Console View

Categories: connectors experimental galera main

Legend:

Passed

Failed

Warnings

Failed Again

Running

Exception

Offline

No data

connectors

experimental

galera

main

fb9d6e444c37...

fb9d6e444c370bcce5f00047ad335953f174897a

Georgi (Joro) Kodinov

joro@mariadb.org

MDEV-35986 - Use memory safe snprintf() in client

Replace sprintf(buf, ...) with snprintf(buf, sizeof(buf), ...),
where buf is allocated with a size known at compile time.

This makes sure we are not writing outside array/string bounds which will
lead to undefined behaviour. In case the code is trying to write outside bounds
- safe version of functions simply cut the string messages so we process this
gracefully.

f385a2aaf56d...

f385a2aaf56d23b259460fc46f4d4ef20a1f3a0a

Alexey Botchkov

holyfoot@askmonty.org

Progress report
03.04.2026

ef8e462dccea...

ef8e462dccea6bf1fe9b0985eb84f561f1b9f7ca

Alexander Barkov

bar@mariadb.com

MDEV-38162 Refactoring: Change sp_type_def_composite2::m_def from Spvar_definition* to Spvar_definition

- Changing sp_type_def_composite2::m_def from Spvar_definition* to Spvar_definition.
- Encapsulating it.

Retionale:

1. sp_type_def_composite2 was allocated in two steps:
a. An sp_type_def_composite2 instance itself was allocated
b. Two instances of Spvar_definition were allocated immediately after,
and assigned to m_def[0] and m_def[1] respectively.
Such two step allocation was not really needed.
So this change moves the two instances of Spvar_definition right
inside sp_type_def_composite2, so now it gets allocated in a single "new"
instead of three "new" calls.

2. In the upcoming REF CURSOR change, sp_type_def_ref has an
Spvar_definition member inside it (not a pointer to it).
It's better to have sp_type_def_composite2 and sp_type_def_ref
look closer to each other.

e581d1b5e051...

e581d1b5e0513fd1d2c95b3eaba9409165778e15

Alexander Barkov

bar@mariadb.com

MDEV-38436 Remove Type_handler::Column_definition_fix_attributes()

The method Type_handler::Column_definition_fix_attributes() was an
addition for Type_handler::Column_definition_set_attributes().

The code in virtual implementations of Column_definition_fix_attributes()
has now been joined to corresponding virtual implementations of
Column_definition_set_attributes().

After this change everything is done in Column_definition_set_attributes().

This makes the code clearer. Previous implementation was rather confusing.
For example, for temporal data types:
(1) After Column_definition_set_attributes():
- Column_definition::length meant the fractional precision
- Column_definition::decimals was set to 0
(2) After Column_definition_fix_attributes():
- Column_definition::length means the full character length
- Column_definition::decimals means the fractional precision

Now everything gets set to (2) right in Column_definition_set_attributes().

e4cbbb1d81c3...

e4cbbb1d81c32d25e3374b393273375c2d940382

Sergei Petrunia

sergey@mariadb.com

Update test results

d51e9c0b77f3...

d51e9c0b77f329c6e2d82e022b7d855cf831f728

drrtuy

drrtuy@gmail.com

Initial version of DuckDB engine for MariaDB based on DuckDB 1.3.2.

bfcb303c056f...

bfcb303c056fdbedb7b170ffd73561e4514164a7

Alexander Barkov

bar@mariadb.com

MDEV-38871 Variable declarations accept unexpected data type attributes (lengh,dec,srid)

Some data types:
- RECORD
- assoc arrays
- SYS_REFCURSOR

erroneously accepted non-relevant attributes:
- length
- scale
- character set / collation
- REF_SYSTEM_ID

Fixing to raise an error.

Details:

- Overriding get_column_attributes() in Type_handler_row,
Type_handler_sys_refcursor, Type_handler_assoc_array.

- Moving a piece of the old code into a new method
Type_handler::check_data_type_attributes(), to reuse it
for testing attributes for both plugin types and TYPE-def types.

- Reusing check_data_type_attributes() in methods
* LEX::set_field_type_udt_or_typedef()
* LEX::set_field_type_udt()

- Adding opt_binary into the rule field_type_all_with_typedefs,
into the grammar branch for the plugin types, as XMLTYPE needs it.

bd7777ea597d...

bd7777ea597d6c939da86426f694bc03a07cc350

Alexander Barkov

bar@mariadb.com

MDEV-38933 Implement basic low level functions for DBMS_SQL

Adding SYS_REFCURSOR methods:
- id()
- attach()
- detach()

Adding non-DBMS_SQL-specific function plugins (pseudo-procedures):
- SQL.BIND_PARAM_BY_NAME(ps_name, pos, value)
- SQL.COLUMN_VALUE(sys_refcursor_id, pos, dst)

Adding DBMS_SQL-specific function plugins (pseduo-procedures)
- DBMS_SQL.BIND_VARIABLE(dbms_sql_cursor_id, pos, value)
- DBMS_SQL.COLUMN_VALUE(dbms_sql_cursor_id, pos, value)

b91bfcc88360...

b91bfcc88360161a9ddb4af7ee58f7a40ea785af

Sergei Petrunia

sergey@mariadb.com

MDEV-39251: Add an option to count records_in_range calls and skip them for point lookups

Add @@optimizer_min_point_range_size_to_use_stats. If the range
optimizer estimates a point lookup and the index statistics
say that expected number of matching rows is less than that,
then skip records_in_range() and use index statistics.

The default is @@optimizer_min_point_range_size_to_use_stats=0
which means the old behavior (use records_in_range(), unless
the lookup is over unique key, or @@eq_range_index_dive_limit is
hit)

b5e6390e9abf...

b5e6390e9abfc8149d1871388a26068ccae3a6bc

Sergei Golubchik

serg@mariadb.org

MDEV-39154 wrong OOM handling in collect_grouping_fields()

correct (and document) the return values for collect_grouping_fields()

b23f598f977b...

b23f598f977bad4bafbab7be1e1d5f954aeed7c6

Marko Mäkelä

marko.makela@mariadb.com

Merge 12.3

ac2fb16e971f...

ac2fb16e971fc49a7b533cd3713e21d6373bf690

Alexander Barkov

bar@mariadb.com

MDEV-38109 Refactor sp_add_instr_fetch_cursor to get the target list argument

This is a preparatory refactoring patch to make MDEV-10152 simpler.
Under terms of MDEV-10152 we'll need LEX::sp_add_instr_fetch_cursor()
to get the target list as a parameter, to be able to rewrite it correctly
(to the data type of the REF CURSOR .. RETURN clause, instead of setting
it post-factum with help of the
method sp_instr_fetch_cursor::set_fetch_target_list().

Changes:
- Changing the result type of sp_add_instr_fetch_cursor() from
sp_instr_fetch_cursor to bool
- Renaming sp_add_instr_fetch_cursor() to sp_add_fetch_cursor()
to avoid problems during merge (the opposite return value in bool context)
- Adding a new parameter to sp_add_fetch_cursor(), so it looks like this:

bool sp_add_fetch_cursor(THD *thd,
const Lex_ident_sys_st &name,
const List<sp_fetch_target> &list);

- Adding a new target list parameter to constructors sp_instr_fetch_cursor,
sp_instr_cfetch, sp_instr_cfetch_by_ref,
- Remove the methods sp_instr_fetch_cursor::set_fetch_target_list(),
sp_instr_fetch_cursor::add_to_fetch_target_list(), as they aren't needed
any more.
- Removing from sql_yacc.yy the grammar rule sp_proc_stmt_fetch_head and
adding instead a new rule fetch_statement_source.
- Changing the grammar rule sp_proc_stmt_fetch to the following to
use the new rule fetch_statement_source.
- Adding a new helper constructor List(const T &a, MEM_ROOT *mem_root)
to create lists consisting of a single element.
- Reusing the new List constructor in a few places.

a23f213fd4f6...

a23f213fd4f69072c7d8a7133b7cf02c4c288b77

Raghunandan Bhat

raghunandan.bhat96@gmail.com

MDEV-34951: InnoDB index corruption when renaming key name with same letter to upper case.

Problem:
InnoDB index corruption occurs when an index is renamed to a name that
differs only in case (e.g., 'b' to 'B'). The SQL layer uses
case-insensitive comparison and fails to recognize the change.

Fix:
Use case-sensitive comparison when matching index names during
ALTER TABLE to correctly identify and handle case changes.

a13fbcf6cde1...

a13fbcf6cde1891e22b2cf7a1f914f0ea515fd92

Sergei Petrunia

sergey@mariadb.com

MDEV-39251: Step 1: Count records_in_range calls in a counter.

9b5239fb15e8...

9b5239fb15e8c3737d4c9d09f2f7de0a82e40d12

Marko Mäkelä

marko.makela@mariadb.com

Merge MDEV-39225 fixup

984d632454fc...

984d632454fc19cbba2553288048956dba935df4

Hemant Dangi

hemant.dangi@mariadb.com

MDEV-36025: backup taken from a replica with optimistic parallel replication fails
to restore most of the time

Issue:
Backups taken from a replica running optimistic parallel replication can
restore into a server that aborts on startup with:

Found N prepared transactions! ...

In the MDEV-36025 reproducer the application never issues XA SQL, but on
startup InnoDB reports several transactions “in the XA prepared state” and the
server aborts. These internal XA transactions created by optimistic parallel
replication on the replica are not covered by MDEV-742 and end up prepared after
restore, causing the “Found N prepared transactions” startup failure. This is
reproducible by mariabackup.xa_prepared_on_restore testcase, which fails with
'Found N prepared transactions'.

Solution:
Port the MDEV-21168 fix to MariaDB 10.6.

Add SRV_OPERATION_RESTORE_ROLLBACK_XA server operation mode and
--rollback-xa option (enabled by default) to mariabackup --prepare.
This automatically rolls back prepared XA transactions during prepare,
since the backup does not contain the binary log needed to resolve them.

Prevent incompatible combination of --rollback_xa and --export options.
The combination creates mmap state inconsistency in InnoDB's MTR system,
leading to crash.

97d2b7198c6c...

97d2b7198c6ca99258bd3fecfd87208f5c39feb5

Alexander Barkov

bar@mariadb.com

MDEV-38161 Refactor Type_extra_attributes: change void* for generic attributes to a better type

The first key point of this commit is changing Type_extra_attributes in the way
that the pointer to a generic attribute is now "Type_generic_attributes*" -
a pointer to a new class with vitrual method type_handler().

Before this change the pointer to a generic attribute was
"void *m_attr_const_void_ptr", which was error prone, as allowed
to pass a pointer to a wrong structure without control.

Another key point is that the SET/ENUM data type related structures
are now attributed by the changed class Type_typelib_attributes,
which now looks as follows:

class Type_typelib_attributes: public Sql_alloc,
public Type_generic_attributes,
public TYPELIB

(with virtual method type_handler()), instead of being attributed by
TYPELIB directly.

Details:

- Using Column_definition's method typelib() where the member m_typelib
was used directly. The related lines change anyway, because the member
is renamed m_typelib_attr.

- Adding a new class Type_generic_attributes.
Deriving the following classes from it:
* Type_typelib_attributes
* sp_type_def

- sp_type_def does not derive from Type_handler_hybrid_field_type any more,
because the method type_handler() is now implemented virtually.

- Removing Type_extra_attributes::m_attr_const_void_ptr and
adding Type_extra_attributes::m_attr_const_generic_attributes_ptr instead -
a pointer to the new class Type_generic_attributes.
Renaming methods to set and read it according to the new data type name.

- Type_typelib_attributes now derives from TYPELIB instead of having
a pointer to TYPELIB.

- Adding a new class Type_typelib_ptr_attributes. It's a replacement for
the old implementation of Type_typelib_attributes.

Instead of deriving from Type_typelib_attributes, Field_enum now derives
from Type_typelib_ptr_attributes. The latter can store/read itself into/from
Type_extra_attributes. It's a bridge between the new Type_typelib_attributes
and Type_extra_attributes.

- Changing parameter data type in a few methods in Field_enum from
a pointer to TYPELIB to a pointer to Type_typelib_attributes.

- Removing typelib related methods from Type_extra_attributes.
Moving this functionality into Type_typelib_ptr_attributes and
Column_definition_attributes.
This turns Type_extra_attributes into a data structure independent
from any data type specific structures/methods.

- Adding methods:
Column_definition_attributes::typelib_attr() - Column_definition derives it
Column_definition_attributes::typelib() - Column_definition derives it
Type_typelib_ptr_attributes::typelib_attr() - Field_enum derives it
Type_typelib_ptr_attributes::typelib() - Field_enum derives it

- Renaming the member Create_field::save_interval into
Create_field::save_typelib_attr.
Changing its data type from a pointer to TYPELIB into a pointer
to Type_typelib_attributes pointer.

- Removing the method Type_typelib_attributes::store().
Adding Type_typelib_ptr_attributes::save_in_type_extra_attributes() instead.
The new method name makes the code more readable.

9692a8942fca...

9692a8942fca761d04e415f1d97a7c81432fc3e3

bsrikanth-mariadb

srikanth.bondalapati@mariadb.com

MDEV-39222: Error when inserting data from seq

When the replayed optimizer context doesn't contain seq table info,
which is used to insert data into a new/existing table, errors are displayed.
This is happening because, if any table or index that is used by the
engine is not available in the context, then a warning is generated.
However, this warning is converted to an error message for insert into
statements.

Solution here is not to continue using the replayed context after the
required query has been replayed.

90f8178f33f6...

90f8178f33f6ecd33767a79b0f5b9b4c5a1367e5

Alexander Barkov

bar@mariadb.com

MDEV-10152 Add support for TYPE .. IS REF CURSOR

Adding support for the strict cursor data types:

Example 1a:
TYPE rec0_t IS RECORD (a INT, VARCHAR(10));
TYPE cur0_t IS REF CURSOR RETURN rec0_t;

Example 1b:
TYPE rec0_t IS RECORD (a t1.a%TYPE, b t1.b%TYPE);
TYPE cur0_t IS REF CURSOR RETURN rec0_t;

Example 1c:
TYPE rec0_t IS RECORD (a INT, VARCHAR(10));
r0 rec0_t;
TYPE cur0_t IS REF CURSOR RETURN r0%TYPE;

Example 1d:
TYPE rec0_t IS RECORD (a t1.a%TYPE, b t1.b%TYPE);
r0 rec0_t;
TYPE cur0_t IS REF CURSOR RETURN r0%TYPE;

Example2a:
TYPE cur0_t IS REF CURSOR RETURN t1%ROWTYPE; -- t1 is a table

Example 2b:
r0 t1%ROWTYPE;
TYPE cur0_t IS REF CURSOR RETURN r0%TYPE;

Example3a:
CURSOR cursor_sample IS SELECT a,b FROM t1;
TYPE cur0_t IS REF CURSOR RETURN cursor_sample%ROWTYPE;

Example3b:
CURSOR cursor_sample IS SELECT a,b FROM t1;
r0 cursor_sample%ROWTYPE;
TYPE cur0_t IS REF CURSOR RETURN r0%TYPE;

If a cursor variable is declared with a RETURN clause then:
1. At OPEN type the data type of the SELECT list row is compared
for compatibility with the cursor RETURN data type.
The SELECT list row must be assignable to the RETURN type row.
If case if assignability is not meet, an error is raised
Assignability means:
- The arity of the SELECT list must be equal to the arity
of the RETURN clause
- Every n-th field of the SELECT list must be assignable to the
n-th field of the RETURN Clause

2. At FETCH time, the data is fetched in two steps:
a. On the first step the data is fetched into a virtual table
with the row type described in the RETURN clause
b. On the second step the data is copied from the virtual table
to the target fetch list. Data type conversion can happen
on this step.

Change details:

Adding new methods:
- sp_cursor::check_assignability_to
- Virtual_tmp_table::check_assignability_from
- Virtual_tmp_table::sp_set_from_select_list
- Virtual_tmp_table::sp_save_in_vtable
- Virtual_tmp_table::sp_save_in_target_list
- LEX::check_ref_cursor_components
- LEX::make_sp_instr_copy_struct_for_last_context_variables
- LEX::declare_type_ref_cursor
- sp_cursor::Select_fetch_into_spvars::send_data_with_return_type

Adding new members:
- sp_instr_copen_by_ref::m_cursor_name
- Select_fetch_into_spvars::m_return_type
- Select_materialize::m_cursor_name
- Select_materialize::m_return_type

Adding new virtual methods:
- Item::resolve_spvar_cursor_rowtype
- Type_handler::Spvar_definition_resolve_type_refs
- Server_side_cursor::check_assignability_to
- Overriding Select_materialize::prepare to raise an error when the cursor
returned data type is not compatible with the RETURN clause

Making these methods virtual:
- Field::check_assignability_from

Adding new classes:
- sp_type_def_ref
- RowTypeBuffer

Adding new constructors to:
- Spvar_definition

Adding new helper methods (e.g. to reuse the code)
- Field::store_field_maybe_null
- ChanBuffer::append_ulonglong
- sp_pcontext::set_type_for_last_context_variables

Minor changes:
- Making TABLE::export_structure const
- Overriding Item_splocal::type_extra_attributes. It was forgotten in earlier changes.

Adding new error messages
- ER_CANNOT_CAST_ON_IDENT1_ASSIGNMENT_FOR_OPERATION
- ER_CANNOT_CAST_ON_IDENT2_ASSIGNMENT_FOR_OPERATION

901bdc061c65...

901bdc061c65be6fd960fe6a7092bf260c63717b

Thirunarayanan Balathandayuthapani

thiru@mariadb.com

MDEV-37294 segv in flst::remove_complete(buf_block_t*, unsigned short, unsigned char*, mtr_t*)

Problem:
=======
During system tablespace defragmentation, extent movement occurs
in two phases: prepare and complete.
1) prepare phase validates involved pages and acquires necessary
resources.
2) complete phase performs the actual data copy.

Prepare phase fails to check whether allocating a page will
make the extent FULL. When an extent has exactly (extent_size - 1)
pages used, the prepare phase returns early without latching
the prev/next extent descriptors needed for list manipulation.

Complete phase then allocates the final page, making the
extent full, and attempts to move it from
FSEG_NOT_FULL/FSP_FREE_FRAG to FSEG_FULL/FSP_FULL_FRAG list.
This fails with an assertion because the required blocks were
never latched, causing a crash in flst::remove_complete().

Solution:
========
alloc_from_fseg_prepare(), alloc_from_free_frag_prepare(): Check
if the extent will become full after allocation. This makes the
prepare phase to acquire the necessary pages for FSP list manipulation

find_new_extents(): Print more revised information about moving
of extent data and destination extent also.

defragment_level(): Move get_child_pages(new_block) before committing
changes to enable proper rollback on failure. Well, this failure
is theoretically impossible (new block is exact copy of
validated old block).

7ab99cd36ed4...

7ab99cd36ed4545928974979ff2cadfbaee86efa

Alexander Barkov

bar@mariadb.com

MDEV-39022 Add `LOCAL spvar` syntax for prepared statements and SYS_REFCURSORs

This patch adds the following syntax:

OPEN c0 FOR LOCAL spvar_with_ps_name;
PREPARE LOCAL spvar_with_ps_name FROM 'dynamic sql';
EXECUTE LOCAL spvar_with_ps_name;
DEALLOCATE PREPARE LOCAL spvar_with_ps_name;

OPEN c0 FOR PREPARE stmt;

79bc8c6a67b9...

79bc8c6a67b98c45c4b5392f4d21c9246dcef4dd

bsrikanth-mariadb

srikanth.bondalapati@mariadb.com

MDEV-39222: Error when inserting data from seq

An issue arises during optimizer context replay when the context
does not contain metadata for the seq table, which is used for data insertion.
The system generates a warning if any table or index required by the storage
engine is missing from the context. However, for INSERT statements,
this warning is promoted to an error, causing the operation to fail.

The solution is to discontinue the use of the replayed context after the
target query has been executed.

78ccd8020bde...

78ccd8020bde2379bd57a79c7997f17cb8075c8f

Sergei Petrunia

sergey@mariadb.com

76123426ec6f...

76123426ec6f4abc248326280b7637af02cb5e50

Alexander Barkov

bar@mariadb.com

6cc732d68a51...

6cc732d68a511bba4b15ee09263e89417b264a7f

Thirunarayanan Balathandayuthapani

thiru@mariadb.com

5f518b6bd442...

5f518b6bd4426336f0774190b5fdbf1c4d7e5241

Vladislav Vaintroub

vvaintroub@gmail.com

MDEV-39258 Make THIRD_PARTY_DOWNLOAD_LOCATION settable

Also, on request of Razvan, increase HeidiSQL download timeout

5a19ed3248e5...

5a19ed3248e5f6016eea9900fb1f2b136bc33315

Thirunarayanan Balathandayuthapani

thiru@mariadb.com

MDEV-37924 segv in flst::remove_complete(buf_block_t*, unsigned short, unsigned char*, mtr_t*)

Problem:
=======
During system tablespace defragmentation, extent movement occurs
in two phases: prepare and complete.
1) prepare phase validates involved pages and acquires necessary
resources.
2) complete phase performs the actual data copy.

Prepare phase fails to check whether allocating a page will
make the extent FULL. When an extent has exactly (extent_size - 1)
pages used, the prepare phase returns early without latching
the prev/next extent descriptors needed for list manipulation.

Complete phase then allocates the final page, making the
extent full, and attempts to move it from
FSEG_NOT_FULL/FSP_FREE_FRAG to FSEG_FULL/FSP_FULL_FRAG list.
This fails with an assertion because the required blocks were
never latched, causing a crash in flst::remove_complete().

Solution:
========
alloc_from_fseg_prepare(), alloc_from_free_frag_prepare(): Check
if the extent will become full after allocation. This makes the
prepare phase to acquire the necessary pages for FSP list manipulation

find_new_extents(): Print more revised information about moving
of extent data and destination extent also.

defragment_level(): Move get_child_pages(new_block) before committing
changes to enable proper rollback on failure. Well, this failure
is theoretically impossible (new block is exact copy of
validated old block).

57a172f22f77...

57a172f22f778ab75244cdc9c5feedc67a68a7b3

bsrikanth-mariadb

srikanth.bondalapati@mariadb.com

55b3dced055b...

55b3dced055b091e3364aee0304703d4beda7cc6

Marko Mäkelä

marko.makela@mariadb.com

Merge 11.8 into 12.3

4b376f58a19c...

4b376f58a19cddda2ae355a66f52becf4842a901

Alexander Barkov

bar@mariadb.com

MDEV-38768 RECORD in routine parameters and function RETURN

- Allowing types declared by the TYPE declarations in the grammar
for stored routine parameters and stored function RETURN clause.

- Overriding Type_handler_row::Column_definition_prepare_stage1()
to copy the record structure from get_attr_const_generic_ptr(0)
into Spvar_definition::m_row_field_definition.
This makes TYPE..IS RECORD types work as routine parameters and RETURN.

- Raising an error when type==COLUMN_DEFINITION_ROUTINE_PARAM or
type==COLUMN_DEFINITION_FUNCTION_RETURN is passed to
Type_handler_assoc_array::Column_definition_set_attributes().
The underlying assoc array code is not ready to support
parameters and RETURN. It will be done separately.

- Adding tests

- Some changes has changed the error from ER_NOT_ALLOWED_IN_THIS_CONTEXT
to ER_ILLEGAL_PARAMETER_DATA_TYPE_FOR_OPERATION. This is ok, as the latter
is more informative.

3b206b9cc6ac...

3b206b9cc6ac3e8a975c7e1c0b5fd72024544fe7

Fariha Shaikh

farihais@amazon.com

MDEV-39028 DROP PARTITION, CONVERT OUT require both ALTER and DROP privileges

ALTER TABLE ... DROP PARTITION requires both ALTER and DROP privileges,
which is inconsistent with TRUNCATE PARTITION that only requires DROP.
This prevents fine-grained privilege separation since users who need to
drop partitions must also be granted ALTER, allowing them to perform
any other DDL changes on the table.

Change DROP PARTITION to require only DROP privilege, consistent with
TRUNCATE PARTITION. Users allowed to drop the table should also be
allowed to drop partitions without needing ALTER rights.

All new code of the whole pull request, including one or several files
that are either new files or modified ones, are contributed under the
BSD-new license. I am contributing on behalf of my employer Amazon Web
Services, Inc.

14ef88cf68a3...

14ef88cf68a31a206a3bff192fd7a4044cf43968

Hemant Dangi

hemant.dangi@mariadb.com

0933a57b6d1d...

0933a57b6d1d941bc2fb46b6140f95c1c31c4b7c

Dmitry Shulga

dmitry.shulga@mariadb.com

MDEV-38561: ASAN heap-use-after-free in Query_arena::free_items/sp_lex_cursor::~sp_lex_cursor

On re-parsing of a failed cursor statement inside the stored routine,
the free_list of sp_lex_cursor could point to items placed on a dedicated
memory root that is created during re-parsing of the failed statement.

In result, when sp_head object is destroyed the mem_root created for
re-parsing the cursor's statement is de-allocated but the free_list
pointer of sp_lex_cursor still point to objects previously allocated
on this memory root.

To fix the issue, save the pointer to the cursor's free_list in
a data member of sp_lex_instr class and nullify it right after this
memory root be deallocated.