ORDER BY could cause a server crash
Dependent subqueries like
SELECT COUNT(*) FROM t1, t2 WHERE t2.b
IN (SELECT DISTINCT t2.b FROM t2 WHERE t2.b = t1.a)
caused a memory leak proportional to the
number of outer rows.
The make_simple_join() function has been modified to
JOIN class method to store join_tab_reexec and
table_reexec values in the parent join only
(make_simple_join of tmp_join may access these values
via 'this' pointer of the parent JOIN).
NOTE: this patch doesn't include standard test case (this is
"out of memory" bug). See bug #42037 page for test cases.
sql/sql_select.cc:
Bug #42037: Queries containing a subquery with DISTINCT and
ORDER BY could cause a server crash
The make_simple_join() function has been modified to
JOIN class method to store join_tab_reexec and
table_reexec values in the parent join only.
sql/sql_select.h:
Bug #42037: Queries containing a subquery with DISTINCT and
ORDER BY could cause a server crash
1. The make_simple_join() function has been modified to
JOIN class method.
2. Type of JOIN::table_reexec field has been changed from
TABLE** to TABLE *table_reexec[1]: this field always was
NULL or a pointer to one-element array of pointers, so
a pointer to a pointer has been replaced with one pointer
and unnecessary memory allocation has been eliminated.
- Added braces around expressions with &&, ||, & and |
- Added empty line before ; for empty while and for loops
- Added () around if with assignments
- Removed const before function returning simple type
Changed BUILD scripts to not build with NDB
BUILD/SETUP.sh:
By default, don't build ndb with --max in Maria tree.
NDB is not kept up to date anyway in 5.1
client/mysql.cc:
Added braces around && to get rid of compiler warnings
sql/event_db_repository.cc:
Added braces around && to get rid of compiler warnings
sql/events.cc:
Added braces around && to get rid of compiler warnings
sql/field.cc:
Added braces around && to get rid of compiler warnings
Fixed for loops
sql/field.h:
Added braces around & to get rid of compiler warnings
sql/field_conv.cc:
Added braces around && to get rid of compiler warnings
Fixed bug when copying between DATETIME fields and strict dates are used
Removed not needeed else
sql/gstream.cc:
Added braces around && to get rid of compiler warnings
sql/ha_ndbcluster.cc:
Added braces around && to get rid of compiler warnings
Added {} to get rid of compiler warnings
sql/handler.cc:
Added braces around && to get rid of compiler warnings
sql/item.cc:
Added braces around && to get rid of compiler warnings
sql/item_cmpfunc.cc:
Added braces around && to get rid of compiler warnings
Removed some not needed space
sql/item_func.cc:
Added braces around && to get rid of compiler warnings
sql/item_strfunc.cc:
Added braces around && to get rid of compiler warnings
sql/item_subselect.cc:
Added braces around && to get rid of compiler warnings
sql/item_sum.cc:
Added braces around && to get rid of compiler warnings
sql/item_timefunc.cc:
Added braces around && to get rid of compiler warnings
sql/item_xmlfunc.cc:
Added empty line before ; for empty while and for loops
sql/log.cc:
Added braces around && to get rid of compiler warnings
sql/log_event.cc:
Added braces around && to get rid of compiler warnings
Removed not needed else
sql/log_event_old.cc:
Added braces around && to get rid of compiler warnings
sql/opt_range.cc:
Added braces around && to get rid of compiler warnings
sql/opt_sum.cc:
Added braces around && to get rid of compiler warnings
sql/set_var.cc:
Added empty line before ; for empty while and for loops
Added () around if with assignments
sql/slave.cc:
Added braces around && to get rid of compiler warnings
Added empty line before ; for empty while and for loops
sql/spatial.h:
Added braces around && to get rid of compiler warnings
sql/sql_acl.cc:
Added braces around && to get rid of compiler warnings
sql/sql_analyse.cc:
Added empty line before ; for empty while and for loops
sql/sql_base.cc:
Added braces around && to get rid of compiler warnings
sql/sql_connect.cc:
Added braces around && to get rid of compiler warnings
sql/sql_db.cc:
Added braces around && to get rid of compiler warnings
sql/sql_delete.cc:
Added braces around && to get rid of compiler warnings
sql/sql_help.cc:
Added empty line before ; for empty while and for loops
sql/sql_insert.cc:
Added braces around && to get rid of compiler warnings
Added () around if with assignments
sql/sql_lex.cc:
Cast char array references to uchar; Fixed wrong array referencing when using characters > ASCII 128 in SQL statments
Added empty line before ; for empty while and for loops
Trivial indent fixes
Added braces around && to get rid of compiler warnings
sql/sql_load.cc:
Added braces around && to get rid of compiler warnings
sql/sql_parse.cc:
Added braces around && to get rid of compiler warnings
sql/sql_partition.cc:
Added braces around && to get rid of compiler warnings
sql/sql_plugin.cc:
Fixed bug in detecing if option variable should be readonly
Added empty line before ; for empty while and for loops
sql/sql_prepare.cc:
Added braces around && to get rid of compiler warnings
sql/sql_select.cc:
Added braces around && to get rid of compiler warnings
Added () around if with assignments
Added empty line before ; for empty while and for loops
sql/sql_show.cc:
Added braces around && to get rid of compiler warnings
sql/sql_table.cc:
Added braces around && to get rid of compiler warnings
sql/sql_trigger.cc:
Added braces around && to get rid of compiler warnings
sql/sql_update.cc:
Added braces around && to get rid of compiler warnings
sql/sql_yacc.yy:
Added braces around && to get rid of compiler warnings
sql/table.cc:
Added braces around && to get rid of compiler warnings
sql/table.h:
Added braces around && to get rid of compiler warnings
sql/time.cc:
Added braces around && to get rid of compiler warnings
sql/tztime.cc:
Added braces around && to get rid of compiler warnings
sql/uniques.cc:
Added braces around && to get rid of compiler warnings
storage/federated/ha_federated.cc:
Fixed bug in testing of variable to ha_info() (Not critical)
storage/heap/ha_heap.cc:
Added braces around && to get rid of compiler warnings
storage/maria/ha_maria.cc:
Fixed bug: Mark that maria_log_dir_path is readonly
Added braces around && to get rid of compiler warnings
storage/ndb/include/ndbapi/NdbEventOperation.hpp:
Removed const before function returning simple type
storage/ndb/include/ndbapi/NdbOperation.hpp:
Removed const before function returning simple type
storage/ndb/src/ndbapi/Ndb.cpp:
Added empty line before ; for empty while and for loops
storage/ndb/src/ndbapi/NdbEventOperation.cpp:
Removed const before function returning simple type
storage/ndb/src/ndbapi/NdbEventOperationImpl.cpp:
Removed const before function returning simple type
storage/ndb/src/ndbapi/NdbEventOperationImpl.hpp:
Removed const before function returning simple type
storage/ndb/src/ndbapi/NdbRecAttr.cpp:
Added empty line before ; for empty while and for loops
storage/ndb/src/ndbapi/TransporterFacade.hpp:
Added braces around && to get rid of compiler warnings
messed up
"ROW(...) IN (SELECT ... FROM DUAL)" always returned TRUE.
Item_in_subselect::row_value_transformer rewrites "ROW(...)
IN SELECT" conditions into the "EXISTS (SELECT ... HAVING ...)"
form.
For a subquery from the DUAL pseudotable resulting HAVING
condition is an expression on constant values, so further
transformation with optimize_cond() eliminates this HAVING
condition and resets JOIN::having to NULL.
Then JOIN::exec treated that NULL as an always-true-HAVING
and that caused a bug.
To distinguish an optimized out "HAVING TRUE" clause from
"HAVING FALSE" we already have the JOIN::having_value flag.
However, JOIN::exec() ignored JOIN::having_value as described
above as if it always set to COND_TRUE.
The JOIN::exec method has been modified to take into account
the value of the JOIN::having_value field.
mysql-test/r/subselect3.result:
Added test case for bug #39069.
mysql-test/t/subselect3.test:
Added test case for bug #39069.
sql/sql_select.cc:
Bug #39069: <row constructor> IN <table-subquery> seriously
messed up
The JOIN::exec method has been modified to take into account
the value of the JOIN::having_value field.
The greedy optimizer tracks the current level of nested joins and the position
inside these by setting and maintaining a state that's global for the whole FROM
clause.
This state was correctly maintained inside the selection of the next partial plan
table (in best_extension_by_limited_search()).
greedy_search() also moves the current position by adding the last partial match
table when there's not enough tables in the partial plan found by
best_extension_by_limited_search().
This may require update of the global state variables that describe the current
position in the plan if the last table placed by greedy_search is not a top-level
join table.
Fixed by updating the state after placing the partial plan table in greedy_search()
in the same way this is done on entering the best_extension_by_limited_search().
Fixed the signature of the function called to update the state :
check_interleaving_with_nj
mysql-test/r/greedy_optimizer.result:
Bug #38795: test case
mysql-test/t/greedy_optimizer.test:
Bug #38795: test case
sql/sql_select.cc:
Bug #38795: correctly update current position when placing
the next partial plan table in greedy_search().
Table could be marked dependent because it is
either 1) an inner table of an outer join, or 2) it is a part of
STRAIGHT_JOIN. In case of STRAIGHT_JOIN table->maybe_null should not
be assigned. The fix is to set st_table::maybe_null to 'true' only
for those tables which are used in outer join.
mysql-test/r/select.result:
test result
mysql-test/t/select.test:
test case
sql/sql_select.cc:
Table could be marked dependent because it is
either 1) an inner table of an outer join, or 2) it is a part of
STRAIGHT_JOIN. In case of STRAIGHT_JOIN table->maybe_null should not
be assigned. The fix is to set st_table::maybe_null to 'true' only
for those tables which are used in outer join.
sql/sql_select.h:
added comment
Fixed bug when removing a newly inserted record (in case of duplicate key).
The bug caused a crash for rows with several blobs and the first blob was small enough to fit into the head page.
Don't change state_history if nothing changed (speed optimization that also simplifies logic).
Reset state_history if we added/deleted or updated rows without versioning.
Fixed wrong test in trnman_exists_active_transactions() if state is visible or not.
Other bugs fixed:
Fixed wrong argument to (lock->get_status) when we had to wait for TL_WRITE_CONCURRENT_INSERT.
Item_equal::update_used_tables() didn't calculate const_item_cache properly.
Added assert's to detect if join_read_const_table() was called under wrong assumptions..
Fixed that _ma_setup_live_state() is called from thr_lock() instead of handler::external_lock().
This was needed to get versioning information to be setup correctly.
Fixed error in debug binaries during a call to _ma_check_table_is_closed() when another thread was opening/closing a table.
Fixed wrong test when finding right history_state to use.
mysql-test/suite/maria/r/maria.result:
Added test for Bug#40311 Assert in MARIA_RECORD_POS during pushbuild 2 test
mysql-test/suite/maria/t/maria.test:
Added test for Bug#40311 Assert in MARIA_RECORD_POS during pushbuild 2 test
mysys/thr_lock.c:
Fixed wrong argument to (lock->get_status) when we had to wait for TL_WRITE_CONCURRENT_INSERT
sql/item_cmpfunc.cc:
Item_equal::update_used_tables() didn't calculate const_item_cache properly, which later caused a wrong result for item->const_item()
sql/sql_base.cc:
In debug mode, Initilize record buffer with unexpected data to catch usage of uninitialized memory
sql/sql_select.cc:
Fixed indentation
Added assert's to detect if join_read_const_table() was called under wrong assumptions.
One assert() is disabled for now as Item_equal() doesn't behave as expected.
storage/maria/ha_maria.cc:
Move calling to _ma_setup_live_state() to ma_state.c::_ma_block_get_status()
This was needed as _ma_setup_live_state() needed to know if the table will be used concurrently or not
storage/maria/ma_blockrec.c:
Fixed bug when removing a newly inserted record (in case of duplicate key).
The bug caused a crash for rows with several blobs and the first blob was small enough to fit into the head page.
storage/maria/ma_dbug.c:
Added mutex to protect the open table list during _ma_check_table_is_closed().
Without the protection we could get a error in debug binaries during a call to _ma_check_table_is_closed()
storage/maria/ma_delete_table.c:
Removed not used code
storage/maria/ma_rename.c:
Removed not used code
storage/maria/ma_state.c:
Fixed wrong test when finding right history_state to use
Mark in tables->state_current.no_transid if we are using transid's or not.
Don't change state_history if nothing changed (speed optimization that also simplifies logic)
Reset state_history if we added/deleted or updated rows without versioning.
More DBUG_ASSERT's and more DBUG
Updated maria_versioning() to initialize environment before calling _ma_blok_get_status(). This was needed because of the new logic in _ma_block_get_status()
storage/maria/ma_state.h:
Added flags to detect if table changed and/or if we changed table without versioning
storage/maria/ma_write.c:
Simple cleanups (No logic changes)
storage/maria/trnman.c:
Fixed wrong test in trnman_exists_active_transactions() if state is visible or not.
Bug#37671 crash on prepared statement + cursor + geometry + too many open files!
if mysql_execute_command() returns error then free materialized_cursor object.
is_rnd_inited is added to satisfy rnd_end() assertion
(handler may be uninitialized in some cases)
sql/sql_cursor.cc:
if mysql_execute_command() returns error then free materialized_cursor object.
is_rnd_inited is added to satisfy rnd_end() assertion
(handler may be uninitialized in some cases)
sql/sql_select.cc:
added result check
tests/mysql_client_test.c:
test case
if table has bit fields then uneven bits(if exist) are stored into null bits place.
So we need to copy null bits in case of uneven bit field presence.
mysql-test/r/type_bit.result:
test result
mysql-test/t/type_bit.test:
test case
sql/sql_select.cc:
if table has bit fields then uneven bits(if exist) are stored into null bits place.
So we need to copy null bits in case of uneven bit field presence.
an item was evaluated unnecessary, fix that by checking preconditions before evaluating the item
sql/sql_select.cc:
an item was evaluated unnecessary, fix that by checking preconditions before evaluating the item
ONLY_FULL_GROUP_BY
The check for non-aggregated columns in queries with aggregate function, but without
GROUP BY was treating all the parts of the query as if they are in the SELECT list.
Fixed by ignoring the non-aggregated fields in the WHERE clause.
mysql-test/r/func_group.result:
Bug #39656: test case
mysql-test/t/func_group.test:
Bug #39656: test case
sql/sql_select.cc:
Bug #39656: ignore the new non-aggregated column refs in a WHERE
by saving the state so far and then adding only the new values of the other
parts of the bitmask.
fails after the first time
Two separate problems :
1. When flattening joins the linked list used for name resolution
(next_name_resolution_table) was not updated.
Fixed by updating the pointers when extending the table list
2. The items created by expanding a * (star) as a column reference
were marked as fixed, but no cached table was assigned to them
(unlike what Item_field::fix_fields does).
Fixed by assigning a cached table (so the re-preparation is done
faster).
Note that the fix for #2 hides the fix for #1 in most cases
(except when a table reference cannot be cached).
mysql-test/r/sp.result:
Bug #33811: test case
mysql-test/t/sp.test:
Bug #33811: test case
sql/sql_base.cc:
Bug #33811: cache the table for Item_fields created by expanding '*'
sql/sql_select.cc:
Bug #33811: maintain a correct name resolution chain when
flattening joins.
Server crashed during a sort order optimization
of a dependent subquery:
SELECT
(SELECT t1.a FROM t1, t2
WHERE t1.a = t2.b AND t2.a = t3.c
ORDER BY t1.a)
FROM t3;
Bitmap of tables, that the reference to outer table
column uses, in addition to the regular table bit
has the OUTER_REF_TABLE_BIT bit set.
The only_eq_ref_tables function traverses this map
bit by bit simultaneously with join->map2table list.
Obviously join->map2table never contains an entry
for the OUTER_REF_TABLE_BIT pseudo-table, so the
server crashed there.
The only_eq_ref_tables function has been modified
to traverse regular table bits only like the
update_depend_map function (resetting of the
OUTER_REF_TABLE_BIT there is enough, but
resetting of the whole set of PSEUDO_TABLE_BITS
is used there for sure).
mysql-test/r/order_by.result:
Added test case for bug #39844.
mysql-test/t/order_by.test:
Added test case for bug #39844.
sql/sql_select.cc:
Bug #39844: Query Crash Mysql Server 5.0.67
The only_eq_ref_tables function has been modified
to traverse regular table bits only like the
update_depend_map function (resetting of the
OUTER_REF_TABLE_BIT there is enough, but
resetting of the whole set of PSEUDO_TABLE_BITS
is used there for sure).
with COALESCE and JOIN
The server returned to a client the VARBINARY column type
instead of the DATE type for a result of the COALESCE,
IFNULL, IF, CASE, GREATEST or LEAST functions if that result
was filesorted in an anonymous temporary table during
the query execution.
For example:
SELECT COALESCE(t1.date1, t2.date2) AS result
FROM t1 JOIN t2 ON t1.id = t2.id ORDER BY result;
To create a column of various date/time types in a
temporary table the create_tmp_field_from_item() function
uses the Item::tmp_table_field_from_field_type() method
call. However, fields of the MYSQL_TYPE_NEWDATE type were
missed there, and the VARBINARY columns were created
by default.
Necessary condition has been added.
mysql-test/r/metadata.result:
Added test case for bug #39283.
mysql-test/t/metadata.test:
Added test case for bug #39283.
sql/sql_select.cc:
Bug #39283: Date returned as VARBINARY to client for queries
with COALESCE and JOIN
To create a column of various date/time types in a
temporary table the create_tmp_field_from_item() function
uses the Item::tmp_table_field_from_field_type() method
call. However, fields of the MYSQL_TYPE_NEWDATE type were
missed there, and the VARBINARY columns were created
by default.
Necessary condition has been added.
crashes server
When creating temporary table that contains aggregate functions a
non-reversible source transformation was performed to redirect aggregate
function arguments towards temporary table columns.
This caused EXPLAIN EXTENDED to fail because it was trying to resolve
references to the (freed) temporary table.
Fixed by preserving the original aggregate function arguments and
using them (instead of the transformed ones) for EXPLAIN EXTENDED.
mysql-test/r/explain.result:
Bug#34773: test case
mysql-test/t/explain.test:
Bug#34773: test case
sql/item.cc:
Bug#34773: use accessor functions instead of public members
sql/item_sum.cc:
Bug#34773:
- Encapsulate the arguments into Item_sum and
provide accessor and mutator methods
- print the orginal arguments (if present)
in EXPLAIN EXTENDED
- preserve the original arguments list.
sql/item_sum.h:
Bug#34773:
- Encapsulate the arguments into Item_sum and
provide accessor and mutator methods
- print the orginal arguments (if present)
in EXPLAIN EXTENDED
- preserve the original arguments list.
sql/opt_range.cc:
Bug#34773: use accessor functions instead of public members
sql/opt_sum.cc:
Bug#34773: use accessor functions instead of public members
sql/sql_select.cc:
Bug#34773: use accessor functions instead of public members
The optimizer pulls up aggregate functions which should be aggregated in
an outer select. At some point it may substitute such a function for a field
in the temporary table. The setup_copy_fields function doesn't take this
into account and may overrun the copy_field buffer.
Fixed by filtering out the fields referenced through the specialized
reference for aggregates (Item_aggregate_ref).
Added an assertion to make sure bugs that cause similar discrepancy
don't go undetected.
mysql-test/r/func_group.result:
Bug #37348: test case
mysql-test/t/func_group.test:
Bug #37348: test case
sql/item.cc:
Bug #37348: Added a way to distinguish Item_aggregate_ref from the other types of refs
sql/item.h:
Bug #37348: Added a way to distinguish Item_aggregate_ref from the other types of refs
sql/sql_select.cc:
Bug #37348:
- Don't consider copying field references
seen through Item_aggregate_ref
- check for discrepancies between the number of expected
fields that need copying and the actual fields copied.
When switching to indexed ORDER BY we must be sure to reset the index read
flag if we are switching from a covering index to non-covering.
mysql-test/r/subselect.result:
Bug#37548: test case
mysql-test/t/subselect.test:
Bug#37548: test case
sql/sql_select.cc:
Bug#37548: update the index read flag if the index for indexed ORDER BY is not
covering.
used causes server crash.
When the loose index scan access method is used values of aggregated functions
are precomputed by it. Aggregation of such functions shouldn't be performed
in this case and functions should be treated as normal ones.
The create_tmp_table function wasn't taking this into account and this led to
a crash if a query has MIN/MAX aggregate functions and employs temporary table
and loose index scan.
Now the JOIN::exec and the create_tmp_table functions treat MIN/MAX aggregate
functions as normal ones when the loose index scan is used.
mysql-test/r/group_min_max.result:
Added a test case for the bug#38195.
mysql-test/t/group_min_max.test:
Added a test case for the bug#38195.
sql/sql_select.cc:
Bug#38195: Incorrect handling of aggregate functions when loose index scan is
used causes server crash.
The JOIN::exec and the create_tmp_table functions treat MIN/MAX aggregate
functions as normal ones when the loose index scan is used.
used causes server crash.
When the loose index scan access method is used values of aggregated functions
are precomputed by it. Aggregation of such functions shouldn't be performed
in this case and functions should be treated as normal ones.
The create_tmp_table function wasn't taking this into account and this led to
a crash if a query has MIN/MAX aggregate functions and employs temporary table
and loose index scan.
Now the JOIN::exec and the create_tmp_table functions treat MIN/MAX aggregate
functions as normal ones when the loose index scan is used.
mysql-test/r/group_min_max.result:
Added a test case for the bug#38195.
mysql-test/t/group_min_max.test:
Added a test case for the bug#38195.
sql/sql_select.cc:
Bug#38195: Incorrect handling of aggregate functions when loose index scan is
used causes server crash.
Now the JOIN::exec and the create_tmp_table functions treat MIN/MAX aggregate
functions as normal ones when the loose index scan is used.
