From cfba31dd46d6e88c0c681db5484613fcd0a4367e Mon Sep 17 00:00:00 2001
From: "pem@mysql.com" <>
Date: Wed, 15 Feb 2006 12:11:29 +0100
Subject: Fixed BUG#16887: Cursor causes server segfault   The problem was a
 code generation bug: cpop instructions were not generated   when using
 ITERATE back to an outer block from a context with a declared   cursor; this
 would make it push a new cursor without popping in-between,   eventually
 overrunning the cursor stack with a crash as the result.   Fixed the
 calculation of how many cursors to pop (in sp_pcontext.cc:   diff_cursors()),
 and also corrected diff_cursors() and diff_handlers()   to when doing a
 "leave"; don't include the last context we're leaving   (we are then jumping
 to the appropriate pop instructions).

---
 sql/sp_pcontext.h | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

(limited to 'sql/sp_pcontext.h')

diff --git a/sql/sp_pcontext.h b/sql/sp_pcontext.h
index d1cd7b964c2..872c7c1d505 100644
--- a/sql/sp_pcontext.h
+++ b/sql/sp_pcontext.h
@@ -119,11 +119,15 @@ class sp_pcontext : public Sql_alloc
     return m_parent;
   }
 
+  /*
+    Number of handlers/cursors to pop between this context and 'ctx'.
+    If 'exclusive' is true, don't count the last block we are leaving;
+    this is used for LEAVE where we will jump to the cpop/hpop instructions.
+  */
   uint
-  diff_handlers(sp_pcontext *ctx);
-
+  diff_handlers(sp_pcontext *ctx, bool exclusive);
   uint
-  diff_cursors(sp_pcontext *ctx);
+  diff_cursors(sp_pcontext *ctx, bool exclusive);
 
 
   //
-- 
cgit v1.2.1