1. 17 Feb, 2011 4 commits
    • Kent Boortz's avatar
      The client shared library major version was changed to 18, to reflect · fe12c639
      Kent Boortz authored
      ABI changes (Bug#60061)
      
      Bumping the version from 16 to 18, instead of 17, was done to avoid a
      library conflict on Mac OS X between MySQL 5.1 and MySQL 5.5. In MySQL
      5.1 GNU libtool was used, that made the ABI version used in the file
      name to be 16, and the one stored inside the binary to be 17.
      
      MySQL 5.5 uses CMake as a build tool, that will store the same ABI
      number in the file name as inside the binary in Mac OS X, and then
      bumping the ABI number two steps avoids a conflict on Mac OS X.
      fe12c639
    • Jonathan Perkin's avatar
      c70497dc
    • Tor Didriksen's avatar
      Revert 59685, as we now cache datetimes correctly. · b7a6dd45
      Tor Didriksen authored
      See also bug 11775312, all queries listed there now have the
      same results here, as they have in 5.1
      b7a6dd45
    • Tor Didriksen's avatar
      Bug #11766860 - 60085: CRASH IN ITEM::SAVE_IN_FIELD() WITH TIME DATA TYPE · 08c8d21f
      Tor Didriksen authored
      This assumption in Item_cache_datetime::cache_value_int
      was wrong:
      -  /* Assume here that the underlying item will do correct conversion.*/
      -  int_value= example->val_int_result();
      
      
      mysql-test/r/subselect_innodb.result:
        New test case.
      mysql-test/t/subselect_innodb.test:
        New test case.
      sql/item.cc:
        In Item_cache_datetime::cache_value_int()
         - call get_time() or get_date() depending on desired type
         - convert the returned MYSQL_TIME value to longlong depending on desired type
      sql/item.h:
        The cached int_value in Item_cache_datetime should not be unsigned:
         - it is used mostly in signed context
         - it can actually have negative value (for TIME data type)
      sql/item_cmpfunc.cc:
        Add comment on Bug#59685
      sql/item_subselect.cc:
        Add some DBUG_TRACE for easier bug-hunting.
      08c8d21f
  2. 11 Feb, 2011 3 commits
    • Tor Didriksen's avatar
      Bug #59686 crash in String::copy() with time data type · 768c56e4
      Tor Didriksen authored
      The problem was that Item_sum_hybrid::val_xxx() did not propagate null values
      up the expression tree.
      
      
      mysql-test/r/func_time.result:
        New test case.
      mysql-test/t/func_time.test:
        New test case.
      sql/item_sum.cc:
        Check for null_value when evaluating sub-items in sub-trees in Item_sum_hybrid::val_xxx()
      768c56e4
    • Guilhem Bichot's avatar
      Fix for BUG#59894 · 1756d087
      Guilhem Bichot authored
      "set optimizer_switch to e or d causes invalid memory writes/valgrind warnings":
      due to prefix support, the argument "e" was overwritten with its full value
      "engine_condition_pushdown", which caused a buffer overrun.
      This was wrong usage of find_type(); other wrong usages are fixed here too.
      Please start reading with the comment of typelib.c.
      
      client/mysqldump.c:
        A bug: find_type() expects a bitmap as 3rd argument
        (each bit is a flag controlling a behaviour of the function);
        here it was instead passed the length of the string to search!
        That could give random behaviour of find_type()
        depending on the string.
        We rather need to pass a correct flag to find_type().
        The correct flag is FIND_TYPE_BASIC (0).
        Flag 8 is not needed as buff cannot have a comma (see how buff is filled).
        Flag 1 looks like a superfluous restriction.
        Flag 4 is not user-friendly (why use
        --compatible=2 rather than --compatible=mysql40 ?, and
        we probably not commit to "2" always meaning "mysql40"
        until the end of times).
      include/mysql.h.pp:
        This isn't a problematic API change as we go from char* to const char*:
        existing code will run unchanged.
      include/typelib.h:
        named constants. Not an enum to not significantly change
        the declaration of find_type() which would be an API change
        (typelib.h is included in mysql.h).
      mysql-test/r/mysqldump.result:
        correct result (see the two requested modes in SQL_MODE)
      mysql-test/suite/sys_vars/t/optimizer_switch_basic.test:
        test for BUG#59894. The second SET used to crash.
      mysql-test/t/mysqldump.test:
        we had no test for multiple modes in --compatible, which is
        supported according to --help
      mysys/typelib.c:
        Fix for BUG#59894. parse_name() is asked to match "e" with a row
        of the TYPELIB (the TYPELIB lists permitted flags of optimizer_switch;
        and comes from optimizer_switch_names[] of sys_vars.cc).
        find_type() is capable of supporting prefixes, but if it is not
        passed flag 2 in third argument, it will overwrite its first
        argument (the string to search for) with the complete name,
        here overwriting "e" with "engine_condition_pushdown". But
        as this "e" was a buffer allocated in an Item, it was not big
        enough to host the longer name, thus the crash.
        We don't need to know the complete flag's name; the output used
        from find_type() is just the flag's number (== function's return
        code). So we can pass flag 2 to find_type() in parse_name().
        After doing this fix and the other fixes in this patch, all usages
        of find_type() were using flag 2; in most usages the string to search for,
        is not guaranteed to be long enough to host the complete name
        (it is either directly from argv, or from alloc_root/my_malloc
        done in an earlier call).
        Thus, flag 2 is here made implicit: callers need not pass it anymore,
        it is always automatically turned on.
        This allows to eliminate an oddity: parse_name() took a const char**,
        and then removed "const" before calling find_type(), which could
        theoretically modify the pointed data, thus lying on constness.
        Last, constants for find_type() are now named.
      sql-common/client.c:
        Two bugs:
        1) The enum was not in sync with the array (due to a bad porting of WL 1054;
        the extra OPT_ values are about options present in 5.1 and deleted in 5.5);
        added a compile_time_assert() to make sure this doesn't happen again
        2) find_type() was writing past the end of opt_arg; as opt_arg was allocated
        with alloc_root() with no extra space, this was an overrun; it could be seen
        when
        ** building with -DWITH_VALGRIND -DHAVE_purify -DEXTRA_DEBUG
        ** making execution go through the faulty code; this faulty
        code is executed only if the client asks to read a configuration
        file like this:
          mysql_options(mysql, MYSQL_READ_DEFAULT_FILE, "/tmp/cnf.cnf");
        so by adding such line to the start of mysql_client_test.c::client_connect(),
        we could see the valgrind warning:
        ==30548== Invalid write of size 1
        ==30548==    at 0x4C2624C: strcpy (mc_replace_strmem.c:303)
        ==30548==    by 0x48DC29: find_type (typelib.c:120)
        ==30548==    by 0x465686: mysql_read_default_options (client.c:1344)
        ==30548==    by 0x46830F: mysql_real_connect (client.c:2971)
        ==30548==    by 0x409339: client_connect (mysql_client_test.c:331)
        ==30548==    by 0x463A7F: main (mysql_client_test.c:19902)
        ==30548==  Address 0x61875ad is 0 bytes after a block of size 29 alloc'd
        ==30548==    at 0x4C25153: malloc (vg_replace_malloc.c:195)
        ==30548==    by 0x49BFF1: my_malloc (my_malloc.c:38)
        ==30548==    by 0x49C65C: alloc_root (my_alloc.c:166)
        ==30548==    by 0x48EF97: handle_default_option (default.c:381)
        ==30548==    by 0x49068C: search_default_file_with_ext (default.c:992)
        ==30548==    by 0x48F929: search_default_file (default.c:670)
        ==30548==    by 0x48EDC4: my_search_option_files (default.c:312)
        ==30548==    by 0x48F4B1: my_load_defaults (default.c:576)
        ==30548==    by 0x46517A: mysql_read_default_options (client.c:1207)
        ==30548==    by 0x46830F: mysql_real_connect (client.c:2971)
        ==30548==    by 0x409339: client_connect (mysql_client_test.c:331)
        ==30548==    by 0x463A7F: main (mysql_client_test.c:19902)
        This is fixed by having find_type() not overwrite anymore.
      sql/sql_help.cc:
        cast not needed anymore.
      sql/table.cc:
        cast not needed anymore.
      1756d087
    • Sergey Glukhov's avatar
      Bug#59685 crash in String::length with date types · 654dd03f
      Sergey Glukhov authored
      The crash happens because Item_cache which is result
      holder for Item_subselect can't correctly convert
      a DATETIME value from string to int representation.
      The fix is to disable constant item convertion for
      subselect(partial rollback of bug52157 fix).
      
      
      mysql-test/r/type_date.result:
        test case
      mysql-test/t/type_date.test:
        test case
      sql/item_cmpfunc.cc:
        disable constant item convertion for subselects.
      654dd03f
  3. 10 Feb, 2011 9 commits
  4. 09 Feb, 2011 11 commits
  5. 08 Feb, 2011 13 commits