From 127c721cef2c1b248af79a386c174a5e7addd556 Mon Sep 17 00:00:00 2001 From: Sergey Glukhov Date: Mon, 18 Oct 2010 14:47:26 +0400 Subject: Bug#54484 explain + prepared statement: crash and Got error -1 from storage engine Subquery executes twice, at top level JOIN::optimize and ::execute stages. At first execution create_sort_index() function is called and FT_SELECT object is created and destroyed. HANDLER::ft_handler is cleaned up in the object destructor and at second execution FT_SELECT::get_next() method returns error. The fix is to reinit HANDLER::ft_handler field before re-execution of subquery. mysql-test/r/fulltext.result: test case mysql-test/t/fulltext.test: test case sql/item_func.cc: reinit ft_handler before re-execution of subquery sql/item_func.h: Fixed method name sql/sql_select.cc: reinit ft_handler before re-execution of subquery --- sql/item_func.cc | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'sql/item_func.cc') diff --git a/sql/item_func.cc b/sql/item_func.cc index eaf6a1b6d14..30d5d844f7c 100644 --- a/sql/item_func.cc +++ b/sql/item_func.cc @@ -5297,7 +5297,17 @@ void Item_func_match::init_search(bool no_order) /* Check if init_search() has been called before */ if (ft_handler) + { + /* + We should reset ft_handler as it is cleaned up + on destruction of FT_SELECT object + (necessary in case of re-execution of subquery). + TODO: FT_SELECT should not clean up ft_handler. + */ + if (join_key) + table->file->ft_handler= ft_handler; DBUG_VOID_RETURN; + } if (key == NO_SUCH_KEY) { -- cgit v1.2.1 From c7371c9e757e72cdeef3991b28f0980030d52ca5 Mon Sep 17 00:00:00 2001 From: Sergey Glukhov Date: Wed, 27 Oct 2010 18:12:10 +0400 Subject: Bug#57477 SIGFPE when dividing a huge number a negative number The problem is dividing by const value when the result is out of supported range. The fix: -return LONGLONG_MIN if the result is out of supported range for DIV operator. -return 0 if divisor is -1 for MOD operator. mysql-test/r/func_math.result: test case mysql-test/t/func_math.test: test case sql/item_func.cc: -return LONGLONG_MIN if the result is out of supported range for DIV operator. -return 0 if divisor is -1 for MOD operator. --- sql/item_func.cc | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) (limited to 'sql/item_func.cc') diff --git a/sql/item_func.cc b/sql/item_func.cc index 30d5d844f7c..3dbff43bb67 100644 --- a/sql/item_func.cc +++ b/sql/item_func.cc @@ -1356,9 +1356,13 @@ longlong Item_func_int_div::val_int() signal_divide_by_null(); return 0; } - return (unsigned_flag ? - (ulonglong) value / (ulonglong) val2 : - value / val2); + + if (unsigned_flag) + return ((ulonglong) value / (ulonglong) val2); + else if (value == LONGLONG_MIN && val2 == -1) + return LONGLONG_MIN; + else + return value / val2; } @@ -1392,9 +1396,9 @@ longlong Item_func_mod::int_op() if (args[0]->unsigned_flag) result= args[1]->unsigned_flag ? ((ulonglong) value) % ((ulonglong) val2) : ((ulonglong) value) % val2; - else - result= args[1]->unsigned_flag ? - value % ((ulonglong) val2) : value % val2; + else result= args[1]->unsigned_flag ? + value % ((ulonglong) val2) : + (val2 == -1) ? 0 : value % val2; return result; } -- cgit v1.2.1