Commit graph

25468 commits

Author SHA1 Message Date
Konstantin Osipov
e601194cf7 A fix for Bug#44495 "Prepared Statement: CALL p(<x>) - `thd->protocol == &thd->protocol_text'
failed"

Do not assume that SQL prepared statements always run in text protocol.
When invoked from a stored procedure, which is itself invoked
by means of prepared CALL statement, the protocol may be binary.
Juggle with the protocol only when we want to change it
to binary in COM_STMT_EXECUTE, COM_STMT_PREPARE.

This is a backport from 5.4/6.0, where the bug was fixed
as part of WL#4264 "Backup: Stabilize Service Interface"
2009-07-15 21:00:34 +04:00
Georgi Kodinov
1b7754a533 automerge 2009-07-15 17:00:26 +03:00
Georgi Kodinov
8acf778eae Bug #45287: phase 1 : 32 bit compilation warnings
Fixed the following problems:
1. cmake 2.6 warning because of a changed default on
how the dependencies to libraries with a specified 
path are resolved.
Fixed by requiring cmake 2.6.
2. Removed an obsolete pre-NT4 hack including defining
Windows system defines to alter the behavior of windows.h.
3. Disabled warning C4065 on compiling sql_yacc.cc because
of a know incompatibility in some of the newer bison binaries.
2009-07-15 16:46:25 +03:00
Anurag Shekhar
064c990b12 merging with 5.0 bugteam tree 2009-07-15 15:43:45 +05:30
Anurag Shekhar
7c670fc3e1 Bug#37740 Server crashes on execute statement with full text search and
match against.


Server crashes when executing prepared statement with duplicating
MATCH() function calls in SELECT and ORDER BY expressions, e.g.:
SELECT MATCH(a) AGAINST('test') FROM t1 ORDER BY MATCH(a) AGAINST('test')

This query gets optimized by the server, so the value returned
by MATCH() from the SELECT list is reused for ORDER BY purposes.
To make this optimization server is comparing items from
SELECT and ORDER BY lists. We were getting server crash because
comparision function for MATCH() item is not intended to be called
at this point of execution.

In 5.0 and 5.1 this problem is workarounded by resetting MATCH()
item to the state as it was during PREPARE.

In 6.0 correct comparision function will be implemented and
duplicating MATCH() items from the ORDER BY list will be
optimized.
2009-07-15 15:00:58 +05:30
Ramil Kalimullin
7a305e31e8 Auto-merge 2009-07-15 08:49:58 +05:00
Ramil Kalimullin
54bdf78e25 Fix for bug#45998: database crashes when running
"create as select" (innodb table)

Problem: code constructing "CREATE TABLE..." statement
doesn't take into account that current database is not set
in some cases. That may lead to a server crash.

Fix: check if current database is set.
2009-07-14 20:07:29 +05:00
Georgi Kodinov
aa737dfc22 automerge 2009-07-14 11:47:22 +03:00
Georgi Kodinov
8f64c16c25 Merge of the fix for bug #40113 to 5.1. 2009-07-13 20:36:54 +03:00
Georgi Kodinov
80dd3a593a Bug #40113: Embedded SELECT inside UPDATE or DELETE can timeout
without error

When using quick access methods for searching rows in UPDATE or 
DELETE there was no check if a fatal error was not already sent 
to the client while evaluating the quick condition.
As a result a false OK (following the error) was sent to the 
client and the error was thus transformed into a warning.

Fixed by checking for errors sent to the client during 
SQL_SELECT::check_quick() and treating them as real errors.

Fixed a wrong test case in group_min_max.test
Fixed a wrong return code in mysql_update() and mysql_delete()
2009-07-13 18:11:16 +03:00
Gleb Shchepa
8724706aa8 Bug #41156: List of derived tables acts like a chain of
mutually-nested subqueries

Queries of the form

  SELECT * FROM (SELECT 1) AS t1,
                (SELECT 2) AS t2,...
                (SELECT 32) AS t32

caused the "Too high level of nesting for select" error
as if the query has a form

  SELECT * FROM (SELECT 1 FROM (SELECT 2 FROM (SELECT 3 FROM...


The table_factor parser rule has been modified to adjust
the LEX::nest_level variable value after every derived table.
2009-07-11 23:44:29 +05:00
Georgi Kodinov
598c8e9346 automerge 2009-07-10 17:04:58 +03:00
Georgi Kodinov
5a6809590c Bug #46080: group_concat(... order by) crashes server when
sort_buffer_size cannot allocate

The NULL return from tree_insert() (on low memory) was not
checked for in Item_func_group_concat::add(). As a result
on low memory conditions a crash happens.

Fixed by properly checking the return code.
2009-07-10 15:00:34 +03:00
Georgi Kodinov
bf6e255d8c Bug #45287: phase 2 : 5.0 64 bit compilation warnings
Fixed various compilation warnings when compiling on a 
 64 bit windows.
2009-07-16 15:37:38 +03:00
Georgi Kodinov
d9e82ba86c Bug #36259 (Optimizing with ORDER BY) and bug#45828 (Optimizer won't
use partial primary key if another index can prevent filesort

The fix for bug #28404 causes the covering ordering indexes to be 
preferred unconditionally over non-covering and ref indexes.

Fixed by comparing the cost of using a covering index to the cost of
using a ref index even for covering ordering indexes.
Added an assertion to clarify the condition the local variables should
be in.
2009-07-07 15:52:34 +03:00
Andrei Elkin
ed5138aa6e Bug #44115 purge_relay_logs doesn't return an error when count_relay_log_space fails
purge_relay_logs() did not propagate an error happend in count_relay_log_space().

Fixed with the suggestesd setting the error= true.
Note, propagation generally out of purge_relay_logs() was fixed for Bug #44179,
and the issue does not exist in 6.0 thanks to a patch for WL#2775.
2009-07-09 10:28:38 +03:00
Satya B
0ec804e5eb merge to mysql-5.1-bugteam branch 2009-07-09 12:14:47 +05:30
Satya B
77f7311673 Bug#35111 - Truncate a MyISAM partitioned table does not reset
the auto_increment value
      
This is an alternative patch that instead of allowing RECREATE TABLE
on TRUNCATE TABLE it implements reset_auto_increment that is called
after delete_all_rows.

Note: this bug was fixed by Mattias Jonsson:
Pusing this patch: http://lists.mysql.com/commits/70370
2009-07-08 17:41:34 +05:30
Georgi Kodinov
7c28ec97a9 Addendum to the fix for bug 45807 : initialize a member needed in
Item_field::fix_fields()
2009-07-08 13:12:27 +03:00
Alfranio Correia
743fc577b5 auto-merge mysql-5.1-bugteam (local) --> mysql-5.1-bugteam 2009-07-06 09:19:36 +01:00
Alfranio Correia
508fe9dd15 BUG#44581 Slave stops when transaction with non-transactional table gets lock wait
timeout
            
In STMT and MIXED modes, a statement that changes both non-transactional and
transactional tables must be written to the binary log whenever there are
changes to non-transactional tables. This means that the statement gets into the
binary log even when the changes to the transactional tables fail. In particular
, in the presence of a failure such statement is annotated with the error number
and wrapped in a begin/rollback. On the slave, while applying the statement, it
is expected the same failure and the rollback prevents the transactional changes
to be persisted.
            
Unfortunately, statements that fail due to concurrency issues (e.g. deadlocks,
timeouts) are logged in the same way causing the slave to stop as the statements
are applied sequentially by the SQL Thread. To fix this bug, we automatically
ignore concurrency failures on the slave. Specifically, the following failures
are ignored: ER_LOCK_WAIT_TIMEOUT, ER_LOCK_DEADLOCK and ER_XA_RBDEADLOCK.
2009-07-06 09:02:14 +01:00
Ramil Kalimullin
381da0c9d8 Fix for bug#42364 reverted. 2009-07-06 11:55:53 +05:00
Alexey Kopytov
0c5207f52f Automerge. 2009-07-03 14:43:54 +04:00
Alexey Kopytov
c936b6444a Manual merge. 2009-07-03 14:36:04 +04:00
Sergey Glukhov
c2ed9d36eb 5.0-bugteam->5.1-bugteam merge 2009-07-03 13:39:22 +05:00
Sergey Glukhov
1a539f170d Bug#45806 crash when replacing into a view with a join!
The crash happend because for views which are joins
we have table_list->table == 0 and 
table_list->table->'any method' call leads to crash.
The fix is to perform table_list->table->file->extra()
method for all tables belonging to view.
2009-07-03 13:35:00 +05:00
Sergey Glukhov
5072f4da36 Bug#42364 SHOW ERRORS returns empty resultset after dropping non existent table
enabled message storing into error message list
for 'drop table' command
2009-07-03 13:22:06 +05:00
Alexey Kopytov
4692566f9e Bug #45262: Bad effects with CREATE TABLE and DECIMAL
Using DECIMAL constants with more than 65 digits in CREATE 
TABLE ... SELECT led to bogus errors in release builds or 
assertion failures in debug builds. 
 
The problem was in inconsistency in how DECIMAL constants and 
fields are handled internally. We allow arbitrarily long 
DECIMAL constants, whereas DECIMAL(M,D) columns are limited to 
M<=65 and D<=30. my_decimal_precision_to_length() was used in 
both Item and Field code and truncated precision to 
DECIMAL_MAX_PRECISION when calculating value length without 
adjusting precision and decimals. As a result, a DECIMAL 
constant with more than 65 digits ended up having length less 
than precision or decimals which led to assertion failures. 
 
Fixed by modifying my_decimal_precision_to_length() so that 
precision is truncated to DECIMAL_MAX_PRECISION only for Field 
object which is indicated by the new 'truncate' parameter. 
 
Another inconsistency fixed by this patch is how DECIMAL 
constants and expressions are handled for CREATE ... SELECT. 
create_tmp_field_from_item() (which is used for constants) was 
changed as a part of the bugfix for bug #24907 to handle long 
DECIMAL constants gracefully. Item_func::tmp_table_field() 
(which is used for expressions) on the other hand was still 
using a simplistic approach when creating a Field_new_decimal 
from a DECIMAL expression.
2009-07-03 11:41:19 +04:00
Georgi Kodinov
5572f8e7de Bug #45807: crash accessing partitioned table and sql_mode
contains ONLY_FULL_GROUP_BY

The partitioning code needs to issue a Item::fix_fields()
on the partitioning expression in order to prepare 
it for being evaluated.
It does this by creating a special table and a table list 
for the scope of the partitioning expression.
But when checking ONLY_FULL_GROUP_BY the 
Item_field::fix_fields() was relying that there always be
cached_table set and was trying to use it to get the 
select_lex of the SELECT the field's table is in.
But the cached_table was not set by the partitioning code
that creates the artificial TABLE_LIST used to resolve the
partitioning expression and this resulted in a crash.
 
Fixed by rectifying the following errors :
1. Item_field::fix_fields() : the code that check for 
ONLY_FULL_GROUP_BY relies on having tables with 
cacheable_table set. This is mostly true, the only 
two exceptions being the partitioning context table
and the trigger context table.
Fixed by taking the current parsing context if no pointer
to the TABLE_LIST instance is present in the cached_table.

2. fix_fields_part_func() : 

2a. The code that adds the table being created to the 
scope for the partitioning expression is mostly a copy 
of the add_table_to_list and friends with one exception :
it was not marking the table as cacheable (something that
normal add_table_to_list is doing). This caused the 
problem in the check for ONLY_FULL_GROUP_BY in 
Item_field::fix_fields() to appear.
Fixed by setting the correct members to make the table
cacheable.
The ideal structural fix for this is to use a unified 
interface for adding a table to a table list 
(add_table_to_list?) : noted in a TODO comment

2b. The Item::fix_fields() was called with a NULL destination
pointer. This causes uninitalized memory reads in the 
overloaded ::fix_fields() function (namely 
Item_field::fix_fields()) as it expects a non-zero pointer 
there. Fixed by passing the source pointer similarly to how 
it's done in JOIN::prepare().
2009-07-02 17:42:00 +03:00
Staale Smedseng
87695199d8 Merge from 5.0 2009-07-01 14:32:04 +02:00
Staale Smedseng
490f443221 Bug #45790 Potential DoS vector: Writing of user input to log
without proper formatting
      
The problem is that a suitably crafted database identifier
supplied to COM_CREATE_DB or COM_DROP_DB can cause a SIGSEGV,
and thereby a denial of service. The database name is printed
to the log without using a format string, so potential
attackers can control the behavior of my_b_vprintf() by
supplying their own format string. A CREATE or DROP privilege
would be required.
      
This patch supplies a format string to the printing of the
database name. A test case is added to mysql_client_test.
2009-07-01 14:09:44 +02:00
Luis Soares
d553a7fce5 merge: 5.1-bt bug branch --> 5.1-bt latest 2009-06-30 19:40:38 +01:00
Staale Smedseng
db1591a7a2 Merge from 5.0 2009-06-29 16:00:47 +02:00
Staale Smedseng
19dfaa5824 Merge from 5.0-bt 2009-06-29 15:17:01 +02:00
Luis Soares
af9d23433e merge: 5.1-bt bug branch --> 5.1-bt latest 2009-06-29 12:00:58 +01:00
Luis Soares
92536e4213 BUG#42851: Spurious "Statement is not safe to log in statement
format." warnings
      
Despite the fact that a statement would be filtered out from binlog, a
warning would still be thrown if it was issued with the LIMIT.
      
This patch addresses this issue by checking the filtering rules before
printing out the warning.
2009-06-27 14:18:47 +01:00
Evgeny Potemkin
05a2329fe9 Merged bug#45266. 2009-06-26 19:59:41 +00:00
Evgeny Potemkin
0e64988a5e Bug#45266: Uninitialized variable lead to an empty result.
The TABLE::reginfo.impossible_range is used by the optimizer to indicate
that the condition applied to the table is impossible. It wasn't initialized
at table opening and this might lead to an empty result on complex queries:
a query might set the impossible_range flag on a table and when the query finishes,
all tables are returned back to the table cache. The next query that uses the table
with the impossible_range flag set and an index over the table will see the flag
and thus return an empty result.

The open_table function now initializes the TABLE::reginfo.impossible_range
variable.
2009-06-26 19:57:42 +00:00
Alexey Kopytov
a03275e91b Automerge. 2009-06-26 13:32:56 +04:00
Staale Smedseng
507af626a4 Merge from 5.1-bugteam 2009-06-26 10:46:21 +02:00
Luis Soares
26c4e642ef local merge: 5.1-bt bug branch --> 5.1-bt latest 2009-06-26 00:20:14 +01:00
Staale Smedseng
498ac0f598 Bug #34002 uninitialized Rows_examined for some admin queries
such as quit and shutdown

Logging to slow log can produce an undetermined value for
Rows_examined in special cases. In debug mode this manifests
itself as any of the various marker values used to mark
uninitialized memory on various platforms.

If logging happens on a THD object that hasn't performed any
row reads (on this or any previous connections), the
THD::examined_row_count may be uninitialized. This patch adds
initialization for this attribute.

No automated test cases are added, as for this to be
meaningful, we need to ensure that we're using a THD
fulfilling the above conditions. This is hard to do in the
mysql-test-run framework. The patch has been verified
manually, however, by restarting mysqld and running the test
included with the bug report.
2009-06-25 17:41:05 +02:00
Davi Arnaut
4c1333e6ed Bug#45548: XA transaction without access to InnoDB tables crashes the server
The problem is that the one phase commit function failed to
properly end a empty transaction. The solution is to ensure
that the transaction cleanup procedure is invoked even for
empty transactions.
2009-06-25 12:25:23 -03:00
Sergey Glukhov
3393fdf80a Bug#45412 SHOW CREATE TRIGGER does not require privileges to disclose trigger data
Added privilege checking to SHOW CREATE TRIGGER code.
2009-06-25 15:52:50 +05:00
Satya B
c417035866 Applying InnoDB snashot 5.0-ss5406, part 2. Fixes BUG#40565
BUG#40565 - Update Query Results in "1 Row Affected" But Should Be "Zero Rows"

Detailed revision comments:

r5232 | marko | 2009-06-03 14:31:04 +0300 (Wed, 03 Jun 2009) | 21 lines
branches/5.0: Merge r3590 from branches/5.1 in order to fix Bug #40565
(Update Query Results in "1 Row Affected" But Should Be "Zero Rows").

Also, add a test case for Bug #40565.

rb://128 approved by Heikki Tuuri
  ------------------------------------------------------------------------
  r3590 | marko | 2008-12-18 15:33:36 +0200 (Thu, 18 Dec 2008) | 11 lines

  branches/5.1: When converting a record to MySQL format, copy the default
  column values for columns that are SQL NULL.  This addresses failures in
  row-based replication (Bug #39648).

  row_prebuilt_t: Add default_rec, for the default values of the columns in
  MySQL format.

  row_sel_store_mysql_rec(): Use prebuilt->default_rec instead of
  padding columns.

  rb://64 approved by Heikki Tuuri
  ------------------------------------------------------------------------
2009-06-25 15:20:26 +05:30
Sergey Glukhov
2c53a70e15 Bug#45485 replication different between master/slaver using procedure with gbk
In Item_param::set_from_user_var
value.cs_info.character_set_client is set
to 'fromcs' value. It's wrong, it should be set to
thd->variables.character_set_client.
2009-06-25 11:22:39 +05:00
Andrei Elkin
0ecf826a86 Bug #38240 Crash in safe_mutex_lock () thr_mutex.c line 97 on rotate_relay_log
The reason for the crash was rotate_relay_log (mi=0x0) did not verify
the passed value of active_mi.  There are more cases where active_mi
is supposed to be non-zero e.g change_master(), stop_slave(), and it's
reasonable to protect from a similar crash all of them with common
fixes.
            
Fixed with spliting end_slave() in slave threads release and slave
data clean-up parts (a new close_active_mi()). The new function is
invoked at the very end of close_connections() so that all users of
active_mi are proven to have left.
2009-06-23 12:10:04 +03:00
Alexey Kopytov
3625c1e157 Bug #45309: InnoDB does not rollback for delete and update
queries if query was killed 
 
Since we rely on thd->is_error() to decide whether we should 
COMMIT or ROLLBACK after a query execution, check the query 
'killed' state and throw an error before calling 
ha_autocommit_or_rollback(), not after. 
 
The patch was tested manually. For reliable results, the test 
case would have to KILL QUERY while a DELETE/UPDATE query in 
another thread is still running. I don't see a way to achieve 
this kind of synchronization in our test suite (no debug_sync 
in 5.1).
2009-06-23 10:15:27 +04:00
Martin Hansson
ecd470d190 Merge 2009-06-22 16:01:42 +02:00
Martin Hansson
2cc1134c2c Bug#44653: Server crash noticed when executing random queries with partitions.
When opening a table, it is imperative that the flag
TABLE::auto_increment_field_not_null be false. But if an error occured during
the creation of a table (e.g. the table exists already) with an auto_increment
column and a BEFORE trigger that used the INSERT ... SELECT construct, the
flag was not reset until after error checking. Thus if an error occured,
select_insert::send_data() returned immediately and it was not reset (see * in
pseudocode below).  Crash happened if the table was opened again. Fixed by
resetting the flag after error checking.

nested-loops_join():
  for each row in SELECT table {
    select_insert::send_data():
      if a values is supplied for AUTO_INCREMENT column
         table->auto_increment_field_not_null= TRUE
       else
         table->auto_increment_field_not_null= FALSE
       if (error)
         return 1; *
       if (table->auto_increment_field_not_null == FALSE)
         ...
       table->auto_increment_field_not_null == FALSE 
  }
<-- table returned to table cache and later retrieved by open_table: 
open_table():
  assert(table->auto_increment_field_not_null)
2009-06-22 14:51:33 +02:00