MALFORMED XPATH EXP
Problem:
A malformed XPATH expression in the ExtractValue query is causing
a server crash. This malformed XPATH expression is resulted when
the position attribute in the substring function contains ".." in
the beginning.
Solution:
The original crash is happening because the "../" is being evaluated
prematurely. It tries to access XML while it hasn't been parsed yet.
The premature evaluation is happening because the val_nodeset function
is being set to constant, in which case we proceed to evaluate them in
JOIN:prepare stage only. The solution to this is setting the val_nodeset
functions as non-constant. This forces us to evaluate the function in
the JOIN:exec stage and thus avoid any premature evaluation of the
XML strings.
WITH MALFORMED XPATH EXP
Problem:
A malformed XPATH expression in the ExtractValue query is
causing a server crash. This malformed XPATH expression is
resulted when the position attribute in the substring function
contains ".." in the beginning.
Solution:
The original crash is happening because the "../" is being
evaluated prematurely. It tries to access XML while it
hasn't been parsed yet. The premature evaluation is happening
because the val_nodeset function is being set to constant,
in which case we proceed to evaluate them in JOIN:prepare
stage only. The solution to this is setting the val_nodeset
functions as non-constant. This forces us to evaluate the function
in the JOIN:exec stage and thus avoid any premature evaluation of
the XML strings.
Attempt to read the master-bin.state file always, even if the
binlog files (master-bin.index and master-bin.XXXXXX) have been
deleted.
This allows to easily preserve the binlog state when provisioning
a new server from a copy of an old one, without needing to copy
over the binlog files themselves.
The earlier pushed fix for the bug was incomplete. It did not remove
the main cause of the problem: the function remove_eq_conds()
removed always true multiple equalities from any conjunct, but did not
adjust the list of them stored in Item_cond_and::cond_equal.current_level.
Simplified the test case for the bug and moved it to another test file.
The fix triggered changes in EXPLAIN EXTENDED for some queries.
MDEV-4725: Incorrect binlog state recovery if crash while writing event group
The binlog state was not recovered correctly if XA is not used (eg. InnoDB
disabled), or if server crashed in the middle of writing an event group to the
binlog.
With this patch, we ensure that recovery of binlog state is done even if we do
not do the full XA binlog recovery, and we ensure that we only recover fully
written event groups into the binlog state.
- Don't pull out a table out of a semi-join if it is on the inner side of an outer join.
- Make join->sort_by_table= get_sort_by_table(...) call after const table detection
is done. That way, the value of join->sort_by_table will match the actual execution.
Which will allow the code in setup_semijoin_dups_elimination() (search for
"Make sure that possible sorting of rows from the head table is not to be employed."
to see that "Using filesort" is going to be used together with Duplicate Elimination (
and change it to Using temporary + Using filesort)
revid:mattias.jonsson@oracle.com-20131119103616-u6t82s8cpgp0q3ex
Use of uninitialized memory in the priority queue used for returning records
in sorted order.
It happens if no previous partition have returned a row since the
beginning of index_init + an index_read* call returned
HA_ERR_KEY_NOT_FOUND for all partitions (otherwise the record
buffer/priority queue would be initialized) + an index_next/prev
call where all partitions returns HA_ERR_END_OF_FILE.
There were some places where insufficient locking between
parallel threads could cause invalid memory accesses and
possibly other grief.
This patch adds the missing locking, and moves the locking
into the struct rpl_binlog_state methods to make it easier
to see that proper locking is in place everywhere.
WITH SORT ABORTED LEAKS FILE DESCRIPTORS
ISSUE : IO_CACHE used for index_merge quick select
is freed only on successful retrieval of all rows
from index merge.
Suppose if there is a interrupt( or failure) to
this operation of row retrieval (let it be a
KILL_QUERY signal) then we are not freeing the IO_CACHE
resources allocated by index_merge quick select.
And hence temp file associated with it is also not closed.
This lead to a file descriptor leak.
SOLUTION : As part of file sort operation now we always
free the IO_CACHE allocated by index_merge quick select.
sql/filesort.cc:
In filesort function we try to free if any
IO_CACHE allocated by index_merge quick select
and if it is not yet freed.
- make_join_readinfo() has the code that forces use of "Using temporary;
Using filesort" when join buffering is in use.
That code didn't handle all cases, in particular it didn't hande the case
where ORDER BY originally has tables from multiple columns, but the
optimizer eventually figures out that doing filesort() on one table
will be sufficient. Adjusted the code to handle that case.
Fixed the following compilation errors and test failures:
- maria SE: "stage_waiting_for_a_resource" wasn't declared w/o PFS
- sql_repl.h: PSI_mutex_key is not available in non-PFS builds
- mysqld.cc: pfs_param is not available in non-PFS builds
- mysqld.cc: init_show_explain_psi_keys() is not available in non-PFS builds
- mysqld.cc: call net_before_header_psi, net_after_header_psi even if PFS
is not available so that thread enters stage_init at proper time. Fixes
sp-threads and a few tests in funcs_1.
- myisam_file_io.opt: added missing loose prefix
Problem: The "--local-install" service does not perform as expected for, at least,
Windows.
Fix: A NULL pointer was dereferenced due to which there was crash.A check was introduced
for NULL string before dereferencing it.No test cases written as it is a bug during
installation.
