From 7344b58c32c07df496c208dad5c1e11c304e8aac Mon Sep 17 00:00:00 2001 From: Ramil Kalimullin Date: Tue, 22 Dec 2009 10:39:29 +0400 Subject: Fix for bug#49570: Assertion failed: !(order->used & map) on re-execution of prepared statement Problem: some (see eq_ref_table()) ORDER BY/GROUP BY optimization is called before each PS execution. However, we don't properly initialize its stucture every time before the call. Fix: properly initialize the sturture used. mysql-test/r/ps.result: Fix for bug#49570: Assertion failed: !(order->used & map) on re-execution of prepared statement - test result. mysql-test/t/ps.test: Fix for bug#49570: Assertion failed: !(order->used & map) on re-execution of prepared statement - test case. sql/sql_select.cc: Fix for bug#49570: Assertion failed: !(order->used & map) on re-execution of prepared statement - set order->used to 0 before each eq_ref_table() call, as the function relies on that. --- sql/sql_select.cc | 1 + 1 file changed, 1 insertion(+) (limited to 'sql/sql_select.cc') diff --git a/sql/sql_select.cc b/sql/sql_select.cc index d22a23a10d4..d8ec5eff5c1 100644 --- a/sql/sql_select.cc +++ b/sql/sql_select.cc @@ -6777,6 +6777,7 @@ static void update_depend_map(JOIN *join, ORDER *order) table_map depend_map; order->item[0]->update_used_tables(); order->depend_map=depend_map=order->item[0]->used_tables(); + order->used= 0; // Not item_sum(), RAND() and no reference to table outside of sub select if (!(order->depend_map & (OUTER_REF_TABLE_BIT | RAND_TABLE_BIT)) && !order->item[0]->with_sum_func) -- cgit v1.2.1 From 2d8869d248188c1bf393fc87d9f0e31adf691c2d Mon Sep 17 00:00:00 2001 From: Georgi Kodinov Date: Tue, 22 Dec 2009 17:52:15 +0200 Subject: Bug #49734: Crash on EXPLAIN EXTENDED UNION ... ORDER BY Several problems fixed : 1. Non constant expressions in UNION ... ORDER BY were not correctly cleaned up in st_select_lex_unit::cleanup() causing crashes in EXPLAIN EXTENDED because of fields quoted by these expressions pointing to the already freed temporary table used to calculate the UNION. Fixed by correctly cleaning up expressions of any depth. 2. Subqueries in the order by part of UNION ... ORDER BY ... caused a crash in EXPLAIN EXTENDED because of a transformation attempt made during EXPLAIN EXTENDED execution. Fixed by not doing the transformation when in EXPLAIN. 3. Fulltext functions caused crash when in the ORDER BY part of an un-parenthesized UNION that gets "promoted" to be valid for the whole union, e.g. SELECT * FROM t1 UNION SELECT * FROM t2 ORDER BY MATCHES (a) AGAINST ('abc' IN BOOLEAN MODE). This is a case that demonstrates a more general problem of parts of the query being moved to another level. When doing such transformation late in the optimization run when most of the flags about the contents of the query are already aggregated it's possible to "split" the flags so that they correctly reflect the new queries after the transformation. In specific the ST_SELECT_LEX::ftfunc_list is holding all the free text function for all the parts of the second SELECT in the UNION and we don't know what part of that is in the ORDER BY that we're to move to the UNION level and what part is about the other parts of the second SELECT. Fixed by throwing and error when such statements are about to be processed by adding a check for the presence of MATCH() inside the ORDER BY clause that's going to get promoted to UNION. To workaround this new limitation one must parenthesize the UNION SELECTs and provide a real global ORDER BY for the UNION outside of the parenthesis. --- sql/sql_select.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'sql/sql_select.cc') diff --git a/sql/sql_select.cc b/sql/sql_select.cc index 6383fe63012..d50bb888850 100644 --- a/sql/sql_select.cc +++ b/sql/sql_select.cc @@ -519,7 +519,7 @@ JOIN::prepare(Item ***rref_pointer_array, thd->lex->allow_sum_func= save_allow_sum_func; } - if (!thd->lex->view_prepare_mode) + if (!thd->lex->view_prepare_mode && !(select_options & SELECT_DESCRIBE)) { Item_subselect *subselect; /* Is it subselect? */ -- cgit v1.2.1 From 5ba1dd04748561ae2a9942f9f228c8c6a52de72b Mon Sep 17 00:00:00 2001 From: Georgi Kodinov Date: Mon, 18 Jan 2010 17:50:46 +0200 Subject: Bug #45989 take 2 : memory leak after explain encounters an error in the query. Fixes a leak after materializing a GROUP BY subquery to a temp table when the subquery has a blob column in the SELECT list. Fixed by correctly destructing temporary buffers after doing the conversion. --- sql/sql_select.cc | 2 ++ 1 file changed, 2 insertions(+) (limited to 'sql/sql_select.cc') diff --git a/sql/sql_select.cc b/sql/sql_select.cc index 644f0072b7b..24876ffec14 100644 --- a/sql/sql_select.cc +++ b/sql/sql_select.cc @@ -5824,6 +5824,8 @@ JOIN::make_simple_join(JOIN *parent, TABLE *tmp_table) const_table_map= 0; tmp_table_param.field_count= tmp_table_param.sum_func_count= tmp_table_param.func_count= 0; + if (tmp_table_param.copy_field) + delete [] tmp_table_param.copy_field; tmp_table_param.copy_field= tmp_table_param.copy_field_end=0; first_record= sort_and_group=0; send_records= (ha_rows) 0; -- cgit v1.2.1 From 2fa49930cab5e070b5abaadbc2ab2b0899bc41b5 Mon Sep 17 00:00:00 2001 From: Georgi Kodinov Date: Tue, 19 Jan 2010 14:48:41 +0200 Subject: revert of the fix for bug #45989: pushed by mistake. --- sql/sql_select.cc | 2 -- 1 file changed, 2 deletions(-) (limited to 'sql/sql_select.cc') diff --git a/sql/sql_select.cc b/sql/sql_select.cc index 24876ffec14..644f0072b7b 100644 --- a/sql/sql_select.cc +++ b/sql/sql_select.cc @@ -5824,8 +5824,6 @@ JOIN::make_simple_join(JOIN *parent, TABLE *tmp_table) const_table_map= 0; tmp_table_param.field_count= tmp_table_param.sum_func_count= tmp_table_param.func_count= 0; - if (tmp_table_param.copy_field) - delete [] tmp_table_param.copy_field; tmp_table_param.copy_field= tmp_table_param.copy_field_end=0; first_record= sort_and_group=0; send_records= (ha_rows) 0; -- cgit v1.2.1 From d2f61748cd0a63d0c9df989d92cb36fc1c7583c5 Mon Sep 17 00:00:00 2001 From: Georgi Kodinov Date: Wed, 23 Dec 2009 17:11:22 +0200 Subject: Bug #49512 : subquery with aggregate function crash subselect_single_select_engine::exec() When a subquery doesn't need to be evaluated because it returns only aggregate functions and these aggregates can be calculated from the metadata about the table it was not updating all the relevant members of the JOIN structure to reflect that this is a constant query. This caused problems to the enclosing subquery ('<> SOME' in the test case above) trying to read some data about the tables. Fixed by setting const_tables to the number of tables when the SELECT is optimized away. --- sql/sql_select.cc | 1 + 1 file changed, 1 insertion(+) (limited to 'sql/sql_select.cc') diff --git a/sql/sql_select.cc b/sql/sql_select.cc index 644f0072b7b..d5ce32902c4 100644 --- a/sql/sql_select.cc +++ b/sql/sql_select.cc @@ -942,6 +942,7 @@ JOIN::optimize() DBUG_PRINT("info",("Select tables optimized away")); zero_result_cause= "Select tables optimized away"; tables_list= 0; // All tables resolved + const_tables= tables; /* Extract all table-independent conditions and replace the WHERE clause with them. All other conditions were computed by opt_sum_query -- cgit v1.2.1 From 172af3722ef34876f5e33bdf63c10d46573a2864 Mon Sep 17 00:00:00 2001 From: Ramil Kalimullin Date: Fri, 29 Jan 2010 13:17:57 +0400 Subject: Fix for bug#49897: crash in ptr_compare when char(0) NOT NULL column is used for ORDER BY Problem: filesort isn't meant for null length sort data (e.g. char(0)), that leads to a server crash. Fix: disregard sort order if sort data record length is 0 (nothing to sort). mysql-test/r/select.result: Fix for bug#49897: crash in ptr_compare when char(0) NOT NULL column is used for ORDER BY - test result. mysql-test/t/select.test: Fix for bug#49897: crash in ptr_compare when char(0) NOT NULL column is used for ORDER BY - test case. sql/filesort.cc: Fix for bug#49897: crash in ptr_compare when char(0) NOT NULL column is used for ORDER BY - assert added as filesort cannot handle null length sort data. sql/sql_select.cc: Fix for bug#49897: crash in ptr_compare when char(0) NOT NULL column is used for ORDER BY - don't sort null length data e.g. in case of ORDER BY CHAR(0). --- sql/sql_select.cc | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'sql/sql_select.cc') diff --git a/sql/sql_select.cc b/sql/sql_select.cc index d8ec5eff5c1..239809f1d4c 100644 --- a/sql/sql_select.cc +++ b/sql/sql_select.cc @@ -521,13 +521,26 @@ JOIN::prepare(Item ***rref_pointer_array, if (order) { + bool real_order= FALSE; ORDER *ord; for (ord= order; ord; ord= ord->next) { Item *item= *ord->item; + /* + Disregard sort order if there's only "{VAR}CHAR(0) NOT NULL" fields + there. Such fields don't contain any data to sort. + */ + if (!real_order && + (item->type() != Item::Item::FIELD_ITEM || + ((Item_field *) item)->field->maybe_null() || + ((Item_field *) item)->field->sort_length())) + real_order= TRUE; + if (item->with_sum_func && item->type() != Item::SUM_FUNC_ITEM) item->split_sum_func(thd, ref_pointer_array, all_fields); } + if (!real_order) + order= NULL; } if (having && having->with_sum_func) -- cgit v1.2.1 From 5a57e6bb45eb548a961cab2e9ca2f6b45430ffc8 Mon Sep 17 00:00:00 2001 From: Alexander Nozdrin Date: Sun, 31 Jan 2010 00:08:20 +0300 Subject: Fix Windows build failure (after manual merge from 5.1-bugteam). --- sql/sql_select.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'sql/sql_select.cc') diff --git a/sql/sql_select.cc b/sql/sql_select.cc index f8ebc0492a6..5598cc29a01 100644 --- a/sql/sql_select.cc +++ b/sql/sql_select.cc @@ -553,7 +553,7 @@ JOIN::prepare(Item ***rref_pointer_array, there. Such fields don't contain any data to sort. */ if (!real_order && - (item->type() != Item::Item::FIELD_ITEM || + (item->type() != Item::FIELD_ITEM || ((Item_field *) item)->field->maybe_null() || ((Item_field *) item)->field->sort_length())) real_order= TRUE; -- cgit v1.2.1 From 1ff667c995a1a597615a9fb4820218d48659ae71 Mon Sep 17 00:00:00 2001 From: Georgi Kodinov Date: Mon, 1 Feb 2010 13:40:16 +0200 Subject: fixed a typo in bug #49897. --- sql/sql_select.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'sql/sql_select.cc') diff --git a/sql/sql_select.cc b/sql/sql_select.cc index 239809f1d4c..eecc2b086a3 100644 --- a/sql/sql_select.cc +++ b/sql/sql_select.cc @@ -531,7 +531,7 @@ JOIN::prepare(Item ***rref_pointer_array, there. Such fields don't contain any data to sort. */ if (!real_order && - (item->type() != Item::Item::FIELD_ITEM || + (item->type() != Item::FIELD_ITEM || ((Item_field *) item)->field->maybe_null() || ((Item_field *) item)->field->sort_length())) real_order= TRUE; -- cgit v1.2.1 From e4b7138561d567041dbb2aa8ed366e3c3d31d58b Mon Sep 17 00:00:00 2001 From: Georgi Kodinov Date: Tue, 2 Feb 2010 18:37:56 +0200 Subject: Bug #49445: Assertion failed: 0, file .\item_row.cc, line 55 with fulltext search and row op. The search for fulltext indexes is searching for some special predicate layouts. While doing so it's not checking for the number of columns of the expressions it tries to calculate. And since row expressions can't return a single scalar value there was a crash. Fixed by checking if the expressions are scalar (in addition to being constant) before calling Item::val_xxx() methods. --- sql/sql_select.cc | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) (limited to 'sql/sql_select.cc') diff --git a/sql/sql_select.cc b/sql/sql_select.cc index 0e36d35289f..da85ca27339 100644 --- a/sql/sql_select.cc +++ b/sql/sql_select.cc @@ -3650,20 +3650,20 @@ add_ft_keys(DYNAMIC_ARRAY *keyuse_array, cond_func=(Item_func_match *)cond; else if (func->arg_count == 2) { - Item_func *arg0=(Item_func *)(func->arguments()[0]), - *arg1=(Item_func *)(func->arguments()[1]); - if (arg1->const_item() && + Item *arg0= func->arguments()[0], + *arg1= func->arguments()[1]; + if (arg1->const_item() && arg1->cols() == 1 && ((functype == Item_func::GE_FUNC && arg1->val_real() > 0) || - (functype == Item_func::GT_FUNC && arg1->val_real() >=0)) && - arg0->type() == Item::FUNC_ITEM && - arg0->functype() == Item_func::FT_FUNC) - cond_func=(Item_func_match *) arg0; - else if (arg0->const_item() && + (functype == Item_func::GT_FUNC && arg1->val_real() >= 0)) && + arg0->type() == Item::FUNC_ITEM && + ((Item_func *) arg0)->functype() == Item_func::FT_FUNC) + cond_func= (Item_func_match *) arg0; + else if (arg0->const_item() && arg0->cols() == 1 && ((functype == Item_func::LE_FUNC && arg0->val_real() > 0) || - (functype == Item_func::LT_FUNC && arg0->val_real() >=0)) && - arg1->type() == Item::FUNC_ITEM && - arg1->functype() == Item_func::FT_FUNC) - cond_func=(Item_func_match *) arg1; + (functype == Item_func::LT_FUNC && arg0->val_real() >= 0)) && + arg1->type() == Item::FUNC_ITEM && + ((Item_func *) arg1)->functype() == Item_func::FT_FUNC) + cond_func= (Item_func_match *) arg1; } } else if (cond->type() == Item::COND_ITEM) -- cgit v1.2.1