Lines below which were added in the patch for Bug#56814 cause this crash:
+ if (table->table)
+ table->table->maybe_null= FALSE;
Consider following test case:
--
CREATE TABLE t1(f1 INT NOT NULL);
INSERT INTO t1 VALUES (16777214),(0);
SELECT COUNT(*) FROM t1 LEFT JOIN t1 t2
ON 1 WHERE t2.f1 > 1 GROUP BY t2.f1;
DROP TABLE t1;
--
We set TABLE::maybe_null to FALSE for t2 table
and in create_tmp_field() we create appropriate tmp table field
using create_tmp_field_from_item() function instead of
create_tmp_field_from_field. As a result we have
LONGLONG field. As we have GROUP BY clause we calculate
group buffer length, see calc_group_buffer().
Item from group list which is used for calculation
refer to the field from real tables and have LONG type.
So group buffer length become insufficient for storing of
LONGLONG value. It leads to overwriting of wrong memory
area in do_field_int() function which is called from
end_update().
After some investigation I found out that
create_tmp_field_from_item() is used only for OLAP
grouping and can not be used for common grouping
as it could be an incompatibility between tmp
table fields and group buffer length.
We can not remove create_tmp_field_from_item() call from
create_tmp_field as OLAP needs it and we can not use this
function for common grouping. So we should remove setting
TABLE::maybe_null to FALSE from simplify_joins().
In this case we'll get wrong behaviour of
list_contains_unique_index() back. To fix it we
could use Field::real_maybe_null() check instead of
Field::maybe_null() and add addition check of
TABLE_LIST::outer_join.
The problem is caused by bug49487 fix and became visible
after after bug56679 fix.
Items are cleaned up and set to unfixed state after filling derived table.
So we can not rely on item::fixed state in Item_func_group_concat::print
and we can not use 'args' array as items there may be cleaned up.
The fix is always to use orig_args array of items as it
always should contain the correct data.
/export/home/pb2/build/sb_0-2459340-1288264809.63/mysql-5.5.8-ga/storage/innobase/os/os0sync.c: In function 'os_cond_wait_timed':
/export/home/pb2/build/sb_0-2459340-1288264809.63/mysql-5.5.8-ga/storage/innobase/os/os0sync.c:184: warning: format '%lu' expects type 'long unsigned int', but argument 4 has type 'time_t'
gmake[2]: *** [storage/innobase/CMakeFiles/innobase.dir/os/os0sync.c.o] Error 1
On Windows, the parameter for number of bytes passed into WriteFile()
and ReadFile() is DWORD. Casting is needed to silence the warning on
64-bit Windows.
Also, adding several asserts to ensure the variable for number of bytes
is no more than 32 bits, even on 64-bit Windows.
rb://415
Approved by: Inaam
On Windows, the parameter for number of bytes passed into WriteFile()
and ReadFile() is DWORD. Casting is needed to silence the warning on
64-bit Windows.
Also, adding several asserts to ensure the variable for number of bytes
is no more than 32 bits, even on 64-bit Windows.
This is for InnoDB Plugin.
rb://415
Approved by: Inaam
On Windows, the parameter for number of bytes passed into WriteFile()
and ReadFile() is DWORD. Casting is needed to silence the warning on
64-bit Windows.
Also, adding several asserts to ensure the variable for number of bytes
is no more than 32 bits, even on 64-bit Windows.
This is for built-in InnoDB.
rb://415
Approved by: Inaam
The problem is dividing by const value when
the result is out of supported range.
The fix:
-return LONGLONG_MIN if the result is out of supported range for DIV operator.
-return 0 if divisor is -1 for MOD operator.
buf_page_t: Remove the buf_pool pointer. Add buf_pool_index:6 next to
buf_fix_count:19 (it was buf_fix_count:25). This will limit the number
of concurrent transactions to somewhere around 524,288.
buf_pool_index(buf_pool): A new function to determine the index of a
buffer pool in buf_pool_ptr[].
buf_pool_ptr: Make this a dynamically allocated array instead of an
array of pointers. Allocate the array in buf_pool_init() and free in
buf_pool_free().
buf_pool_free_instance(): No longer free the buf_pool object, as it is
allocated from a big array.
buf_pool_from_bpage(), buf_pool_from_block(): Move the definitions to
the beginning of the files, because some compilers have (had) problems
with forward definitions of inline functions. Calculate the buffer
pool from buf_pool_index.
buf_pool_from_array(): Add debug assertions for input validation.
CMakeLists.txt: Remove the checks for mysql_storage_engine.cmake
and MYSQL_VERSION_ID.
ha_innodb.cc, ha_innodb.h: Remove the checks for MYSQL_VERSION_ID.
rb://498
Fix handling of update_undo_logs at trx commit. Previously, when
rseg->update_undo_list grows beyond 500 the update_undo_logs were
marked with state TRX_UNDO_TO_FREE which should have been
TRX_UNDO_TO_PURGE.
In 5.5 we don't need the heuristic as we support multiple rollback
segments.
Approved by: Sunny Bains
rb://498
Fix handling of update_undo_logs at trx commit. Previously, when
rseg->update_undo_list grows beyond 500 the update_undo_logs were
marked with state TRX_UNDO_TO_FREE which should have been
TRX_UNDO_TO_PURGE.
Approved by: Sunny Bains
Consider ERROR_TIMEOUT to be a timeout just like WAIT_TIMEOUT.
In addition, test for EINTR as a possible return value from pthread_cond_timeout() in the posix section of os_cond_wait_timeout(), even though it is not supposed to be returned, but just to be safe.
The problem was that the warnings risen by a trigger were not cleared upon
successful completion. The warnings should be cleared if the trigger completes
successfully.
The fix is to skip merging warnings into caller's Warning Info for triggers.
COM_CHANGE_USER was always handled like an implicit request to change the
client plugin, so that the client can re-use the same code path for both normal
login and COM_CHANGE_USER. However this doesn't really work well with old
clients because they don't understand the request to change a client plugin.
Fixed by implementing a special state in the code (and old client issuing
COM_CHANGE_USER). In this state the server parses the COM_CHANGE_USER
package and pushes back the password hash, the user name and the database
to the input stream in the same order that the native password server side plugin
expects. As a result it replies with an OK/FAIL just like the old server does thus
making the new server compatible with older clients.
No test case added, since it would requre an old client binary. Tested using
accounts with and without passwords. Tested with a correct and incorrect
password.
