uint, bool) 
MDEV-9752 Wrong data type for COALEASCE(?,1) in prepared statements
 2016-03-18 17:50:18 +04:00
Sergei Golubchik
ff93b77fd6 MDEV-9641 MDEV-9644 NULLIF assertions 
* only copy args[0] to args[2] after fix_fields (when all item
  substitutions have already happened)

* change QT_ITEM_FUNC_NULLIF_TO_CASE (that allows to print NULLIF
  as CASE) to QT_ITEM_ORIGINAL_FUNC_NULLIF (that prohibits it).
  So that NULLIF-to-CASE is allowed by default and only disabled
  explicitly for SHOW VIEW|FUNCTION|PROCEDURE and mysql_make_view.
  By default it is allowed (in particular in error messages and
  debug output, that can happen anytime before or after optimizer).
 2016-03-05 16:25:29 +01:00
Sergei Golubchik
5a3a79ce5f MDEV-9637 select nullif(count(col1),0) gives wrong result if in a view 
don't do special SUM_FUNC_ITEM treatment in NULLIF for views
(as before), but do it for derived tables (when
context_analysis_only == CONTEXT_ANALYSIS_ONLY_DERIVED)
 2016-03-05 16:25:29 +01:00
Sergei Golubchik
a5679af1b1 Merge branch '10.0' into 10.1 2016-02-23 21:35:05 +01:00
Sergei Golubchik
20c4dfd4a9 MDEV-9576 syntax error on view with nullif and count 
don't transform Item_func_nullif if it's context_analysis_only
 2016-02-23 10:54:36 +01:00
Sergei Golubchik
216b5cc9b6 MDEV-9606 Server crashes in fix_fields, main.null fails with ps-protocol #2 2016-02-23 10:54:35 +01:00
Sergei Golubchik
271fed4106 Merge branch '5.5' into 10.0 2016-02-15 22:50:59 +01:00
Sergei Golubchik
f3444df415 Merge branch 'mysql/5.5' into 5.5 
reverted about half of commits as either not applicable or
outright wrong
 2016-02-09 11:27:40 +01:00
Alexander Barkov
a96fbc3c35 MDEV-9503 Server crashes in fix_fields, main.null fails with ps-protocol 
DBUG_ASSERT() added in the patch for MDEV-9181 did not take into account
special circumstances for the prepared statement EXECUTE. Fixig the assert.
Also, extending and fixing comments made during MDEV-9181.
 2016-02-01 12:43:19 +04:00
Alexander Barkov
ce40ccaf24 MDEV-9181 (NULLIF(count(table.col)), 0) gives wrong result on 10.1.x 
Wrapping args[0] and args[2] into an Item_cache for aggregate functions.
 2016-01-28 13:58:39 +04:00
Sergei Golubchik
a2bcee626d Merge branch '10.0' into 10.1 2015-12-21 21:24:22 +01:00
Sergei Golubchik
1623995158 Merge branch '5.5' into 10.0 2015-12-13 00:10:40 +01:00
Sergei Golubchik
abf9d35213 Merge branch 'mysql/5.5' into 5.5 2015-12-09 10:00:49 +01:00
Chaithra Gopalareddy
a7fb5aecfd Bug#19941403: FATAL_SIGNAL(SIG 6) IN BUILD_EQUAL_ITEMS_FOR_COND | IN SQL/SQL_OPTIMIZER.CC:1657 
Problem:
At the end of first execution select_lex->prep_where is pointing to
a runtime created object (temporary table field). As a result
server exits trying to access a invalid pointer during second
execution.

Analysis:
While optimizing the join conditions for the query, after the
permanent transformation, optimizer makes a copy of the new
where conditions in select_lex->prep_where. "prep_where" is what
is used as the "where condition" for the query at the start of execution.
W.r.t the query in question, "where" condition is actually pointing
to a field in the temporary table. As a result, for the  second
execution the pointer is no more valid resulting in server exit.

Fix:
At the end of the first execution, select_lex->where will have the
original item of the where condition.
Make prep_where the new place where the original item of select->where
has to be rolled back.
Fixed in 5.7 with the wl#7082 - Move permanent transformations from
JOIN::optimize to JOIN::prepare

Patch for 5.5 includes the following backports from 5.6:

Bugfix for Bug12603141 - This makes the first execute statement in the testcase
pass in 5.5

However it was noted later in in Bug16163596 that the above bugfix needed to
be modified. Although Bug16163596 is reproducible only with changes done for
Bug12582849, we have decided include the fix.

Considering that Bug12582849 is related to Bug12603141, the fix is
also included here. However this results in Bug16317817, Bug16317685,
Bug16739050. So fix for the above three bugs is also part of this patch.
 2015-11-20 12:30:15 +05:30
Sergei Golubchik
dfb74dea30 Merge branch '10.0' into 10.1 2015-10-12 00:37:58 +02:00
Sergei Golubchik
cfeedbfd3e Merge branch '5.5' into 10.0 2015-10-09 17:12:26 +02:00
Alexander Barkov
8777724901 MDEV-8912 Wrong metadata or type for @c:=string_or_blob_field 2015-10-07 20:19:29 +04:00
Oleksandr Byelkin
504802f333 MDEV-7846: postreview fix 2015-10-06 13:12:58 +02:00
Oleksandr Byelkin
54b998173b MDEV-7846: Server crashes in Item_subselect::fix_fields or fails with Thread stack overrun 
Substitute into transformed subselects original left expression and than register its change in case it was substituted.
 2015-10-06 13:12:58 +02:00
Oleksandr Byelkin
2e3e818048 MDEV-7445: Server crash with Signal 6 
Problem was in rewriting left expression which had 2 references on it. Solved with making subselect reference main.

Item_in_optimized can have not Item_in_subselect reference in left part so type casting with no check is dangerous.

Item::cols() should be checked after Item::fix_fields().
 2015-10-06 13:12:58 +02:00
Monty
d8df2b9464 Bugs, found by valgrind 2015-10-05 17:14:14 +02:00
Alexander Barkov
23d4c95b50 MDEV-8896 Dead code in stored_field_cmp_to_item() 2015-10-05 16:16:13 +04:00
Alexander Barkov
cc9cfecab7 MDEV-8865 Wrong field type or metadata for COALESCE(signed_int_column, unsigned_int_column) 
Item_func_hybrid_field_type did not return correct field_type(), cmp_type()
and result_type() in some cases, because cached_result_type and
cached_field_type were set in independent pieces of the code and
did not properly match to each other.
Fix:
- Removing Item_func_hybrid_result_type
- Deriving Item_func_hybrid_field_type directly from Item_func
- Introducing a new class Type_handler which guarantees that
  field_type(), cmp_type() and result_type() are always properly synchronized
  and using the new class in Item_func_hybrid_field_type.
 2015-09-30 12:37:34 +04:00
Oleksandr Byelkin
5cc149feba The compiler warnings fixed. 2015-09-24 10:28:47 +02:00
Alexander Barkov
22cc8f990b Changing a number of functions to aggregate argument character sets 
and collations from the global name space into private and protected
methods in Item_func_or_sum.
 2015-09-21 19:04:32 +04:00
Alexander Barkov
c8db0df2da Removing "DTCollation Arg_comparator::cmp_collation". 
Using a CHARSET_INFO pointer instead.
 2015-09-21 16:18:20 +04:00
Alexander Barkov
afa1773439 Moving Item_args::arg_count from "public" to "protected". 2015-09-21 12:40:07 +04:00
Alexander Barkov
b75c003372 MDEV-8816 Equal field propagation is not applied for WHERE varbinary_column>=_utf8'a' COLLATE utf8_general_ci AND varbinary_column='A'; 
1. Removing the legacy code that disabled equal field propagation in cases
   when comparison is done as VARBINARY. This is now correctly handled by
   the new propagation code in Item_xxx::propagate_equal_fields() and
   Field_str::can_be_substituted_to_equal_item (the bug fix).
2. Also, removing legacy (pre-MySQL-4.1) Arg_comparator methods
   compare_binary_string() and compare_e_binary_string(), as VARBINARY
   comparison is correcty handled in compare_string() and compare_e_string() by
   the corresponding VARBINARY collation handler implemented in my_charset_bin.
   (not really a part of the bug fix)
 2015-09-18 23:03:35 +04:00