A buffer large enough to hold the query _plus_ some additional
data is allocated before parsing is started.   The additional data 
is used by the query cache, and consists of the name of the current 
database and a set of flags.
 
When a packet containing multiple SQL statements is sent to the
server and one of the statements changes the current database
(a "USE <db>" statement), and the name of the new current database 
is longer than of the previous,  there is not enough space in the 
buffer for the new name, and we write out over the buffer boundary.

The fix adds an extra field to store the number of bytes
allocated to the database name in the buffer.  If the current
database name changes, and the new name is longer than the
previous one, we refuse to cache the query.

The main problem was that lex_start() was forgotten to be called before processing
COM_REFRESH.

Another problem discovered was that if failures to flush the error log were not properly
handled, which resulted in the server crash.

The user-visible effect of these problems were:
  - if COM_REFRESH command was sent after SQL-queries of some sort,
    the server would crash.
  - if COM_REFRESH was requested with REFRESH_LOG only, and the error log
    failed to flush, the server would crash. The error log fails to flush
    when it points to unavailable file (for example, due to restricted
    permissions).

The fixes are:
  - call lex_start() in the beginning of COM_REFRESH;
  - handle failures to flush the error log properly, i.e. raise ER_UNKNOWN_ERROR.

sql/sql_parse.cc:
  Fix for Bug#13001491: MYSQL_REFRESH CRASHES WHEN STORED ROUTINES ARE RUN CONCURRENTLY.
tests/mysql_client_test.c:
  A test case for Bug#13001491: MYSQL_REFRESH CRASHES WHEN STORED ROUTINES
  ARE RUN CONCURRENTLY.

(also 5.5+ solution for bug#11766879/bug#60106)

The valgrind warning was due to an unused 'new handler_add_index(...)'
which was never freed.

The error handling did not work (fails as in bug#11766879) and
the implementation was not as transparant as it could, therefore I
made it a bit simpler and more transparant to the underlying handlers.

This way it follows the api better and the error handling works and
is also now tested.

Also added a debug test to verify the error handling.

Improved according to Jon Olavs review:
Added class ha_partition_add_index.
Also added base class Sql_alloc to handler_add_index.
Update 3.

Amendment to previous patch:
Failure in CONV() should return NULL instead of
empty set.
When compiled on Windows or Solaris the function
Item_func_conv::val_str() doesn't fail on 
longlong2str() but finds an earlier exit path
based on the attributes of the arguments.
This exit path returns NULL on failure and as a
consequence the original patch caused different
test results depending on the OS used.

Failure to check the return state of a longlong2str() call
caused a crash. This could happen if a user executed the sql
function CONV() with certain parameters.

The patch fixes the issue by checking that the returned pointer
isn't NULL.

The client-server protocol has left some room for interpretation
which this patch fixes by introducing byte counters and
enforced logic for SSL handshakes.

PARTITONING, ON INDEX CREATE

If the first partition succeeded in adding a index, but a successive partition failed,
then the first partition had still the new index.

The fix reverts the added indexes from previous partitions on failure.

Bug#12532830 - SIGFPE OR ASSERTION (PRECISION <= ((9 * 9) - 8*2)) && (DEC <= 30)

SET STATEMENT.

Server built with debug asserts, without debug crashes if a user tries
to run a stored procedure that constains query with subquery that include
either LIMIT or LIMIT OFFSET clauses.

The problem was that Item::fix_fields() was not called for the items
representing LIMIT or OFFSET clauses.

The solution is to call Item::fix_fields() right before evaluation in
st_select_lex_unit::set_limit().

mysql-test/r/sp.result:
  Added testcase result for bug#12621017. Updated testcase result for
  bug 11918.
mysql-test/t/sp.test:
  Added testcase for bug#12621017. Addressed review comments for Bug 11918
  (added tests for use LIMIT at stored function).
sql/item.h:
  Addressed review comments for Bug 11918.
sql/share/errmsg-utf8.txt:
  Addressed review comments for Bug 11918.
sql/sp_head.cc:
  Addressed review comments for Bug 11918.
sql/sql_lex.cc:
  Added call fix_fields() for item just before its evaluation.
sql/sql_yacc.yy:
  Addressed review comments for Bug 11918.

  FOR SOME PLUGINS TO WORK

Some dynamically loadable plugins on the Mac may need functions from the 
CoreServices framework. Unfortunately the only place where this can be initialized
is the main executable. Thus to allow plugins to use functions from that framework
the mysqld binary needs to link to the framework.

PAM AUTHENTICATION SETTINGS

SET PASSWORD code on a account with plugin authentication was errorneously
resetting the in-memory plugin pointer for the user back to native password 
plugin despite the fact that it was sending a warning that the command has 
no immediate effect.
Fixed by not updating the user's plugin if it's already set to a non default value.
Note that the bug affected only the in-memory cache of the user definitions.
Any restart of the server will fix the problem.
Also the salt and the password has are still stored into the user tables (just as 
it's documented now).
Test case added.
One old test case result updated  to have the correct value.

row_sel_field_store_in_mysql_format(): Do not pad the unused part of
the buffer reserved for a True VARCHAR column (introduced in 5.0.3).
Add Valgrind instrumentation ensuring that the unused part will be
flagged uninitialized.

row_sel_copy_cached_field_for_mysql(): New function: Copy a field
that is in the MySQL row format, not copying the unused tail of
VARCHAR columns.

row_sel_pop_cached_row_for_mysql(): Invoke
row_sel_copy_cached_field_for_mysql() for copying fields.
When the row is long, copy it field-by-field.

rb:715 approved by Inaam Rana

for compressed InnoDB tables

ha_innodb::info_low(): For calculating data_length or index_length,
use the compressed page size for compressed tables instead of UNIV_PAGE_SIZE.

rb:714 approved by Sunny Bains

BUG #11754979 - 46675: ON DUPLICATE KEY UPDATE AND UPDATECOUNT() POSSIBLY WRONG 

The mysql_affected_rows() client call returns 3 instead of 2 on
INSERT ... ON DUPLICATE KEY UPDATE query with a duplicated key value.

The fix for the old bug #29692 was incomplete: unnecessary double
increment of "touched" rows still happened.

This bugfix removes:
1) unneeded increment of "touched" rows and
2) useless double resetting of auto-increment value.


sql/sql_insert.cc:
  write_record() function:
  Unneeded increment of "touched" rows and useless double resetting
  of auto-increment value has been removed.
tests/mysql_client_test.c:
  New test case.

There is an optimization of DISTINCT in JOIN::optimize()
which depends on THD::used_tables value. Each SELECT statement
inside SP resets used_tables value(see mysql_select()) and it
leads to wrong result. The fix is to replace THD::used_tables
with LEX::used_tables.


mysql-test/r/sp.result:
  test case
mysql-test/t/sp.test:
  test case
sql/sql_base.cc:
  THD::used_tables is replaced with LEX::used_tables
sql/sql_class.cc:
  THD::used_tables is replaced with LEX::used_tables
sql/sql_class.h:
  THD::used_tables is replaced with LEX::used_tables
sql/sql_insert.cc:
  THD::used_tables is replaced with LEX::used_tables
sql/sql_lex.cc:
  THD::used_tables is replaced with LEX::used_tables
sql/sql_lex.h:
  THD::used_tables is replaced with LEX::used_tables
sql/sql_prepare.cc:
  THD::used_tables is replaced with LEX::used_tables
sql/sql_select.cc:
  THD::used_tables is replaced with LEX::used_tables