Commit graph

1196 commits

Author SHA1 Message Date
Sergei Golubchik
82e9f6d948 Merge remote-tracking branch 'mysql/5.5' into 5.5 2015-10-08 22:54:24 +02:00
Oleksandr Byelkin
54b998173b MDEV-7846: Server crashes in Item_subselect::fix_fields or fails with Thread stack overrun
Substitute into transformed subselects original left expression and than register its change in case it was substituted.
2015-10-06 13:12:58 +02:00
Oleksandr Byelkin
0ab93fd6f3 MDEV-7445:Server crash with Signal 6
MDEV-7565: Server crash with Signal 6 (part 2)

followup test suite and its fix.
2015-10-06 13:12:58 +02:00
Oleksandr Byelkin
2e3e818048 MDEV-7445: Server crash with Signal 6
Problem was in rewriting left expression which had 2 references on it. Solved with making subselect reference main.

Item_in_optimized can have not Item_in_subselect reference in left part so type casting with no check is dangerous.

Item::cols() should be checked after Item::fix_fields().
2015-10-06 13:12:58 +02:00
Oleksandr Byelkin
7ccde2cbd5 MDEV-7565: Server crash with Signal 6 (part 2)
Preparation of subselect moved earlier (before checks which needs it prepared).
2015-10-06 13:12:58 +02:00
Mithun C Y
8fe0708808 Merge branch 'mysql-5.1' into mysql-5.5 2015-08-17 15:26:01 +05:30
Mithun C Y
557a57f3a2 Bug #21350175: SUBQUERIES IN PROCEDURE CLAUSE OF SELECT STATEMENT CAUSES SERVER FAILURES.
Analysis :
==========
During JOIN::prepare of sub-query which creates the
derived tables we call setup_procedure. Here we call
fix_fields for parameters of procedure clause. Calling
setup_procedure at this point may cause issue. If
sub-query is one of parameter being fixed it might
lead to complicated dependencies on derived tables
being prepared.

SOLUTION :
==========
In 5.6 with WL#6242, we have made procedure clause
parameters can only be NUM, so sub-queries are not
allowed as parameters. So in 5.5 we can block
sub-queries in procedure clause parameters.
This eliminates above conflicting dependencies.
2015-08-17 15:23:47 +05:30
unknown
05722f06b2 MDEV-5991: crash in Item_field::used_tables
Units of subqueroes from excluded expressions should be excluded from select_lex/select_unit tree.
2014-04-15 13:20:26 +03:00
Sergei Golubchik
a48a91d90f 5.3->5.5 merge 2012-11-22 10:19:31 +01:00
unknown
a1108a0b6c Merge 5.2 -> 5.3 2012-11-01 21:36:31 +02:00
Sergei Golubchik
68baf07dcd 5.3 merge 2012-10-18 23:33:06 +02:00
unknown
e47cdfdfb6 MDEV-435: Expensive subqueries may be evaluated during optimization in merge_key_fields
Fix by Sergey Petrunia.

This patch only prevents the evaluation of expensive subqueries during optimization.
The crash reported in this bug has been fixed by some other patch.
The fix is to call value->is_null() only when  !value->is_expensive(), because is_null()
may trigger evaluation of the Item, which in turn triggers subquery evaluation if the
Item is a subquery.
2012-10-12 16:44:54 +03:00
unknown
72ab07c1cb MDEV-746: Merged mysql fix of the bug LP:1002546 & MySQL Bug#13651009.
Empty result after reading const tables now works for subqueries.
2012-10-14 19:29:31 +03:00
unknown
792efd59bc MDEV-521 fix.
After pullout item during single row subselect transformation it should be fixed properly.
2012-09-20 12:48:59 +03:00
Sergey Petrunya
97bd8d8909 MDEV-405: Server crashes in test_if_skip_sort_order on EXPLAIN with GROUP BY and HAVING in EXISTS subquery
- Testcase
2012-08-28 15:40:38 +04:00
Sergey Petrunya
78497dbf5a Merge 2012-08-28 15:20:37 +04:00
Sergey Petrunya
2d99ea454f MDEV-430: Server crashes in select_describe on EXPLAIN with materialization+semijoin, etc
- Don't do early cleanup of uncorrelated subqueries if we're running an EXPLAIN.
2012-08-28 15:15:05 +04:00
Sergei Golubchik
9a64d0794c 5.3 merge 2012-08-27 18:13:17 +02:00
unknown
4d2b05b7d7 fix for MDEV-367
The problem was that was_null and null_value variables was reset in each reexecution of IN subquery, but engine rerun only for non-constant subqueries.

Fixed checking constant in Item_equal sort.
Fix constant reporting in Item_subselect.
2012-08-25 09:15:57 +03:00
Sergey Petrunya
55597a4869 MDEV-410: EXPLAIN shows type=range, while SHOW EXPLAIN and userstat show full table scan is used
- Make Item_subselect::fix_fields() ignore UNCACHEABLE_EXPLAIN flag when deciding whether 
  the subquery item should be marked as constant.
2012-07-25 20:41:48 +04:00
unknown
0b93b444b6 Merged the fix for bug lp:944706, mdev-193 2012-06-19 15:06:45 +03:00
Sergey Petrunya
28f2c5641d 5.3->5.5 merge 2012-06-18 16:50:16 +04:00
unknown
db6dbadb5a Fix bug lp:1008686
Analysis:
The fix for bug lp:985667 implements the method Item_subselect::no_rows_in_result()
for all main kinds of subqueries. The purpose of this method is to be called from
return_zero_rows() and set Items to some default value in the case when a query
returns no rows. Aggregates and subqueries require special treatment in this case.

Every implementation of Item_subselect::no_rows_in_result() called
Item_subselect::make_const() to set the subquery predicate to its default value
irrespective of where the predicate was located in the query. Once the predicate
was set to a constant it was never executed.

At the same time, the JOIN object of the fake select for UNIONs (the one used for
the final result of the UNION), was set after all subqueries in the union were
executed. Since we set the subquery as constant, it was never executed, and the
corresponding JOIN was never created.

In order to decide whether the result of NOT IN is NULL or FALSE, Item_in_optimizer
needs to check if the subquery result was empty or not. This is where we got the
crash, because subselect_union_engine::no_rows() checks for
unit->fake_select_lex->join->send_records, and the join object was NULL.

Solution:
If a subquery is in the HAVING clause it must be evaluated in order to know its
result, so that we can properly filter the result records. Once subqueries in the
HAVING clause are executed even in the case of no result rows, this specific
crash will be solved, because the UNION will be executed, and its JOIN will be
constructed. Therefore the fix for this crash is to narrow the fix for lp:985667,
and to apply Item_subselect::no_rows_in_result() only when the subquery predicate
is in the SELECT clause.
2012-06-15 11:33:24 +03:00
unknown
c2677de7ac Merge the fix for lp:944706, mdev-193 2012-06-06 22:26:40 +03:00
Sergei Golubchik
3e3606d21d merge with 5.3.
Take only test cases from MDEV-136 Non-blocking "set read_only"
2012-06-04 17:26:11 +02:00
unknown
7ddd5418d0 Fixed bug MDEV-288
CHEAP SQ: Valgrind warnings "Memory lost" with IN and EXISTS nested subquery, materialization+semijoin

Analysis:
The memory leak was a result of the interaction of semi-join optimization
with early optimization of constant subqueries. The function:
setup_jtbm_semi_joins() created a dummy temporary table "dummy_table"
in order to make some JOIN_TAB objects complete. Normally, such temporary
tables are freed inside JOIN_TAB::cleanup.

However, the inner-most subquery is pre-optimized, which allows the
optimization fo the MAX subquery to determine that its WHERE is TRUE,
and thus to compute the result of the MAX during optimization. This
ultimately allows the optimize phase of the outer query to find that
it WHERE clause is FALSE. Once JOIN::optimize finds that the result
set is empty, it sets zero_result_cause, and returns *before* it ever
reached make_join_statistics(). As a result the query plan has no
JOIN_TABs at all. Since the temporary table is supposed to be cleanup
via JOIN_TAB::cleanup, this never happens because there is no JOIN_TAB
for this table. Hence we get a memory leak.

Solution:
Whenever there are no JOIN_TABs, iterate over all table reference in
JOIN::join_list, and free the ones that contain semi-join temporary
tables.
2012-06-01 14:10:15 +03:00
unknown
941018f8d1 Patch for mdev-287: CHEAP SQ: A query with subquery in SELECT list, EXISTS, inner joins takes hundreds times longer
Analysis:

The fix for lp:944706 introduces early subquery optimization.
While a subquery is being optimized some of its predicates may be
removed. In the test case, the EXISTS subquery is constant, and is
evaluated to TRUE. As a result the whole OR is TRUE, and thus the
correlated condition "b = alias1.b" is optimized away. The subquery
becomes non-correlated.

The subquery cache is designed to work only for correlated subqueries.
If constant subquery optimization is disallowed, then the constant
subquery is not evaluated, the subquery remains correlated, and its
execution is cached. As a result execution is fast.

However, when the constant subquery was optimized away, it was neither
cached by the subquery cache, nor it was cached by the internal subquery
caching. The latter was due to the fact that the subquery still appeared
as correlated to the subselect_XYZ_engine::exec methods, and they
re-executed the subquery on each call to Item_subselect::exec.

Solution:

The solution is to update the correlated status of the subquery after it has
been optimized. This status consists of:
- st_select_lex::is_correlated
- Item_subselect::is_correlated
- SELECT_LEX::uncacheable
- SELECT_LEX_UNIT::uncacheable
The status is updated by st_select_lex::update_correlated_cache(), and its
caller st_select_lex::optimize_unflattened_subqueries. The solution relies
on the fact that the optimizer already called
st_select_lex::update_used_tables() for each subquery. This allows to
efficiently update the correlated status of each subquery without walking
the whole subquery tree.

Notice that his patch is an improvement over MySQL 5.6 and older, where
subqueries are not pre-optimized, and the above analysis is not possible.
2012-05-30 00:18:53 +03:00
unknown
02bdc608b5 Fix bug lp:1002079
Analysis:
  The optimizer detects an empty result through constant table optimization.
  Then it calls return_zero_rows(), which in turns calls inderctly
  Item_maxmin_subselect::no_rows_in_result(). The latter method set "value=0",
  however "value" is pointer to Item_cache, and not just an integer value.
  
  All of the Item_[maxmin | singlerow]_subselect::val_XXX methods does:
    if (forced_const)
      return value->val_real();
  which of course crashes when value is a NULL pointer.
  
  Solution:
  When the optimizer discovers an empty result set, set
  Item_singlerow_subselect::value to a FALSE constant Item instead of NULL.
2012-05-22 15:22:55 +03:00
Sergei Golubchik
7f6f53a8df 5.2 merge 2012-05-20 14:57:29 +02:00
Sergei Golubchik
280fcf0808 5.1 merge 2012-05-18 14:23:05 +02:00
unknown
e5bca74bfb Fixed bug mdev-277 as part of the fix for lp:944706
The cause for this bug is that the method JOIN::get_examined_rows iterates over all
JOIN_TABs of the join assuming they are just a sequence. In the query above, the
innermost subquery is merged into its parent query. When we call
JOIN::get_examined_rows for the second-level subquery, the iteration that
assumes sequential order of join tabs goes outside the join_tab array and calls
the method JOIN_TAB::get_examined_rows on uninitialized memory. 

The fix is to iterate over JOIN_TABs in a way that takes into account the nested
semi-join structure of JOIN_TABs. In particular iterate as select_describe.
2012-05-18 14:52:01 +03:00
unknown
da5214831d Fix for bug lp:944706, task MDEV-193
The patch enables back constant subquery execution during
query optimization after it was disabled during the development
of MWL#89 (cost-based choice of IN-TO-EXISTS vs MATERIALIZATION).

The main idea is that constant subqueries are allowed to be executed
during optimization if their execution is not expensive.

The approach is as follows:
- Constant subqueries are recursively optimized in the beginning of
  JOIN::optimize of the outer query. This is done by the new method
  JOIN::optimize_constant_subqueries(). This is done so that the cost
  of executing these queries can be estimated.
- Optimization of the outer query proceeds normally. During this phase
  the optimizer may request execution of non-expensive constant subqueries.
  Each place where the optimizer may potentially execute an expensive
  expression is guarded with the predicate Item::is_expensive().
- The implementation of Item_subselect::is_expensive has been extended
  to use the number of examined rows (estimated by the optimizer) as a
  way to determine whether the subquery is expensive or not.
- The new system variable "expensive_subquery_limit" controls how many
  examined rows are considered to be not expensive. The default is 100.

In addition, multiple changes were needed to make this solution work
in the light of the changes made by MWL#89. These changes were needed
to fix various crashes and wrong results, and legacy bugs discovered
during development.
2012-05-17 13:46:05 +03:00
Sergei Golubchik
0a8c9b98f6 merge with mysql-5.1.63 2012-05-17 12:12:33 +02:00
Sergei Golubchik
431e042b5d c 2012-05-21 15:30:25 +02:00
Sergei Golubchik
44cf9ee5f7 5.3 merge 2012-05-04 07:16:38 +02:00
unknown
c04786d3e3 Fix bug lp:985667, MDEV-229
Analysis:

The reason for the wrong result is the interaction between constant
optimization (in this case 1-row table) and subquery optimization.

- First the outer query is optimized, and 'make_join_statistics' finds that
table t2 has one row, reads that row, and marks the whole table as constant.
This also means that all fields of t2 are constant.

- Next, we optimize the subquery in the end of the outer 'make_join_statistics'.
The field 'f2' is considered constant, with value '3'. The subquery predicate
is rewritten as the constant TRUE.

- The outer query execution detects early that the whole query result is empty
and calls 'return_zero_rows'. Since the query is with implicit grouping, we
have to produce one row with special values for the aggregates (depending on
each aggregate function), and NULL values for all non-aggregate fields.  This
function calls 'no_rows_in_result' to set each aggregate function to the
default value when it aggregates over an empty result, and then calls
'send_data', which in turn evaluates each Item in the SELECT list.

- When evaluation reaches the subquery predicate, it executes the subquery
with field 'f2' having a constant value '3', and the subquery produces the
incorrect result '7'.

Solution:

Implement Item::no_rows_in_result for all subquery predicates. In order to
make this work, it is also needed to make all val_* methods of all subquery
predicates respect the Item_subselect::forced_const flag. Otherwise subqueries
are executed anyways, and override the default value set by no_rows_in_result
with whatever result is produced from the subquery evaluation.
2012-04-27 12:59:17 +03:00
Georgi Kodinov
7fa28bcf56 merge mysql-5.5->mysql-5.5-security 2012-04-10 14:23:17 +03:00
Georgi Kodinov
e6704d116d merge mysql-5.5->mysql-5.5-security 2012-04-10 14:23:17 +03:00
Sergei Golubchik
16c5c53fc2 mysql 5.5.23 merge 2012-04-10 08:28:13 +02:00
Tor Didriksen
daf4107355 merge 5.1 => 5.5 2012-03-27 14:55:29 +02:00
Tor Didriksen
1f9561d2f2 merge 5.1 => 5.5 2012-03-27 14:55:29 +02:00
Tor Didriksen
efc29bc531 Backport of fix for Bug#12763207 - ASSERT IN SUBSELECT::SINGLE_VALUE_TRANSFORMER 2012-03-27 14:39:27 +02:00
Tor Didriksen
10120d363d Backport of fix for Bug#12763207 - ASSERT IN SUBSELECT::SINGLE_VALUE_TRANSFORMER 2012-03-27 14:39:27 +02:00
Tor Didriksen
13053fbe54 Bug#13721076 CRASH WITH TIME TYPE/TIMESTAMP() AND WARNINGS IN SUBQUERY
The table contains one time value: '00:00:32'
This value is converted to timestamp by a subquery.

In convert_constant_item we call (*item)->is_null()
which triggers execution of the Item_singlerow_subselect subquery,
and the string "0000-00-00 00:00:32" is cached
by Item_cache_datetime.
We continue execution and call update_null_value, which calls val_int()
on the cached item, which converts the time value to ((longlong) 32)
Then we continue to do (*item)->save_in_field()
which ends up in Item_cache_datetime::val_str() which fails,
since (32 < 101) in number_to_datetime, and val_str() returns NULL.

Item_singlerow_subselect::val_str isnt prepared for this:
if exec() succeeds, and return !null_value, then val_str()
*must* succeed.

Solution: refuse to cache strings like "0000-00-00 00:00:32"
in Item_cache_datetime::cache_value, and return NULL instead.

This is similar to the solution for 
Bug#11766860 - 60085: CRASH IN ITEM::SAVE_IN_FIELD() WITH TIME DATA TYPE

This patch is for 5.5 only.
The issue is not present after WL#946, since a time value
will be converted to a proper timestamp, with the current date
rather than "0000-00-00"


mysql-test/r/subselect.result:
  New test case.
mysql-test/t/subselect.test:
  New test case.
sql/item.cc:
  Verify proper date format before caching timestamps.
sql/item_timefunc.cc:
  Use named constant for readability.
2012-03-14 13:25:14 +01:00
Tor Didriksen
c8f4e2793d Bug#13721076 CRASH WITH TIME TYPE/TIMESTAMP() AND WARNINGS IN SUBQUERY
The table contains one time value: '00:00:32'
This value is converted to timestamp by a subquery.

In convert_constant_item we call (*item)->is_null()
which triggers execution of the Item_singlerow_subselect subquery,
and the string "0000-00-00 00:00:32" is cached
by Item_cache_datetime.
We continue execution and call update_null_value, which calls val_int()
on the cached item, which converts the time value to ((longlong) 32)
Then we continue to do (*item)->save_in_field()
which ends up in Item_cache_datetime::val_str() which fails,
since (32 < 101) in number_to_datetime, and val_str() returns NULL.

Item_singlerow_subselect::val_str isnt prepared for this:
if exec() succeeds, and return !null_value, then val_str()
*must* succeed.

Solution: refuse to cache strings like "0000-00-00 00:00:32"
in Item_cache_datetime::cache_value, and return NULL instead.

This is similar to the solution for 
Bug#11766860 - 60085: CRASH IN ITEM::SAVE_IN_FIELD() WITH TIME DATA TYPE

This patch is for 5.5 only.
The issue is not present after WL#946, since a time value
will be converted to a proper timestamp, with the current date
rather than "0000-00-00"
2012-03-14 13:25:14 +01:00
Sergei Golubchik
18c51eee35 5.3 merge 2012-03-06 20:46:07 +01:00
unknown
8a5940c477 Fix for LP BUG#944504
Problem is that subquery execution can't be called during prepare/optimize phase.

Also small fix for subquery test suite.
2012-03-05 15:48:12 +02:00
unknown
f6cdddf51f Test case for bug lp:905353
The bug itself is fixed by the patch for bug lp:908269.
2012-02-09 23:35:26 +02:00
Sergei Golubchik
25609313ff 5.3.4 merge 2012-02-15 18:08:08 +01:00
Igor Babaev
7b79d8a33f Merge 5.2->5.3 in preparation for the release of mariadb-5.3.4-rc. 2012-02-01 15:48:02 -08:00