1
0
mirror of https://github.com/MariaDB/server.git synced 2025-10-25 18:38:00 +03:00
Commit Graph

805 Commits

Author SHA1 Message Date
Alexey Botchkov
3bf44a8622 merging 2008-09-30 10:41:30 +05:00
Alexey Botchkov
b6f4b1c083 Bug#37949 Crash if argument to SP is a subquery that returns more than one row
JOIN for the subselect wasn't cleaned if we came upon an error
     during sub_select() execution. That leads to the assertion failure
     in close_thread_tables()

     part of the 6.0 code backported

per-file comments:
  mysql-test/r/sp-error.result
Bug#37949 Crash if argument to SP is a subquery that returns more than one row 
    test result

  mysql-test/t/sp-error.test
Bug#37949 Crash if argument to SP is a subquery that returns more than one row 
    test case

  sql/sp_head.cc
Bug#37949 Crash if argument to SP is a subquery that returns more than one row 
    lex->unit.cleanup() call added if not substatement
2008-09-29 19:11:34 +05:00
Marc Alff
385b4bf7ff Manual merge of mysql-5.0-bugteam -> mysql-5.1-bugteam
Note: NULL merge of sql/sql_yacc.yy, the fix for bug#38296 will be provided separately for 5.1
2008-08-11 16:44:13 -06:00
Marc Alff
394691cd90 Bug#38296 (low memory crash with many conditions in a query)
This fix is for 5.0 only : back porting the 6.0 patch manually

The parser code in sql/sql_yacc.yy needs to be more robust to out of
memory conditions, so that when parsing a query fails due to OOM,
the thread gracefully returns an error.

Before this fix, a new/alloc returning NULL could:
- cause a crash, if dereferencing the NULL pointer,
- produce a corrupted parsed tree, containing NULL nodes,
- alter the semantic of a query, by silently dropping token values or nodes

With this fix:
- C++ constructors are *not* executed with a NULL "this" pointer
when operator new fails.
This is achieved by declaring "operator new" with a "throw ()" clause,
so that a failed new gracefully returns NULL on OOM conditions.

- calls to new/alloc are tested for a NULL result,

- The thread diagnostic area is set to an error status when OOM occurs.
This ensures that a request failing in the server properly returns an
ER_OUT_OF_RESOURCES error to the client.

- OOM conditions cause the parser to stop immediately (MYSQL_YYABORT).
This prevents causing further crashes when using a partially built parsed
tree in further rules in the parser.

No test scripts are provided, since automating OOM failures is not
instrumented in the server.
Tested under the debugger, to verify that an error in alloc_root cause the
thread to returns gracefully all the way to the client application, with
an ER_OUT_OF_RESOURCES error.
2008-08-11 10:10:00 -06:00
Marc Alff
566e3389c2 Bug#35577, manual merge mysql-5.0-bugteam -> mysql-5.1-bugteam 2008-07-14 19:43:12 -06:00
Marc Alff
0816ee6d34 Bug#35577 (CREATE PROCEDURE causes either crash or syntax error depending on
build)

The crash was caused by freeing the internal parser stack during the parser
execution.
This occured only for complex stored procedures, after reallocating the parser
stack using my_yyoverflow(), with the following C call stack:
- MYSQLparse()
- any rule calling sp_head::restore_lex()
- lex_end()
- x_free(lex->yacc_yyss), xfree(lex->yacc_yyvs)

The root cause is the implementation of stored procedures, which breaks the
assumption from 4.1 that there is only one LEX structure per parser call.

The solution is to separate the LEX structure into:
- attributes that represent a statement (the current LEX structure),
- attributes that relate to the syntax parser itself (Yacc_state),
so that parsing multiple statements in stored programs can create multiple
LEX structures while not changing the unique Yacc_state.

Now, Yacc_state and the existing Lex_input_stream are aggregated into
Parser_state, a structure that represent the complete state of the (Lexical +
Syntax) parser.
2008-07-14 15:41:30 -06:00
Chad MILLER
dae4c823e9 Merge from 5.0 trunk. 2008-07-14 16:16:37 -04:00
Chad MILLER
06756c19c5 Merge chunk from trunk. 2008-07-10 14:47:53 -04:00
kostja@bodhi.(none)
2c0ce2a832 Merge bk-internal.mysql.com:/home/bk/mysql-5.1
into  bodhi.(none):/opt/local/work/mysql-5.1-27430
2008-05-20 11:38:17 +04:00
kostja@bodhi.(none)
6e4af99f5d Bug#27430 "Crash in subquery code when in PS and table DDL changed after
PREPARE": rename members, methods, classes to follow the spec 
(a code review request)
2008-05-20 11:29:16 +04:00
cmiller@zippy.cornsilk.net
15dcc14c8f Merge zippy.cornsilk.net:/home/cmiller/work/mysql/bug36570/my50-bug36570
into  zippy.cornsilk.net:/home/cmiller/work/mysql/bug36570/my51-bug36570
2008-05-15 19:45:42 -04:00
cmiller@zippy.cornsilk.net
573828aa6a Bug#36570: Parse error of CREATE PROCEDURE stmt with comments on \
slave

The stored-routine code took the contents of the (lowest) parser
and copied it directly to the binlog, which causes problems if there
is a special case of interpretation at the parser level -- which 
there is, in the "/*!VER */" comments.  The trailing "*/" caused
errors on the slave, naturally.

Now, since by that point we have /properly/ created parse-tree (as 
the rest of the server should do!) for the stored-routine CREATE, we
can construct a perfect statement from that information, instead of
writing uncertain information from an unknown parser state.  
Fortunately, there's already a function nearby that does exactly 
that.
---
Update for Bug#36570.  Qualify routine names with db name when
writing to the binlog ONLY if the source text is qualified.
2008-05-15 19:13:24 -04:00
kostja@bodhi.(none)
7289eccfbd WL#4165 "Prepared statements: validation".
Add metadata validation to ~20 more SQL commands. Make sure that
these commands actually work in ps-protocol, since until now they
were enabled, but not carefully tested.
Fixes the ml003 bug found by Matthias during internal testing of the
patch.
2008-04-17 01:04:49 +04:00
anozdrin/alik@quad.
340906f46d Fix for Bug#30217: Views: changes in metadata behaviour
between 5.0 and 5.1.
  
The problem was that in the patch for Bug#11986 it was decided
to store original query in UTF8 encoding for the INFORMATION_SCHEMA.
This approach however turned out to be quite difficult to implement
properly. The main problem is to preserve the same IS-output after
dump/restore.
  
So, the fix is to rollback to the previous functionality, but also
to fix it to support multi-character-set-queries properly. The idea
is to generate INFORMATION_SCHEMA-query from the item-tree after
parsing view declaration. The IS-query should:
  - be completely in UTF8;
  - not contain character set introducers.
  
For more information, see WL4052.
2008-02-22 13:30:33 +03:00
kostja@dipika.(none)
72495c968b Rename send_eof() to my_eof() for consistency with my_ok() and my_error() 2008-02-19 15:58:08 +03:00
kostja@dipika.(none)
acf9b1f346 A fix and a test case for Bug#12713 "Error in a stored function called from
a SELECT doesn't cause ROLLBACK of statem".

The idea of the fix is to ensure that we always commit the current
statement at the end of dispatch_command(). In order to not issue
redundant disc syncs, an optimization of the two-phase commit
protocol is implemented to bypass the two phase commit if
the transaction is read-only.
2008-02-19 14:43:01 +03:00
anozdrin/alik@quad.
1852fb971e Merge quad.:/mnt/raid/alik/MySQL/devel/5.1
into  quad.:/mnt/raid/alik/MySQL/devel/5.1-rt-merged
2008-02-01 13:55:39 +03:00
kostja@dipika.(none)
b46ce80902 A fix and a test case for Bug#34166 Server crash in SHOW OPEN TABLES and
pre-locking.

The crash was caused by an implicit assumption in check_table_access() that
table_list parameter is always a part of lex->query_tables.

When iterating over the passed list of tables, check_table_access() used
to stop only when lex->query_tables_last_not_own was reached. 
In case of pre-locking, lex->query_tables_last_own is not NULL and points
to some element of lex->query_tables. When the parameter
of check_table_access() was not part of lex->query_tables, loop invariant
could never be violated and a crash would happen when the current table
pointer would point beyond the end of the provided list.

The fix is to change the signature of check_table_access() to also accept
a numeric limit of loop iterations, similarly to check_grant(), and 
supply this limit in all places when we want to check access of tables
that are outside lex->query_tables, or just want to check access to one table.
2008-01-30 18:27:41 +03:00
tsmith@ramayana.hindu.god
3906cc27d7 Merge ramayana.hindu.god:/home/tsmith/m/bk/51
into  ramayana.hindu.god:/home/tsmith/m/bk/maint/51
2008-01-25 10:37:29 -07:00
malff@lambda.hsd1.co.comcast.net.
ec6c4fad89 Merge lambda.hsd1.co.comcast.net.:/home/malff/TREE/mysql-5.0-33618
into  lambda.hsd1.co.comcast.net.:/home/malff/TREE/mysql-5.1-33618
2008-01-23 15:36:57 -07:00
malff@lambda.hsd1.co.comcast.net.
1eecc24a21 Merge malff@bk-internal.mysql.com:/home/bk/mysql-5.0-runtime
into  lambda.hsd1.co.comcast.net.:/home/malff/TREE/mysql-5.0-33618
2008-01-23 14:04:46 -07:00
malff@lambda.hsd1.co.comcast.net.
c3ad0cac75 Bug#33618 (Crash in sp_rcontext)
Bug 33983 (Stored Procedures: wrong end <label> syntax is accepted)

The server used to crash when REPEAT or another control instruction
was used in conjunction with labels and a LEAVE instruction.

The crash was caused by a missing "pop" of handlers or cursors in the
code representing the stored program. When executing the code in a loop,
this missing "pop" would result in a stack overflow, corrupting memory.

Code generation has been fixed to produce the missing h_pop/c_pop
instructions.

Also, the logic checking that labels at the beginning and the end of a
statement are matched was incorrect, causing Bug 33983.
End labels, when used, must match the label used at the beginning of a block.
2008-01-23 13:26:41 -07:00
tsmith@ramayana.hindu.god
68980477dd Merge ramayana.hindu.god:/home/tsmith/m/bk/51
into  ramayana.hindu.god:/home/tsmith/m/bk/maint/51
2008-01-04 19:59:37 -07:00
joerg@trift2.
a0fbcc0326 Merge trift2.:/MySQL/M50/merge-5.0
into  trift2.:/MySQL/M51/push-5.1
2007-12-21 13:13:22 +01:00
serg@janus.mylan
d9ca7b670e Merge bk-internal.mysql.com:/home/bk/mysql-5.1-maint
into  janus.mylan:/usr/home/serg/Abk/mysql-5.1
2007-12-20 22:11:37 +01:00
kent/mysqldev@mysql.com/production.mysql.com
fb8cceb06e sp_head.cc:
Corrected typo
2007-12-14 21:38:58 +01:00
cmiller@zippy.cornsilk.net
edbacd3a99 Merge zippy.cornsilk.net:/home/cmiller/work/mysql/mysql-5.1-forcollapseandmerge
into  zippy.cornsilk.net:/home/cmiller/work/mysql/mysql-5.1-maint
2007-12-14 13:42:09 -05:00
kent/mysqldev@mysql.com/production.mysql.com
7ca11181ac sp_head.cc:
Made sp_head::operator delete() match prototype, added throw()
mysql_test_run.c, mysqld_safe.c:
  Include "mysql_version.h" to get MYSQL_PORT defined
2007-12-14 18:23:11 +01:00
cmiller@zippy.cornsilk.net
c940d64a69 Merge bk-internal.mysql.com:/home/bk/mysql-5.1-maint
into  zippy.cornsilk.net:/home/cmiller/work/mysql/mysql-5.1-maint
2007-12-14 10:52:10 -05:00
kostja@bodhi.(none)
ebb9c5d983 Bug#12713 "Error in a stored function called from a SELECT doesn't
cause ROLLBACK of statement", part 1. Review fixes.

Do not send OK/EOF packets to the client until we reached the end of 
the current statement.
This is a consolidation, to keep the functionality that is shared by all 
SQL statements in one place in the server.
Currently this functionality includes:
- close_thread_tables()
- log_slow_statement().

After this patch and the subsequent patch for Bug#12713, it shall also include:
- ha_autocommit_or_rollback()
- net_end_statement()
- query_cache_end_of_result().

In future it may also include:
- mysql_reset_thd_for_next_command().
2007-12-12 18:21:01 +03:00
cmiller@zippy.cornsilk.net
a35a8fe550 Merge bk-internal.mysql.com:/home/bk/mysql-5.0
into  zippy.cornsilk.net:/home/cmiller/work/mysql/mysql-5.0-community
2007-12-10 15:28:17 -05:00
malff@lambda.hsd1.co.comcast.net.
fc76a4824a Merge lambda.hsd1.co.comcast.net.:/home/malff/TREE/mysql-5.1-base
into  lambda.hsd1.co.comcast.net.:/home/malff/TREE/mysql-5.1-rt-merge
2007-11-27 09:03:04 -07:00
malff@lambda.hsd1.co.comcast.net.
352e59b37b Merge lambda.hsd1.co.comcast.net.:/home/malff/TREE/mysql-5.0-base
into  lambda.hsd1.co.comcast.net.:/home/malff/TREE/mysql-5.0-rt-merge
2007-11-27 08:56:43 -07:00
thek@adventure.(none)
13be72f9c3 Merge adventure.(none):/home/thek/Development/cpp/bug31153/my51-bug31153
into  adventure.(none):/home/thek/Development/cpp/mysql-5.1-runtime
2007-11-21 20:57:28 +01:00
thek@adventure.(none)
7580f9043a Merge adventure.(none):/home/thek/Development/cpp/bug31153/my50-bug31153
into  adventure.(none):/home/thek/Development/cpp/bug31153/my51-bug31153
2007-11-21 11:25:17 +01:00
thek@adventure.(none)
0b38e67453 Merge adventure.(none):/home/thek/Development/cpp/bug31153/my50-bug31153
into  adventure.(none):/home/thek/Development/cpp/mysql-5.0-runtime
2007-11-21 10:02:44 +01:00
thek@adventure.(none)
1794242b24 Bug #31153 calling stored procedure crashes server if available memory is low
When the server was out of memory it crashed because of invalid memory access.

This patch adds detection for failed memory allocations and make the server
output a proper error message.
2007-11-19 17:59:44 +01:00
cmiller@zippy.cornsilk.net
ddb1443b07 Push history-limiting code until after the code that adds new
history entries.  Lazy deletion isn't smart or useful here.

Backport from 5.1 .
2007-11-14 15:11:58 -05:00
mkindahl@dl145h.mysql.com
6b5cb11dba Merge dl145h.mysql.com:/data0/mkindahl/mysql-5.1
into  dl145h.mysql.com:/data0/mkindahl/mysql-5.1-new-rpl
2007-11-14 11:07:30 +01:00
cmiller@zippy.cornsilk.net
d27fb9f939 Insert profiling instructions into s-p code to make each statement
be profiled separately.

Expand the time formats in i_s.profiling to wide enough for larger
numbers.
2007-11-13 09:46:17 -05:00
cmiller@zippy.cornsilk.net
1426320008 Merge bk-internal.mysql.com:/home/bk/mysql-5.1-community
into  zippy.cornsilk.net:/home/cmiller/work/mysql/mysql-5.1-forcollapseandmerge
2007-11-09 14:55:32 -05:00
davi@endora.local
cc007acb78 Bug#30882 Dropping a temporary table inside a stored function may cause a server crash
If a stored function that contains a drop temporary table statement
is invoked by a create temporary table of the same name may cause
a server crash. The problem is that when dropping a table no check
is done to ensure that table is not being used by some outer query
(or outer statement), potentially leaving the outer query with a
reference to a stale (freed) table.

The solution is when dropping a temporary table, always check if
the table is being used by some outer statement as a temporary
table can be dropped inside stored procedures.

The check is performed by looking at the TABLE::query_id value for
temporary tables. To simplify this check and to solve a bug related
to handling of temporary tables in prelocked mode, this patch changes
the way in which this member is used to track the fact that table is
used/unused. Now we ensure that TABLE::query_id is zero for unused
temporary tables (which means that all temporary tables which were
used by a statement should be marked as free for reuse after it's
execution has been completed).
2007-11-01 18:52:56 -02:00
kostja@bodhi.(none)
e4b353c40c Use an inline getter method (thd->is_error()) to query if there is an error
in THD.
In future the error may be stored elsewhere (not in net.report_error) and 
it's important to start using an opaque getter to simplify merges.
2007-10-30 20:08:16 +03:00
aelkin/elkin@koti.dsl.inet.fi
e65d20b5f4 Merge koti.dsl.inet.fi:/home/elkin/MySQL/TEAM/FIXES/5.0/bug27571_asyn_killed_flags
into  koti.dsl.inet.fi:/home/elkin/MySQL/5.1-merge-bug27571
2007-10-30 11:31:03 +02:00
cmiller@zippy.cornsilk.net
61621a9791 Merge zippy.cornsilk.net:/home/cmiller/work/mysql/mysql-5.1-recentcommmerge
into  zippy.cornsilk.net:/home/cmiller/work/mysql/mysql-5.1
2007-10-29 12:42:06 -04:00
bar@bar.myoffice.izhnet.ru
811e64de62 Merge mysql.com:/home/bar/mysql-work/mysql-5.0
into  mysql.com:/home/bar/mysql-work/mysql-5.0-rpl-mr
2007-10-24 10:49:46 +05:00
aelkin/elkin@dsl-hkibras1-ff5fc300-23.dhcp.inet.fi
0f818ddf75 Bug #26199 Replication Failure on Slave when using stored procs with bit-type parameters.
The value of the actual argument of BIT-type-arg stored procedure was binlogged as non-escaped
sequence of bytes corresponding to internal representation of the bit value.

The patch enforces binlogging of the bit-argument as a valid literal: prefixing the quoted bytes
sequence with _binary.
Note, that behaviour of Item_field::var_str for field_type() of MYSQL_TYPE_BIT is exceptional
in that the returned string contains the binary representation even though result_type() of
the item is INT_RESULT.
2007-10-21 18:37:37 +03:00
kostja@bodhi.(none)
7c00f8a3b4 Rename: query_error -> is_slave_error.
Add comments.
2007-10-20 01:20:38 +04:00
davi@moksha.com.br
3b44d6e8b9 Merge moksha.com.br:/Users/davi/mysql/bugs/21557-5.1
into  moksha.com.br:/Users/davi/mysql/mysql-5.1-runtime
2007-10-18 15:47:22 -03:00
davi@moksha.com.br
dd135211d8 Bug#21557 entries in the general query log truncated at 1000 characters.
The general log write function (general_log_print) uses printf style
arguments which need to be pre-processed, meaning that the all arguments
are copied to a single buffer and the problem is that the buffer size is
constant (1022 characters) but queries can be much larger then this.

The solution is to introduce a new log write function that accepts a
buffer and it's length as arguments. The function is to be used when
a formatted output is not required, which is the case for almost all
query write-to-log calls.

This is a incompatible change with respect to the log format of prepared
statements.
2007-10-18 15:45:07 -03:00