- 29 Oct, 2010 4 commits
-
-
Sergey Glukhov authored
-
Sergey Glukhov authored
Lines below which were added in the patch for Bug#56814 cause this crash: + if (table->table) + table->table->maybe_null= FALSE; Consider following test case: -- CREATE TABLE t1(f1 INT NOT NULL); INSERT INTO t1 VALUES (16777214),(0); SELECT COUNT(*) FROM t1 LEFT JOIN t1 t2 ON 1 WHERE t2.f1 > 1 GROUP BY t2.f1; DROP TABLE t1; -- We set TABLE::maybe_null to FALSE for t2 table and in create_tmp_field() we create appropriate tmp table field using create_tmp_field_from_item() function instead of create_tmp_field_from_field. As a result we have LONGLONG field. As we have GROUP BY clause we calculate group buffer length, see calc_group_buffer(). Item from group list which is used for calculation refer to the field from real tables and have LONG type. So group buffer length become insufficient for storing of LONGLONG value. It leads to overwriting of wrong memory area in do_field_int() function which is called from end_update(). After some investigation I found out that create_tmp_field_from_item() is used only for OLAP grouping and can not be used for common grouping as it could be an incompatibility between tmp table fields and group buffer length. We can not remove create_tmp_field_from_item() call from create_tmp_field as OLAP needs it and we can not use this function for common grouping. So we should remove setting TABLE::maybe_null to FALSE from simplify_joins(). In this case we'll get wrong behaviour of list_contains_unique_index() back. To fix it we could use Field::real_maybe_null() check instead of Field::maybe_null() and add addition check of TABLE_LIST::outer_join. mysql-test/r/group_by.result: test case mysql-test/r/join_outer.result: test case mysql-test/t/group_by.test: test case mysql-test/t/join_outer.test: test case sql/sql_select.cc: --remove wrong code --use Field::real_maybe_null() check instead of Field::maybe_null() and add addition check of TABLE_LIST::outer_join
-
Sergey Glukhov authored
-
Sergey Glukhov authored
The problem is caused by bug49487 fix and became visible after after bug56679 fix. Items are cleaned up and set to unfixed state after filling derived table. So we can not rely on item::fixed state in Item_func_group_concat::print and we can not use 'args' array as items there may be cleaned up. The fix is always to use orig_args array of items as it always should contain the correct data. mysql-test/r/func_gconcat.result: test case mysql-test/t/func_gconcat.test: test case sql/item_sum.cc: The fix is always to use orig_args array of items.
-
- 27 Oct, 2010 2 commits
-
-
Sergey Glukhov authored
-
Sergey Glukhov authored
The problem is dividing by const value when the result is out of supported range. The fix: -return LONGLONG_MIN if the result is out of supported range for DIV operator. -return 0 if divisor is -1 for MOD operator. mysql-test/r/func_math.result: test case mysql-test/t/func_math.test: test case sql/item_func.cc: -return LONGLONG_MIN if the result is out of supported range for DIV operator. -return 0 if divisor is -1 for MOD operator.
-
- 25 Oct, 2010 2 commits
-
-
Jimmy Yang authored
-
Jimmy Yang authored
Approved by Sunny Bains
-
- 21 Oct, 2010 2 commits
-
-
Jimmy Yang authored
-
Jimmy Yang authored
or foreign key Fix approved by Sunny Bains
-
- 18 Oct, 2010 4 commits
-
-
Sergey Glukhov authored
-
Sergey Glukhov authored
create_sort_index() function overwrites original JOIN_TAB::type field. At re-execution of subquery overwritten JOIN_TAB::type(JT_ALL) is used instead of JT_FT. It misleads test_if_skip_sort_order() and the function tries to find suitable key for the order that should not be allowed for FULLTEXT(JT_FT) table. The fix is to restore JOIN_TAB strucures for subselect on re-execution for EXPLAIN. Additional fix: Update TABLE::maybe_null field which affects list_contains_unique_index() behaviour as it could have the value(maybe_null==TRUE) based on the assumption that this join is outer (see setup_table_map() func). mysql-test/r/explain.result: test case mysql-test/t/explain.test: test case sql/item_subselect.cc: Make subquery uncacheable in case of EXPLAIN. It allows to keep original JOIN_TAB::type(see JOIN::save_join_tab) and restore it on re-execution. sql/sql_select.cc: -restore JOIN_TAB strucures for subselect on re-execution for EXPLAIN -Update TABLE::maybe_null field as it could have the value(maybe_null==TRUE) based on the assumption that this join is outer(see setup_table_map() func). This change is not related to the crash problem but affects EXPLAIN results in the test case.
-
Sergey Glukhov authored
-
Sergey Glukhov authored
Subquery executes twice, at top level JOIN::optimize and ::execute stages. At first execution create_sort_index() function is called and FT_SELECT object is created and destroyed. HANDLER::ft_handler is cleaned up in the object destructor and at second execution FT_SELECT::get_next() method returns error. The fix is to reinit HANDLER::ft_handler field before re-execution of subquery. mysql-test/r/fulltext.result: test case mysql-test/t/fulltext.test: test case sql/item_func.cc: reinit ft_handler before re-execution of subquery sql/item_func.h: Fixed method name sql/sql_select.cc: reinit ft_handler before re-execution of subquery
-
- 17 Oct, 2010 2 commits
-
-
Kristofer Pettersson authored
-
Kristofer Pettersson authored
Where realpath(3) is used in Linux, mf_load_path is used for Windows. This function doesn't however correspond to the functionality of realpath. This patch attempts to do better by using the Windows function GetFullPathName() instead.
-
- 15 Oct, 2010 4 commits
-
-
Alexey Botchkov authored
-
Alexey Botchkov authored
-
Mattias Jonsson authored
-
Mattias Jonsson authored
-
- 13 Oct, 2010 1 commit
-
-
Ramil Kalimullin authored
-
- 12 Oct, 2010 3 commits
-
-
Ramil Kalimullin authored
Problem: some call of INET_NTOA() function may lead to a crash due to missing its character set initialization. Fix: explicitly set the character set. mysql-test/r/func_misc.result: Fix for bug#57283: inet_ntoa() crashes - test result. mysql-test/t/func_misc.test: Fix for bug#57283: inet_ntoa() crashes - test case. sql/item_strfunc.cc: Fix for bug#57283: inet_ntoa() crashes - explicitly set buffer's character set.
-
Ramil Kalimullin authored
Problem: if multibyte and binary string arguments passed to RPAD(), LPAD() or INSERT() functions, they might return wrong results or even lead to a server crash due to missed character set convertion. Fix: perform the convertion if necessary. mysql-test/r/ctype_utf8.result: Fix for bug#57272: crash in rpad() when using utf8 - test result. mysql-test/t/ctype_utf8.test: Fix for bug#57272: crash in rpad() when using utf8 - test case. sql/item_strfunc.cc: Fix for bug#57272: crash in rpad() when using utf8 - convert multibyte argument's character set to binary in case of FUNCTION(MULTIBYTE_ARG, .., BINARY_ARG,..) for RPAD(), LPAD() and INSERT() functions.
-
Jimmy Yang authored
-
- 11 Oct, 2010 7 commits
-
-
Marko Makela authored
-
Jimmy Yang authored
with concurrent lock/unlock tables Approved by Marko
-
Marko Mäkelä authored
-
Marko Mäkelä authored
row_create_table_for_mysql(): When the table creation fails, free the dict_table_t object.
-
Marko Mäkelä authored
row_create_table_for_mysql(): When the table creation fails, free the dict_table_t object.
-
Marko Mäkelä authored
No mysql-test case. Tested by creating a table, removing a *.frm file and attempting to create the table again. Code coverage tested by instrumentation. Tested with Valgrind.
-
Sunny Bains authored
Print an error message to stderr an get rid of the assertion. Approved by: Jimmy Yang (over IM)
-
- 07 Oct, 2010 2 commits
-
-
Alexander Nozdrin authored
-
unknown authored
-
- 06 Oct, 2010 7 commits
-
-
Jimmy Yang authored
-
Jimmy Yang authored
linked with foreign keys at once" from mysql-5.1-security to mysql-5.5-security again. rb://391 approved by Heikki
-
Georgi Kodinov authored
-
Jimmy Yang authored
rb://477 approved by Marko
-
Georgi Kodinov authored
-
Georgi Kodinov authored
-
Georgi Kodinov authored
-