Too many cursors (more than 1024) could lead to memory corruption.
This affects both, stored routines and C API cursors, and the
threshold is per-server, not per-connection. Similarly, the
corruption could happen when the server was under heavy load
(executing more than 1024 simultaneous complex queries), and this is
the reason why this bug is fixed in 4.1, which doesn't support
cursors.
The corruption was caused by a bug in the temporary tables code, when
an attempt to create a table could lead to a write beyond allocated
space. Note, that only internal tables were affected (the tables
created internally by the server to resolve the query), not tables
created with CREATE TEMPORARY TABLE. Another pre-condition for the
bug is TRUE value of --temp-pool startup option, which, however, is a
default.
The cause of a bug was that random memory was overwritten in
bitmap_set_next() due to out-of-bound memory access.
mysys/my_bitmap.c:
Local 'bitmap_size' is measured in bytes, no need to multiply it by 8.
sql/sql_select.cc:
Clear the temp_pool_slot bit only if we have set it previously.
Too many cursors (more than 1024) could lead to memory corruption.
This affects both, stored routines and C API cursors, and the
threshold is per-server, not per-connection. Similarly, the
corruption could happen when the server was under heavy load
(executing more than 1024 simultaneous complex queries), and this is
the reason why this bug is fixed in 4.1, which doesn't support
cursors.
The corruption was caused by a bug in the temporary tables code, when
an attempt to create a table could lead to a write beyond allocated
space. Note, that only internal tables were affected (the tables
created internally by the server to resolve the query), not tables
created with CREATE TEMPORARY TABLE. Another pre-condition for the
bug is TRUE value of --temp-pool startup option, which, however, is a
default.
The cause of a bug was that random memory was overwritten in
bitmap_set_next() due to out-of-bound memory access.
When optimizing conditions like 'a = <some_val> OR a IS NULL' so that they're
united into a single condition on the key and checked together the server must
check which value is the NULL value in a correct way : not only using ->is_null
but also check if the expression doesn't depend on any tables referenced in the
current statement.
This additional check must be performed because that optimization takes place
before the actual execution of the statement, so if the field was initialized
to NULL from a previous statement the optimization would be applied incorrectly.
mysql-test/r/select.result:
Bug #21019: First result of SELECT COUNT(*) different than consecutive runs
- test case
mysql-test/t/select.test:
Bug #21019: First result of SELECT COUNT(*) different than consecutive runs
- test case.
Note that ALTER TABLE is important here : it happens to
leave the Field instance for t1.b set to NULL, witch is vital for
demonstrating the problem fixed by this changeset.
sql/sql_select.cc:
Bug #21019: First result of SELECT COUNT(*) different than consecutive runs
- check whether a value is null taking into account its table dependency.
When optimizing conditions like 'a = <some_val> OR a IS NULL' so that they're
united into a single condition on the key and checked together the server must
check which value is the NULL value in a correct way : not only using ->is_null
but also check if the expression doesn't depend on any tables referenced in the
current statement.
This additional check must be performed because that optimization takes place
before the actual execution of the statement, so if the field was initialized
to NULL from a previous statement the optimization would be applied incorrectly.
The problem was in that opt_sum_query() replaced MIN/MAX functions
with the corresponding constant found in a key, but due to imprecise
representation of float numbers, when evaluating the where clause,
this comparison failed.
When MIN/MAX optimization detects that all tables can be removed,
also remove all conjuncts in a where clause that refer to these
tables. As a result of this fix, these conditions are not evaluated
twice, and in the case of float number comparisons we do not discard
result rows due to imprecise float representation.
As a side-effect this fix also corrects an unnoticed problem in
bug 12882.
mysql-test/r/func_group.result:
BUG#20954 - test result adjustment.
Adjusted the test result of bug 12882 which was not preperly fixed.
The current patch corrects the problem that was fully corrected by the
patch for 12882.
The problem was that opt_sum_query() indicated that the optimizer may
remove all tables because all MIN/MAX/COUNT functions are constants,
but this lead to an empty result instead of NULL because the WHERE
clause was still evaluated.
The current fix removes all conjuncts in the where clause that
reference the removed tables, and thus corrects the problem.
mysql-test/r/select.result:
BUG#20954 - added test
mysql-test/r/subselect.result:
BUG#20954 - test result adjustment.
The fix removes those conditions in a where clause that refer to
tables optimized away by MIN/MAX optimization (opt_sum_query()).
mysql-test/t/select.test:
BUG#20954 - added test
sql/sql_select.cc:
Fix for BUG#20954: avg(keyval) retuns 0.38 but max(keyval) returns an empty set
When MIN/MAX optimization detects that all tables can be removed,
also remove all conjuncts in a where clause that refer to these
tables. As a result of this fix, these conditions are not evaluated
twice, and in the case of float number comparisons we do not discard
result rows due to imprecise float representation.
As a side-effect this fix also corrects an unnoticed problem in
bug 12882.
The problem was in that opt_sum_query() replaced MIN/MAX functions
with the corresponding constant found in a key, but due to imprecise
representation of float numbers, when evaluating the where clause,
this comparison failed.
When MIN/MAX optimization detects that all tables can be removed,
also remove all conjuncts in a where clause that refer to these
tables. As a result of this fix, these conditions are not evaluated
twice, and in the case of float number comparisons we do not discard
result rows due to imprecise float representation.
As a side-effect this fix also corrects an unnoticed problem in
bug 12882.
When there is no index defined filesort is used to sort the result of a
query. If there is a function in the select list and the result set should be
ordered by it's value then this function will be evaluated twice. First time to
get the value of the sort key and second time to send its value to a user.
This happens because filesort when sorts a table remembers only values of its
fields but not values of functions.
All functions are affected. But taking into account that SP and UDF functions
can be both expensive and non-deterministic a temporary table should be used
to store their results and then sort it to avoid twice SP evaluation and to
get a correct result.
If an expression referenced in an ORDER clause contains a SP or UDF
function, force the use of a temporary table.
A new Item_processor function called func_type_checker_processor is added
to check whether the expression contains a function of a particular type.
mysql-test/t/udf.test:
Added test case for bug#19862: Sort with filesort by function evaluates function twice
mysql-test/t/sp.test:
Added test case for bug#19862: Sort with filesort by function evaluates function twice
mysql-test/r/sp.result:
Added test case for bug#19862: Sort with filesort by function evaluates function twice
mysql-test/r/udf.result:
Added test case for bug#19862: Sort with filesort by function evaluates function twice
sql/sql_select.cc:
Fixed bug#19862: Sort with filesort by function evaluates function twice
If an expression referenced in an ORDER clause contains a SP or UDF
function, force the use of a temporary table.
sql/item_func.h:
Fixed bug#19862: Sort with filesort by function evaluates function twice
A new Item_processor function called func_type_checker_processor is added
to check whether the expression contains a function of a particular type.
sql/item.h:
Fixed bug#19862: Sort with filesort by function evaluates function twice
A new Item_processor function called func_type_checker_processor is added
to check whether the expression contains a function of a particular type.
sql/item_func.cc:
Fixed bug#19862: Sort with filesort by function evaluates function twice
A new Item_processor function called func_type_checker_processor is added
to check whether the expression contains a function of a particular type.
When there is no index defined filesort is used to sort the result of a
query. If there is a function in the select list and the result set should be
ordered by it's value then this function will be evaluated twice. First time to
get the value of the sort key and second time to send its value to a user.
This happens because filesort when sorts a table remembers only values of its
fields but not values of functions.
All functions are affected. But taking into account that SP and UDF functions
can be both expensive and non-deterministic a temporary table should be used
to store their results and then sort it to avoid twice SP evaluation and to
get a correct result.
If an expression referenced in an ORDER clause contains a SP or UDF
function, force the use of a temporary table.
A new Item_processor function called func_type_checker_processor is added
to check whether the expression contains a function of a particular type.
when calculating GROUP_CONCAT all blob fields are transformed
to varchar when making the temp table.
However a varchar has at max 2 bytes for length.
This fix makes the conversion only for blobs whose max length
is below that limit.
Otherwise blob field is created by make_string_field() call.
mysql-test/r/func_gconcat.result:
Bug#16712: group_concat returns odd srting insead of intended result
* testsuite for the bug
mysql-test/t/func_gconcat.test:
Bug#16712: group_concat returns odd srting insead of intended result
* testsuite for the bug
sql/item_sum.cc:
Bug#16712: group_concat returns odd srting insead of intended result
* force blob->varchar conversion for small enough blobs only
sql/sql_select.cc:
Bug#16712: group_concat returns odd srting insead of intended result
* force blob->varchar conversion for small enough blobs only
when calculating GROUP_CONCAT all blob fields are transformed
to varchar when making the temp table.
However a varchar has at max 2 bytes for length.
This fix makes the conversion only for blobs whose max length
is below that limit.
Otherwise blob field is created by make_string_field() call.
When making a place to store field values at the start of each group
the real item (not the reference) must be used when deciding which column
to copy.
mysql-test/r/group_by.result:
Bug #20466: a view is mixing data when there's a trigger on the table
- test suite for the bug
mysql-test/t/group_by.test:
Bug #20466: a view is mixing data when there's a trigger on the table
- test suite for the bug
sql/sql_select.cc:
Bug #20466: a view is mixing data when there's a trigger on the table
- deal correctly with references
When making a place to store field values at the start of each group
the real item (not the reference) must be used when deciding which column
to copy.
An aggregate function reference was resolved incorrectly and
caused a crash in count_field_types.
Must use real_item() to get to the real Item instance through
the reference
mysql-test/r/func_group.result:
Bug #20868: Client connection is broken on SQL query error
* test case for the bug
mysql-test/t/func_group.test:
Bug #20868: Client connection is broken on SQL query error
* test case for the bug
sql/sql_select.cc:
Bug #20868: Client connection is broken on SQL query error
* correctly resolve aggregate function references.
An aggregate function reference was resolved incorrectly and
caused a crash in count_field_types.
Must use real_item() to get to the real Item instance through
the reference
The bug was due to a loss happened during a refactoring made
on May 30 2005 that modified the function JOIN::reinit.
As a result of it for any subquery the value of offset_limit_cnt
was not restored for the following executions. Yet the first
execution of the subquery made it equal to 0.
The fix restores this value in the function JOIN::reinit.
mysql-test/r/subselect.result:
Added a test case fir bug #20519.
mysql-test/t/subselect.test:
Added a test case fir bug #20519.
The bug was due to a loss happened during a refactoring made
on May 30 2005 that modified the function JOIN::reinit.
As a result of it for any subquery the value of offset_limit_cnt
was not restored for the following executions. Yet the first
execution of the subquery made it equal to 0.
The fix restores this value in the function JOIN::reinit.
into macbook.gmz:/Users/kgeorge/mysql/work/B17212-5.0-opt
mysql-test/r/innodb_mysql.result:
Merge 4.1->5.0 for bug #17212
mysql-test/t/innodb_mysql.test:
Merge 4.1->5.0 for bug #17212
sql/sql_select.cc:
Merge 4.1->5.0 for bug #17212
DESCRIBE returned the type BIGINT for a column of a view if the column
was specified by an expression over values of the type INT.
E.g. for the view defined as follows:
CREATE VIEW v1 SELECT COALESCE(f1,f2) FROM t1
DESCRIBE returned type BIGINT for the only column of the view if f1,f2 are
columns of the INT type.
At the same time DESCRIBE returned type INT for the only column of the table
defined by the statement:
CREATE TABLE t2 SELECT COALESCE(f1,f2) FROM t1.
This inconsistency was removed by the patch.
Now the code chooses between INT/BIGINT depending on the
precision of the aggregated column type.
Thus both DESCRIBE commands above returns type INT for v1 and t2.
mysql-test/r/analyse.result:
Adjusted the results after having fixed bug #19714.
mysql-test/r/bigint.result:
Adjusted the results after having fixed bug #19714.
mysql-test/r/create.result:
Adjusted the results after having fixed bug #19714.
mysql-test/r/olap.result:
Adjusted the results after having fixed bug #19714.
mysql-test/r/ps_2myisam.result:
Adjusted the results after having fixed bug #19714.
mysql-test/r/ps_3innodb.result:
Adjusted the results after having fixed bug #19714.
mysql-test/r/ps_4heap.result:
Adjusted the results after having fixed bug #19714.
mysql-test/r/ps_5merge.result:
Adjusted the results after having fixed bug #19714.
mysql-test/r/ps_6bdb.result:
Adjusted the results after having fixed bug #19714.
mysql-test/r/ps_7ndb.result:
Adjusted the results after having fixed bug #19714.
mysql-test/r/sp.result:
Adjusted the results after having fixed bug #19714.
mysql-test/r/subselect.result:
Adjusted the results after having fixed bug #19714.
mysql-test/r/type_ranges.result:
Adjusted the results after having fixed bug #19714.
mysql-test/r/view.result:
Added a test case for bug #19714.
mysql-test/t/view.test:
Added a test case for bug #19714.
DESCRIBE returned the type BIGINT for a column of a view if the column
was specified by an expression over values of the type INT.
E.g. for the view defined as follows:
CREATE VIEW v1 SELECT COALESCE(f1,f2) FROM t1
DESCRIBE returned type BIGINT for the only column of the view if f1,f2 are
columns of the INT type.
At the same time DESCRIBE returned type INT for the only column of the table
defined by the statement:
CREATE TABLE t2 SELECT COALESCE(f1,f2) FROM t1.
This inconsistency was removed by the patch.
Now the code chooses between INT/BIGINT depending on the
precision of the aggregated column type.
Thus both DESCRIBE commands above returns type INT for v1 and t2.
into moonbone.local:/work/tmp_merge-5.0-opt-mysql
sql/item_subselect.cc:
Auto merged
sql/sql_class.cc:
Auto merged
sql/sql_class.h:
Auto merged
sql/sql_select.cc:
Auto merged
mysql-test/r/subselect.result:
Manual merge
mysql-test/t/subselect.test:
Manual merge
into moonbone.local:/work/tmp_merge-5.0-opt-mysql
mysql-test/r/rpl_insert_id.result:
Auto merged
mysql-test/t/rpl_insert_id.test:
Auto merged
sql/item_strfunc.cc:
Auto merged
sql/item_strfunc.h:
Auto merged
sql/sql_class.cc:
Auto merged
sql/sql_class.h:
Auto merged
sql/sql_insert.cc:
Auto merged
sql/sql_select.cc:
Auto merged
into bodhi.local:/opt/local/work/mysql-5.1-runtime-merge-5.0
include/my_sys.h:
Auto merged
mysql-test/r/auto_increment.result:
Auto merged
mysql-test/r/func_math.result:
Auto merged
mysql-test/r/func_system.result:
Auto merged
mysql-test/r/func_time.result:
Auto merged
mysql-test/r/information_schema.result:
Auto merged
mysql-test/r/query_cache.result:
Auto merged
mysql-test/r/subselect.result:
Auto merged
mysql-test/r/trigger.result:
Auto merged
mysql-test/r/type_blob.result:
Auto merged
mysql-test/r/variables.result:
Auto merged
mysql-test/r/view.result:
Auto merged
mysql-test/t/trigger.test:
Auto merged
sql/ha_ndbcluster.cc:
Auto merged
sql/log.cc:
Auto merged
sql/slave.cc:
Auto merged
sql/sql_lex.cc:
Auto merged
sql/sql_lex.h:
Auto merged
sql/sql_select.cc:
Auto merged
sql/sql_trigger.cc:
Auto merged
sql/sql_yacc.yy:
Auto merged
storage/ndb/src/kernel/blocks/dbdict/Dbdict.hpp:
Auto merged
storage/ndb/src/mgmsrv/ConfigInfo.cpp:
Auto merged
sql/slave.h:
SCCS merged
mysql-test/r/show_check.result:
Manual merge.
mysql-test/t/show_check.test:
Manual merge.
sql/log_event.cc:
Manual merge.
sql/share/errmsg.txt:
Manual merge.
sql/sql_class.h:
Manual merge.
sql/sql_db.cc:
Manual merge.
* don't use join cache when the incoming data set is already ordered
for ORDER BY
This choice must be made because join cache will effectively
reverse the join order and the results will be sorted by the index
of the table that uses join cache.
mysql-test/r/innodb_mysql.result:
Bug #17212 results not sorted correctly by ORDER BY when using index
* Test suite for the bug
mysql-test/t/innodb_mysql.test:
Bug #17212 results not sorted correctly by ORDER BY when using index
* Test suite for the bug
sql/sql_select.cc:
Bug #17212 results not sorted correctly by ORDER BY when using index
* don't use join cache when the incoming data set is already sorted
* don't use join cache when the incoming data set is already ordered
for ORDER BY
This choice must be made because join cache will effectively
reverse the join order and the results will be sorted by the index
of the table that uses join cache.
may return a wrong result.
An Item_sum_hybrid object has the was_values flag which indicates whether any
values were added to the sum function. By default it is set to true and reset
to false on any no_rows_in_result() call. This method is called only in
return_zero_rows() function. An ALL/ANY subquery can be optimized by MIN/MAX
optimization. The was_values flag is used to indicate whether the subquery
has returned at least one row. This bug occurs because return_zero_rows() is
called only when we know that the select will return zero rows before
starting any scans but often such information is not known.
In the reported case the return_zero_rows() function is not called and
the was_values flag is not reset to false and yet the subquery return no rows
Item_func_not_all and Item_func_nop_all functions return a wrong
comparison result.
The end_send_group() function now calls no_rows_in_result() for each item
in the fields_list if there is no rows were found for the (sub)query.
mysql-test/t/subselect.test:
Added test case for bug#18503: Queries with a quantified subquery returning empty set may return a wrong result.
mysql-test/r/subselect.result:
Added test case for bug#18503: Queries with a quantified subquery returning empty set may return a wrong result.
sql/sql_select.cc:
Fixed bug#18503: Queries with a quantified subquery returning empty set may return a wrong result.
The end_send_group() function now calls no_rows_in_result() for each item
in the fields_list if there is no matching rows were found.
may return a wrong result.
An Item_sum_hybrid object has the was_values flag which indicates whether any
values were added to the sum function. By default it is set to true and reset
to false on any no_rows_in_result() call. This method is called only in
return_zero_rows() function. An ALL/ANY subquery can be optimized by MIN/MAX
optimization. The was_values flag is used to indicate whether the subquery
has returned at least one row. This bug occurs because return_zero_rows() is
called only when we know that the select will return zero rows before
starting any scans but often such information is not known.
In the reported case the return_zero_rows() function is not called and
the was_values flag is not reset to false and yet the subquery return no rows
Item_func_not_all and Item_func_nop_all functions return a wrong
comparison result.
The end_send_group() function now calls no_rows_in_result() for each item
in the fields_list if there is no rows were found for the (sub)query.
into dl145k.mysql.com:/data0/mkindahl/bk/MERGE/mysql-5.1-merge
include/my_sys.h:
Auto merged
mysql-test/mysql-test-run.pl:
Auto merged
mysql-test/r/rpl_row_create_table.result:
Auto merged
mysql-test/t/disabled.def:
Auto merged
mysql-test/t/rpl_row_create_table.test:
Auto merged
mysys/my_malloc.c:
Auto merged
server-tools/instance-manager/parse.h:
Auto merged
sql/ha_ndbcluster.cc:
Auto merged
sql/handler.h:
Auto merged
sql/log.cc:
Auto merged
sql/log_event.cc:
Auto merged
sql/mysql_priv.h:
Auto merged
sql/set_var.h:
Auto merged
sql/sp.cc:
Auto merged
sql/sp_head.cc:
Auto merged
sql/sp_head.h:
Auto merged
sql/sql_base.cc:
Auto merged
sql/sql_class.cc:
Auto merged
sql/sql_insert.cc:
Auto merged
sql/sql_lex.h:
Auto merged
sql/sql_parse.cc:
Auto merged
sql/sql_select.cc:
Auto merged
sql/sql_table.cc:
Auto merged
sql/sql_update.cc:
Auto merged
sql/sql_view.cc:
Auto merged
sql/sql_yacc.yy:
Auto merged
mysys/safemalloc.c:
Merge of mysql-5.1-new-rpl into mysql-5.1
sql/ha_federated.cc:
d
Merge of mysql-5.1-new-rpl into mysql-5.1
sql/set_var.cc:
Merge of mysql-5.1-new-rpl with mysql-5.1
sql/slave.cc:
Merge of mysql-5.1-new-rpl into mysql-5.1
sql/sql_class.h:
Merge of mysql-5.1-new-rpl into mysql-5.1
into macbook.gmz:/Users/kgeorge/mysql/work/B14553-5.0-opt
mysql-test/r/odbc.result:
Auto merged
sql/sql_select.cc:
Auto merged
mysql-test/r/rpl_insert_id.result:
merge the test at the end of 4.1 test
mysql-test/t/rpl_insert_id.test:
merge the test at the end of 4.1 test
sql/sql_class.cc:
merged
sql/sql_class.h:
merged
To make MySQL compatible with some ODBC applications, you can find
the AUTO_INCREMENT value for the last inserted row with the following query:
SELECT * FROM tbl_name WHERE auto_col IS NULL.
This is done with a special code that replaces 'auto_col IS NULL' with
'auto_col = LAST_INSERT_ID'.
However this also resets the LAST_INSERT_ID to 0 as it uses it for a flag
so as to ensure that only the first SELECT ... WHERE auto_col IS NULL
after an INSERT has this special behaviour.
In order to avoid resetting the LAST_INSERT_ID a special flag is introduced
in the THD class. This flag is used to restrict the second and subsequent
SELECTs instead of LAST_INSERT_ID.
mysql-test/r/odbc.result:
test suite for the bug
mysql-test/r/rpl_insert_id.result:
test for the fix in replication
mysql-test/t/odbc.test:
test suite for the bug
mysql-test/t/rpl_insert_id.test:
test for the fix in replication
sql/sql_class.cc:
initialize the flag
sql/sql_class.h:
flag's declaration and set code when setting the last_insert_id
sql/sql_select.cc:
the special flag is used instead of last_insert_id
To make MySQL compatible with some ODBC applications, you can find
the AUTO_INCREMENT value for the last inserted row with the following query:
SELECT * FROM tbl_name WHERE auto_col IS NULL.
This is done with a special code that replaces 'auto_col IS NULL' with
'auto_col = LAST_INSERT_ID'.
However this also resets the LAST_INSERT_ID to 0 as it uses it for a flag
so as to ensure that only the first SELECT ... WHERE auto_col IS NULL
after an INSERT has this special behaviour.
In order to avoid resetting the LAST_INSERT_ID a special flag is introduced
in the THD class. This flag is used to restrict the second and subsequent
SELECTs instead of LAST_INSERT_ID.
into gbichot3.local:/home/mysql_src/mysql-5.1
sql/ha_federated.cc:
Auto merged
sql/ha_ndbcluster.cc:
Auto merged
sql/handler.h:
Auto merged
sql/log_event.cc:
Auto merged
sql/set_var.cc:
Auto merged
sql/sql_class.cc:
Auto merged
sql/sql_class.h:
Auto merged
sql/sql_parse.cc:
Auto merged
sql/sql_select.cc:
Auto merged
sql/sql_table.cc:
Auto merged
sql/sql_update.cc:
Auto merged
sql/handler.cc:
will fix by hand
mysql-test/extra/rpl_tests/rpl_insert_id.test:
merge
mysql-test/r/rpl_insert_id.result:
merge
sql/sql_insert.cc:
merge
