1. 08 May, 2007 2 commits
  2. 27 Apr, 2007 1 commit
    • malff/marcsql@weblab.(none)'s avatar
      Bug#21513 (SP having body starting with quoted label rendered unusable) · 012f841f
      malff/marcsql@weblab.(none) authored
      Before this fix, the parser would sometime change where a token starts by
      altering Lex_input_string::tok_start, which later confused the code in
      sql_yacc.yy that needs to capture the source code of a SQL statement,
      like to represent the body of a stored procedure.
      
      This line of code in sql_lex.cc :
      
      case MY_LEX_USER_VARIABLE_DELIMITER:
        lip->tok_start= lip->ptr; // Skip first `
      
      would <skip the first back quote> ... and cause the bug reported.
      
      In general, the responsibility of sql_lex.cc is to *find* where token are
      in the SQL text, but is *not* to make up fake or incomplete tokens.
      With a quoted label like `my_label`, the token starts on the first quote.
      Extracting the token value should not change that (it did).
      
      With this fix, the lexical analysis has been cleaned up to not change
      lip->tok_start (in the case found for this bug).
      
      The functions get_token() and get_quoted_token() now have an extra
      parameters, used when some characters from the beginning of the token need
      to be skipped when extracting a token value, like when extracting 'AB' from
      '0xAB', for example, for a HEX_NUM token.
      
      This exposed a bad assumption in Item_hex_string and Item_bin_string,
      which has been fixed:
      
      The assumption was that the string given, 'AB', was in fact preceded in
      memory by '0x', which might be false (it can be preceded by "x'" and
      followed by "'" -- or not be preceded by valid memory at all)
      
      If a name is needed for Item_hex_string or Item_bin_string, the name is
      taken from the original and true source code ('0xAB'), and assigned in
      the select_item rule, instead of relying on assumptions related to how
      memory is used.
      012f841f
  3. 25 Apr, 2007 1 commit
  4. 24 Apr, 2007 2 commits
    • malff/marcsql@weblab.(none)'s avatar
      Merge malff@bk-internal.mysql.com:/home/bk/mysql-5.0-runtime · 575eeda8
      malff/marcsql@weblab.(none) authored
      into  weblab.(none):/home/marcsql/TREE/mysql-5.0-25411_d
      575eeda8
    • malff/marcsql@weblab.(none)'s avatar
      Bug#25411 (trigger code truncated), PART I · fc809c70
      malff/marcsql@weblab.(none) authored
      The issue found with bug 25411 is due to the function skip_rear_comments()
      which damages the source code while implementing a work around.
      The root cause of the problem is in the lexical analyser, which does not
      process special comments properly.
      For special comments like :
      [1] aaa /*!50000 bbb */ ccc
      since 5.0 is a version older that the current code, the parser is in lining
      the content of the special comment, so that the query to process is
      [2] aaa bbb ccc
      However, the text of the query captured when processing a stored procedure,
      stored function or trigger (or event in 5.1), can be after rebuilding it:
      [3] aaa bbb */ ccc
      which is wrong.
      
      To fix bug 25411 properly, the lexical analyser needs to return [2] when
      in lining special comments.
      In order to implement this, some preliminary cleanup is required in the code,
      which is implemented by this patch.
      
      Before this change, the structure named LEX (or st_lex) contains attributes
      that belong to lexical analysis, as well as attributes that represents the
      abstract syntax tree (AST) of a statement.
      Creating a new LEX structure for each statements (which makes sense for the
      AST part) also re-initialized the lexical analysis phase each time, which
      is conceptually wrong.
      
      With this patch, the previous st_lex structure has been split in two:
      - st_lex represents the Abstract Syntax Tree for a statement. The name "lex"
      has not been changed to avoid a bigger impact in the code base.
      - class lex_input_stream represents the internal state of the lexical
        analyser, which by definition should *not* be reinitialized when parsing
        multiple statements from the same input stream.
      
      This change is a pre-requisite for bug 25411, since the implementation of
      lex_input_stream will later improve to deal properly with special comments,
      and this processing can not be done with the current implementation of
      sp_head::reset_lex and sp_head::restore_lex, which interfere with the lexer.
      
      This change set alone does not fix bug 25411.
      fc809c70
  5. 21 Apr, 2007 1 commit
  6. 20 Apr, 2007 11 commits
  7. 19 Apr, 2007 2 commits
  8. 18 Apr, 2007 1 commit
    • igor@olga.mysql.com's avatar
      Fixed bug #27870. The bug that causes crashes manifests itself at some · 6ad81b4e
      igor@olga.mysql.com authored
      conditions when executing an equijoin query with WHERE condition
      containing a subquery predicate of the form join_attr NOT IN (SELECT ...).
      
      To resolve a problem of the correct evaluation of the expression
        attr NOT IN (SELECT ...)
      an array of guards is created to make it possible to filter out some 
      predicates of the EXISTS subquery into which the original subquery 
      predicate is transformed, in the cases when a takes the NULL value. 
      If attr is defined as a field that cannot be NULL than such an array 
      is not needed and is not created. 
      However if the field a occurred also an an equijoin predicate t2.a=t1.b
      and table t1 is accessed before table t2 then it may happen that the 
      the EXISTS subquery is pushed down to the condition evaluated just after
      table t1 has been accessed. In this case any occurrence of t2.a is 
      substituted for t1.b. When t1.b takes the value of NULL an attempt is 
      made to turn on the corresponding guard. This action caused a crash as 
      no guard array had been created.
      
      Now the code of Item_in_subselect::set_cond_guard_var checks that the guard
      array has been created before setting a guard variable on. Otherwise the
      method does nothing. It cannot results in returning a row that could be
      rejected as the condition t2.a=t1.b will be checked later anyway.        
      6ad81b4e
  9. 17 Apr, 2007 3 commits
  10. 15 Apr, 2007 4 commits
    • evgen@moonbone.local's avatar
      item.cc: · 7d71d580
      evgen@moonbone.local authored
        Fix warning after fix for bug#27321.
      7d71d580
    • evgen@moonbone.local's avatar
      subselect.test, subselect.result: · 51badadd
      evgen@moonbone.local authored
        After merge fix.
      51badadd
    • evgen@moonbone.local's avatar
      Merge epotemkin@bk-internal.mysql.com:/home/bk/mysql-5.0-opt · 922a5a96
      evgen@moonbone.local authored
      into  moonbone.local:/mnt/gentoo64/work/27321-bug-5.0-opt-mysql
      922a5a96
    • evgen@moonbone.local's avatar
      Bug#27321: Wrong subquery result in a grouping select. · 3113ce63
      evgen@moonbone.local authored
      The Item_outer_ref class based on the Item_direct_ref class was always used
      to represent an outer field. But if the outer select is a grouping one and the 
      outer field isn't under an aggregate function which is aggregated in that
      outer select an Item_ref object should be used to represent such a field.
      If the outer select in which the outer field is resolved isn't grouping then
      the Item_field class should be used to represent such a field.
      This logic also should be used for an outer field resolved through its alias
      name.
      
      Now the Item_field::fix_outer_field() uses Item_outer_field objects to
      represent aliased and non-aliased outer fields for grouping outer selects
      only.
      Now the fix_inner_refs() function chooses which class to use to access outer
      field - the Item_ref or the Item_direct_ref. An object of the chosen class
      substitutes the original field in the Item_outer_ref object.
      The direct_ref and the found_in_select_list fields were added to the
      Item_outer_ref class.
      3113ce63
  11. 14 Apr, 2007 4 commits
  12. 13 Apr, 2007 7 commits
  13. 12 Apr, 2007 1 commit