The Item_func_rollup_const class is used for wrapping constants to avoid
wrong result for ROLLUP queries with DISTINCT and a constant in the select
list. This class is also used to wrap up a NULL constant but its null_value
wasn't set accordingly. This led to a server crash.
Now the null_value of an object of the Item_func_rollup_const class is set
by its fix_length_and_dec member function.
caused a few tests to fail because the thd->extra_lock wasn't being set to
NULL after the table was unlocked. This poses a serious problem because later
attempts to access thd->extra_lock (now a dangling pointer) will probably
result in a crash (undefined behavior) -- and that's what actually happens
in some test cases.
The solution is to set the select_create::m_plock pointee to NULL, which
means that thd->extra_lock is set to NULL when the lock data is not for a
temporary table.
The change_to_use_tmp_fields function leaves the orig_table member of an
expression's tmp table field filled for the new Item_field being created.
Later orig_table is used by the Field::make_field function to provide some
info about original table and field name to a user. This is ok for a field
but for an expression it should be empty.
The change_to_use_tmp_fields function now resets orig_table member of
an expression's tmp table field to prevent providing a wrong info to a user.
The Field::make_field function now resets the table_name and the org_col_name
variables when the orig_table is set to 0.
When CREATE TEMPORARY TABLE .. SELECT is invoked from a stored function
which in turn is called from CREATE TABLE SELECT causes a memory leak
because the inner create temporary table overrides the outter extra_lock
reference when locking the table.
The solution is to simply not overrride the extra_lock by only using the
extra_lock for a non-temporary table lock.
insert_id after succ. mysql_change_user() call.
See also WL 4066.
This bug reveals two problems:
- the problem on the client side which was described originally;
- the problem in protocol / the server side: connection context
on client and server should be like after mysql_real_connect()
and be consistent. The server however just resets character
set variables to the global defaults.
The fix seems to be as follows:
- extend the protocol so that the client be able to send
character set information in COM_CHANGE_USER command;
- change the server so that it understands client character set
in the command;
- change the client:
- reset character set to the default value (which has been
read from the configuration);
- send character set in COM_CHANGE_USER command.
The NAME_CONST function is required to work correctly with constants only.
When executed with functions that return types other than those returned by
Item::field_type (string, int, decimal, or real), the result gets cast to
one of those types. This cannot happen for constants.
Fixed by only allowing constants as arguments to NAME_CONST.
When calculating the result length of an integer DIV function
the number of decimals was used without checking the result type
first. Thus an uninitialized number of decimals was used for some
types. This caused an excessive amount of memory to be allocated
for the field's buffer and crashed the server.
Fixed by using the number of decimals only for data types that
can have decimals and thus have valid decimals number.
The optimizer takes different execution paths during EXPLAIN than SELECT,
this fix relates only to EXPLAIN, hence no behavior changes.
The test of sort keys for ORDER BY was prohibited from considering keys
that were mentioned in IGNORE KEYS FOR ORDER BY. This led to two
inconsistencies: One was that IGNORE INDEX FOR GROUP BY and
IGNORE INDEX FOR ORDER BY gave apparently different EXPLAINs; the latter
erroneously claimed to do filesort. The second inconsistency
is that the test of sort keys is called twice, finding a sort key the first
time but not the second time, leading to the mentioned filesort.
Fixed by making the test of sort keys consider all enabled
keys on the table. This test rejects keys that are not covering, and for
covering keys the hint should be ignored anyway.
When expanding a * in a USING/NATURAL join the check for table access
for both tables in the join was done using the grant information of the
first one.
Fixed by getting the grant information for the current table while
iterating through the columns of the join.
