From 678640019debce6c77109dc5f52e323eaee45a9f Mon Sep 17 00:00:00 2001 From: Georgi Kodinov Date: Wed, 14 Jul 2010 11:50:17 +0300 Subject: Bug #53493 : add_to_status does not handle the longlong fields in STATUS_VAR bytes_received/bytes_sent are ulonglong so they cannot be handled by the ulong handling code in add_to_status/add_diff_to_status(). Fixed by adding code to handle these two variables in add_to_status()/add_diff_to_status() and making sure they are not a subject to the ulong handling code. --- sql/sql_class.cc | 6 ++++++ sql/sql_class.h | 17 ++++++++++------- 2 files changed, 16 insertions(+), 7 deletions(-) (limited to 'sql') diff --git a/sql/sql_class.cc b/sql/sql_class.cc index 2ce03708a9a..1028a9fccf4 100644 --- a/sql/sql_class.cc +++ b/sql/sql_class.cc @@ -1063,6 +1063,9 @@ void add_to_status(STATUS_VAR *to_var, STATUS_VAR *from_var) while (to != end) *(to++)+= *(from++); + + to_var->bytes_received+= from_var->bytes_received; + to_var->bytes_sent+= from_var->bytes_sent; } /* @@ -1088,6 +1091,9 @@ void add_diff_to_status(STATUS_VAR *to_var, STATUS_VAR *from_var, while (to != end) *(to++)+= *(from++) - *(dec++); + + to_var->bytes_received+= from_var->bytes_received - dec_var->bytes_received;; + to_var->bytes_sent+= from_var->bytes_sent - dec_var->bytes_sent; } diff --git a/sql/sql_class.h b/sql/sql_class.h index 5155ffe0603..1627b6ec02d 100644 --- a/sql/sql_class.h +++ b/sql/sql_class.h @@ -405,12 +405,14 @@ struct system_variables }; -/* per thread status variables */ +/** + Per thread status variables. + Must be long/ulong up to last_system_status_var so that + add_to_status/add_diff_to_status can work. +*/ typedef struct system_status_var { - ulonglong bytes_received; - ulonglong bytes_sent; ulong com_other; ulong com_stat[(uint) SQLCOM_END]; ulong created_tmp_disk_tables; @@ -466,13 +468,14 @@ typedef struct system_status_var Number of statements sent from the client */ ulong questions; + + ulonglong bytes_received; + ulonglong bytes_sent; /* IMPORTANT! SEE last_system_status_var DEFINITION BELOW. - Below 'last_system_status_var' are all variables which doesn't make any - sense to add to the /global/ status variable counter. - Status variables which it does not make sense to add to - global status variable counter + Below 'last_system_status_var' are all variables that cannot be handled + automatically by add_to_status()/add_diff_to_status(). */ double last_query_cost; } STATUS_VAR; -- cgit v1.2.1 From dbb643d64e0981f56b6c7b35586f430b08091834 Mon Sep 17 00:00:00 2001 From: Georgi Kodinov Date: Wed, 14 Jul 2010 14:54:51 +0300 Subject: Bug #51876: crash/memory underrun when loading data with ucs2 and reverse() function 3 problems fixed : 1. The reported problem : caused by incorrect parsing of the file as ucs data resulting in wrong length of the parsed string. Fixed by truncating the invalid trailing bytes (non-complete multibyte characters) when reading from the file 2. LOAD DATA when reading from a proper UCS2 file wasn't recognizing the new line characters. Fixed by first looking if a byte is a new line (or any other special) character before reading it as a part of a multibyte character. 3. When using user variables to hold the column data in LOAD DATA the character set of the user variable was set incorrectly to the database charset. Fixed by setting it to the charset specified by LOAD DATA (if any). --- sql/item_func.cc | 5 ++++- sql/sql_load.cc | 56 +++++++++++++++++++++++++++++++++----------------------- 2 files changed, 37 insertions(+), 24 deletions(-) (limited to 'sql') diff --git a/sql/item_func.cc b/sql/item_func.cc index 1e31755179b..1bec4700bff 100644 --- a/sql/item_func.cc +++ b/sql/item_func.cc @@ -4715,6 +4715,7 @@ bool Item_func_get_user_var::set_value(THD *thd, bool Item_user_var_as_out_param::fix_fields(THD *thd, Item **ref) { DBUG_ASSERT(fixed == 0); + DBUG_ASSERT(thd->lex->exchange); if (Item::fix_fields(thd, ref) || !(entry= get_variable(&thd->user_vars, name, 1))) return TRUE; @@ -4724,7 +4725,9 @@ bool Item_user_var_as_out_param::fix_fields(THD *thd, Item **ref) of fields in LOAD DATA INFILE. (Since Item_user_var_as_out_param is used only there). */ - entry->collation.set(thd->variables.collation_database); + entry->collation.set(thd->lex->exchange->cs ? + thd->lex->exchange->cs : + thd->variables.collation_database); entry->update_query_id= thd->query_id; return FALSE; } diff --git a/sql/sql_load.cc b/sql/sql_load.cc index 552473e4fc2..ee7481234a4 100644 --- a/sql/sql_load.cc +++ b/sql/sql_load.cc @@ -1208,29 +1208,6 @@ int READ_INFO::read_field() while ( to < end_of_buff) { chr = GET; -#ifdef USE_MB - if ((my_mbcharlen(read_charset, chr) > 1) && - to+my_mbcharlen(read_charset, chr) <= end_of_buff) - { - uchar* p = (uchar*)to; - *to++ = chr; - int ml = my_mbcharlen(read_charset, chr); - int i; - for (i=1; i 1 && + to + my_mbcharlen(read_charset, chr) <= end_of_buff) + { + uchar* p= (uchar*) to; + int ml, i; + *to++ = chr; + + ml= my_mbcharlen(read_charset, chr); + + for (i= 1; i < ml; i++) + { + chr= GET; + if (chr == my_b_EOF) + { + /* + Need to back up the bytes already ready from illformed + multi-byte char + */ + to-= i; + goto found_eof; + } + *to++ = chr; + } + if (my_ismbchar(read_charset, + (const char *)p, + (const char *)to)) + continue; + for (i= 0; i < ml; i++) + PUSH((uchar) *--to); + chr= GET; + } +#endif *to++ = (uchar) chr; } /* -- cgit v1.2.1 From f317d3a6fb413cfc04c1ed005df8e859664e41d5 Mon Sep 17 00:00:00 2001 From: Davi Arnaut Date: Wed, 14 Jul 2010 09:27:13 -0300 Subject: Bug#42733: Type-punning warnings when compiling MySQL -- strict aliasing violations. Another rather noisy violation of strict aliasing rules is the spatial code which makes use of stack-based memory (of type Geometry_buffer) to provide placement for Geometry objects. Although a placement new is allowed to dynamically change the type of a object, the object returned by the new placement was being ignored and the original stack-based object was being casted to the new type, thus violating strict aliasing rules. The solution is to reorganize the code so that the object returned by the new placement is used instead of casting the original object. Also, to ensure that the stack-based object is properly aligned with respect to the objects it provides placement for, a set of compiler-dependent macros and types are introduced so that the alignment of objects can be inquired and specified. include/Makefile.am: Add new header. include/my_compiler.h: Add new header. include/my_global.h: Remove now-unnecessary macros. sql/spatial.cc: Make object creation functions return the object whose type was dynamically changed by the new placement. Move static method from the header in order to avoid having to access a forward declaration. sql/spatial.h: Object creation callbacks now take a array of chars as the storage area. Move create_by_typeid to a source file as to not access the forward declaration of Geometry_buffer. Ensure that Geometry_buffer is properly aligned. sql/sql_show.cc: Use newly added aligned storage helper. --- sql/spatial.cc | 43 +++++++++++++++++++++++++------------------ sql/spatial.h | 28 +++++++++++----------------- sql/sql_show.cc | 4 ++-- 3 files changed, 38 insertions(+), 37 deletions(-) (limited to 'sql') diff --git a/sql/spatial.cc b/sql/spatial.cc index 9114c81514d..11df6c00dc5 100644 --- a/sql/spatial.cc +++ b/sql/spatial.cc @@ -53,7 +53,7 @@ static Geometry::Class_info **ci_collection_end= Geometry::ci_collection+Geometry::wkb_last + 1; Geometry::Class_info::Class_info(const char *name, int type_id, - void(*create_func)(void *)): + create_geom_t create_func): m_type_id(type_id), m_create_func(create_func) { m_name.str= (char *) name; @@ -62,39 +62,39 @@ Geometry::Class_info::Class_info(const char *name, int type_id, ci_collection[type_id]= this; } -static void create_point(void *buffer) +static Geometry *create_point(char *buffer) { - new(buffer) Gis_point; + return new (buffer) Gis_point; } -static void create_linestring(void *buffer) +static Geometry *create_linestring(char *buffer) { - new(buffer) Gis_line_string; + return new (buffer) Gis_line_string; } -static void create_polygon(void *buffer) +static Geometry *create_polygon(char *buffer) { - new(buffer) Gis_polygon; + return new (buffer) Gis_polygon; } -static void create_multipoint(void *buffer) +static Geometry *create_multipoint(char *buffer) { - new(buffer) Gis_multi_point; + return new (buffer) Gis_multi_point; } -static void create_multipolygon(void *buffer) +static Geometry *create_multipolygon(char *buffer) { - new(buffer) Gis_multi_polygon; + return new (buffer) Gis_multi_polygon; } -static void create_multilinestring(void *buffer) +static Geometry *create_multilinestring(char *buffer) { - new(buffer) Gis_multi_line_string; + return new (buffer) Gis_multi_line_string; } -static void create_geometrycollection(void *buffer) +static Geometry *create_geometrycollection(char *buffer) { - new(buffer) Gis_geometry_collection; + return new (buffer) Gis_geometry_collection; } @@ -145,6 +145,15 @@ Geometry::Class_info *Geometry::find_class(const char *name, uint32 len) } +Geometry *Geometry::create_by_typeid(Geometry_buffer *buffer, int type_id) +{ + Class_info *ci; + if (!(ci= find_class(type_id))) + return NULL; + return (*ci->m_create_func)(buffer->data); +} + + Geometry *Geometry::construct(Geometry_buffer *buffer, const char *data, uint32 data_len) { @@ -179,9 +188,7 @@ Geometry *Geometry::create_from_wkt(Geometry_buffer *buffer, if (!(ci= find_class(name.str, name.length)) || wkt->reserve(1 + 4, 512)) return NULL; - (*ci->m_create_func)((void *)buffer); - Geometry *result= (Geometry *)buffer; - + Geometry *result= (*ci->m_create_func)(buffer->data); wkt->q_append((char) wkb_ndr); wkt->q_append((uint32) result->get_class_info()->m_type_id); if (trs->check_next_symbol('(') || diff --git a/sql/spatial.h b/sql/spatial.h index 86c2ed8c197..67edc077e04 100644 --- a/sql/spatial.h +++ b/sql/spatial.h @@ -16,6 +16,8 @@ #ifndef _spatial_h #define _spatial_h +#include + #ifdef HAVE_SPATIAL const uint SRID_SIZE= 4; @@ -225,15 +227,18 @@ public: { wkb_xdr= 0, /* Big Endian */ wkb_ndr= 1 /* Little Endian */ - }; + }; + + /** Callback which creates Geometry objects on top of a given placement. */ + typedef Geometry *(*create_geom_t)(char *); class Class_info { public: LEX_STRING m_name; int m_type_id; - void (*m_create_func)(void *); - Class_info(const char *name, int type_id, void(*create_func)(void *)); + create_geom_t m_create_func; + Class_info(const char *name, int type_id, create_geom_t create_func); }; virtual const Class_info *get_class_info() const=0; @@ -263,15 +268,7 @@ public: virtual int geometry_n(uint32 num, String *result) const { return -1; } public: - static Geometry *create_by_typeid(Geometry_buffer *buffer, int type_id) - { - Class_info *ci; - if (!(ci= find_class((int) type_id))) - return NULL; - (*ci->m_create_func)((void *)buffer); - return my_reinterpret_cast(Geometry *)(buffer); - } - + static Geometry *create_by_typeid(Geometry_buffer *buffer, int type_id); static Geometry *construct(Geometry_buffer *buffer, const char *data, uint32 data_len); static Geometry *create_from_wkt(Geometry_buffer *buffer, @@ -528,11 +525,8 @@ public: const Class_info *get_class_info() const; }; -const int geometry_buffer_size= sizeof(Gis_point); -struct Geometry_buffer -{ - void *arr[(geometry_buffer_size - 1)/sizeof(void *) + 1]; -}; +struct Geometry_buffer : public + my_aligned_storage {}; #endif /*HAVE_SPATAIAL*/ #endif diff --git a/sql/sql_show.cc b/sql/sql_show.cc index ca0d16697cd..091bd09aa25 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -2202,8 +2202,8 @@ static bool show_status_array(THD *thd, const char *wild, bool ucase_names, COND *cond) { - MY_ALIGNED_BYTE_ARRAY(buff_data, SHOW_VAR_FUNC_BUFF_SIZE, long); - char * const buff= (char *) &buff_data; + my_aligned_storage buffer; + char * const buff= buffer.data; char *prefix_end; /* the variable name should not be longer than 64 characters */ char name_buffer[64]; -- cgit v1.2.1 From d7944b621e895383482792df3b8aa3eed6ee5f6d Mon Sep 17 00:00:00 2001 From: Davi Arnaut Date: Wed, 14 Jul 2010 16:39:40 -0300 Subject: Bug#42733: Type-punning warnings when compiling MySQL -- strict aliasing violations. Post-merge fix: include my_compiler.h before my_attribute.h as the latter will undef __attribute__ if the compiler is not GCC. Based on the compiler version, in my_compiler.h we know for sure whether the aligned attribute is supported. Furthermore, undefining attribute might cause bugs if some system header uses it. include/my_compiler.h: Drop aligned attribute support from Sun Studio C++ compiler as its not clear exactly which version of it supports the attribute. --- sql/spatial.h | 2 -- 1 file changed, 2 deletions(-) (limited to 'sql') diff --git a/sql/spatial.h b/sql/spatial.h index 67edc077e04..f778acd6c34 100644 --- a/sql/spatial.h +++ b/sql/spatial.h @@ -16,8 +16,6 @@ #ifndef _spatial_h #define _spatial_h -#include - #ifdef HAVE_SPATIAL const uint SRID_SIZE= 4; -- cgit v1.2.1 From 4c28b6776884b3890cc82c251eb4b54fe5dd81d4 Mon Sep 17 00:00:00 2001 From: Alexey Kopytov Date: Thu, 15 Jul 2010 10:10:16 +0400 Subject: Backport of the fix for bug#25421 to 5.0. Calculating the estimated number of records for a range scan may take a significant time, and it was impossible for a user to interrupt that process by killing the connection or the query. Fixed by checking the thread's 'killed' status in check_quick_keys() and interrupting the calculation process if it is set to a non-zero value. --- sql/opt_range.cc | 3 +++ 1 file changed, 3 insertions(+) (limited to 'sql') diff --git a/sql/opt_range.cc b/sql/opt_range.cc index 84519c091b9..35d1216387c 100644 --- a/sql/opt_range.cc +++ b/sql/opt_range.cc @@ -6066,6 +6066,9 @@ check_quick_keys(PARAM *param,uint idx,SEL_ARG *key_tree, tmp_max_flag=max_key_flag | key_tree->max_flag; } + if (unlikely(param->thd->killed != 0)) + return HA_POS_ERROR; + keynr=param->real_keynr[idx]; param->range_count++; if (!tmp_min_flag && ! tmp_max_flag && -- cgit v1.2.1 From 25bfbf684c0fefe658f6244e1f2cf23dd0246eae Mon Sep 17 00:00:00 2001 From: Georgi Kodinov Date: Wed, 23 Jun 2010 19:25:31 +0300 Subject: Bug #53814: NUMERIC_PRECISION for unsigned bigint field is 19, should be 20 Fixed the numeric precision of the unsigned BIGINT column to be 20 instead of 19. --- sql/sql_show.cc | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'sql') diff --git a/sql/sql_show.cc b/sql/sql_show.cc index 091bd09aa25..d0e76e501e2 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -3965,10 +3965,13 @@ static int get_schema_column_record(THD *thd, TABLE_LIST *tables, case MYSQL_TYPE_TINY: case MYSQL_TYPE_SHORT: case MYSQL_TYPE_LONG: - case MYSQL_TYPE_LONGLONG: case MYSQL_TYPE_INT24: field_length= field->max_display_length() - 1; break; + case MYSQL_TYPE_LONGLONG: + field_length= field->max_display_length() - + ((field->flags & UNSIGNED_FLAG) ? 0 : 1); + break; case MYSQL_TYPE_BIT: field_length= field->max_display_length(); decimals= -1; // return NULL -- cgit v1.2.1 From 0eb26fdfa83d2ddd5f3dc3f8cf6e372a55b4c270 Mon Sep 17 00:00:00 2001 From: Davi Arnaut Date: Fri, 2 Jul 2010 15:30:47 -0300 Subject: Bug#53445: Build with -Wall and fix warnings that it generates Apart strict-aliasing warnings, fix the remaining warnings generated by GCC 4.4.4 -Wall and -Wextra flags. One major source of warnings was the in-house function my_bcmp which (unconventionally) took pointers to unsigned characters as the byte sequences to be compared. Since my_bcmp and bcmp are deprecated functions whose only difference with memcmp is the return value, every use of the function is replaced with memcmp as the special return value wasn't actually being used by any caller. There were also various other warnings, mostly due to type mismatches, missing return values, missing prototypes, dead code (unreachable) and ignored return values. BUILD/SETUP.sh: Remove flags that are implied by -Wall and -Wextra. Do not warn about unused parameters in C++. BUILD/check-cpu: Print only the compiler version instead of verbose banner. Although the option is gcc specific, the check was only being used for GCC specific checks anyway. client/mysql.cc: bcmp is no longer defined. client/mysqltest.cc: Pass a string to function expecting a format string. Replace use of bcmp with memcmp. cmd-line-utils/readline/Makefile.am: Always define _GNU_SOURCE when compiling GNU readline. Required to make certain prototypes visible. cmd-line-utils/readline/input.c: Condition for the code to be meaningful. configure.in: Remove check for bcmp. extra/comp_err.c: Use appropriate type. extra/replace.c: Replace use of bcmp with memcmp. extra/yassl/src/crypto_wrapper.cpp: Do not ignore the return value of fgets. Retrieve the file position if fgets succeed -- if it fails, the function will bail out and return a error. extra/yassl/taocrypt/include/blowfish.hpp: Use a single array instead of accessing positions of the sbox_ through a subscript to pbox_. extra/yassl/taocrypt/include/runtime.hpp: One definition of such functions is enough. extra/yassl/taocrypt/src/aes.cpp: Avoid potentially ambiguous conditions. extra/yassl/taocrypt/src/algebra.cpp: Rename arguments to avoid shadowing related warnings. extra/yassl/taocrypt/src/blowfish.cpp: Avoid potentially ambiguous conditions. extra/yassl/taocrypt/src/integer.cpp: Do not define type within a anonymous union. Use a variable to return a value instead of leaving the result in a register -- compiler does not know the logic inside the asm. extra/yassl/taocrypt/src/misc.cpp: Define handler for pure virtual functions. Remove unused code. extra/yassl/taocrypt/src/twofish.cpp: Avoid potentially ambiguous conditions. extra/yassl/testsuite/test.hpp: Function must have C language linkage. include/m_string.h: Remove check which relied on bcmp being defined -- they weren't being used as bcmp is only visible when _BSD_SOURCE is defined. include/my_bitmap.h: Remove bogus helpers which were used only in a few files and were causing warnings about dead code. include/my_global.h: Due to G++ bug, always silence false-positive uninitialized variables warnings when compiling C++ code with G++. Remove bogus helper. libmysql/Makefile.shared: Remove built-in implementation of bcmp. mysql-test/lib/My/SafeProcess/safe_process.cc: Cast pid to largest possible type for a process identifier. mysys/mf_loadpath.c: Leave space of the ending nul. mysys/mf_pack.c: Replace bcmp with memcmp. mysys/my_bitmap.c: Dead code removal. mysys/my_gethwaddr.c: Remove unused variable. mysys/my_getopt.c: Silence bogus uninitialized variable warning. Do not cast away the constant qualifier. mysys/safemalloc.c: Cast to expected type. mysys/thr_lock.c: Silence bogus uninitialized variable warning. sql/field.cc: Replace bogus helper with a more appropriate logic which is used throughout the code. sql/item.cc: Remove bogus logical condition which always evaluates to TRUE. sql/item_create.cc: Simplify code to avoid signedness related warnings. sql/log_event.cc: Replace use of bcmp with memcmp. No need to use helpers for simple bit operations. sql/log_event_old.cc: Replace bmove_align with memcpy. sql/mysqld.cc: Move use declaration of variable to the ifdef block where it is used. Remove now-unnecessary casts and arguments. sql/set_var.cc: Replace bogus helpers with simple and classic bit operations. sql/slave.cc: Cast to expected type and silence bogus warning. sql/sql_class.h: Don't use enum values as bit flags, the supposed type safety is bogus as the combined bit flags are not a value in the enumeration. sql/udf_example.c: Only declare variable when necessary. sql/unireg.h: Replace use of bmove_align with memcpy. storage/innobase/os/os0file.c: Silence bogus warning. storage/myisam/mi_open.c: Remove bogus cast, DBUG_DUMP expects a pointer to unsigned char. storage/myisam/mi_page.c: Remove bogus cast, DBUG_DUMP expects a pointer to unsigned char. strings/bcmp.c: Remove built-in bcmp. strings/ctype-ucs2.c: Silence bogus warning. tests/mysql_client_test.c: Use a appropriate type as expected by simple_command(). --- sql/field.cc | 8 +++++++- sql/item.cc | 3 +-- sql/item_create.cc | 26 ++++++++------------------ sql/log.cc | 2 +- sql/log_event.cc | 21 +++++++++------------ sql/log_event_old.cc | 6 +++--- sql/mysqld.cc | 31 +++++++++++++++++-------------- sql/rpl_rli.cc | 3 +-- sql/set_var.cc | 35 +++++++++++++++-------------------- sql/set_var.h | 2 +- sql/slave.cc | 6 +++--- sql/sql_base.cc | 6 +++--- sql/sql_class.h | 15 ++++++++------- sql/sql_repl.cc | 3 +-- sql/udf_example.c | 2 ++ sql/unireg.h | 4 ++-- 16 files changed, 82 insertions(+), 91 deletions(-) (limited to 'sql') diff --git a/sql/field.cc b/sql/field.cc index 7360a013ffb..2229bc19b3c 100644 --- a/sql/field.cc +++ b/sql/field.cc @@ -8691,7 +8691,13 @@ int Field_set::store(longlong nr, bool unsigned_val) { ASSERT_COLUMN_MARKED_FOR_WRITE; int error= 0; - ulonglong max_nr= set_bits(ulonglong, typelib->count); + ulonglong max_nr; + + if (sizeof(ulonglong)*8 <= typelib->count) + max_nr= ULONGLONG_MAX; + else + max_nr= (ULL(1) << typelib->count) - 1; + if ((ulonglong) nr > max_nr) { nr&= max_nr; diff --git a/sql/item.cc b/sql/item.cc index 5f0ca4374df..db2c4c0974b 100644 --- a/sql/item.cc +++ b/sql/item.cc @@ -4130,8 +4130,7 @@ Item_field::fix_outer_field(THD *thd, Field **from_field, Item **reference) context->first_name_resolution_table, context->last_name_resolution_table, reference, REPORT_ALL_ERRORS, - !any_privileges && - TRUE, TRUE); + !any_privileges, TRUE); } return -1; } diff --git a/sql/item_create.cc b/sql/item_create.cc index fd8f13d6dc5..5726e987ef6 100644 --- a/sql/item_create.cc +++ b/sql/item_create.cc @@ -5051,8 +5051,6 @@ create_func_cast(THD *thd, Item *a, Cast_target cast_type, CHARSET_INFO *cs) { Item *UNINIT_VAR(res); - ulong len; - uint dec; switch (cast_type) { case ITEM_CAST_BINARY: @@ -5075,11 +5073,10 @@ create_func_cast(THD *thd, Item *a, Cast_target cast_type, break; case ITEM_CAST_DECIMAL: { - if (c_len == NULL) - { - len= 0; - } - else + ulong len= 0; + uint dec= 0; + + if (c_len) { ulong decoded_size; errno= 0; @@ -5093,11 +5090,7 @@ create_func_cast(THD *thd, Item *a, Cast_target cast_type, len= decoded_size; } - if (c_dec == NULL) - { - dec= 0; - } - else + if (c_dec) { ulong decoded_size; errno= 0; @@ -5133,12 +5126,9 @@ create_func_cast(THD *thd, Item *a, Cast_target cast_type, } case ITEM_CAST_CHAR: { + int len= -1; CHARSET_INFO *real_cs= (cs ? cs : thd->variables.collation_connection); - if (c_len == NULL) - { - len= LL(-1); - } - else + if (c_len) { ulong decoded_size; errno= 0; @@ -5148,7 +5138,7 @@ create_func_cast(THD *thd, Item *a, Cast_target cast_type, my_error(ER_TOO_BIG_DISPLAYWIDTH, MYF(0), "cast as char", MAX_FIELD_BLOBLENGTH); return NULL; } - len= decoded_size; + len= (int) decoded_size; } res= new (thd->mem_root) Item_char_typecast(a, len, real_cs); break; diff --git a/sql/log.cc b/sql/log.cc index b3554d2a068..d8d5f6fa418 100644 --- a/sql/log.cc +++ b/sql/log.cc @@ -1862,7 +1862,7 @@ static int find_uniq_filename(char *name) file_info= dir_info->dir_entry; for (i=dir_info->number_off_files ; i-- ; file_info++) { - if (bcmp((uchar*) file_info->name, (uchar*) start, length) == 0 && + if (memcmp(file_info->name, start, length) == 0 && test_if_number(file_info->name+length, &number,0)) { set_if_bigger(max_found,(ulong) number); diff --git a/sql/log_event.cc b/sql/log_event.cc index 5ff4b50c6df..d53f13e0b6b 100644 --- a/sql/log_event.cc +++ b/sql/log_event.cc @@ -2905,7 +2905,7 @@ void Query_log_event::print_query_header(IO_CACHE* file, if (likely(charset_inited) && (unlikely(!print_event_info->charset_inited || - bcmp((uchar*) print_event_info->charset, (uchar*) charset, 6)))) + memcmp(print_event_info->charset, charset, 6)))) { CHARSET_INFO *cs_info= get_charset(uint2korr(charset), MYF(MY_WME)); if (cs_info) @@ -2928,8 +2928,8 @@ void Query_log_event::print_query_header(IO_CACHE* file, } if (time_zone_len) { - if (bcmp((uchar*) print_event_info->time_zone_str, - (uchar*) time_zone_str, time_zone_len+1)) + if (memcmp(print_event_info->time_zone_str, + time_zone_str, time_zone_len+1)) { my_b_printf(file,"SET @@session.time_zone='%s'%s\n", time_zone_str, print_event_info->delimiter); @@ -7503,8 +7503,7 @@ int Rows_log_event::do_apply_event(Relay_log_info const *rli) { int actual_error= convert_handler_error(error, thd, table); bool idempotent_error= (idempotent_error_code(error) && - ((bit_is_set(slave_exec_mode, - SLAVE_EXEC_MODE_IDEMPOTENT)) == 1)); + (slave_exec_mode & SLAVE_EXEC_MODE_IDEMPOTENT)); bool ignored_error= (idempotent_error == 0 ? ignored_error_code(actual_error) : 0); @@ -8332,7 +8331,7 @@ Write_rows_log_event::do_before_row_operations(const Slave_reporting_capability todo: to introduce a property for the event (handler?) which forces applying the event in the replace (idempotent) fashion. */ - if (bit_is_set(slave_exec_mode, SLAVE_EXEC_MODE_IDEMPOTENT) == 1 || + if ((slave_exec_mode & SLAVE_EXEC_MODE_IDEMPOTENT) || m_table->s->db_type()->db_type == DB_TYPE_NDBCLUSTER) { /* @@ -8411,7 +8410,7 @@ Write_rows_log_event::do_after_row_operations(const Slave_reporting_capability * int local_error= 0; m_table->next_number_field=0; m_table->auto_increment_field_not_null= FALSE; - if (bit_is_set(slave_exec_mode, SLAVE_EXEC_MODE_IDEMPOTENT) == 1 || + if ((slave_exec_mode & SLAVE_EXEC_MODE_IDEMPOTENT) || m_table->s->db_type()->db_type == DB_TYPE_NDBCLUSTER) { m_table->file->extra(HA_EXTRA_NO_IGNORE_DUP_KEY); @@ -8514,7 +8513,7 @@ Rows_log_event::write_row(const Relay_log_info *const rli, TABLE *table= m_table; // pointer to event's table int error; - int keynum; + int UNINIT_VAR(keynum); auto_afree_ptr key(NULL); /* fill table->record[0] with default values */ @@ -8712,10 +8711,8 @@ int Write_rows_log_event::do_exec_row(const Relay_log_info *const rli) { DBUG_ASSERT(m_table != NULL); - int error= - write_row(rli, /* if 1 then overwrite */ - bit_is_set(slave_exec_mode, SLAVE_EXEC_MODE_IDEMPOTENT) == 1); - + int error= write_row(rli, (slave_exec_mode & SLAVE_EXEC_MODE_IDEMPOTENT)); + if (error && !thd->is_error()) { DBUG_ASSERT(0); diff --git a/sql/log_event_old.cc b/sql/log_event_old.cc index 202b81989a8..e901f44286c 100644 --- a/sql/log_event_old.cc +++ b/sql/log_event_old.cc @@ -441,7 +441,7 @@ copy_extra_record_fields(TABLE *table, DBUG_ASSERT(master_reclength <= table->s->reclength); if (master_reclength < table->s->reclength) - bmove_align(table->record[0] + master_reclength, + memcpy(table->record[0] + master_reclength, table->record[1] + master_reclength, table->s->reclength - master_reclength); @@ -720,7 +720,7 @@ static int find_and_fetch_row(TABLE *table, uchar *key) rnd_pos() returns the record in table->record[0], so we have to move it to table->record[1]. */ - bmove_align(table->record[1], table->record[0], table->s->reclength); + memcpy(table->record[1], table->record[0], table->s->reclength); DBUG_RETURN(error); } @@ -1213,7 +1213,7 @@ int Update_rows_log_event_old::do_exec_row(TABLE *table) overwriting the default values that where put there by the unpack_row() function. */ - bmove_align(table->record[0], m_after_image, table->s->reclength); + memcpy(table->record[0], m_after_image, table->s->reclength); copy_extra_record_fields(table, m_master_reclength, m_width); /* diff --git a/sql/mysqld.cc b/sql/mysqld.cc index 5514c356bd1..99f16b36dfa 100644 --- a/sql/mysqld.cc +++ b/sql/mysqld.cc @@ -559,7 +559,7 @@ ulong query_buff_size, slow_launch_time, slave_open_temp_tables; ulong open_files_limit, max_binlog_size, max_relay_log_size; ulong slave_net_timeout, slave_trans_retries; ulong slave_exec_mode_options; -const char *slave_exec_mode_str= "STRICT"; +static const char *slave_exec_mode_str= "STRICT"; ulong thread_cache_size=0, thread_pool_size= 0; ulong binlog_cache_size=0; ulonglong max_binlog_cache_size=0; @@ -2464,7 +2464,6 @@ extern "C" sig_handler handle_segfault(int sig) { time_t curr_time; struct tm tm; - THD *thd=current_thd; /* Strictly speaking, one needs a mutex here @@ -2523,13 +2522,15 @@ the thread stack. Please read http://dev.mysql.com/doc/mysql/en/linux.html\n\n", #endif /* HAVE_LINUXTHREADS */ #ifdef HAVE_STACKTRACE + THD *thd=current_thd; + if (!(test_flags & TEST_NO_STACKTRACE)) { - fprintf(stderr,"thd: 0x%lx\n",(long) thd); - fprintf(stderr,"\ -Attempting backtrace. You can use the following information to find out\n\ -where mysqld died. If you see no messages after this, something went\n\ -terribly wrong...\n"); + fprintf(stderr, "thd: 0x%lx\n",(long) thd); + fprintf(stderr, "Attempting backtrace. You can use the following " + "information to find out\nwhere mysqld died. If " + "you see no messages after this, something went\n" + "terribly wrong...\n"); my_print_stacktrace(thd ? (uchar*) thd->thread_stack : NULL, my_thread_stack_size); } @@ -7879,10 +7880,11 @@ static int mysql_init_variables(void) /* Things with default values that are not zero */ delay_key_write_options= (uint) DELAY_KEY_WRITE_ON; - slave_exec_mode_options= 0; - slave_exec_mode_options= (uint) - find_bit_type_or_exit(slave_exec_mode_str, &slave_exec_mode_typelib, NULL, - &error); + slave_exec_mode_options= find_bit_type_or_exit(slave_exec_mode_str, + &slave_exec_mode_typelib, + NULL, &error); + /* Default mode string must not yield a error. */ + DBUG_ASSERT(!error); if (error) return 1; opt_specialflag= SPECIAL_ENGLISH; @@ -8118,8 +8120,9 @@ mysqld_get_one_option(int optid, init_slave_skip_errors(argument); break; case OPT_SLAVE_EXEC_MODE: - slave_exec_mode_options= (uint) - find_bit_type_or_exit(argument, &slave_exec_mode_typelib, "", &error); + slave_exec_mode_options= find_bit_type_or_exit(argument, + &slave_exec_mode_typelib, + "", &error); if (error) return 1; break; @@ -8773,7 +8776,7 @@ static int get_options(int *argc,char **argv) /* Set global MyISAM variables from delay_key_write_options */ fix_delay_key_write((THD*) 0, OPT_GLOBAL); /* Set global slave_exec_mode from its option */ - fix_slave_exec_mode(OPT_GLOBAL); + fix_slave_exec_mode(); #ifndef EMBEDDED_LIBRARY if (mysqld_chroot) diff --git a/sql/rpl_rli.cc b/sql/rpl_rli.cc index 316e26f7e40..99a42bbe818 100644 --- a/sql/rpl_rli.cc +++ b/sql/rpl_rli.cc @@ -1120,8 +1120,7 @@ bool Relay_log_info::cached_charset_compare(char *charset) const { DBUG_ENTER("Relay_log_info::cached_charset_compare"); - if (bcmp((uchar*) cached_charset, (uchar*) charset, - sizeof(cached_charset))) + if (memcmp(cached_charset, charset, sizeof(cached_charset))) { memcpy(const_cast(cached_charset), charset, sizeof(cached_charset)); DBUG_RETURN(1); diff --git a/sql/set_var.cc b/sql/set_var.cc index 241126e1e6f..c5517da92f8 100644 --- a/sql/set_var.cc +++ b/sql/set_var.cc @@ -92,14 +92,13 @@ TYPELIB delay_key_write_typelib= delay_key_write_type_names, NULL }; -const char *slave_exec_mode_names[]= -{ "STRICT", "IDEMPOTENT", NullS }; -static const unsigned int slave_exec_mode_names_len[]= -{ sizeof("STRICT") - 1, sizeof("IDEMPOTENT") - 1, 0 }; +static const char *slave_exec_mode_names[]= { "STRICT", "IDEMPOTENT", NullS }; +static unsigned int slave_exec_mode_names_len[]= { sizeof("STRICT") - 1, + sizeof("IDEMPOTENT") - 1, 0 }; TYPELIB slave_exec_mode_typelib= { array_elements(slave_exec_mode_names)-1, "", - slave_exec_mode_names, (unsigned int *) slave_exec_mode_names_len + slave_exec_mode_names, slave_exec_mode_names_len }; static int sys_check_ftb_syntax(THD *thd, set_var *var); @@ -1215,16 +1214,14 @@ uchar *sys_var_set::value_ptr(THD *thd, enum_var_type type, void sys_var_set_slave_mode::set_default(THD *thd, enum_var_type type) { - slave_exec_mode_options= 0; - bit_do_set(slave_exec_mode_options, SLAVE_EXEC_MODE_STRICT); + slave_exec_mode_options= SLAVE_EXEC_MODE_STRICT; } bool sys_var_set_slave_mode::check(THD *thd, set_var *var) { bool rc= sys_var_set::check(thd, var); - if (!rc && - bit_is_set(var->save_result.ulong_value, SLAVE_EXEC_MODE_STRICT) == 1 && - bit_is_set(var->save_result.ulong_value, SLAVE_EXEC_MODE_IDEMPOTENT) == 1) + if (!rc && (var->save_result.ulong_value & SLAVE_EXEC_MODE_STRICT) && + (var->save_result.ulong_value & SLAVE_EXEC_MODE_IDEMPOTENT)) { rc= true; my_error(ER_SLAVE_AMBIGOUS_EXEC_MODE, MYF(0), ""); @@ -1241,20 +1238,18 @@ bool sys_var_set_slave_mode::update(THD *thd, set_var *var) return rc; } -void fix_slave_exec_mode(enum_var_type type) +void fix_slave_exec_mode(void) { DBUG_ENTER("fix_slave_exec_mode"); - compile_time_assert(sizeof(slave_exec_mode_options) * CHAR_BIT - > SLAVE_EXEC_MODE_LAST_BIT - 1); - if (bit_is_set(slave_exec_mode_options, SLAVE_EXEC_MODE_STRICT) == 1 && - bit_is_set(slave_exec_mode_options, SLAVE_EXEC_MODE_IDEMPOTENT) == 1) + + if ((slave_exec_mode_options & SLAVE_EXEC_MODE_STRICT) && + (slave_exec_mode_options & SLAVE_EXEC_MODE_IDEMPOTENT)) { - sql_print_error("Ambiguous slave modes combination." - " STRICT will be used"); - bit_do_clear(slave_exec_mode_options, SLAVE_EXEC_MODE_IDEMPOTENT); + sql_print_error("Ambiguous slave modes combination. STRICT will be used"); + slave_exec_mode_options&= ~SLAVE_EXEC_MODE_IDEMPOTENT; } - if (bit_is_set(slave_exec_mode_options, SLAVE_EXEC_MODE_IDEMPOTENT) == 0) - bit_do_set(slave_exec_mode_options, SLAVE_EXEC_MODE_STRICT); + if (!(slave_exec_mode_options & SLAVE_EXEC_MODE_IDEMPOTENT)) + slave_exec_mode_options|= SLAVE_EXEC_MODE_STRICT; DBUG_VOID_RETURN; } diff --git a/sql/set_var.h b/sql/set_var.h index bc94c6b85c4..68cd94a5670 100644 --- a/sql/set_var.h +++ b/sql/set_var.h @@ -1446,7 +1446,7 @@ sys_var *find_sys_var(THD *thd, const char *str, uint length=0); int sql_set_variables(THD *thd, List *var_list); bool not_all_support_one_shot(List *var_list); void fix_delay_key_write(THD *thd, enum_var_type type); -void fix_slave_exec_mode(enum_var_type type); +void fix_slave_exec_mode(void); ulong fix_sql_mode(ulong sql_mode); extern sys_var_const_str sys_charset_system; extern sys_var_str sys_init_connect; diff --git a/sql/slave.cc b/sql/slave.cc index af53bc65c0e..795bc481071 100644 --- a/sql/slave.cc +++ b/sql/slave.cc @@ -2113,7 +2113,7 @@ int apply_event_and_update_pos(Log_event* ev, THD* thd, Relay_log_info* rli) DBUG_PRINT("info", ("thd->options: %s%s; rli->last_event_start_time: %lu", FLAGSTR(thd->options, OPTION_NOT_AUTOCOMMIT), FLAGSTR(thd->options, OPTION_BEGIN), - rli->last_event_start_time)); + (ulong) rli->last_event_start_time)); /* Execute the event to change the database and update the binary @@ -2885,8 +2885,8 @@ pthread_handler_t handle_slave_sql(void *arg) char llbuff[22],llbuff1[22]; char saved_log_name[FN_REFLEN]; char saved_master_log_name[FN_REFLEN]; - my_off_t saved_log_pos; - my_off_t saved_master_log_pos; + my_off_t UNINIT_VAR(saved_log_pos); + my_off_t UNINIT_VAR(saved_master_log_pos); my_off_t saved_skip= 0; Relay_log_info* rli = &((Master_info*)arg)->rli; diff --git a/sql/sql_base.cc b/sql/sql_base.cc index 3a51b5c5610..d2392bdd9b1 100644 --- a/sql/sql_base.cc +++ b/sql/sql_base.cc @@ -8403,15 +8403,15 @@ my_bool mysql_rm_tmp_tables(void) (file->name[1] == '.' && !file->name[2]))) continue; - if (!bcmp((uchar*) file->name, (uchar*) tmp_file_prefix, - tmp_file_prefix_length)) + if (!memcmp(file->name, tmp_file_prefix, + tmp_file_prefix_length)) { char *ext= fn_ext(file->name); uint ext_len= strlen(ext); uint filePath_len= my_snprintf(filePath, sizeof(filePath), "%s%c%s", tmpdir, FN_LIBCHAR, file->name); - if (!bcmp((uchar*) reg_ext, (uchar*) ext, ext_len)) + if (!memcmp(reg_ext, ext, ext_len)) { handler *handler_file= 0; /* We should cut file extention before deleting of table */ diff --git a/sql/sql_class.h b/sql/sql_class.h index 4c1d4a98db0..023367cb747 100644 --- a/sql/sql_class.h +++ b/sql/sql_class.h @@ -83,9 +83,10 @@ enum enum_ha_read_modes { RFIRST, RNEXT, RPREV, RLAST, RKEY, RNEXT_SAME }; enum enum_duplicates { DUP_ERROR, DUP_REPLACE, DUP_UPDATE }; enum enum_delay_key_write { DELAY_KEY_WRITE_NONE, DELAY_KEY_WRITE_ON, DELAY_KEY_WRITE_ALL }; -enum enum_slave_exec_mode { SLAVE_EXEC_MODE_STRICT, - SLAVE_EXEC_MODE_IDEMPOTENT, - SLAVE_EXEC_MODE_LAST_BIT}; + +#define SLAVE_EXEC_MODE_STRICT (1U << 0) +#define SLAVE_EXEC_MODE_IDEMPOTENT (1U << 1) + enum enum_mark_columns { MARK_COLUMNS_NONE, MARK_COLUMNS_READ, MARK_COLUMNS_WRITE}; @@ -2418,7 +2419,7 @@ class select_result :public Sql_alloc { protected: THD *thd; SELECT_LEX_UNIT *unit; - uint nest_level; + int nest_level; public: select_result(); virtual ~select_result() {}; @@ -2559,7 +2560,7 @@ public: Creates a select_export to represent INTO OUTFILE with a defined level of subquery nesting. */ - select_export(sql_exchange *ex, uint nest_level_arg) :select_to_file(ex) + select_export(sql_exchange *ex, int nest_level_arg) :select_to_file(ex) { nest_level= nest_level_arg; } @@ -2576,7 +2577,7 @@ public: Creates a select_export to represent INTO DUMPFILE with a defined level of subquery nesting. */ - select_dump(sql_exchange *ex, uint nest_level_arg) : + select_dump(sql_exchange *ex, int nest_level_arg) : select_to_file(ex) { nest_level= nest_level_arg; @@ -3046,7 +3047,7 @@ public: Creates a select_dumpvar to represent INTO with a defined level of subquery nesting. */ - select_dumpvar(uint nest_level_arg) + select_dumpvar(int nest_level_arg) { var_list.empty(); row_count= 0; diff --git a/sql/sql_repl.cc b/sql/sql_repl.cc index 75a738a0073..f6045e4704e 100644 --- a/sql/sql_repl.cc +++ b/sql/sql_repl.cc @@ -218,8 +218,7 @@ bool log_in_use(const char* log_name) if ((linfo = tmp->current_linfo)) { pthread_mutex_lock(&linfo->lock); - result = !bcmp((uchar*) log_name, (uchar*) linfo->log_file_name, - log_name_len); + result = !memcmp(log_name, linfo->log_file_name, log_name_len); pthread_mutex_unlock(&linfo->lock); if (result) break; diff --git a/sql/udf_example.c b/sql/udf_example.c index 82af58ec502..637293209e0 100644 --- a/sql/udf_example.c +++ b/sql/udf_example.c @@ -141,7 +141,9 @@ typedef long long longlong; #ifdef HAVE_DLOPEN +#if !defined(HAVE_GETHOSTBYADDR_R) || !defined(HAVE_SOLARIS_STYLE_GETHOST) static pthread_mutex_t LOCK_hostname; +#endif /* These must be right or mysqld will not find the symbol! */ diff --git a/sql/unireg.h b/sql/unireg.h index 3ff7f058e3c..4f6b647964d 100644 --- a/sql/unireg.h +++ b/sql/unireg.h @@ -129,8 +129,8 @@ #define SPECIAL_LOG_QUERIES_NOT_USING_INDEXES 4096 /* Obsolete */ /* Extern defines */ -#define store_record(A,B) bmove_align((A)->B,(A)->record[0],(size_t) (A)->s->reclength) -#define restore_record(A,B) bmove_align((A)->record[0],(A)->B,(size_t) (A)->s->reclength) +#define store_record(A,B) memcpy((A)->B,(A)->record[0],(size_t) (A)->s->reclength) +#define restore_record(A,B) memcpy((A)->record[0],(A)->B,(size_t) (A)->s->reclength) #define cmp_record(A,B) memcmp((A)->record[0],(A)->B,(size_t) (A)->s->reclength) #define empty_record(A) { \ restore_record((A),s->default_values); \ -- cgit v1.2.1 From 85d281737f0feccbd43d7f025658d260d340dd84 Mon Sep 17 00:00:00 2001 From: Davi Arnaut Date: Sat, 3 Jul 2010 10:20:05 -0300 Subject: Fix somewhat bogus GCC warning. Although needless as the base class is mostly empty, initialize the base class explicitly in the copy constructor. --- sql/sql_list.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'sql') diff --git a/sql/sql_list.h b/sql/sql_list.h index 3e0ba2b2ede..c61846c22cd 100644 --- a/sql/sql_list.h +++ b/sql/sql_list.h @@ -74,7 +74,7 @@ public: SQL_I_List() { empty(); } - SQL_I_List(const SQL_I_List &tmp) + SQL_I_List(const SQL_I_List &tmp) : Sql_alloc() { elements= tmp.elements; first= tmp.first; -- cgit v1.2.1 From 1a17d7e8079b4cbda51c311eceaea38b407556f3 Mon Sep 17 00:00:00 2001 From: unknown Date: Sun, 4 Jul 2010 12:02:49 +0800 Subject: The following statements support the CURRENT_USER() where a user is needed. DROP USER RENAME USER CURRENT_USER() ... GRANT ... TO CURRENT_USER() REVOKE ... FROM CURRENT_USER() ALTER DEFINER = CURRENT_USER() EVENTbut, When these statements are binlogged, CURRENT_USER() just is binlogged as 'CURRENT_USER()', it is not expanded to the real user name. When slave executes the log event, 'CURRENT_USER()' is expand to the user of slave SQL thread, but SQL thread's user name always NULL. This breaks the replication. After this patch, session's user will be written into query log events if these statements call CURREN_USER() or 'ALTER EVENT' does not assign a definer. mysql-test/include/diff_tables.inc: Expend its abilities. Now it can diff not only in sessions of 'master' and 'slave', but other sessions as well. sql/log_event.cc: session's user will be written into Query_log_event, if is_current_user_used() is TRUE. On slave SQL thread, Only thd->invoker is written into Query_log_event, if it exists. sql/sql_acl.cc: On slave SQL thread, grantor should copy from thd->invoker, if it exists sql/sql_class.h: On slave SQL thread, thd->invoker is used to store the applying event's invoker. --- sql/log_event.cc | 65 +++++++++++++++++++++++++++++++++++++++++++++++++++++++- sql/log_event.h | 7 +++++- sql/sql_acl.cc | 23 ++++++++++++++------ sql/sql_class.cc | 20 +++++++++++++++++ sql/sql_class.h | 31 +++++++++++++++++++++++++++ sql/sql_parse.cc | 2 +- 6 files changed, 139 insertions(+), 9 deletions(-) (limited to 'sql') diff --git a/sql/log_event.cc b/sql/log_event.cc index d53f13e0b6b..0e4d4bd512b 100644 --- a/sql/log_event.cc +++ b/sql/log_event.cc @@ -2307,6 +2307,53 @@ bool Query_log_event::write(IO_CACHE* file) start+= 4; } + if (thd && thd->is_current_user_used()) + { + LEX_STRING user; + LEX_STRING host; + memset(&user, 0, sizeof(user)); + memset(&host, 0, sizeof(host)); + + if (thd->slave_thread && thd->has_invoker()) + { + /* user will be null, if master is older than this patch */ + user= thd->get_invoker_user(); + host= thd->get_invoker_host(); + } + else if (thd->security_ctx->priv_user) + { + Security_context *ctx= thd->security_ctx; + + user.length= strlen(ctx->priv_user); + user.str= ctx->priv_user; + if (ctx->priv_host[0] != '\0') + { + host.str= ctx->priv_host; + host.length= strlen(ctx->priv_host); + } + } + + if (user.length > 0) + { + *start++= Q_INVOKER; + + /* + Store user length and user. The max length of use is 16, so 1 byte is + enough to store the user's length. + */ + *start++= (uchar)user.length; + memcpy(start, user.str, user.length); + start+= user.length; + + /* + Store host length and host. The max length of host is 60, so 1 byte is + enough to store the host's length. + */ + *start++= (uchar)host.length; + memcpy(start, host.str, host.length); + start+= host.length; + } + } /* NOTE: When adding new status vars, please don't forget to update the MAX_SIZE_LOG_EVENT_STATUS in log_event.h and update the function @@ -2575,6 +2622,8 @@ Query_log_event::Query_log_event(const char* buf, uint event_len, bool catalog_nz= 1; DBUG_ENTER("Query_log_event::Query_log_event(char*,...)"); + memset(&user, 0, sizeof(user)); + memset(&host, 0, sizeof(host)); common_header_len= description_event->common_header_len; post_header_len= description_event->post_header_len[event_type-1]; DBUG_PRINT("info",("event_len: %u common_header_len: %d post_header_len: %d", @@ -2729,6 +2778,20 @@ Query_log_event::Query_log_event(const char* buf, uint event_len, data_written= master_data_written= uint4korr(pos); pos+= 4; break; + case Q_INVOKER: + { + CHECK_SPACE(pos, end, 1); + user.length= *pos++; + CHECK_SPACE(pos, end, user.length); + user.str= my_strndup((const char *)pos, user.length, MYF(0)); + pos+= user.length; + + CHECK_SPACE(pos, end, 1); + host.length= *pos++; + CHECK_SPACE(pos, end, host.length); + host.str= my_strndup((const char *)pos, host.length, MYF(0)); + pos+= host.length; + } default: /* That's why you must write status vars in growing order of code */ DBUG_PRINT("info",("Query_log_event has unknown status vars (first has\ @@ -3178,7 +3241,7 @@ int Query_log_event::do_apply_event(Relay_log_info const *rli, thd->variables.collation_database= thd->db_charset; thd->table_map_for_update= (table_map)table_map_for_update; - + thd->set_invoker(&user, &host); /* Execute the query (note that we bypass dispatch_command()) */ const char* found_semicolon= NULL; mysql_parse(thd, thd->query(), thd->query_length(), &found_semicolon); diff --git a/sql/log_event.h b/sql/log_event.h index e3ca4ca3321..816a241e55d 100644 --- a/sql/log_event.h +++ b/sql/log_event.h @@ -264,7 +264,8 @@ struct sql_ex_info 1 + 2 /* type, lc_time_names_number */ + \ 1 + 2 /* type, charset_database_number */ + \ 1 + 8 /* type, table_map_for_update */ + \ - 1 + 4 /* type, master_data_written */) + 1 + 4 /* type, master_data_written */ + \ + 1 + 16 + 1 + 60/* type, user_len, user, host_len, host */) #define MAX_LOG_EVENT_HEADER ( /* in order of Query_log_event::write */ \ LOG_EVENT_HEADER_LEN + /* write_header */ \ QUERY_HEADER_LEN + /* write_data */ \ @@ -333,6 +334,8 @@ struct sql_ex_info #define Q_MASTER_DATA_WRITTEN_CODE 10 +#define Q_INVOKER 11 + /* Intvar event post-header */ /* Intvar event data */ @@ -1546,6 +1549,8 @@ protected: */ class Query_log_event: public Log_event { + LEX_STRING user; + LEX_STRING host; protected: Log_event::Byte* data_buf; public: diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index dd256c70ecb..9640b8db1b2 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -194,6 +194,7 @@ static bool compare_hostname(const acl_host_and_ip *host,const char *hostname, const char *ip); static my_bool acl_load(THD *thd, TABLE_LIST *tables); static my_bool grant_load(THD *thd, TABLE_LIST *tables); +static inline void get_grantor(THD *thd, char* grantor); /* Convert scrambled password to binary form, according to scramble type, @@ -2704,6 +2705,20 @@ end: DBUG_RETURN(result); } +static inline void get_grantor(THD *thd, char *grantor) +{ + const char *user= thd->security_ctx->user; + const char *host= thd->security_ctx->host_or_ip; + +#if defined(HAVE_REPLICATION) + if (thd->slave_thread && thd->has_invoker()) + { + user= thd->get_invoker_user().str; + host= thd->get_invoker_host().str; + } +#endif + strxmov(grantor, user, "@", host, NullS); +} static int replace_table_table(THD *thd, GRANT_TABLE *grant_table, TABLE *table, const LEX_USER &combo, @@ -2718,9 +2733,7 @@ static int replace_table_table(THD *thd, GRANT_TABLE *grant_table, uchar user_key[MAX_KEY_LENGTH]; DBUG_ENTER("replace_table_table"); - strxmov(grantor, thd->security_ctx->user, "@", - thd->security_ctx->host_or_ip, NullS); - + get_grantor(thd, grantor); /* The following should always succeed as new users are created before this function is called! @@ -2850,9 +2863,7 @@ static int replace_routine_table(THD *thd, GRANT_NAME *grant_name, DBUG_RETURN(-1); } - strxmov(grantor, thd->security_ctx->user, "@", - thd->security_ctx->host_or_ip, NullS); - + get_grantor(thd, grantor); /* New users are created before this function is called. diff --git a/sql/sql_class.cc b/sql/sql_class.cc index 93aa6a8268c..2ce03708a9a 100644 --- a/sql/sql_class.cc +++ b/sql/sql_class.cc @@ -736,6 +736,9 @@ THD::THD() thr_lock_owner_init(&main_lock_id, &lock_info); m_internal_handler= NULL; + current_user_used= FALSE; + memset(&invoker_user, 0, sizeof(invoker_user)); + memset(&invoker_host, 0, sizeof(invoker_host)); } @@ -1236,6 +1239,7 @@ void THD::cleanup_after_query() where= THD::DEFAULT_WHERE; /* reset table map for multi-table update */ table_map_for_update= 0; + clean_current_user_used(); } @@ -3267,6 +3271,22 @@ void THD::set_query(char *query_arg, uint32 query_length_arg) pthread_mutex_unlock(&LOCK_thd_data); } +void THD::get_definer(LEX_USER *definer) +{ + set_current_user_used(); +#if !defined(MYSQL_CLIENT) && defined(HAVE_REPLICATION) + if (slave_thread && has_invoker()) + { + definer->user = invoker_user; + definer->host= invoker_host; + definer->password.str= NULL; + definer->password.length= 0; + } + else +#endif + get_default_definer(this, definer); +} + /** Mark transaction to rollback and mark error as fatal to a sub-statement. diff --git a/sql/sql_class.h b/sql/sql_class.h index 023367cb747..5155ffe0603 100644 --- a/sql/sql_class.h +++ b/sql/sql_class.h @@ -2341,6 +2341,18 @@ public: Protected with LOCK_thd_data mutex. */ void set_query(char *query_arg, uint32 query_length_arg); + void set_current_user_used() { current_user_used= TRUE; } + bool is_current_user_used() { return current_user_used; } + void clean_current_user_used() { current_user_used= FALSE; } + void get_definer(LEX_USER *definer); + void set_invoker(const LEX_STRING *user, const LEX_STRING *host) + { + invoker_user= *user; + invoker_host= *host; + } + LEX_STRING get_invoker_user() { return invoker_user; } + LEX_STRING get_invoker_host() { return invoker_host; } + bool has_invoker() { return invoker_user.length > 0; } private: /** The current internal error handler for this thread, or NULL. */ Internal_error_handler *m_internal_handler; @@ -2360,6 +2372,25 @@ private: tree itself is reused between executions and thus is stored elsewhere. */ MEM_ROOT main_mem_root; + + /** + It will be set TURE if CURRENT_USER() is called in account management + statements or default definer is set in CREATE/ALTER SP, SF, Event, + TRIGGER or VIEW statements. + + Current user will be binlogged into Query_log_event if current_user_used + is TRUE; It will be stored into invoker_host and invoker_user by SQL thread. + */ + bool current_user_used; + + /** + It points to the invoker in the Query_log_event. + SQL thread use it as the default definer in CREATE/ALTER SP, SF, Event, + TRIGGER or VIEW statements or current user in account management + statements if it is not NULL. + */ + LEX_STRING invoker_user; + LEX_STRING invoker_host; }; diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index ed2c76fdcb8..1f3d29ffec0 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -7654,7 +7654,7 @@ LEX_USER *create_default_definer(THD *thd) if (! (definer= (LEX_USER*) thd->alloc(sizeof(LEX_USER)))) return 0; - get_default_definer(thd, definer); + thd->get_definer(definer); return definer; } -- cgit v1.2.1 From 3e1a47070518a1995cc48e28c36b7c817d5f6008 Mon Sep 17 00:00:00 2001 From: Georgi Kodinov Date: Fri, 25 Jun 2010 15:59:44 +0300 Subject: Bug #53095: SELECT column_name FROM INFORMATION_SCHEMA.STATISTICS returns nothing When looking for table or database names inside INFORMATION_SCHEMA we must convert the table and database names to lowercase (just as it's done in the rest of the server) when lowercase_table_names is non-zero. This will allow us to find the same tables that we would find if there is no condition. Fixed by converting to lower case when extracting the database and table name conditions. Test case added. --- sql/sql_show.cc | 37 ++++++++++++++++++++++++++++--------- 1 file changed, 28 insertions(+), 9 deletions(-) (limited to 'sql') diff --git a/sql/sql_show.cc b/sql/sql_show.cc index 33abf356718..0eeb333f278 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -2690,36 +2690,54 @@ bool get_lookup_field_values(THD *thd, COND *cond, TABLE_LIST *tables, { LEX *lex= thd->lex; const char *wild= lex->wild ? lex->wild->ptr() : NullS; + bool rc= 0; + bzero((char*) lookup_field_values, sizeof(LOOKUP_FIELD_VALUES)); switch (lex->sql_command) { case SQLCOM_SHOW_DATABASES: if (wild) { - lookup_field_values->db_value.str= (char*) wild; - lookup_field_values->db_value.length= strlen(wild); + thd->make_lex_string(&lookup_field_values->db_value, + wild, strlen(wild), 0); lookup_field_values->wild_db_value= 1; } - return 0; + break; case SQLCOM_SHOW_TABLES: case SQLCOM_SHOW_TABLE_STATUS: case SQLCOM_SHOW_TRIGGERS: case SQLCOM_SHOW_EVENTS: - lookup_field_values->db_value.str= lex->select_lex.db; - lookup_field_values->db_value.length=strlen(lex->select_lex.db); + thd->make_lex_string(&lookup_field_values->db_value, + lex->select_lex.db, strlen(lex->select_lex.db), 0); if (wild) { - lookup_field_values->table_value.str= (char*)wild; - lookup_field_values->table_value.length= strlen(wild); + thd->make_lex_string(&lookup_field_values->table_value, + wild, strlen(wild), 0); lookup_field_values->wild_table_value= 1; } - return 0; + break; default: /* The "default" is for queries over I_S. All previous cases handle SHOW commands. */ - return calc_lookup_values_from_cond(thd, cond, tables, lookup_field_values); + rc= calc_lookup_values_from_cond(thd, cond, tables, lookup_field_values); + break; } + + if (lower_case_table_names && !rc) + { + /* + We can safely do in-place upgrades here since all of the above cases + are allocating a new memory buffer for these strings. + */ + if (lookup_field_values->db_value.str && lookup_field_values->db_value.str[0]) + my_casedn_str(system_charset_info, lookup_field_values->db_value.str); + if (lookup_field_values->table_value.str && + lookup_field_values->table_value.str[0]) + my_casedn_str(system_charset_info, lookup_field_values->table_value.str); + } + + return rc; } @@ -3324,6 +3342,7 @@ int get_all_tables(THD *thd, TABLE_LIST *tables, COND *cond) error= 0; goto err; } + DBUG_PRINT("INDEX VALUES",("db_name='%s', table_name='%s'", STR_OR_NIL(lookup_field_vals.db_value.str), STR_OR_NIL(lookup_field_vals.table_value.str))); -- cgit v1.2.1 From 7ccbf9b817b47d0393fe66bda6f6013ec24486ba Mon Sep 17 00:00:00 2001 From: Dmitry Shulga Date: Tue, 29 Jun 2010 16:32:03 +0700 Subject: Fixed bug #51855. Race condition in XA START. If several threads concurrently execute the statement XA START 'x', then mysqld server could crash. sql/sql_class.cc: xid_cache_insert: added checking for element in cache before insert it, return TRUE if such element already exists. sql/sql_parse.cc: mysql_execute_command modified: * sequence of calls to xid_cache_search(..)/xid_cache_insert(...) replaced by call to xid_cache_insert(...) in alternative 'case SQLCOM_XA_START:' * added comment to alternative 'case SQLCOM_XA_COMMIT:'. --- sql/sql_class.cc | 10 +++++++--- sql/sql_parse.cc | 26 ++++++++++++++++++-------- 2 files changed, 25 insertions(+), 11 deletions(-) (limited to 'sql') diff --git a/sql/sql_class.cc b/sql/sql_class.cc index 93aa6a8268c..99792f2b262 100644 --- a/sql/sql_class.cc +++ b/sql/sql_class.cc @@ -3365,9 +3365,13 @@ bool xid_cache_insert(XID *xid, enum xa_states xa_state) bool xid_cache_insert(XID_STATE *xid_state) { pthread_mutex_lock(&LOCK_xid_cache); - DBUG_ASSERT(hash_search(&xid_cache, xid_state->xid.key(), - xid_state->xid.key_length())==0); - my_bool res=my_hash_insert(&xid_cache, (uchar*)xid_state); + if (hash_search(&xid_cache, xid_state->xid.key(), xid_state->xid.key_length())) + { + pthread_mutex_unlock(&LOCK_xid_cache); + my_error(ER_XAER_DUPID, MYF(0)); + return TRUE; + } + my_bool res= my_hash_insert(&xid_cache, (uchar*)xid_state); pthread_mutex_unlock(&LOCK_xid_cache); return res; } diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index ed2c76fdcb8..a8dede3e7f5 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -4730,7 +4730,7 @@ create_sp_error: my_error(ER_XAER_NOTA, MYF(0)); break; } - thd->transaction.xid_state.xa_state=XA_ACTIVE; + thd->transaction.xid_state.xa_state= XA_ACTIVE; my_ok(thd); break; } @@ -4750,16 +4750,16 @@ create_sp_error: my_error(ER_XAER_OUTSIDE, MYF(0)); break; } - if (xid_cache_search(thd->lex->xid)) - { - my_error(ER_XAER_DUPID, MYF(0)); - break; - } DBUG_ASSERT(thd->transaction.xid_state.xid.is_null()); - thd->transaction.xid_state.xa_state=XA_ACTIVE; + thd->transaction.xid_state.xa_state= XA_ACTIVE; thd->transaction.xid_state.rm_error= 0; thd->transaction.xid_state.xid.set(thd->lex->xid); - xid_cache_insert(&thd->transaction.xid_state); + if (xid_cache_insert(&thd->transaction.xid_state)) + { + thd->transaction.xid_state.xa_state= XA_NOTR; + thd->transaction.xid_state.xid.null(); + break; + } thd->transaction.all.modified_non_trans_table= FALSE; thd->options= ((thd->options & ~(OPTION_KEEP_LOG)) | OPTION_BEGIN); thd->server_status|= SERVER_STATUS_IN_TRANS; @@ -4813,6 +4813,16 @@ create_sp_error: case SQLCOM_XA_COMMIT: if (!thd->transaction.xid_state.xid.eq(thd->lex->xid)) { + /* + xid_state.in_thd is always true beside of xa recovery + procedure. Note, that there is no race condition here + between xid_cache_search and xid_cache_delete, since we're always + deleting our own XID (thd->lex->xid == thd->transaction.xid_state.xid). + The only case when thd->lex->xid != thd->transaction.xid_state.xid + and xid_state->in_thd == 0 is in ha_recover() functionality, + which is called before starting client connections, and thus is + always single-threaded. + */ XID_STATE *xs=xid_cache_search(thd->lex->xid); if (!xs || xs->in_thd) my_error(ER_XAER_NOTA, MYF(0)); -- cgit v1.2.1 From d9e7c4efb6bfebf625af629b3ca878f1d0dc7e02 Mon Sep 17 00:00:00 2001 From: Georgi Kodinov Date: Wed, 7 Jul 2010 12:15:58 +0300 Subject: Addendum to the fix for bug #53095 (failing information_schema.test on windows) Since the original fix for this bug lowercases the search pattern it's not a good idea to copy the search pattern to the output instead of the real table name found (since, depending on the case mode these two names may differ in case). Fixed the infrmation_schema.test failure by making sure the actual table name of an inoformation schema table is passed instead of the lookup pattern even when the pattern doesn't contain wildcards. --- sql/sql_show.cc | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'sql') diff --git a/sql/sql_show.cc b/sql/sql_show.cc index 0eeb333f278..17fbf62b097 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -2939,11 +2939,15 @@ make_table_name_list(THD *thd, List *table_names, LEX *lex, { if (with_i_schema) { + LEX_STRING *name; ST_SCHEMA_TABLE *schema_table= find_schema_table(thd, lookup_field_vals->table_value.str); if (schema_table && !schema_table->hidden) { - if (table_names->push_back(&lookup_field_vals->table_value)) + if (!(name= + thd->make_lex_string(NULL, schema_table->table_name, + strlen(schema_table->table_name), TRUE)) || + table_names->push_back(name)) return 1; } } -- cgit v1.2.1 From 223f42b7158fee3b2464e76654142c7cd55a415e Mon Sep 17 00:00:00 2001 From: Jon Olav Hauglid Date: Wed, 7 Jul 2010 13:55:09 +0200 Subject: Bug #54117 crash in thr_multi_unlock, temporary table This crash occured after ALTER TABLE was used on a temporary transactional table locked by LOCK TABLES. Any later attempts to execute LOCK/UNLOCK TABLES, caused the server to crash. The reason for the crash was the list of locked tables would end up having a pointer to a free'd table instance. This happened because ALTER TABLE deleted the table without also removing the table reference from the locked tables list. This patch fixes the problem by making sure ALTER TABLE also removes the table from the locked tables list. Test case added to innodb_mysql.test. --- sql/sql_table.cc | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'sql') diff --git a/sql/sql_table.cc b/sql/sql_table.cc index 50045ec6d90..6de461574d8 100644 --- a/sql/sql_table.cc +++ b/sql/sql_table.cc @@ -7387,6 +7387,11 @@ view_err: mysql_unlock_tables(thd, thd->lock); thd->lock=0; } + /* + If LOCK TABLES list is not empty and contains this table, + unlock the table and remove the table from this list. + */ + mysql_lock_remove(thd, thd->locked_tables, table, FALSE); /* Remove link to old table and rename the new one */ close_temporary_table(thd, table, 1, 1); /* Should pass the 'new_name' as we store table name in the cache */ -- cgit v1.2.1 From 625ae7185abcfc7042be225d4f8ef77806fc0803 Mon Sep 17 00:00:00 2001 From: unknown Date: Thu, 8 Jul 2010 10:44:26 +0800 Subject: Postfix bug#48321 Fix the memory leak --- sql/log_event.cc | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) (limited to 'sql') diff --git a/sql/log_event.cc b/sql/log_event.cc index 0e4d4bd512b..93d170e1510 100644 --- a/sql/log_event.cc +++ b/sql/log_event.cc @@ -2396,6 +2396,8 @@ bool Query_log_event::write(IO_CACHE* file) Query_log_event::Query_log_event() :Log_event(), data_buf(0) { + memset(&user, 0, sizeof(user)); + memset(&host, 0, sizeof(host)); } @@ -2438,6 +2440,9 @@ Query_log_event::Query_log_event(THD* thd_arg, const char* query_arg, { time_t end_time; + memset(&user, 0, sizeof(user)); + memset(&host, 0, sizeof(host)); + error_code= errcode; time(&end_time); @@ -2783,13 +2788,13 @@ Query_log_event::Query_log_event(const char* buf, uint event_len, CHECK_SPACE(pos, end, 1); user.length= *pos++; CHECK_SPACE(pos, end, user.length); - user.str= my_strndup((const char *)pos, user.length, MYF(0)); + user.str= (char *)pos; pos+= user.length; CHECK_SPACE(pos, end, 1); host.length= *pos++; CHECK_SPACE(pos, end, host.length); - host.str= my_strndup((const char *)pos, host.length, MYF(0)); + host.str= (char *)pos; pos+= host.length; } default: @@ -2805,12 +2810,16 @@ Query_log_event::Query_log_event(const char* buf, uint event_len, time_zone_len + 1 + data_len + 1 + QUERY_CACHE_FLAGS_SIZE + + user.length + 1 + + host.length + 1 + db_len + 1, MYF(MY_WME)))) #else if (!(start= data_buf = (Log_event::Byte*) my_malloc(catalog_len + 1 + time_zone_len + 1 + - data_len + 1, + data_len + 1 + + user.length + 1 + + host.length + 1, MYF(MY_WME)))) #endif DBUG_VOID_RETURN; @@ -2833,6 +2842,11 @@ Query_log_event::Query_log_event(const char* buf, uint event_len, if (time_zone_len) copy_str_and_move(&time_zone_str, &start, time_zone_len); + if (user.length > 0) + copy_str_and_move((const char **)&(user.str), &start, user.length); + if (host.length > 0) + copy_str_and_move((const char **)&(host.str), &start, host.length); + /** if time_zone_len or catalog_len are 0, then time_zone and catalog are uninitialized at this point. shouldn't they point to the -- cgit v1.2.1 From 9edde02ebb908497a7ad12a2c9e28380d1e30531 Mon Sep 17 00:00:00 2001 From: Mattias Jonsson Date: Fri, 9 Jul 2010 01:09:31 +0200 Subject: Bug#52455: Subpar INSERT ON DUPLICATE KEY UPDATE performance with many partitions The handler function for reading one row from a specific index was not optimized in the partitioning handler since it used the default implementation. No test case since it is performance only, verified by hand. sql/ha_partition.cc: Implemented a optimized version of index_read_idx_map for the case when find flag == HA_READ_KEY_EXACT, which is the common case. sql/ha_partition.h: Declared ha_partition::index_read_idx_map --- sql/ha_partition.cc | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++ sql/ha_partition.h | 9 +++++++++ 2 files changed, 61 insertions(+) (limited to 'sql') diff --git a/sql/ha_partition.cc b/sql/ha_partition.cc index 60722f0100e..a87c7fbf7b8 100644 --- a/sql/ha_partition.cc +++ b/sql/ha_partition.cc @@ -4219,6 +4219,58 @@ int ha_partition::index_read_last_map(uchar *buf, const uchar *key, } +/* + Optimization of the default implementation to take advantage of dynamic + partition pruning. +*/ +int ha_partition::index_read_idx_map(uchar *buf, uint index, + const uchar *key, + key_part_map keypart_map, + enum ha_rkey_function find_flag) +{ + int error= HA_ERR_KEY_NOT_FOUND; + DBUG_ENTER("ha_partition::index_read_idx_map"); + + if (find_flag == HA_READ_KEY_EXACT) + { + uint part; + m_start_key.key= key; + m_start_key.keypart_map= keypart_map; + m_start_key.flag= find_flag; + m_start_key.length= calculate_key_len(table, index, m_start_key.key, + m_start_key.keypart_map); + + get_partition_set(table, buf, index, &m_start_key, &m_part_spec); + + /* How can it be more than one partition with the current use? */ + DBUG_ASSERT(m_part_spec.start_part == m_part_spec.end_part); + + for (part= m_part_spec.start_part; part <= m_part_spec.end_part; part++) + { + if (bitmap_is_set(&(m_part_info->used_partitions), part)) + { + error= m_file[part]->index_read_idx_map(buf, index, key, + keypart_map, find_flag); + if (error != HA_ERR_KEY_NOT_FOUND && + error != HA_ERR_END_OF_FILE) + break; + } + } + } + else + { + /* + If not only used with READ_EXACT, we should investigate if possible + to optimize for other find_flag's as well. + */ + DBUG_ASSERT(0); + /* fall back on the default implementation */ + error= handler::index_read_idx_map(buf, index, key, keypart_map, find_flag); + } + DBUG_RETURN(error); +} + + /* Read next record in a forward index scan diff --git a/sql/ha_partition.h b/sql/ha_partition.h index 9f6d9e0a5ba..d8872d37a09 100644 --- a/sql/ha_partition.h +++ b/sql/ha_partition.h @@ -448,6 +448,15 @@ public: virtual int index_init(uint idx, bool sorted); virtual int index_end(); + /** + @breif + Positions an index cursor to the index specified in the hanlde. Fetches the + row if available. If the key value is null, begin at first key of the + index. + */ + virtual int index_read_idx_map(uchar *buf, uint index, const uchar *key, + key_part_map keypart_map, + enum ha_rkey_function find_flag); /* These methods are used to jump to next or previous entry in the index scan. There are also methods to jump to first and last entry. -- cgit v1.2.1 From 013136364c95b7bcc5a987dd301b042f31dab1f9 Mon Sep 17 00:00:00 2001 From: Sergey Glukhov Date: Fri, 9 Jul 2010 14:39:47 +0400 Subject: Bug#54416 MAX from JOIN with HAVING returning NULL with 5.1 and Empty set The problem there is that HAVING condition evaluates const parts of condition despite the condition has references on aggregate functions. Table t1 became const tables after make_join_statistics and table1.pk = 1, HAVING is transformed into MAX(1) < 7 and taken away from HAVING. The fix is to skip evaluation of HAVING conts parts if HAVING condition has references on aggregate functions. mysql-test/r/having.result: test case mysql-test/t/having.test: test case sql/sql_select.cc: skip evaluation of HAVING conts parts if HAVING condition has references on aggregate functions. --- sql/sql_select.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'sql') diff --git a/sql/sql_select.cc b/sql/sql_select.cc index b20726fc151..fe391b50bb9 100644 --- a/sql/sql_select.cc +++ b/sql/sql_select.cc @@ -1132,7 +1132,7 @@ JOIN::optimize() elements may be lost during further having condition transformation in JOIN::exec. */ - if (having && const_table_map) + if (having && const_table_map && !having->with_sum_func) { having->update_used_tables(); having= remove_eq_conds(thd, having, &having_value); -- cgit v1.2.1 From 70b02d3aedb5c7ddf84720d0dd54e6f74c797788 Mon Sep 17 00:00:00 2001 From: Mattias Jonsson Date: Fri, 9 Jul 2010 13:15:26 +0200 Subject: Bug#52517: Regression in ROW level replication performance with partitions In bug-28430 HA_PRIMARY_KEY_REQUIRED_FOR_POSITION was disabled in the partitioning engine in the first patch, That bug was later fixed a second time, but that flag was not removed. No need to disable this flag, as it leads to bad choise in row replication. sql/ha_partition.h: Not disabling HA_PRIMARY_KEY_REQUIRED_FOR_POSITION flag. Updated comment (has nothing to do with hidden key. sql/handler.h: Updated comments to about HA_PRIMARY_KEY_REQUIRED_FOR_POSITION. --- sql/ha_partition.h | 6 +----- sql/handler.h | 18 +++++++++++++----- 2 files changed, 14 insertions(+), 10 deletions(-) (limited to 'sql') diff --git a/sql/ha_partition.h b/sql/ha_partition.h index 9f6d9e0a5ba..351d3d6b247 100644 --- a/sql/ha_partition.h +++ b/sql/ha_partition.h @@ -53,8 +53,7 @@ typedef struct st_ha_data_partition HA_CAN_FULLTEXT | \ HA_DUPLICATE_POS | \ HA_CAN_SQL_HANDLER | \ - HA_CAN_INSERT_DELAYED | \ - HA_PRIMARY_KEY_REQUIRED_FOR_POSITION) + HA_CAN_INSERT_DELAYED) class ha_partition :public handler { private: @@ -766,9 +765,6 @@ public: HA_PRIMARY_KEY_REQUIRED_FOR_POSITION: Does the storage engine need a PK for position? - Used with hidden primary key in InnoDB. - Hidden primary keys cannot be supported by partitioning, since the - partitioning expressions columns must be a part of the primary key. (InnoDB) HA_FILE_BASED is always set for partition handler since we use a diff --git a/sql/handler.h b/sql/handler.h index d9dfd4f0707..3c7cba747fa 100644 --- a/sql/handler.h +++ b/sql/handler.h @@ -93,7 +93,10 @@ #define HA_PRIMARY_KEY_IN_READ_INDEX (1 << 15) /* If HA_PRIMARY_KEY_REQUIRED_FOR_POSITION is set, it means that to position() - uses a primary key. Without primary key, we can't call position(). + uses a primary key given by the record argument. + Without primary key, we can't call position(). + If not set, the position is returned as the current rows position + regardless of what argument is given. */ #define HA_PRIMARY_KEY_REQUIRED_FOR_POSITION (1 << 16) #define HA_CAN_RTREEKEYS (1 << 17) @@ -1446,10 +1449,9 @@ public: virtual int rnd_next(uchar *buf)=0; virtual int rnd_pos(uchar * buf, uchar *pos)=0; /** - One has to use this method when to find - random position by record as the plain - position() call doesn't work for some - handlers for random position. + This function only works for handlers having + HA_PRIMARY_KEY_REQUIRED_FOR_POSITION set. + It will return the row with the PK given in the record argument. */ virtual int rnd_pos_by_record(uchar *record) { @@ -1467,6 +1469,12 @@ public: { return HA_ERR_WRONG_COMMAND; } virtual ha_rows records_in_range(uint inx, key_range *min_key, key_range *max_key) { return (ha_rows) 10; } + /* + If HA_PRIMARY_KEY_REQUIRED_FOR_POSITION is set, then it sets ref + (reference to the row, aka position, with the primary key given in + the record). + Otherwise it set ref to the current row. + */ virtual void position(const uchar *record)=0; virtual int info(uint)=0; // see my_base.h for full description virtual void get_dynamic_partition_info(PARTITION_INFO *stat_info, -- cgit v1.2.1 From 11fae04527098cb6c266eae41188504bd22a5b52 Mon Sep 17 00:00:00 2001 From: Davi Arnaut Date: Fri, 9 Jul 2010 09:00:17 -0300 Subject: Bug#45288: pb2 returns a lot of compilation warnings on linux Although the C standard mandates that sprintf return the number of bytes written, some very ancient systems (i.e. SunOS 4) returned a pointer to the buffer instead. Since these systems are not supported anymore and are hopefully long dead by now, simply remove the portability wrapper that dealt with this discrepancy. The autoconf check was causing trouble with GCC. --- sql/field.cc | 10 +++++----- sql/item_timefunc.cc | 24 +++++++++--------------- sql/log_event.cc | 32 +++++++++++++++----------------- sql/my_decimal.cc | 8 ++++---- sql/partition_info.cc | 6 +++--- sql/protocol.cc | 24 +++++++++--------------- sql/sql_acl.cc | 10 ++++------ sql/sql_analyse.cc | 10 +++++----- sql/sql_show.cc | 2 +- sql/sql_string.cc | 5 +++-- 10 files changed, 58 insertions(+), 73 deletions(-) (limited to 'sql') diff --git a/sql/field.cc b/sql/field.cc index 2229bc19b3c..c648b53e139 100644 --- a/sql/field.cc +++ b/sql/field.cc @@ -2277,7 +2277,7 @@ int Field_decimal::store(double nr) snprintf(buff,sizeof(buff)-1, "%.*f",(int) dec,nr); length= strlen(buff); #else - length= my_sprintf(buff,(buff,"%.*f",dec,nr)); + length= sprintf(buff, "%.*f", dec, nr); #endif if (length > field_length) @@ -4259,7 +4259,7 @@ String *Field_float::val_str(String *val_buffer, snprintf(to,to_length-1,"%.*f",dec,nr); to=strend(to); #else - to+= my_sprintf(to,(to,"%.*f",dec,nr)); + to+= sprintf(to, "%.*f", dec, nr); #endif #endif } @@ -4617,7 +4617,7 @@ String *Field_double::val_str(String *val_buffer, snprintf(to,to_length-1,"%.*f",dec,nr); to=strend(to); #else - to+= my_sprintf(to,(to,"%.*f",dec,nr)); + to+= sprintf(to, "%.*f", dec, nr); #endif #endif } @@ -6461,7 +6461,7 @@ int Field_str::store(double nr) /* Limit precision to DBL_DIG to avoid garbage past significant digits */ set_if_smaller(digits, DBL_DIG); - length= (uint) my_sprintf(buff, (buff, "%-.*g", digits, nr)); + length= (uint) sprintf(buff, "%-.*g", digits, nr); #ifdef __WIN__ /* @@ -10419,7 +10419,7 @@ Field::set_datetime_warning(MYSQL_ERROR::enum_warning_level level, uint code, { /* DBL_DIG is enough to print '-[digits].E+###' */ char str_nr[DBL_DIG + 8]; - uint str_len= my_sprintf(str_nr, (str_nr, "%g", nr)); + uint str_len= sprintf(str_nr, "%g", nr); make_truncated_value_warning(thd, level, str_nr, str_len, ts_type, field_name); } diff --git a/sql/item_timefunc.cc b/sql/item_timefunc.cc index 4248c2e6b4f..dff4d20f347 100644 --- a/sql/item_timefunc.cc +++ b/sql/item_timefunc.cc @@ -754,13 +754,11 @@ bool make_date_time(DATE_TIME_FORMAT *format, MYSQL_TIME *l_time, str->append(hours_i < 12 ? "AM" : "PM",2); break; case 'r': - length= my_sprintf(intbuff, - (intbuff, - ((l_time->hour % 24) < 12) ? - "%02d:%02d:%02d AM" : "%02d:%02d:%02d PM", - (l_time->hour+11)%12+1, - l_time->minute, - l_time->second)); + length= sprintf(intbuff, ((l_time->hour % 24) < 12) ? + "%02d:%02d:%02d AM" : "%02d:%02d:%02d PM", + (l_time->hour+11)%12+1, + l_time->minute, + l_time->second); str->append(intbuff, length); break; case 'S': @@ -769,12 +767,8 @@ bool make_date_time(DATE_TIME_FORMAT *format, MYSQL_TIME *l_time, str->append_with_prefill(intbuff, length, 2, '0'); break; case 'T': - length= my_sprintf(intbuff, - (intbuff, - "%02d:%02d:%02d", - l_time->hour, - l_time->minute, - l_time->second)); + length= sprintf(intbuff, "%02d:%02d:%02d", + l_time->hour, l_time->minute, l_time->second); str->append(intbuff, length); break; case 'U': @@ -2985,12 +2979,12 @@ String *Item_func_maketime::val_str(String *str) char buf[28]; char *ptr= longlong10_to_str(hour, buf, args[0]->unsigned_flag ? 10 : -10); int len = (int)(ptr - buf) + - my_sprintf(ptr, (ptr, ":%02u:%02u", (uint)minute, (uint)second)); + sprintf(ptr, ":%02u:%02u", (uint) minute, (uint) second); make_truncated_value_warning(current_thd, MYSQL_ERROR::WARN_LEVEL_WARN, buf, len, MYSQL_TIMESTAMP_TIME, NullS); } - + if (make_time_with_warn((DATE_TIME_FORMAT *) 0, <ime, str)) { null_value= 1; diff --git a/sql/log_event.cc b/sql/log_event.cc index 93d170e1510..7becdf51747 100644 --- a/sql/log_event.cc +++ b/sql/log_event.cc @@ -1664,17 +1664,17 @@ beg: int i, end; char buff[512], *pos; pos= buff; - pos+= my_sprintf(buff, (buff, "%s", dec.sign() ? "-" : "")); + pos+= sprintf(buff, "%s", dec.sign() ? "-" : ""); end= ROUND_UP(dec.frac) + ROUND_UP(dec.intg)-1; for (i=0; i < end; i++) - pos+= my_sprintf(pos, (pos, "%09d.", dec.buf[i])); - pos+= my_sprintf(pos, (pos, "%09d", dec.buf[i])); + pos+= sprintf(pos, "%09d.", dec.buf[i]); + pos+= sprintf(pos, "%09d", dec.buf[i]); my_b_printf(file, "%s", buff); my_snprintf(typestr, typestr_length, "DECIMAL(%d,%d)", precision, decimals); return bin_size; } - + case MYSQL_TYPE_FLOAT: { float fl; @@ -5481,8 +5481,7 @@ void User_var_log_event::pack_info(Protocol* protocol) if (!(buf= (char*) my_malloc(val_offset + FLOATING_POINT_BUFFER, MYF(MY_WME)))) return; - event_len+= my_sprintf(buf + val_offset, - (buf + val_offset, "%.14g", real_val)); + event_len+= sprintf(buf + val_offset, "%.14g", real_val); break; case INT_RESULT: if (!(buf= (char*) my_malloc(val_offset + 22, MYF(MY_WME)))) @@ -5664,7 +5663,7 @@ void User_var_log_event::print(FILE* file, PRINT_EVENT_INFO* print_event_info) double real_val; char real_buf[FMT_G_BUFSIZE(14)]; float8get(real_val, val); - my_sprintf(real_buf, (real_buf, "%.14g", real_val)); + sprintf(real_buf, "%.14g", real_val); my_b_printf(&cache, ":=%s%s\n", real_buf, print_event_info->delimiter); break; case INT_RESULT: @@ -6414,10 +6413,9 @@ void Append_block_log_event::print(FILE* file, void Append_block_log_event::pack_info(Protocol *protocol) { char buf[256]; - uint length; - length= (uint) my_sprintf(buf, - (buf, ";file_id=%u;block_len=%u", file_id, - block_len)); + size_t length; + length= my_snprintf(buf, sizeof(buf), ";file_id=%u;block_len=%u", + file_id, block_len); protocol->store(buf, length, &my_charset_bin); } @@ -6566,9 +6564,9 @@ void Delete_file_log_event::print(FILE* file, void Delete_file_log_event::pack_info(Protocol *protocol) { char buf[64]; - uint length; - length= (uint) my_sprintf(buf, (buf, ";file_id=%u", (uint) file_id)); - protocol->store(buf, (int32) length, &my_charset_bin); + size_t length; + length= my_snprintf(buf, sizeof(buf), ";file_id=%u", (uint) file_id); + protocol->store(buf, length, &my_charset_bin); } #endif @@ -6664,9 +6662,9 @@ void Execute_load_log_event::print(FILE* file, void Execute_load_log_event::pack_info(Protocol *protocol) { char buf[64]; - uint length; - length= (uint) my_sprintf(buf, (buf, ";file_id=%u", (uint) file_id)); - protocol->store(buf, (int32) length, &my_charset_bin); + size_t length; + length= my_snprintf(buf, sizeof(buf), ";file_id=%u", (uint) file_id); + protocol->store(buf, length, &my_charset_bin); } diff --git a/sql/my_decimal.cc b/sql/my_decimal.cc index 208ddefb890..3aa01880b83 100644 --- a/sql/my_decimal.cc +++ b/sql/my_decimal.cc @@ -249,12 +249,12 @@ print_decimal(const my_decimal *dec) int i, end; char buff[512], *pos; pos= buff; - pos+= my_sprintf(buff, (buff, "Decimal: sign: %d intg: %d frac: %d { ", - dec->sign(), dec->intg, dec->frac)); + pos+= sprintf(buff, "Decimal: sign: %d intg: %d frac: %d { ", + dec->sign(), dec->intg, dec->frac); end= ROUND_UP(dec->frac)+ROUND_UP(dec->intg)-1; for (i=0; i < end; i++) - pos+= my_sprintf(pos, (pos, "%09d, ", dec->buf[i])); - pos+= my_sprintf(pos, (pos, "%09d }\n", dec->buf[i])); + pos+= sprintf(pos, "%09d, ", dec->buf[i]); + pos+= sprintf(pos, "%09d }\n", dec->buf[i]); fputs(buff, DBUG_FILE); } diff --git a/sql/partition_info.cc b/sql/partition_info.cc index 6e2f7dfad26..d85888e295c 100644 --- a/sql/partition_info.cc +++ b/sql/partition_info.cc @@ -103,8 +103,8 @@ char *partition_info::create_default_partition_names(uint part_no, { do { - my_sprintf(move_ptr, (move_ptr,"p%u", (start_no + i))); - move_ptr+=MAX_PART_NAME_SIZE; + sprintf(move_ptr, "p%u", (start_no + i)); + move_ptr+= MAX_PART_NAME_SIZE; } while (++i < no_parts_arg); } else @@ -135,7 +135,7 @@ char *partition_info::create_subpartition_name(uint subpart_no, if (likely(ptr != NULL)) { - my_sprintf(ptr, (ptr, "%ssp%u", part_name, subpart_no)); + my_snprintf(ptr, size_alloc, "%ssp%u", part_name, subpart_no); } else { diff --git a/sql/protocol.cc b/sql/protocol.cc index dc53e029647..eaf01ecd550 100644 --- a/sql/protocol.cc +++ b/sql/protocol.cc @@ -1003,16 +1003,12 @@ bool Protocol_text::store(MYSQL_TIME *tm) #endif char buff[40]; uint length; - length= my_sprintf(buff,(buff, "%04d-%02d-%02d %02d:%02d:%02d", - (int) tm->year, - (int) tm->month, - (int) tm->day, - (int) tm->hour, - (int) tm->minute, - (int) tm->second)); + length= sprintf(buff, "%04d-%02d-%02d %02d:%02d:%02d", + (int) tm->year, (int) tm->month, + (int) tm->day, (int) tm->hour, + (int) tm->minute, (int) tm->second); if (tm->second_part) - length+= my_sprintf(buff+length,(buff+length, ".%06d", - (int)tm->second_part)); + length+= sprintf(buff+length, ".%06d", (int) tm->second_part); return net_store_data((uchar*) buff, length); } @@ -1046,13 +1042,11 @@ bool Protocol_text::store_time(MYSQL_TIME *tm) char buff[40]; uint length; uint day= (tm->year || tm->month) ? 0 : tm->day; - length= my_sprintf(buff,(buff, "%s%02ld:%02d:%02d", - tm->neg ? "-" : "", - (long) day*24L+(long) tm->hour, - (int) tm->minute, - (int) tm->second)); + length= sprintf(buff, "%s%02ld:%02d:%02d", tm->neg ? "-" : "", + (long) day*24L+(long) tm->hour, (int) tm->minute, + (int) tm->second); if (tm->second_part) - length+= my_sprintf(buff+length,(buff+length, ".%06d", (int)tm->second_part)); + length+= sprintf(buff+length, ".%06d", (int) tm->second_part); return net_store_data((uchar*) buff, length); } diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 9640b8db1b2..90eef872115 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -1653,12 +1653,10 @@ bool change_password(THD *thd, const char *host, const char *user, result= 0; if (mysql_bin_log.is_open()) { - query_length= - my_sprintf(buff, - (buff,"SET PASSWORD FOR '%-.120s'@'%-.120s'='%-.120s'", - acl_user->user ? acl_user->user : "", - acl_user->host.hostname ? acl_user->host.hostname : "", - new_password)); + query_length= sprintf(buff, "SET PASSWORD FOR '%-.120s'@'%-.120s'='%-.120s'", + acl_user->user ? acl_user->user : "", + acl_user->host.hostname ? acl_user->host.hostname : "", + new_password); thd->clear_error(); result= thd->binlog_query(THD::MYSQL_QUERY_TYPE, buff, query_length, FALSE, FALSE, 0); diff --git a/sql/sql_analyse.cc b/sql/sql_analyse.cc index d273b3319ee..29ba956bf6c 100644 --- a/sql/sql_analyse.cc +++ b/sql/sql_analyse.cc @@ -408,7 +408,7 @@ void field_real::add() if ((decs = decimals()) == NOT_FIXED_DEC) { - length= my_sprintf(buff, (buff, "%g", num)); + length= sprintf(buff, "%g", num); if (rint(num) != num) max_notzero_dec_len = 1; } @@ -419,7 +419,7 @@ void field_real::add() snprintf(buff, sizeof(buff)-1, "%-.*f", (int) decs, num); length = (uint) strlen(buff); #else - length= my_sprintf(buff, (buff, "%-.*f", (int) decs, num)); + length= sprintf(buff, "%-.*f", (int) decs, num); #endif // We never need to check further than this @@ -1006,9 +1006,9 @@ void field_decimal::get_opt_type(String *answer, my_decimal_set_zero(&zero); my_bool is_unsigned= (my_decimal_cmp(&zero, &min_arg) >= 0); - length= my_sprintf(buff, (buff, "DECIMAL(%d, %d)", - (int) (max_length - (item->decimals ? 1 : 0)), - item->decimals)); + length= my_snprintf(buff, sizeof(buff), "DECIMAL(%d, %d)", + (int) (max_length - (item->decimals ? 1 : 0)), + item->decimals); if (is_unsigned) length= (uint) (strmov(buff+length, " UNSIGNED")- buff); answer->append(buff, length); diff --git a/sql/sql_show.cc b/sql/sql_show.cc index 17fbf62b097..ca0d16697cd 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -2278,7 +2278,7 @@ static bool show_status_array(THD *thd, const char *wild, value= ((char *) status_var + (ulong) value); /* fall through */ case SHOW_DOUBLE: - end= buff + my_sprintf(buff, (buff, "%f", *(double*) value)); + end= buff + sprintf(buff, "%f", *(double*) value); break; case SHOW_LONG_STATUS: value= ((char *) status_var + (ulong) value); diff --git a/sql/sql_string.cc b/sql/sql_string.cc index 7c9793b273b..a41f4d52101 100644 --- a/sql/sql_string.cc +++ b/sql/sql_string.cc @@ -112,7 +112,8 @@ bool String::set_real(double num,uint decimals, CHARSET_INFO *cs) str_charset=cs; if (decimals >= NOT_FIXED_DEC) { - uint32 len= my_sprintf(buff,(buff, "%.15g",num));// Enough for a DATETIME + // Enough for a DATETIME + uint32 len= sprintf(buff, "%.15g", num); return copy(buff, len, &my_charset_latin1, cs, &dummy_errors); } #ifdef HAVE_FCONVERT @@ -676,7 +677,7 @@ void String::qs_append(const char *str, uint32 len) void String::qs_append(double d) { char *buff = Ptr + str_length; - str_length+= my_sprintf(buff, (buff, "%.15g", d)); + str_length+= sprintf(buff, "%.15g", d); } void String::qs_append(double *d) -- cgit v1.2.1 From e98169d52c8610efa523040d4409054e352f92df Mon Sep 17 00:00:00 2001 From: Alexey Kopytov Date: Mon, 12 Jul 2010 18:58:55 +0400 Subject: Bug#55061: Build failing on sol 8 x86 - assembler code vs compiler problem GCC-style inline assembly is not supported by the Sun Studio compilers prior to version 12. Added a check for the Sun Studio version to avoid using _FPU_GETCW() / _FPU_SETCW() when inline assembly is unsupported. This can lead to some differences in floating point calculations on Solaris 8/x86 which, however, is not worth bothering with Sun-style assembly .il templates. --- sql/mysqld.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'sql') diff --git a/sql/mysqld.cc b/sql/mysqld.cc index 99f16b36dfa..598db8d993c 100644 --- a/sql/mysqld.cc +++ b/sql/mysqld.cc @@ -190,7 +190,7 @@ typedef fp_except fp_except_t; # define fpu_control_t unsigned int # define _FPU_EXTENDED 0x300 # define _FPU_DOUBLE 0x200 -# if defined(__GNUC__) || defined(__SUNPRO_CC) +# if defined(__GNUC__) || (defined(__SUNPRO_CC) && __SUNPRO_CC >= 0x590) # define _FPU_GETCW(cw) asm volatile ("fnstcw %0" : "=m" (*&cw)) # define _FPU_SETCW(cw) asm volatile ("fldcw %0" : : "m" (*&cw)) # else -- cgit v1.2.1 From 85e5ce0ba06b6a79e4bd7521ab0e44c1e63a3e77 Mon Sep 17 00:00:00 2001 From: Jon Olav Hauglid Date: Mon, 19 Jul 2010 11:03:52 +0200 Subject: Bug #54734 assert in Diagnostics_area::set_ok_status This assert checks that the server does not try to send OK to the client if there has been some error during processing. This is done to make sure that the error is in fact sent to the client. The problem was that view errors during processing of WHERE conditions in UPDATE statements where not detected by the update code. It therefore tried to send OK to the client, triggering the assert. The bug was only noticeable in debug builds. This patch fixes the problem by making sure that the update code checks for errors during condition processing and acts accordingly. --- sql/filesort.cc | 4 +++- sql/opt_range.h | 6 +++++- sql/sql_delete.cc | 3 ++- sql/sql_select.cc | 32 ++++++++++++-------------------- sql/sql_update.cc | 12 ++++++++++-- 5 files changed, 32 insertions(+), 25 deletions(-) (limited to 'sql') diff --git a/sql/filesort.cc b/sql/filesort.cc index 7b584b39516..021cbdd2aad 100644 --- a/sql/filesort.cc +++ b/sql/filesort.cc @@ -514,6 +514,7 @@ static ha_rows find_all_keys(SORTPARAM *param, SQL_SELECT *select, volatile THD::killed_state *killed= &thd->killed; handler *file; MY_BITMAP *save_read_set, *save_write_set; + bool skip_record; DBUG_ENTER("find_all_keys"); DBUG_PRINT("info",("using: %s", (select ? select->quick ? "ranges" : "where": @@ -606,7 +607,8 @@ static ha_rows find_all_keys(SORTPARAM *param, SQL_SELECT *select, } if (error == 0) param->examined_rows++; - if (error == 0 && (!select || select->skip_record() == 0)) + if (!error && (!select || + (!select->skip_record(thd, &skip_record) && !skip_record))) { if (idx == param->keys) { diff --git a/sql/opt_range.h b/sql/opt_range.h index edae1e4114a..c6e488cf14c 100644 --- a/sql/opt_range.h +++ b/sql/opt_range.h @@ -788,7 +788,11 @@ class SQL_SELECT :public Sql_alloc { tmp.set_all(); return test_quick_select(thd, tmp, 0, limit, force_quick_range) < 0; } - inline bool skip_record() { return cond ? cond->val_int() == 0 : 0; } + inline bool skip_record(THD *thd, bool *skip_record) + { + *skip_record= cond ? cond->val_int() == FALSE : FALSE; + return thd->is_error(); + } int test_quick_select(THD *thd, key_map keys, table_map prev_tables, ha_rows limit, bool force_quick_range); }; diff --git a/sql/sql_delete.cc b/sql/sql_delete.cc index eb0fd4b5332..6a87eb4e572 100644 --- a/sql/sql_delete.cc +++ b/sql/sql_delete.cc @@ -51,6 +51,7 @@ bool mysql_delete(THD *thd, TABLE_LIST *table_list, COND *conds, THD::killed_state killed_status= THD::NOT_KILLED; DBUG_ENTER("mysql_delete"); bool save_binlog_row_based; + bool skip_record; THD::enum_binlog_query_type query_type= thd->lex->sql_command == SQLCOM_TRUNCATE ? @@ -307,7 +308,7 @@ bool mysql_delete(THD *thd, TABLE_LIST *table_list, COND *conds, { thd->examined_row_count++; // thd->is_error() is tested to disallow delete row on error - if (!(select && select->skip_record())&& ! thd->is_error() ) + if (!select || (!select->skip_record(thd, &skip_record) && !skip_record)) { if (triggers_applicable && diff --git a/sql/sql_select.cc b/sql/sql_select.cc index fe391b50bb9..2fc287bbe66 100644 --- a/sql/sql_select.cc +++ b/sql/sql_select.cc @@ -11657,38 +11657,30 @@ flush_cached_records(JOIN *join,JOIN_TAB *join_tab,bool skip_last) SQL_SELECT *select=join_tab->select; if (rc == NESTED_LOOP_OK) { - bool consider_record= !join_tab->cache.select || - !join_tab->cache.select->skip_record(); - - /* - Check for error: skip_record() can execute code by calling - Item_subselect::val_*. We need to check for errors (if any) - after such call. - */ - if (join->thd->is_error()) + bool skip_record= FALSE; + if (join_tab->cache.select && + join_tab->cache.select->skip_record(join->thd, &skip_record)) { reset_cache_write(&join_tab->cache); return NESTED_LOOP_ERROR; } - if (consider_record) + if (!skip_record) { uint i; reset_cache_read(&join_tab->cache); for (i=(join_tab->cache.records- (skip_last ? 1 : 0)) ; i-- > 0 ;) { read_cached_record(join_tab); - if (!select || !select->skip_record()) + skip_record= FALSE; + if (select && select->skip_record(join->thd, &skip_record)) { - /* - Check for error: skip_record() can execute code by calling - Item_subselect::val_*. We need to check for errors (if any) - after such call. - */ - if (join->thd->is_error()) - rc= NESTED_LOOP_ERROR; - else - rc= (join_tab->next_select)(join,join_tab+1,0); + reset_cache_write(&join_tab->cache); + return NESTED_LOOP_ERROR; + } + if (!skip_record) + { + rc= (join_tab->next_select)(join,join_tab+1,0); if (rc != NESTED_LOOP_OK && rc != NESTED_LOOP_NO_MORE_ROWS) { reset_cache_write(&join_tab->cache); diff --git a/sql/sql_update.cc b/sql/sql_update.cc index 3cdbb97b90b..17fac877fbc 100644 --- a/sql/sql_update.cc +++ b/sql/sql_update.cc @@ -473,7 +473,14 @@ int mysql_update(THD *thd, while (!(error=info.read_record(&info)) && !thd->killed) { thd->examined_row_count++; - if (!(select && select->skip_record())) + bool skip_record= FALSE; + if (select && select->skip_record(thd, &skip_record)) + { + error= 1; + table->file->unlock_row(); + break; + } + if (!skip_record) { if (table->file->was_semi_consistent_read()) continue; /* repeat the read of the same row if it still exists */ @@ -580,7 +587,8 @@ int mysql_update(THD *thd, while (!(error=info.read_record(&info)) && !thd->killed) { thd->examined_row_count++; - if (!(select && select->skip_record())) + bool skip_record; + if (!select || (!select->skip_record(thd, &skip_record) && !skip_record)) { if (table->file->was_semi_consistent_read()) continue; /* repeat the read of the same row if it still exists */ -- cgit v1.2.1 From 689a96fcce55221101b8c9b613104c0b96edfb6b Mon Sep 17 00:00:00 2001 From: Sven Sandberg Date: Tue, 20 Jul 2010 17:27:13 +0200 Subject: BUG#55322: SHOW BINLOG EVENTS increases @@SESSION.MAX_ALLOWED_PACKET Problem: when SHOW BINLOG EVENTS was issued, it increased the value of @@session.max_allowed_packet. This allowed a non-root user to increase the amount of memory used by her thread arbitrarily. Thus, it removes the bound on the amount of system resources used by a client, so it presents a security risk (DoS attack). Fix: it is correct to increase the value of @@session.max_allowed_packet while executing SHOW BINLOG EVENTS (see BUG 30435). However, the increase should only be temporary. Thus, the fix is to restore the value when SHOW BINLOG EVENTS ends. The value of @@session.max_allowed_packet is also increased in mysql_binlog_send (i.e., the binlog dump thread). It is not clear if this can cause any trouble, since normally the client that issues COM_BINLOG_DUMP will not issue any other commands that would be affected by the increased value of @@session.max_allowed_packet. However, we restore the value just in case. mysql-test/suite/rpl/r/rpl_packet.result: update result file mysql-test/suite/rpl/t/rpl_packet.test: Add test that verifies that @@session.max_allowed_packet does not change when issuing SHOW BINLOG EVENTS. Make previous sub-test clean up. Add comments listing the bugs in this test case. sql/sql_repl.cc: Restore the old value of thd->variables.max_allowed_packet at the end of mysql_binlog_send and mysql_show_binlog_events. --- sql/sql_repl.cc | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'sql') diff --git a/sql/sql_repl.cc b/sql/sql_repl.cc index c220f609c09..dcbc982b4aa 100644 --- a/sql/sql_repl.cc +++ b/sql/sql_repl.cc @@ -357,6 +357,7 @@ void mysql_binlog_send(THD* thd, char* log_ident, my_off_t pos, #ifndef DBUG_OFF int left_events = max_binlog_dump_events; #endif + int old_max_allowed_packet= thd->variables.max_allowed_packet; DBUG_ENTER("mysql_binlog_send"); DBUG_PRINT("enter",("log_ident: '%s' pos: %ld", log_ident, (long) pos)); @@ -762,6 +763,7 @@ end: pthread_mutex_lock(&LOCK_thread_count); thd->current_linfo = 0; pthread_mutex_unlock(&LOCK_thread_count); + thd->variables.max_allowed_packet= old_max_allowed_packet; DBUG_VOID_RETURN; err: @@ -779,6 +781,7 @@ err: pthread_mutex_unlock(&LOCK_thread_count); if (file >= 0) (void) my_close(file, MYF(MY_WME)); + thd->variables.max_allowed_packet= old_max_allowed_packet; my_message(my_errno, errmsg, MYF(0)); DBUG_VOID_RETURN; @@ -1422,6 +1425,7 @@ bool mysql_show_binlog_events(THD* thd) bool ret = TRUE; IO_CACHE log; File file = -1; + int old_max_allowed_packet= thd->variables.max_allowed_packet; DBUG_ENTER("mysql_show_binlog_events"); Log_event::init_show_field_list(&field_list); @@ -1560,6 +1564,7 @@ err: pthread_mutex_lock(&LOCK_thread_count); thd->current_linfo = 0; pthread_mutex_unlock(&LOCK_thread_count); + thd->variables.max_allowed_packet= old_max_allowed_packet; DBUG_RETURN(ret); } -- cgit v1.2.1 From b0035c76d46caf25d6b52f4e1552c1e83f7f0911 Mon Sep 17 00:00:00 2001 From: Davi Arnaut Date: Tue, 20 Jul 2010 14:36:15 -0300 Subject: Bug#54453: Failing assertion: trx->active_trans when renaming a table with active trx Essentially, the problem is that InnoDB does a implicit commit when a cursor (table handler) is unlocked/closed, creating a dissonance between the transaction state within the server layer and the storage engine layer. Theoretically, a statement transaction can encompass several table instances in a similar manner to a multiple statement transaction, hence it does not make sense to limit a statement transaction to the lifetime of the table instances (cursors) used within it. Since this particular instance of the problem is only triggerable on 5.1 and is masked on 5.5 due 2PC being skipped (assertion is in the prepare phase of a 2PC), the solution (which is less risky) is to explicitly end the transaction before the cached table is unlock on rename table. The patch is to be null merged into trunk. mysql-test/include/commit.inc: Fix counters, the binlog engine does not get involved anymore. mysql-test/suite/innodb_plugin/r/innodb_bug54453.result: Add test case result for Bug#54453 mysql-test/suite/innodb_plugin/t/innodb_bug54453.test: Add test case for Bug#54453 sql/sql_table.cc: End transaction as otherwise InnoDB will end it behind our backs. --- sql/sql_table.cc | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'sql') diff --git a/sql/sql_table.cc b/sql/sql_table.cc index 50045ec6d90..47b91fcca0e 100644 --- a/sql/sql_table.cc +++ b/sql/sql_table.cc @@ -6848,6 +6848,14 @@ view_err: if (!error && (new_name != table_name || new_db != db)) { thd_proc_info(thd, "rename"); + + /* + Workaround InnoDB ending the transaction when the table instance + is unlocked/closed (close_cached_table below), otherwise the trx + state will differ between the server and storage engine layers. + */ + ha_autocommit_or_rollback(thd, 0); + /* Then do a 'simple' rename of the table. First we need to close all instances of 'source' table. -- cgit v1.2.1 From 9a5fa17fd3c4885262e31bf14cf495d02e5f6b27 Mon Sep 17 00:00:00 2001 From: Davi Arnaut Date: Tue, 20 Jul 2010 15:07:36 -0300 Subject: Bug#45288: pb2 returns a lot of compilation warnings on linux Fix warnings flagged by the new warning option -Wunused-but-set-variable that was added to GCC 4.6 and that is enabled by -Wunused and -Wall. The option causes a warning whenever a local variable is assigned to but is later unused. It also warns about meaningless pointer dereferences. client/mysql.cc: Meaningless pointer dereferences. client/mysql_upgrade.c: Check whether reading from the file succeeded. extra/comp_err.c: Unused. extra/yassl/src/yassl_imp.cpp: Skip instead of reading data that is discarded. include/my_pthread.h: Variable is only used in debug builds. include/mysys_err.h: Add new error messages. mysys/errors.c: Add new error message for permission related functions. mysys/mf_iocache.c: Variable is only checked under THREAD. mysys/my_copy.c: Raise a error if chmod or chown fails. mysys/my_redel.c: Raise a error if chmod or chown fails. regex/engine.c: Use a equivalent variable for the assert. server-tools/instance-manager/instance_options.cc: Unused. sql/field.cc: Unused. sql/item.cc: Unused. sql/log.cc: Do not ignore the return value of freopen: only set buffer if reopening succeeds. Adjust doxygen comment to the right function. Pass message lenght to log function. sql/mysqld.cc: Do not ignore the return value of freopen: only set buffer if reopening succeeds. sql/partition_info.cc: Unused. sql/slave.cc: No need to set pointer to the address of '\0'. sql/spatial.cc: Unused. Left for historical purposes. sql/sql_acl.cc: Unused. sql/sql_base.cc: Pointers are always set to the same variables. sql/sql_parse.cc: End statement if reading fails. Store the buffer after it has actually been updated. sql/sql_repl.cc: No need to set pointer to the address of '\0'. sql/sql_show.cc: Put variable under the same ifdef block. sql/udf_example.c: Set null pointer flag appropriately. storage/csv/ha_tina.cc: Meaningless dereferences. storage/example/ha_example.cc: Return the error since it's available. storage/myisam/mi_locking.c: Remove unused and dead code. --- sql/field.cc | 2 -- sql/item.cc | 5 ++-- sql/log.cc | 73 +++++++++++++++++++++++++++------------------------ sql/mysqld.cc | 7 +++-- sql/partition_info.cc | 2 -- sql/slave.cc | 7 ++--- sql/spatial.cc | 3 +-- sql/sql_acl.cc | 2 -- sql/sql_base.cc | 14 +++------- sql/sql_load.cc | 13 +++++---- sql/sql_parse.cc | 17 +++++++----- sql/sql_repl.cc | 7 ++--- sql/sql_show.cc | 4 +-- sql/sql_table.cc | 2 -- sql/table.cc | 3 +-- sql/udf_example.c | 2 +- 16 files changed, 73 insertions(+), 90 deletions(-) (limited to 'sql') diff --git a/sql/field.cc b/sql/field.cc index c648b53e139..c887a5f1c9b 100644 --- a/sql/field.cc +++ b/sql/field.cc @@ -5541,7 +5541,6 @@ int Field_date::store(const char *from, uint len,CHARSET_INFO *cs) int Field_date::store(double nr) { longlong tmp; - int error= 0; if (nr >= 19000000000000.0 && nr <= 99991231235959.0) nr=floor(nr/1000000.0); // Timestamp to date if (nr < 0.0 || nr > 99991231.0) @@ -5550,7 +5549,6 @@ int Field_date::store(double nr) set_datetime_warning(MYSQL_ERROR::WARN_LEVEL_WARN, ER_WARN_DATA_OUT_OF_RANGE, nr, MYSQL_TIMESTAMP_DATE); - error= 1; } else tmp= (longlong) rint(nr); diff --git a/sql/item.cc b/sql/item.cc index db2c4c0974b..66c5314c16e 100644 --- a/sql/item.cc +++ b/sql/item.cc @@ -255,11 +255,10 @@ my_decimal *Item::val_decimal_from_int(my_decimal *decimal_value) my_decimal *Item::val_decimal_from_string(my_decimal *decimal_value) { String *res; - char *end_ptr; + if (!(res= val_str(&str_value))) - return 0; // NULL or EOM + return NULL; - end_ptr= (char*) res->ptr()+ res->length(); if (str2my_decimal(E_DEC_FATAL_ERROR & ~E_DEC_BAD_NUM, res->ptr(), res->length(), res->charset(), decimal_value) & E_DEC_BAD_NUM) diff --git a/sql/log.cc b/sql/log.cc index d8d5f6fa418..614a07e6b63 100644 --- a/sql/log.cc +++ b/sql/log.cc @@ -5050,6 +5050,22 @@ void sql_perror(const char *message) } +/* + Unfortunately, there seems to be no good way + to restore the original streams upon failure. +*/ +static bool redirect_std_streams(const char *file) +{ + if (freopen(file, "a+", stdout) && freopen(file, "a+", stderr)) + { + setbuf(stderr, NULL); + return FALSE; + } + + return TRUE; +} + + bool flush_error_log() { bool result=0; @@ -5077,11 +5093,7 @@ bool flush_error_log() setbuf(stderr, NULL); (void) my_delete(err_renamed, MYF(0)); my_rename(log_error_file,err_renamed,MYF(0)); - if (freopen(log_error_file,"a+",stdout)) - { - freopen(log_error_file,"a+",stderr); - setbuf(stderr, NULL); - } + redirect_std_streams(log_error_file); if ((fd = my_open(err_temp, O_RDONLY, MYF(0))) >= 0) { @@ -5096,13 +5108,7 @@ bool flush_error_log() result= 1; #else my_rename(log_error_file,err_renamed,MYF(0)); - if (freopen(log_error_file,"a+",stdout)) - { - FILE *reopen; - reopen= freopen(log_error_file,"a+",stderr); - setbuf(stderr, NULL); - } - else + if (redirect_std_streams(log_error_file)) result= 1; #endif VOID(pthread_mutex_unlock(&LOCK_error_log)); @@ -5153,25 +5159,9 @@ static void print_buffer_to_nt_eventlog(enum loglevel level, char *buff, #endif /* __NT__ */ -/** - Prints a printf style message to the error log and, under NT, to the - Windows event log. - - This function prints the message into a buffer and then sends that buffer - to other functions to write that message to other logging sources. - - @param event_type Type of event to write (Error, Warning, or Info) - @param format Printf style format of message - @param args va_list list of arguments for the message - - @returns - The function always returns 0. The return value is present in the - signature to be compatible with other logging routines, which could - return an error (e.g. logging to the log tables) -*/ - #ifndef EMBEDDED_LIBRARY -static void print_buffer_to_file(enum loglevel level, const char *buffer) +static void print_buffer_to_file(enum loglevel level, const char *buffer, + size_t length) { time_t skr; struct tm tm_tmp; @@ -5185,7 +5175,7 @@ static void print_buffer_to_file(enum loglevel level, const char *buffer) localtime_r(&skr, &tm_tmp); start=&tm_tmp; - fprintf(stderr, "%02d%02d%02d %2d:%02d:%02d [%s] %s\n", + fprintf(stderr, "%02d%02d%02d %2d:%02d:%02d [%s] %.*s\n", start->tm_year % 100, start->tm_mon+1, start->tm_mday, @@ -5194,7 +5184,7 @@ static void print_buffer_to_file(enum loglevel level, const char *buffer) start->tm_sec, (level == ERROR_LEVEL ? "ERROR" : level == WARNING_LEVEL ? "Warning" : "Note"), - buffer); + (int) length, buffer); fflush(stderr); @@ -5202,7 +5192,22 @@ static void print_buffer_to_file(enum loglevel level, const char *buffer) DBUG_VOID_RETURN; } +/** + Prints a printf style message to the error log and, under NT, to the + Windows event log. + This function prints the message into a buffer and then sends that buffer + to other functions to write that message to other logging sources. + + @param level The level of the msg significance + @param format Printf style format of message + @param args va_list list of arguments for the message + + @returns + The function always returns 0. The return value is present in the + signature to be compatible with other logging routines, which could + return an error (e.g. logging to the log tables) +*/ int vprint_msg_to_log(enum loglevel level, const char *format, va_list args) { char buff[1024]; @@ -5210,7 +5215,7 @@ int vprint_msg_to_log(enum loglevel level, const char *format, va_list args) DBUG_ENTER("vprint_msg_to_log"); length= my_vsnprintf(buff, sizeof(buff), format, args); - print_buffer_to_file(level, buff); + print_buffer_to_file(level, buff, length); #ifdef __NT__ print_buffer_to_nt_eventlog(level, buff, length, sizeof(buff)); @@ -5218,7 +5223,7 @@ int vprint_msg_to_log(enum loglevel level, const char *format, va_list args) DBUG_RETURN(0); } -#endif /*EMBEDDED_LIBRARY*/ +#endif /* EMBEDDED_LIBRARY */ void sql_print_error(const char *format, ...) diff --git a/sql/mysqld.cc b/sql/mysqld.cc index 99f16b36dfa..fda64e5a1ea 100644 --- a/sql/mysqld.cc +++ b/sql/mysqld.cc @@ -3783,7 +3783,6 @@ static void end_ssl() static int init_server_components() { - FILE* reopen; DBUG_ENTER("init_server_components"); /* We need to call each of these following functions to ensure that @@ -3826,8 +3825,8 @@ static int init_server_components() if (freopen(log_error_file, "a+", stdout)) #endif { - reopen= freopen(log_error_file, "a+", stderr); - setbuf(stderr, NULL); + if (freopen(log_error_file, "a+", stderr)) + setbuf(stderr, NULL); } } } @@ -8222,7 +8221,7 @@ mysqld_get_one_option(int optid, *val= 0; val+= 2; while (*val && my_isspace(mysqld_charset, *val)) - *val++; + val++; if (!*val) { sql_print_error("Bad syntax in replicate-rewrite-db - empty TO db!\n"); diff --git a/sql/partition_info.cc b/sql/partition_info.cc index d85888e295c..f37151ea51d 100644 --- a/sql/partition_info.cc +++ b/sql/partition_info.cc @@ -1206,13 +1206,11 @@ bool partition_info::set_up_charset_field_preps() i= 0; while ((field= *(ptr++))) { - CHARSET_INFO *cs; uchar *field_buf; LINT_INIT(field_buf); if (!field_is_partition_charset(field)) continue; - cs= ((Field_str*)field)->charset(); size= field->pack_length(); if (!(field_buf= (uchar*) sql_calloc(size))) goto error; diff --git a/sql/slave.cc b/sql/slave.cc index 795bc481071..f1e0962e7e8 100644 --- a/sql/slave.cc +++ b/sql/slave.cc @@ -3035,11 +3035,8 @@ log '%s' at position %s, relay log '%s' position: %s", RPL_LOG_NAME, pthread_mutex_lock(&rli->data_lock); if (rli->slave_skip_counter) { - char *pos; - pos= strmake(saved_log_name, rli->group_relay_log_name, FN_REFLEN - 1); - pos= '\0'; - pos= strmake(saved_master_log_name, rli->group_master_log_name, FN_REFLEN - 1); - pos= '\0'; + strmake(saved_log_name, rli->group_relay_log_name, FN_REFLEN - 1); + strmake(saved_master_log_name, rli->group_master_log_name, FN_REFLEN - 1); saved_log_pos= rli->group_relay_log_pos; saved_master_log_pos= rli->group_master_log_pos; saved_skip= rli->slave_skip_counter; diff --git a/sql/spatial.cc b/sql/spatial.cc index 11df6c00dc5..2305a8eb97d 100644 --- a/sql/spatial.cc +++ b/sql/spatial.cc @@ -159,11 +159,10 @@ Geometry *Geometry::construct(Geometry_buffer *buffer, { uint32 geom_type; Geometry *result; - char byte_order; if (data_len < SRID_SIZE + WKB_HEADER_SIZE) // < 4 + (1 + 4) return NULL; - byte_order= data[SRID_SIZE]; + /* + 1 to skip the byte order (stored in position SRID_SIZE). */ geom_type= uint4korr(data + SRID_SIZE + 1); if (!(result= create_by_typeid(buffer, (int) geom_type))) return NULL; diff --git a/sql/sql_acl.cc b/sql/sql_acl.cc index 90eef872115..b507b70d1fb 100644 --- a/sql/sql_acl.cc +++ b/sql/sql_acl.cc @@ -5701,7 +5701,6 @@ bool mysql_create_user(THD *thd, List &list) { int result; String wrong_users; - ulong sql_mode; LEX_USER *user_name, *tmp_user_name; List_iterator user_list(list); TABLE_LIST tables[GRANT_TABLES]; @@ -5748,7 +5747,6 @@ bool mysql_create_user(THD *thd, List &list) } some_users_created= TRUE; - sql_mode= thd->variables.sql_mode; if (replace_user_table(thd, tables[0].table, *user_name, 0, 0, 1, 0)) { append_user(&wrong_users, user_name); diff --git a/sql/sql_base.cc b/sql/sql_base.cc index d2392bdd9b1..c38526a6d0b 100644 --- a/sql/sql_base.cc +++ b/sql/sql_base.cc @@ -5674,7 +5674,7 @@ static void update_field_dependencies(THD *thd, Field *field, TABLE *table) DBUG_ENTER("update_field_dependencies"); if (thd->mark_used_columns != MARK_COLUMNS_NONE) { - MY_BITMAP *current_bitmap, *other_bitmap; + MY_BITMAP *bitmap; /* We always want to register the used keys, as the column bitmap may have @@ -5685,15 +5685,9 @@ static void update_field_dependencies(THD *thd, Field *field, TABLE *table) table->merge_keys.merge(field->part_of_key); if (thd->mark_used_columns == MARK_COLUMNS_READ) - { - current_bitmap= table->read_set; - other_bitmap= table->write_set; - } + bitmap= table->read_set; else - { - current_bitmap= table->write_set; - other_bitmap= table->read_set; - } + bitmap= table->write_set; /* The test-and-set mechanism in the bitmap is not reliable during @@ -5702,7 +5696,7 @@ static void update_field_dependencies(THD *thd, Field *field, TABLE *table) only those columns that are used in the SET clause. I.e they are being set here. See multi_update::prepare() */ - if (bitmap_fast_test_and_set(current_bitmap, field->field_index)) + if (bitmap_fast_test_and_set(bitmap, field->field_index)) { if (thd->mark_used_columns == MARK_COLUMNS_WRITE) { diff --git a/sql/sql_load.cc b/sql/sql_load.cc index ee7481234a4..a4cf46b35e8 100644 --- a/sql/sql_load.cc +++ b/sql/sql_load.cc @@ -128,6 +128,7 @@ int mysql_load(THD *thd,sql_exchange *ex,TABLE_LIST *table_list, bool is_fifo=0; #ifndef EMBEDDED_LIBRARY LOAD_FILE_INFO lf_info; + THD::killed_state killed_status; #endif char *db = table_list->db; // This is never null /* @@ -138,7 +139,6 @@ int mysql_load(THD *thd,sql_exchange *ex,TABLE_LIST *table_list, char *tdb= thd->db ? thd->db : db; // Result is never null ulong skip_lines= ex->skip_lines; bool transactional_table; - THD::killed_state killed_status= THD::NOT_KILLED; DBUG_ENTER("mysql_load"); #ifdef EMBEDDED_LIBRARY @@ -455,7 +455,11 @@ int mysql_load(THD *thd,sql_exchange *ex,TABLE_LIST *table_list, error=1; thd->killed= THD::KILL_QUERY; };); - killed_status= (error == 0)? THD::NOT_KILLED : thd->killed; + +#ifndef EMBEDDED_LIBRARY + killed_status= (error == 0) ? THD::NOT_KILLED : thd->killed; +#endif + /* We must invalidate the table in query cache before binlog writing and ha_autocommit_... @@ -708,12 +712,9 @@ read_fixed_length(THD *thd, COPY_INFO &info, TABLE_LIST *table_list, List_iterator_fast it(fields_vars); Item_field *sql_field; TABLE *table= table_list->table; - ulonglong id; bool err; DBUG_ENTER("read_fixed_length"); - id= 0; - while (!read_info.read_fixed_length()) { if (thd->killed) @@ -839,12 +840,10 @@ read_sep_field(THD *thd, COPY_INFO &info, TABLE_LIST *table_list, Item *item; TABLE *table= table_list->table; uint enclosed_length; - ulonglong id; bool err; DBUG_ENTER("read_sep_field"); enclosed_length=enclosed.length(); - id= 0; for (;;it.rewind()) { diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index 1f3d29ffec0..134517e5bf7 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -465,6 +465,12 @@ static void handle_bootstrap_impl(THD *thd) } buff= (char*) thd->net.buff; res= fgets(buff + length, thd->net.max_packet - length, file); + if (!res && !feof(file)) + { + net_end_statement(thd); + bootstrap_error= 1; + break; + } length+= (ulong) strlen(buff + length); /* purecov: end */ } @@ -1535,7 +1541,7 @@ bool dispatch_command(enum enum_server_command command, THD *thd, { STATUS_VAR current_global_status_var; ulong uptime; - uint length; + uint length __attribute__((unused)); ulonglong queries_per_second1000; char buff[250]; uint buff_len= sizeof(buff); @@ -1548,7 +1554,7 @@ bool dispatch_command(enum enum_server_command command, THD *thd, else queries_per_second1000= thd->query_id * LL(1000) / uptime; - length= my_snprintf((char*) buff, buff_len - 1, + length= my_snprintf(buff, buff_len - 1, "Uptime: %lu Threads: %d Questions: %lu " "Slow queries: %lu Opens: %lu Flush tables: %lu " "Open tables: %u Queries per second avg: %u.%u", @@ -1560,10 +1566,6 @@ bool dispatch_command(enum enum_server_command command, THD *thd, cached_open_tables(), (uint) (queries_per_second1000 / 1000), (uint) (queries_per_second1000 % 1000)); -#ifdef EMBEDDED_LIBRARY - /* Store the buffer in permanent memory */ - my_ok(thd, 0, 0, buff); -#endif #ifdef SAFEMALLOC if (sf_malloc_cur_memory) // Using SAFEMALLOC { @@ -1578,6 +1580,9 @@ bool dispatch_command(enum enum_server_command command, THD *thd, VOID(my_net_write(net, (uchar*) buff, length)); VOID(net_flush(net)); thd->main_da.disable_status(); +#else + /* Store the buffer in permanent memory */ + my_ok(thd, 0, 0, buff); #endif break; } diff --git a/sql/sql_repl.cc b/sql/sql_repl.cc index f6045e4704e..d7dd3eb63f2 100644 --- a/sql/sql_repl.cc +++ b/sql/sql_repl.cc @@ -1168,12 +1168,9 @@ bool change_master(THD* thd, Master_info* mi) /* Before processing the command, save the previous state. */ - char *pos; - pos= strmake(saved_host, mi->host, HOSTNAME_LENGTH); - pos= '\0'; + strmake(saved_host, mi->host, HOSTNAME_LENGTH); saved_port= mi->port; - pos= strmake(saved_log_name, mi->master_log_name, FN_REFLEN - 1); - pos= '\0'; + strmake(saved_log_name, mi->master_log_name, FN_REFLEN - 1); saved_log_pos= mi->master_log_pos; /* diff --git a/sql/sql_show.cc b/sql/sql_show.cc index d0e76e501e2..eb5d3a1965d 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -3868,7 +3868,6 @@ static int get_schema_column_record(THD *thd, TABLE_LIST *tables, uint flags=field->flags; char tmp[MAX_FIELD_WIDTH]; String type(tmp,sizeof(tmp), system_charset_info); - char *end; int decimals, field_length; if (wild && wild[0] && @@ -3889,7 +3888,7 @@ static int get_schema_column_record(THD *thd, TABLE_LIST *tables, field->field_name) & COL_ACLS; if (!tables->schema_table && !col_access) continue; - end= tmp; + char *end= tmp; for (uint bitnr=0; col_access ; col_access>>=1,bitnr++) { if (col_access & 1) @@ -4015,7 +4014,6 @@ static int get_schema_column_record(THD *thd, TABLE_LIST *tables, table->field[15]->store((const char*) pos, strlen((const char*) pos), cs); - end= tmp; if (field->unireg_check == Field::NEXT_NUMBER) table->field[16]->store(STRING_WITH_LEN("auto_increment"), cs); if (show_table->timestamp_field == field && diff --git a/sql/sql_table.cc b/sql/sql_table.cc index 47b91fcca0e..f765e5c5cae 100644 --- a/sql/sql_table.cc +++ b/sql/sql_table.cc @@ -6507,7 +6507,6 @@ bool mysql_alter_table(THD *thd,char *new_db, char *new_name, uint index_add_count= 0; uint *index_add_buffer= NULL; uint candidate_key_count= 0; - bool committed= 0; bool no_pk; DBUG_ENTER("mysql_alter_table"); @@ -7380,7 +7379,6 @@ view_err: DBUG_PRINT("info", ("Committing before unlocking table")); if (ha_autocommit_or_rollback(thd, 0) || end_active_trans(thd)) goto err1; - committed= 1; } /*end of if (! new_table) for add/drop index*/ diff --git a/sql/table.cc b/sql/table.cc index dde3654dab1..e989ab039a0 100644 --- a/sql/table.cc +++ b/sql/table.cc @@ -534,7 +534,7 @@ int open_table_def(THD *thd, TABLE_SHARE *share, uint db_flags) int error, table_type; bool error_given; File file; - uchar head[288], *disk_buff; + uchar head[288]; char path[FN_REFLEN]; MEM_ROOT **root_ptr, *old_root; DBUG_ENTER("open_table_def"); @@ -543,7 +543,6 @@ int open_table_def(THD *thd, TABLE_SHARE *share, uint db_flags) error= 1; error_given= 0; - disk_buff= NULL; strxmov(path, share->normalized_path.str, reg_ext, NullS); if ((file= my_open(path, O_RDONLY | O_SHARE, MYF(0))) < 0) diff --git a/sql/udf_example.c b/sql/udf_example.c index 637293209e0..468118b44ef 100644 --- a/sql/udf_example.c +++ b/sql/udf_example.c @@ -1067,7 +1067,7 @@ char *myfunc_argument_name(UDF_INIT *initid __attribute__((unused)), { if (!args->attributes[0]) { - null_value= 0; + *null_value= 1; return 0; } (*length)--; /* space for ending \0 (for debugging purposes) */ -- cgit v1.2.1 From bd41af86ebc53510760504b980f073be4438f6e9 Mon Sep 17 00:00:00 2001 From: Dmitry Shulga Date: Wed, 21 Jul 2010 14:56:43 +0700 Subject: Fixed bug #42496 - the server could crash on a debug assert after a failure to write into a closed socket sql/protocol.cc: Protocol::flush modified: set thd->main_da.can_overwrite_status= TRUE before call to net_flush() in order to prevent crash on assert in case of socket write failure, reset it to FALSE when net_flush() returned; Protocol::send_fields modified: return from method with error if call to my_net_write(), proto.write() or write_eof_packet() failed. sql/sql_cache.cc: Query_cache::send_result_to_client modified: call to thd->main_da.disable_status() only if write to socket was successful. sql/sql_cursor.cc: Materialized_cursor::fetch modified: leave method if call to result->send_data() failed. sql/sql_prepare.cc: send_prep_stmt() modified: call to thd->main_da.disable_status() only if thd->protocol_text.send_fields() completed successfully. --- sql/protocol.cc | 15 +++++++++++---- sql/sql_cache.cc | 3 ++- sql/sql_cursor.cc | 7 ++++++- sql/sql_prepare.cc | 7 +++++-- 4 files changed, 24 insertions(+), 8 deletions(-) (limited to 'sql') diff --git a/sql/protocol.cc b/sql/protocol.cc index dc53e029647..dfb78462f13 100644 --- a/sql/protocol.cc +++ b/sql/protocol.cc @@ -534,7 +534,11 @@ void Protocol::end_partial_result_set(THD *thd_arg) bool Protocol::flush() { #ifndef EMBEDDED_LIBRARY - return net_flush(&thd->net); + bool error; + thd->main_da.can_overwrite_status= TRUE; + error= net_flush(&thd->net); + thd->main_da.can_overwrite_status= FALSE; + return error; #else return 0; #endif @@ -574,7 +578,8 @@ bool Protocol::send_fields(List *list, uint flags) if (flags & SEND_NUM_ROWS) { // Packet with number of elements uchar *pos= net_store_length(buff, list->elements); - (void) my_net_write(&thd->net, buff, (size_t) (pos-buff)); + if (my_net_write(&thd->net, buff, (size_t) (pos-buff))) + DBUG_RETURN(1); } #ifndef DBUG_OFF @@ -698,7 +703,7 @@ bool Protocol::send_fields(List *list, uint flags) if (flags & SEND_DEFAULTS) item->send(&prot, &tmp); // Send default value if (prot.write()) - break; /* purecov: inspected */ + DBUG_RETURN(1); #ifndef DBUG_OFF field_types[count++]= field.type; #endif @@ -711,7 +716,9 @@ bool Protocol::send_fields(List *list, uint flags) to show that there is no cursor. Send no warning information, as it will be sent at statement end. */ - write_eof_packet(thd, &thd->net, thd->server_status, thd->total_warn_count); + if (write_eof_packet(thd, &thd->net, thd->server_status, + thd->total_warn_count)) + DBUG_RETURN(1); } DBUG_RETURN(prepare_for_send(list)); diff --git a/sql/sql_cache.cc b/sql/sql_cache.cc index f862cbed4f1..fcf4edbdc22 100644 --- a/sql/sql_cache.cc +++ b/sql/sql_cache.cc @@ -1653,7 +1653,8 @@ def_week_frmt: %lu, in_trans: %d, autocommit: %d", thd->limit_found_rows = query->found_rows(); thd->status_var.last_query_cost= 0.0; - thd->main_da.disable_status(); + if (!thd->main_da.is_set()) + thd->main_da.disable_status(); BLOCK_UNLOCK_RD(query_block); DBUG_RETURN(1); // Result sent to client diff --git a/sql/sql_cursor.cc b/sql/sql_cursor.cc index 6f61dc40f66..d7d029d28d4 100644 --- a/sql/sql_cursor.cc +++ b/sql/sql_cursor.cc @@ -658,7 +658,12 @@ void Materialized_cursor::fetch(ulong num_rows) if ((res= table->file->rnd_next(table->record[0]))) break; /* Send data only if the read was successful. */ - result->send_data(item_list); + /* + If network write failed (i.e. due to a closed socked), + the error has already been set. Just return. + */ + if (result->send_data(item_list)) + return; } switch (res) { diff --git a/sql/sql_prepare.cc b/sql/sql_prepare.cc index 041d9f7c30b..bd152866deb 100644 --- a/sql/sql_prepare.cc +++ b/sql/sql_prepare.cc @@ -263,8 +263,11 @@ static bool send_prep_stmt(Prepared_statement *stmt, uint columns) &stmt->lex->param_list, Protocol::SEND_EOF); } - /* Flag that a response has already been sent */ - thd->main_da.disable_status(); + + if (!error) + /* Flag that a response has already been sent */ + thd->main_da.disable_status(); + DBUG_RETURN(error); } #else -- cgit v1.2.1 From e24abd9091ce28a27f27073ab70aed94851362bc Mon Sep 17 00:00:00 2001 From: Georgi Kodinov Date: Wed, 21 Jul 2010 18:05:57 +0300 Subject: Addendum #4 to bug #53095 SHOW DATABASES LIKE ... was not converting to lowercase on comparison as the documentation is suggesting. Fixed it to behave similarly to SHOW TABLES LIKE ... and updated the failing on MacOSX lowercase_table2 test case. --- sql/sql_show.cc | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) (limited to 'sql') diff --git a/sql/sql_show.cc b/sql/sql_show.cc index eb5d3a1965d..616bced8f4a 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -521,8 +521,19 @@ find_files(THD *thd, List *files, const char *db, continue; file_name_len= filename_to_tablename(file->name, uname, sizeof(uname)); - if (wild && wild_compare(uname, wild, 0)) - continue; + if (wild) + { + if (lower_case_table_names) + { + if (my_wildcmp(files_charset_info, + uname, uname + file_name_len, + wild, wild + wild_length, + wild_prefix, wild_one,wild_many)) + continue; + } + else if (wild_compare(uname, wild, 0)) + continue; + } if (!(file_name= thd->make_lex_string(file_name, uname, file_name_len, TRUE))) { -- cgit v1.2.1 From e9a52f962f2d89fe1938145105bcb35f970a2414 Mon Sep 17 00:00:00 2001 From: unknown Date: Thu, 22 Jul 2010 11:15:15 -0500 Subject: Bug#49542 - Do as the comment suggests and downgrade directory errors from find_file() to a warning unless they happen during a SHOW command. --- sql/sql_show.cc | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'sql') diff --git a/sql/sql_show.cc b/sql/sql_show.cc index eb5d3a1965d..c979d44dc1c 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -1,4 +1,4 @@ -/* Copyright 2000-2008 MySQL AB, 2008 Sun Microsystems, Inc. +/* Copyright 2000, 2010 Oracle and/or its affiliates. All rights reserved. This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -9,9 +9,9 @@ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */ + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ /* Function with list databases, tables or fields */ @@ -2986,7 +2986,7 @@ make_table_name_list(THD *thd, List *table_names, LEX *lex, */ if (res == FIND_FILES_DIR) { - if (lex->sql_command != SQLCOM_SELECT) + if (sql_command_flags[lex->sql_command] & CF_STATUS_COMMAND) return 1; thd->clear_error(); return 2; -- cgit v1.2.1 From 1837dcfee747b697bce2023d94a8daff6e393039 Mon Sep 17 00:00:00 2001 From: Alexey Kopytov Date: Fri, 23 Jul 2010 15:52:54 +0400 Subject: Bug #54476: crash when group_concat and 'with rollup' in prepared statements Using GROUP_CONCAT() together with the WITH ROLLUP modifier could crash the server. The reason was a combination of several facts: 1. The Item_func_group_concat class stores pointers to ORDER objects representing the columns in the ORDER BY clause of GROUP_CONCAT(). 2. find_order_in_list() called from Item_func_group_concat::setup() modifies the ORDER objects so that their 'item' member points to the arguments list allocated in the Item_func_group_concat constructor. 3. In some cases (e.g. in JOIN::rollup_make_fields) a copy of the original Item_func_group_concat object could be created by using the Item_func_group_concat::Item_func_group_concat(THD *thd, Item_func_group_concat *item) copy constructor. The latter essentially creates a shallow copy of the source object. Memory for the arguments array is allocated on thd->mem_root, but the pointers for arguments and ORDER are copied verbatim. What happens in the test case is that when executing the query for the first time, after a copy of the original Item_func_group_concat object has been created by JOIN::rollup_make_fields(), find_order_in_list() is called for this new object. It then resolves ORDER BY by modifying the ORDER objects so that they point to elements of the arguments array which is local to the cloned object. When thd->mem_root is freed upon completing the execution, pointers in the ORDER objects become invalid. Those ORDER objects, however, are also shared with the original Item_func_group_concat object which is preserved between executions of a prepared statement. So the first call to find_order_in_list() for the original object on the second execution tries to dereference an invalid pointer. The solution is to create copies of the ORDER objects when copying Item_func_group_concat to not leave any stale pointers in other instances with different lifecycles. mysql-test/r/func_gconcat.result: Test case for bug #54476. mysql-test/t/func_gconcat.test: Test case for bug #54476. sql/item_sum.cc: Copy the ORDER objects pointed to by the elements of the 'order' array in the copy constructor of Item_func_group_concat. sql/table.h: Removed the unused 'item_copy' member of the ORDER class. --- sql/item_sum.cc | 19 ++++++++++++++++++- sql/table.h | 1 - 2 files changed, 18 insertions(+), 2 deletions(-) (limited to 'sql') diff --git a/sql/item_sum.cc b/sql/item_sum.cc index 228e36fc9f9..1048bd3d6ff 100644 --- a/sql/item_sum.cc +++ b/sql/item_sum.cc @@ -3034,7 +3034,6 @@ Item_func_group_concat::Item_func_group_concat(THD *thd, tree(item->tree), unique_filter(item->unique_filter), table(item->table), - order(item->order), context(item->context), arg_count_order(item->arg_count_order), arg_count_field(item->arg_count_field), @@ -3047,6 +3046,24 @@ Item_func_group_concat::Item_func_group_concat(THD *thd, { quick_group= item->quick_group; result.set_charset(collation.collation); + + /* + Since the ORDER structures pointed to by the elements of the 'order' array + may be modified in find_order_in_list() called from + Item_func_group_concat::setup(), create a copy of those structures so that + such modifications done in this object would not have any effect on the + object being copied. + */ + ORDER *tmp; + if (!(order= (ORDER **) thd->alloc(sizeof(ORDER *) * arg_count_order + + sizeof(ORDER) * arg_count_order))) + return; + tmp= (ORDER *)(order + arg_count_order); + for (uint i= 0; i < arg_count_order; i++, tmp++) + { + memcpy(tmp, item->order[i], sizeof(ORDER)); + order[i]= tmp; + } } diff --git a/sql/table.h b/sql/table.h index 3ef3c5e0cb2..9088b3b6965 100644 --- a/sql/table.h +++ b/sql/table.h @@ -55,7 +55,6 @@ typedef struct st_order { struct st_order *next; Item **item; /* Point at item in select fields */ Item *item_ptr; /* Storage for initial item */ - Item **item_copy; /* For SPs; the original item ptr */ int counter; /* position in SELECT list, correct only if counter_used is true*/ bool asc; /* true if ascending */ -- cgit v1.2.1 From 2124538d9cea1cea39b01f0b8b99052b36004fb9 Mon Sep 17 00:00:00 2001 From: unknown Date: Thu, 29 Jul 2010 11:00:57 +0800 Subject: BUG#49124 Security issue with /*!-versioned */ SQL statements on Slave /*![:version:] Query Code */, where [:version:] is a sequence of 5 digits representing the mysql server version(e.g /*!50200 ... */), is a special comment that the query in it can be executed on those servers whose versions are larger than the version appearing in the comment. It leads to a security issue when slave's version is larger than master's. A malicious user can improve his privileges on slaves. Because slave SQL thread is running with SUPER privileges, so it can execute queries that he/she does not have privileges on master. This bug is fixed with the logic below: - To replace '!' with ' ' in the magic comments which are not applied on master. So they become common comments and will not be applied on slave. - Example: 'INSERT INTO t1 VALUES (1) /*!10000, (2)*/ /*!99999 ,(3)*/ will be binlogged as 'INSERT INTO t1 VALUES (1) /*!10000, (2)*/ /* 99999 ,(3)*/ mysql-test/suite/rpl/t/rpl_conditional_comments.test: Test the patch for this bug. sql/mysql_priv.h: Rename inBuf as rawBuf and remove the const limitation. sql/sql_lex.cc: To replace '!' with ' ' in the magic comments which are not applied on master. sql/sql_lex.h: Remove the const limitation on parameter buff, as it can be modified in the function since this patch. Add member function yyUnput for Lex_input_stream. It set a character back the query buff. sql/sql_parse.cc: Rename inBuf as rawBuf and remove the const limitation. sql/sql_partition.cc: Remove the const limitation on parameter part_buff, as it can be modified in the function since this patch. sql/sql_partition.h: Remove the const limitation on parameter part_buff, as it can be modified in the function since this patch. sql/table.h: Remove the const limitation on variable partition_info, as it can be modified since this patch. --- sql/mysql_priv.h | 2 +- sql/sql_lex.cc | 19 +++++++++++++++---- sql/sql_lex.h | 20 +++++++++++++++++--- sql/sql_parse.cc | 12 ++++++------ sql/sql_partition.cc | 2 +- sql/sql_partition.h | 2 +- sql/table.h | 2 +- 7 files changed, 42 insertions(+), 17 deletions(-) (limited to 'sql') diff --git a/sql/mysql_priv.h b/sql/mysql_priv.h index 88f3763ef50..9f2c0b04f2c 100644 --- a/sql/mysql_priv.h +++ b/sql/mysql_priv.h @@ -1024,7 +1024,7 @@ bool mysql_opt_change_db(THD *thd, bool force_switch, bool *cur_db_changed); -void mysql_parse(THD *thd, const char *inBuf, uint length, +void mysql_parse(THD *thd, char *rawbuf, uint length, const char ** semicolon); bool mysql_test_parse_for_slave(THD *thd,char *inBuf,uint length); diff --git a/sql/sql_lex.cc b/sql/sql_lex.cc index 6bfd6f3906c..2bff036b1f1 100644 --- a/sql/sql_lex.cc +++ b/sql/sql_lex.cc @@ -111,7 +111,7 @@ st_parsing_options::reset() } -bool Lex_input_stream::init(THD *thd, const char *buff, unsigned int length) +bool Lex_input_stream::init(THD *thd, char *buff, unsigned int length) { DBUG_EXECUTE_IF("bug42064_simulate_oom", DBUG_SET("+d,simulate_out_of_memory");); @@ -1292,11 +1292,10 @@ int MYSQLlex(void *arg, void *yythd) ulong version; version=strtol(version_str, NULL, 10); - /* Accept 'M' 'm' 'm' 'd' 'd' */ - lip->yySkipn(5); - if (version <= MYSQL_VERSION_ID) { + /* Accept 'M' 'm' 'm' 'd' 'd' */ + lip->yySkipn(5); /* Expand the content of the special comment as real code */ lip->set_echo(TRUE); state=MY_LEX_START; @@ -1304,7 +1303,19 @@ int MYSQLlex(void *arg, void *yythd) } else { + const char* version_mark= lip->get_ptr() - 1; + DBUG_ASSERT(*version_mark == '!'); + /* + Patch and skip the conditional comment to avoid it + being propagated infinitely (eg. to a slave). + */ + char *pcom= lip->yyUnput(' '); comment_closed= ! consume_comment(lip, 1); + if (! comment_closed) + { + DBUG_ASSERT(pcom == version_mark); + *pcom= '!'; + } /* version allowed to have one level of comment inside. */ } } diff --git a/sql/sql_lex.h b/sql/sql_lex.h index cefb0cb49fb..7403bb5a1a4 100644 --- a/sql/sql_lex.h +++ b/sql/sql_lex.h @@ -1180,7 +1180,7 @@ public: @retval FALSE OK @retval TRUE Error */ - bool init(THD *thd, const char *buff, unsigned int length); + bool init(THD *thd, char *buff, unsigned int length); /** Set the echo mode. @@ -1294,6 +1294,20 @@ public: m_ptr += n; } + /** + Puts a character back into the stream, canceling + the effect of the last yyGet() or yySkip(). + Note that the echo mode should not change between calls + to unput, get, or skip from the stream. + */ + char *yyUnput(char ch) + { + *--m_ptr= ch; + if (m_echo) + m_cpp_ptr--; + return m_ptr; + } + /** End of file indicator for the query text to parse. @return true if there are no more characters to parse @@ -1440,7 +1454,7 @@ public: private: /** Pointer to the current position in the raw input stream. */ - const char *m_ptr; + char *m_ptr; /** Starting position of the last token parsed, in the raw buffer. */ const char *m_tok_start; @@ -1972,7 +1986,7 @@ public: @retval FALSE OK @retval TRUE Error */ - bool init(THD *thd, const char *buff, unsigned int length) + bool init(THD *thd, char *buff, unsigned int length) { return m_lip.init(thd, buff, length); } diff --git a/sql/sql_parse.cc b/sql/sql_parse.cc index 0a509f62849..9ec03ea1d5f 100644 --- a/sql/sql_parse.cc +++ b/sql/sql_parse.cc @@ -5946,13 +5946,13 @@ void mysql_init_multi_delete(LEX *lex) Parse a query. @param thd Current thread - @param inBuf Begining of the query text + @param rawbuf Begining of the query text @param length Length of the query text @param[out] found_semicolon For multi queries, position of the character of the next query in the query text. */ -void mysql_parse(THD *thd, const char *inBuf, uint length, +void mysql_parse(THD *thd, char *rawbuf, uint length, const char ** found_semicolon) { DBUG_ENTER("mysql_parse"); @@ -5978,7 +5978,7 @@ void mysql_parse(THD *thd, const char *inBuf, uint length, lex_start(thd); mysql_reset_thd_for_next_command(thd); - if (query_cache_send_result_to_client(thd, (char*) inBuf, length) <= 0) + if (query_cache_send_result_to_client(thd, rawbuf, length) <= 0) { LEX *lex= thd->lex; @@ -5987,7 +5987,7 @@ void mysql_parse(THD *thd, const char *inBuf, uint length, Parser_state parser_state; bool err; - if (!(err= parser_state.init(thd, inBuf, length))) + if (!(err= parser_state.init(thd, rawbuf, length))) { err= parse_sql(thd, & parser_state, NULL); *found_semicolon= parser_state.m_lip.found_semicolon; @@ -6073,14 +6073,14 @@ void mysql_parse(THD *thd, const char *inBuf, uint length, 1 can be ignored */ -bool mysql_test_parse_for_slave(THD *thd, char *inBuf, uint length) +bool mysql_test_parse_for_slave(THD *thd, char *rawbuf, uint length) { LEX *lex= thd->lex; bool error= 0; DBUG_ENTER("mysql_test_parse_for_slave"); Parser_state parser_state; - if (!(error= parser_state.init(thd, inBuf, length))) + if (!(error= parser_state.init(thd, rawbuf, length))) { lex_start(thd); mysql_reset_thd_for_next_command(thd); diff --git a/sql/sql_partition.cc b/sql/sql_partition.cc index 122ae661046..76caa2b0c8d 100644 --- a/sql/sql_partition.cc +++ b/sql/sql_partition.cc @@ -3876,7 +3876,7 @@ void get_partition_set(const TABLE *table, uchar *buf, const uint index, */ bool mysql_unpack_partition(THD *thd, - const char *part_buf, uint part_info_len, + char *part_buf, uint part_info_len, const char *part_state, uint part_state_len, TABLE* table, bool is_create_table_ind, handlerton *default_db_type, diff --git a/sql/sql_partition.h b/sql/sql_partition.h index b9efbf25a00..02a5ead1117 100644 --- a/sql/sql_partition.h +++ b/sql/sql_partition.h @@ -78,7 +78,7 @@ void get_full_part_id_from_key(const TABLE *table, uchar *buf, KEY *key_info, const key_range *key_spec, part_id_range *part_spec); -bool mysql_unpack_partition(THD *thd, const char *part_buf, +bool mysql_unpack_partition(THD *thd, char *part_buf, uint part_info_len, const char *part_state, uint part_state_len, TABLE *table, bool is_create_table_ind, diff --git a/sql/table.h b/sql/table.h index 3ef3c5e0cb2..8ea7175eec4 100644 --- a/sql/table.h +++ b/sql/table.h @@ -442,7 +442,7 @@ typedef struct st_table_share #ifdef WITH_PARTITION_STORAGE_ENGINE /** @todo: Move into *ha_data for partitioning */ bool auto_partitioned; - const char *partition_info; + char *partition_info; uint partition_info_len; uint partition_info_buffer_size; const char *part_state; -- cgit v1.2.1 From 5e13086bf88eabfbf91dce63332a450ef52f101f Mon Sep 17 00:00:00 2001 From: unknown Date: Fri, 30 Jul 2010 11:59:34 +0800 Subject: Bug #34283 mysqlbinlog leaves tmpfile after termination if binlog contains load data infile With statement- or mixed-mode logging, "LOAD DATA INFILE" queries are written to the binlog using special types of log events. When mysqlbinlog reads such events, it re-creates the file in a temporary directory with a generated filename and outputs a "LOAD DATA INFILE" query where the filename is replaced by the generated file. The temporary file is not deleted by mysqlbinlog after termination. To fix the problem, in mixed mode we go to row-based. In SBR, we document it to remind user the tmpfile is left in a temporary directory. mysql-test/suite/binlog/r/binlog_mixed_load_data.result: Test result for BUG#34283. mysql-test/suite/binlog/t/binlog_mixed_load_data.test: Added the test file to verify that 'load data infile...' statement will go to row-based in mixed mode. sql/sql_load.cc: Added code to go to row-based in mixed mode for 'load data infile ...' statement --- sql/sql_load.cc | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'sql') diff --git a/sql/sql_load.cc b/sql/sql_load.cc index a4cf46b35e8..f9386206dce 100644 --- a/sql/sql_load.cc +++ b/sql/sql_load.cc @@ -141,6 +141,14 @@ int mysql_load(THD *thd,sql_exchange *ex,TABLE_LIST *table_list, bool transactional_table; DBUG_ENTER("mysql_load"); + /* + Bug #34283 + mysqlbinlog leaves tmpfile after termination if binlog contains + load data infile, so in mixed mode we go to row-based for + avoiding the problem. + */ + thd->set_current_stmt_binlog_row_based_if_mixed(); + #ifdef EMBEDDED_LIBRARY read_file_from_client = 0; //server is always in the same process #endif -- cgit v1.2.1 From a9538cacda199fcfd733a191c17cc68569871cd7 Mon Sep 17 00:00:00 2001 From: Davi Arnaut Date: Fri, 30 Jul 2010 09:17:10 -0300 Subject: Bug#54041: MySQL 5.0.92 fails when tests from Connector/C suite run Fix a regression (due to a typo) which caused spurious incorrect argument errors for long data stream parameters if all forms of logging were disabled (binary, general and slow logs). mysql-test/t/mysql_client_test.test: Save the status of the slow_log. sql/sql_prepare.cc: Add a missing logical NOT operator. tests/mysql_client_test.c: Disable all query logs when running C tests. Fixes a omission when, slow log should have been disabled too. Run test case for Bug#54041 with query logs enabled and disabled. --- sql/sql_prepare.cc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'sql') diff --git a/sql/sql_prepare.cc b/sql/sql_prepare.cc index bd152866deb..d6eb90a57be 100644 --- a/sql/sql_prepare.cc +++ b/sql/sql_prepare.cc @@ -793,7 +793,7 @@ static bool insert_params_with_log(Prepared_statement *stmt, uchar *null_array, type (the types are supplied at execute). Check that the supplied type of placeholder can accept a data stream. */ - else if (!is_param_long_data_type(param)) + else if (! is_param_long_data_type(param)) DBUG_RETURN(1); res= param->query_val_str(&str); if (param->convert_str_value(thd)) @@ -839,7 +839,7 @@ static bool insert_params(Prepared_statement *stmt, uchar *null_array, type (the types are supplied at execute). Check that the supplied type of placeholder can accept a data stream. */ - else if (is_param_long_data_type(param)) + else if (! is_param_long_data_type(param)) DBUG_RETURN(1); if (param->convert_str_value(stmt->thd)) DBUG_RETURN(1); /* out of memory */ -- cgit v1.2.1 From de5029a4586176b9fed06ab96fb3a6e0bbcd8c54 Mon Sep 17 00:00:00 2001 From: Georgi Kodinov Date: Fri, 30 Jul 2010 16:35:06 +0300 Subject: Bug #55188: GROUP BY, GROUP_CONCAT and TEXT - inconsistent results In order to be able to check if the set of the grouping fields in a GROUP BY has changed (and thus to start a new group) the optimizer caches the current values of these fields in a set of Cached_item derived objects. The Cached_item_str, used for caching varchar and TEXT columns, is limited in length by the max_sort_length variable. A String buffer to store the value with an alloced length of either the max length of the string or the value of max_sort_length (whichever is smaller) in Cached_item_str's constructor. Then, at compare time the value of the string to compare to was truncated to the alloced length of the string buffer inside Cached_item_str. This is all fine and valid, but only if you're not assigning values near or equal to the alloced length of this buffer. Because when assigning values like this the alloced length is rounded up and as a result the next set of data will not match the group buffer, thus leading to wrong results because of the changed alloced_length. Fixed by preserving the original maximum length in the Cached_item_str's constructor and using this instead of the alloced_length to limit the string to compare to. Test case added. --- sql/item.h | 1 + sql/item_buff.cc | 6 ++++-- 2 files changed, 5 insertions(+), 2 deletions(-) (limited to 'sql') diff --git a/sql/item.h b/sql/item.h index 174995b43e6..57abb43010e 100644 --- a/sql/item.h +++ b/sql/item.h @@ -2740,6 +2740,7 @@ public: class Cached_item_str :public Cached_item { Item *item; + uint32 value_max_length; String value,tmp_value; public: Cached_item_str(THD *thd, Item *arg); diff --git a/sql/item_buff.cc b/sql/item_buff.cc index 2f45d0a17c2..0ac4edb3656 100644 --- a/sql/item_buff.cc +++ b/sql/item_buff.cc @@ -58,7 +58,9 @@ Cached_item::~Cached_item() {} */ Cached_item_str::Cached_item_str(THD *thd, Item *arg) - :item(arg), value(min(arg->max_length, thd->variables.max_sort_length)) + :item(arg), + value_max_length(min(arg->max_length, thd->variables.max_sort_length)), + value(value_max_length) {} bool Cached_item_str::cmp(void) @@ -67,7 +69,7 @@ bool Cached_item_str::cmp(void) bool tmp; if ((res=item->val_str(&tmp_value))) - res->length(min(res->length(), value.alloced_length())); + res->length(min(res->length(), value_max_length)); if (null_value != item->null_value) { if ((null_value= item->null_value)) -- cgit v1.2.1 From 55e60e14fa4eb240194412ee162c0394751da9e1 Mon Sep 17 00:00:00 2001 From: Luis Soares Date: Fri, 30 Jul 2010 14:44:39 +0100 Subject: Revert patch for BUG#34283. Causing lots of test failures in PB2, mostly because existing test result files were not updated. --- sql/sql_load.cc | 8 -------- 1 file changed, 8 deletions(-) (limited to 'sql') diff --git a/sql/sql_load.cc b/sql/sql_load.cc index f9386206dce..a4cf46b35e8 100644 --- a/sql/sql_load.cc +++ b/sql/sql_load.cc @@ -141,14 +141,6 @@ int mysql_load(THD *thd,sql_exchange *ex,TABLE_LIST *table_list, bool transactional_table; DBUG_ENTER("mysql_load"); - /* - Bug #34283 - mysqlbinlog leaves tmpfile after termination if binlog contains - load data infile, so in mixed mode we go to row-based for - avoiding the problem. - */ - thd->set_current_stmt_binlog_row_based_if_mixed(); - #ifdef EMBEDDED_LIBRARY read_file_from_client = 0; //server is always in the same process #endif -- cgit v1.2.1 From 9899e690f06e275e8c7b2e39dba96b46701fd949 Mon Sep 17 00:00:00 2001 From: Davi Arnaut Date: Fri, 30 Jul 2010 17:33:10 -0300 Subject: Bug#45288: pb2 returns a lot of compilation warnings on linux Fix compiler warnings. mysys/stacktrace.c: Tag unused parameters. sql/sql_lex.cc: Variable becomes unused in non-debug builds. Also, no need to assert the obvious. --- sql/sql_lex.cc | 3 --- 1 file changed, 3 deletions(-) (limited to 'sql') diff --git a/sql/sql_lex.cc b/sql/sql_lex.cc index 2bff036b1f1..24c51be2512 100644 --- a/sql/sql_lex.cc +++ b/sql/sql_lex.cc @@ -1303,8 +1303,6 @@ int MYSQLlex(void *arg, void *yythd) } else { - const char* version_mark= lip->get_ptr() - 1; - DBUG_ASSERT(*version_mark == '!'); /* Patch and skip the conditional comment to avoid it being propagated infinitely (eg. to a slave). @@ -1313,7 +1311,6 @@ int MYSQLlex(void *arg, void *yythd) comment_closed= ! consume_comment(lip, 1); if (! comment_closed) { - DBUG_ASSERT(pcom == version_mark); *pcom= '!'; } /* version allowed to have one level of comment inside. */ -- cgit v1.2.1 From 80aa8824971de3e5524537e30175b2390d0570db Mon Sep 17 00:00:00 2001 From: Gleb Shchepa Date: Sun, 1 Aug 2010 22:12:36 +0400 Subject: Bug #54461: crash with longblob and union or update with subquery Queries may crash, if 1) the GREATEST or the LEAST function has a mixed list of numeric and LONGBLOB arguments and 2) the result of such a function goes through an intermediate temporary table. An Item that references a LONGBLOB field has max_length of UINT_MAX32 == (2^32 - 1). The current implementation of GREATEST/LEAST returns REAL result for a mixed list of numeric and string arguments (that contradicts with the current documentation, this contradiction was discussed and it was decided to update the documentation). The max_length of such a function call was calculated as a maximum of argument max_length values (i.e. UINT_MAX32). That max_length value of UINT_MAX32 was used as a length for the intermediate temporary table Field_double to hold GREATEST/LEAST function result. The Field_double::val_str() method call on that field allocates a String value. Since an allocation of String reserves an additional byte for a zero-termination, the size of String buffer was set to (UINT_MAX32 + 1), that caused an integer overflow: actually, an empty buffer of size 0 was allocated. An initialization of the "first" byte of that zero-size buffer with '\0' caused a crash. The Item_func_min_max::fix_length_and_dec() has been modified to calculate max_length for the REAL result like we do it for arithmetical operators. ****** Bug #54461: crash with longblob and union or update with subquery Queries may crash, if 1) the GREATEST or the LEAST function has a mixed list of numeric and LONGBLOB arguments and 2) the result of such a function goes through an intermediate temporary table. An Item that references a LONGBLOB field has max_length of UINT_MAX32 == (2^32 - 1). The current implementation of GREATEST/LEAST returns REAL result for a mixed list of numeric and string arguments (that contradicts with the current documentation, this contradiction was discussed and it was decided to update the documentation). The max_length of such a function call was calculated as a maximum of argument max_length values (i.e. UINT_MAX32). That max_length value of UINT_MAX32 was used as a length for the intermediate temporary table Field_double to hold GREATEST/LEAST function result. The Field_double::val_str() method call on that field allocates a String value. Since an allocation of String reserves an additional byte for a zero-termination, the size of String buffer was set to (UINT_MAX32 + 1), that caused an integer overflow: actually, an empty buffer of size 0 was allocated. An initialization of the "first" byte of that zero-size buffer with '\0' caused a crash. The Item_func_min_max::fix_length_and_dec() has been modified to calculate max_length for the REAL result like we do it for arithmetical operators. mysql-test/r/func_misc.result: Test case for bug #54461. ****** Test case for bug #54461. mysql-test/t/func_misc.test: Test case for bug #54461. ****** Test case for bug #54461. sql/item_func.cc: Bug #54461: crash with longblob and union or update with subquery The Item_func_min_max::fix_length_and_dec() has been modified to calculate max_length for the REAL result like we do it for arithmetical operators. ****** Bug #54461: crash with longblob and union or update with subquery The Item_func_min_max::fix_length_and_dec() has been modified to calculate max_length for the REAL result like we do it for arithmetical operators. --- sql/item_func.cc | 2 ++ 1 file changed, 2 insertions(+) (limited to 'sql') diff --git a/sql/item_func.cc b/sql/item_func.cc index 1bec4700bff..1b13297c951 100644 --- a/sql/item_func.cc +++ b/sql/item_func.cc @@ -2243,6 +2243,8 @@ void Item_func_min_max::fix_length_and_dec() max_length= my_decimal_precision_to_length_no_truncation(max_int_part + decimals, decimals, unsigned_flag); + else if (cmp_type == REAL_RESULT) + max_length= float_length(decimals); cached_field_type= agg_field_type(args, arg_count); } -- cgit v1.2.1 From f62e89fade7cda645de80e2996de69e7d980cbdd Mon Sep 17 00:00:00 2001 From: Alfranio Correia Date: Mon, 2 Aug 2010 20:48:56 +0100 Subject: BUG#55625 RBR breaks on failing 'CREATE TABLE' A CREATE...SELECT that fails is written to the binary log if a non-transactional statement is updated. If the logging format is ROW, the CREATE statement and the changes are written to the binary log as distinct events and by consequence the created table is not rolled back in the slave. In this patch, we opted to let the slave goes out of sync by not writting to the binary log the CREATE statement. We do this by simply reseting the binary log's cache. mysql-test/suite/rpl/r/rpl_drop.result: Added a test case. mysql-test/suite/rpl/t/rpl_drop.test: Added a test case. sql/log.cc: Introduced a function to clean up the cache. sql/log.h: Introduced a function to clean up the cache. sql/sql_insert.cc: Cleaned up the binary log cache if a CREATE...SELECT fails. --- sql/log.cc | 13 +++++++++++++ sql/log.h | 3 ++- sql/sql_insert.cc | 11 +++++++++++ 3 files changed, 26 insertions(+), 1 deletion(-) (limited to 'sql') diff --git a/sql/log.cc b/sql/log.cc index 614a07e6b63..3f41bf1c929 100644 --- a/sql/log.cc +++ b/sql/log.cc @@ -1628,6 +1628,19 @@ static int binlog_rollback(handlerton *hton, THD *thd, bool all) DBUG_RETURN(error); } +/** + Cleanup the cache. + + @param thd The client thread that wants to clean up the cache. +*/ +void MYSQL_BIN_LOG::reset_gathered_updates(THD *thd) +{ + binlog_trx_data *const trx_data= + (binlog_trx_data*) thd_get_ha_data(thd, binlog_hton); + + trx_data->reset(); +} + void MYSQL_BIN_LOG::set_write_error(THD *thd) { DBUG_ENTER("MYSQL_BIN_LOG::set_write_error"); diff --git a/sql/log.h b/sql/log.h index 8d3880d9171..8f1ed7ee90c 100644 --- a/sql/log.h +++ b/sql/log.h @@ -356,10 +356,11 @@ public: /* Use this to start writing a new log file */ void new_file(); + void reset_gathered_updates(THD *thd); bool write(Log_event* event_info); // binary log write bool write(THD *thd, IO_CACHE *cache, Log_event *commit_event, bool incident); - bool write_incident(THD *thd, bool lock); + bool write_incident(THD *thd, bool lock); int write_cache(IO_CACHE *cache, bool lock_log, bool flush_and_sync); void set_write_error(THD *thd); bool check_write_error(THD *thd); diff --git a/sql/sql_insert.cc b/sql/sql_insert.cc index 35c24e7571e..83b1834da0b 100644 --- a/sql/sql_insert.cc +++ b/sql/sql_insert.cc @@ -3873,6 +3873,17 @@ void select_create::abort() if (table) { + if (thd->lex->sql_command == SQLCOM_CREATE_TABLE && + thd->current_stmt_binlog_row_based && + !(thd->lex->create_info.options & HA_LEX_CREATE_TMP_TABLE) && + mysql_bin_log.is_open()) + { + /* + This should be removed after BUG#47899. + */ + mysql_bin_log.reset_gathered_updates(thd); + } + table->file->extra(HA_EXTRA_NO_IGNORE_DUP_KEY); table->file->extra(HA_EXTRA_WRITE_CANNOT_REPLACE); if (!create_info->table_existed) -- cgit v1.2.1