1. 12 Nov, 2012 3 commits
  2. 09 Nov, 2012 8 commits
    • unknown's avatar
      No commit message · 858e9ecc
      unknown authored
      No commit message
      858e9ecc
    • Venkata Sidagam's avatar
      Bug#13556000: CHECK AND REPAIR TABLE SHOULD BE MORE ROBUST[2] · 9749b60e
      Venkata Sidagam authored
      Problem description: Corrupt key file for the table. Size of the 
      key is greater than the maximum specified size. This results in 
      the overflow of the key buffer while reading the key from key 
      file.
      
      Fix: If size of key is greater than the maximum size it returns 
      an error before writing it into the key buffer. Gives error as 
      corrupt file but no stack overflow.
      9749b60e
    • Annamalai Gurusami's avatar
      c4b86599
    • Annamalai Gurusami's avatar
      Bug #14669848 CRASH DURING ALTER MAKES ORIGINAL TABLE INACCESSIBLE · 2ad007df
      Annamalai Gurusami authored
      When a new primary key is added to an InnoDB table, then the following
      steps are taken by InnoDB plugin:
      
      .  let t1 be the original table.
      .  a temporary table t1@00231 will be created by cloning t1.
      .  all data will be copied from t1 to t1@00231.
      .  rename t1 to t1@00232.
      .  rename t1@00231 to t1.
      .  drop t1@00232.
      
      The rename and drop operations involve file operations.  But file operations
      cannot be rolled back.  So in row_merge_rename_tables(), just after doing data
      dictionary update and before doing any file operations, generate redo logs
      for file operations and commit the transaction.  This will ensure that any
      crash after this commit, the table is still recoverable by moving .ibd and
      .frm files.  Manual recovery is required.
      
      During recovery, the rename file operation redo logs are processed.
      Previously this was being ignored.
      
      rb://1460 approved by Marko Makela.
      2ad007df
    • Annamalai Gurusami's avatar
      2b68f440
    • Anirudh Mangipudi's avatar
      BUG#11762933: MYSQLDUMP WILL SILENTLY SKIP THE `EVENT` · 52a83128
      Anirudh Mangipudi authored
                    TABLE DATA IF DUMPS MYSQL DATABA
      Problem: If mysqldump is run without --events (or with --skip-events)
      it will not dump the mysql.event table's data. This behaviour is inconsistent
      with that of --routines option, which does not affect the dumping of
      mysql.proc table. According to the Manual, --events (--skip-events) defines,
      if the Event Scheduler events for the dumped databases should be included
      in the mysqldump output and this has nothing to do with the mysql.event table
      itself.
      Solution: A warning has been added when mysqldump is used without --events 
      (or with --skip-events) and a separate patch with the behavioral change 
      will be prepared for 5.6/trunk.
      52a83128
    • Anirudh Mangipudi's avatar
      BUG#11762933: MYSQLDUMP WILL SILENTLY SKIP THE `EVENT` · 14dfe6fc
      Anirudh Mangipudi authored
                    TABLE DATA IF DUMPS MYSQL DATABA
      Problem: If mysqldump is run without --events (or with --skip-events)
      it will not dump the mysql.event table's data. This behaviour is inconsistent
      with that of --routines option, which does not affect the dumping of
      mysql.proc table. According to the Manual, --events (--skip-events) defines,
      if the Event Scheduler events for the dumped databases should be included
      in the mysqldump output and this has nothing to do with the mysql.event table
      itself.
      Solution: A warning has been added when mysqldump is used without --events 
      (or with --skip-events) and a separate patch with the behavioral change 
      will be prepared for 5.6/trunk.
      14dfe6fc
    • Thayumanavar's avatar
      BUG#14458232 - CRASH IN THD_IS_TRANSACTION_ACTIVE DURING · 53455866
      Thayumanavar authored
                     THREAD POOLING STRESS TEST
      PROBLEM:
      Connection stress tests which consists of concurrent
      kill connections interleaved with mysql ping queries
      cause the mysqld server which uses thread pool scheduler
      to crash.
      FIX:
      Killing a connection involves shutdown and close of client
      socket and this can cause EPOLLHUP(or EPOLLERR) events to be
      to be queued and handled after disarming and cleanup of 
      of the connection object (THD) is being done.We disarm the 
      the connection by modifying the epoll mask to zero which
      ensure no events come and release the ownership of waiting 
      thread that collect events and then do the cleanup of THD.
      object.As per the linux kernel epoll source code (               
      http://lxr.linux.no/linux+*/fs/eventpoll.c#L1771), EPOLLHUP
      (or EPOLLERR) can't be masked even if we set EPOLL mask
      to zero. So we disarm the connection and thus prevent 
      execution of any query processing handler/queueing to 
      client ctx. queue by removing the client fd from the epoll        
      set via EPOLL_CTL_DEL. Also there is a race condition which
      involve the following threads:
      1) Thread X executing KILL CONNECTION Y and is in THD::awake
      and using mysys_var (holding LOCK_thd_data).
      2) Thread Y in tp_process_event executing and is being killed.
      3) Thread Z receives KILL flag internally and possible call
      the tp_thd_cleanup function which set thread session variable
      and changing mysys_var.
      The fix for the above race is to set thread session variable
      under LOCK_thd_data.
      We also do not call THD::awake if we found the thread in the
      thread list that is to be killed but it's KILL_CONNECTION flag
      set thus avoiding any possible concurrent cleanup. This patch
      is approved by Mikael Ronstrom via email review.
      53455866
  3. 08 Nov, 2012 7 commits
    • Joerg Bruehe's avatar
      Merge the ULN RPM fix into main. · a8f749a6
      Joerg Bruehe authored
      a8f749a6
    • Joerg Bruehe's avatar
      Building RPMs for ULN: · 0f344086
      Joerg Bruehe authored
      The patch "mysql-chain-certs.patch" needs to be adapted
      to code changes in "vio/viosslfactories.c" which were
      done in MySQL 5.5.
      
      Then, the patch can be re-enabled in the spec file.
      0f344086
    • Annamalai Gurusami's avatar
      Bug #14669848 CRASH DURING ALTER MAKES ORIGINAL TABLE INACCESSIBLE · 7ef879bb
      Annamalai Gurusami authored
      When a new primary key is added to an InnoDB table, then the following
      steps are taken by InnoDB plugin:
      
      .  let t1 be the original table.
      .  a temporary table t1@00231 will be created by cloning t1.
      .  all data will be copied from t1 to t1@00231.
      .  rename t1 to t1@00232.
      .  rename t1@00231 to t1.
      .  drop t1@00232.
      
      The rename and drop operations involve file operations.  But file operations
      cannot be rolled back.  So in row_merge_rename_tables(), just after doing data
      dictionary update and before doing any file operations, generate redo logs
      for file operations and commit the transaction.  This will ensure that any
      crash after this commit, the table is still recoverable by moving .ibd and
      .frm files.  Manual recovery is required.
      
      During recovery, the rename file operation redo logs are processed.
      Previously this was being ignored.
      
      rb://1460 approved by Marko Makela.
      7ef879bb
    • Aditya A's avatar
      Bug#14234028 - CRASH DURING SHUTDOWN WITH BACKGROUND PURGE THREAD · 29d08621
      Aditya A authored
       
       Analysis
       --------- 
       
       my_stat() calls stat() and if the stat() call fails we try to set 
       the variable  my_errno which is actually a thread specific data .
       We try to get the  address of this thread specific data using
       my_pthread_getspecifc(),but for the purge thread we have not defined 
       any thread specific data so it returns null and when dereferencing 
       null we get a segmentation fault.
              init_available_charsets() seen in the core stack is invoked 
       through  pthread_once() .pthread_once is used for one time 
       initialization.Since free_charsets() is called before innodb plugin 
       shutdown ,purge thread calls init_avaliable_charsets() which leads 
       to the crash.
      
       Fix
       ---
       Call free_charsets() after the innodb plugin shutdown,since purge 
       threads are still using the charsets. 
      29d08621
    • Aditya A's avatar
      Bug#14234028 - CRASH DURING SHUTDOWN WITH BACKGROUND PURGE THREAD · 7a8c93e6
      Aditya A authored
       
       Analysis
       --------- 
       
       my_stat() calls stat() and if the stat() call fails we try to set 
       the variable  my_errno which is actually a thread specific data .
       We try to get the  address of this thread specific data using
       my_pthread_getspecifc(),but for the purge thread we have not defined 
       any thread specific data so it returns null and when dereferencing 
       null we get a segmentation fault.
              init_available_charsets() seen in the core stack is invoked 
       through  pthread_once() .pthread_once is used for one time 
       initialization.Since free_charsets() is called before innodb plugin 
       shutdown ,purge thread calls init_avaliable_charsets() which leads 
       to the crash.
      
       Fix
       ---
       Call free_charsets() after the innodb plugin shutdown,since purge 
       threads are still using the charsets. 
      7a8c93e6
    • Aditya A's avatar
      Bug#11751825 - OPTIMIZE PARTITION RECREATES FULL TABLE INSTEAD JUST PARTITION · c4be4dc0
      Aditya A authored
      Follow up patch to address the pb2 failures.
      c4be4dc0
    • Aditya A's avatar
      Bug#11751825 - OPTIMIZE PARTITION RECREATES FULL TABLE INSTEAD JUST PARTITION · 078d7a87
      Aditya A authored
      Follow up patch to address the pb2 failures.
      078d7a87
  4. 07 Nov, 2012 6 commits
    • Joerg Bruehe's avatar
      Make RPMs for ULN build again. · a4e7094e
      Joerg Bruehe authored
      A change to "vio/viosslfactories.c" in August, 2012,
      broke a patch which is to be applied during the build
      of ULN RPMs.
      The patch file is
      "packaging/rpm-uln/mysql-chain-certs.patch"
      
      This change bypasses the problem by not trying to apply
      the patch.
      
      This is a regression and must be fixed, not bypassed.
      a4e7094e
    • Joerg Bruehe's avatar
      Placement change: · 7e613db4
      Joerg Bruehe authored
      Top level "SPECIFIC-ULN/" was inappropriate,
      put the files to create RPMs for ULN into
      "packaging/rpm-uln/".
      7e613db4
    • Praveenkumar Hulakund's avatar
      Bug#14466617 - INVALID WRITES AND/OR CRASH WITH USER · d912a758
      Praveenkumar Hulakund authored
                     VARIABLES 
      
      Analysis:
      -------------
      After executing the query, new value of the user defined
      variables are set in the function "select_dumpvar::send_data".
      "select_dumpvar::send_data" first calls function 
      "Item_func_set_user_var::save_item_result()". This function
      checks the nullness of the Item_field passed as parameter 
      to it and saves it. The nullness of item is stored with 
      arg[0]'s null_value flag. Then "select_dumpvar::send_data" calls
      "Item_func_set_user_var::update()" which notices null 
      result that was saved and calls "Item_func_set_user_var::
      update_hash". But here null_value is not set and args[0]
      is different from that given to function "Item_func_set_user_var::
      set_item_result()". This causes "Item_func_set_user_var::
      update_hash" function to believe that its getting non-null value.
      "user_var_entry::length" set to 0 and hence "user_var_entry::value"
      is made to point to extra_area allocated in "user_var_entry".
      And "Item_func_set_user_var::update_hash" tries to write
      at memory beyond extra_area for result type DECIMAL. Because of 
      this invalid write issue is reported by Valgrind.
      
      Before this bug was introduced, we avoided this problem by 
      creating "Item_func_set_user_var" object with the same 
      Item_field as arg[0] and as parameter to 
      Item_func_set_user_var::save_item_result(). But now 
      they are refering to different args[0]. Because of this
      null_value flag set in parameter Item_field in function
      "Item_func_set_user_var::save_item_result()" is not
      reflected in "Item_func_set_user_var" object.
      
      Fix:
      ------------
      This issue is reported on versions 5.5.24. Issue does not exists
      in 5.5.23, 5.1, 5.6 and trunk.
      
      This issue was introduced by
      revid:georgi.kodinov@oracle.com-20120309130449-82e3bs5v3et1x0ef (fix for
      bug #12408412), which was pushed into 5.5 and later releases. This patch
      has later been reversed in 5.6 and trunk by
      revid:norvald.ryeng@oracle.com-20121010135242-xj34gg73h04hrmyh (fix for
      bug #14664077). Backported this patch in 5.5 also to fix this issue.
      
      
      sql/item_func.cc:
        here unsigned value is converted to signed value.
      sql/item_func.h:
        last_insert_id() gives an auto_incremented value which can be
        positive only,so defined it as a unsigned longlong sets the
        unsigned_flag to 1.
      d912a758
    • unknown's avatar
      No commit message · f5fbcfe3
      unknown authored
      No commit message
      f5fbcfe3
    • Venkata Sidagam's avatar
      Bug #11759445: CAN'T DELETE ROWS FROM MEMORY TABLE WITH HASH KEY. · 1d771aa4
      Venkata Sidagam authored
      Merging from 5.1 to 5.5
      1d771aa4
    • Venkata Sidagam's avatar
      Bug #11759445: CAN'T DELETE ROWS FROM MEMORY TABLE WITH HASH KEY. · 2226b108
      Venkata Sidagam authored
      Brief description: After insert some rows to MEMORY table with HASH key some 
      rows can't be deleted in one step.    
      
      Problem Analysis/solution: info->current_ptr will have the information about the
      current hash pointer from where we can traverse to the list to get all the       
      remaining tuples.
            
      In hp_delete_key we are updating info->current_ptr with the last_pos based on       
      the flag parameter(which is the keydef and last index are same). As part of the       
      fix we are making it to zero only when the code flow reaches to the end of the       
      function hp_delete_key() it means that the next record which has to get deleted       
      will be at the starting of the list so, that in the next call to       
      read record(heap_rnext()) will take line number 100 path instead of 102 path, 
      please see the below code in file hp_rnext.c, function heap_rnext().
       99       else if (!info->current_ptr)              /* Deleted or first call */
      100         pos= hp_search(info, keyinfo, info->lastkey, 0);
      101       else  
      102         pos= hp_search(info, keyinfo, info->lastkey, 1);
      
      with that change the hp_search() will update the info->current_ptr with the 
      record which needs to be deleted.
      
      storage/heap/hp_delete.c:
        In heap_delete_key() function we are making info->current_ptr to 0 if 
        flag is enabled.
      2226b108
  5. 06 Nov, 2012 2 commits
    • Aditya A's avatar
      Bug#11751825 - OPTIMIZE PARTITION RECREATES FULL TABLE INSTEAD JUST PARTITION · 9e13157b
      Aditya A authored
      PROBLEM 
      -------
      
      optimize on partiton will recreate the whole table 
      instead of just partition.
      
      ANALYSIS
      --------
      
      At present innodb doesn't support optimize option ,so we do a rebuild of the 
      whole table and then call analyze() on the table.Presently for any optimize()
      option (on table or partition) we display the following info to the user 
      
      "Table does not support optimize, doing recreate + analyze instead".
      
      FIX
      ---
      
      It was decided for GA versions(5.1 and 5.5) whenever the user tries to 
      optimize a partition(s) we will will display the following info the user
      
      "Table does not support optimize on partitions.
      All partitions will be rebuilt and analyzed."
      
      Earlier partitions were not analyzed.Now all partitions  will be analyzed.  
      
      If the user wants to optimize the whole table ,we will display the
      previous info to the user. i.e
      
      "Table does not support optimize, doing recreate + analyze instead"
      
      For 5.6+ versions we will raise a new bug to support optimize() options
      in innodb.
      
      9e13157b
    • Aditya A's avatar
      Bug#11751825 - OPTIMIZE PARTITION RECREATES FULL TABLE INSTEAD JUST PARTITION · b6d33629
      Aditya A authored
      PROBLEM 
      -------
      
      optimize on partiton will recreate the whole table 
      instead of just partition.
      
      ANALYSIS
      --------
      
      At present innodb doesn't support optimize option ,so we do a rebuild of the 
      whole table and then call analyze() on the table.Presently for any optimize()
      option (on table or partition) we display the following info to the user 
      
      "Table does not support optimize, doing recreate + analyze instead".
      
      FIX
      ---
      
      It was decided for GA versions(5.1 and 5.5) whenever the user tries to 
      optimize a partition(s) we will will display the following info the user
      
      "Table does not support optimize on partitions.
      All partitions will be rebuilt and analyzed."
      
      Earlier partitions were not analyzed.Now all partitions  will be analyzed.  
      
      If the user wants to optimize the whole table ,we will display the
      previous info to the user. i.e
      
      "Table does not support optimize, doing recreate + analyze instead"
      
      For 5.6+ versions we will raise a new bug to support optimize() options
      in innodb.
      
      b6d33629
  6. 05 Nov, 2012 3 commits
  7. 03 Nov, 2012 1 commit
  8. 01 Nov, 2012 2 commits
  9. 31 Oct, 2012 3 commits
    • Venkata Sidagam's avatar
      BUG#13556441: CHECK AND REPAIR TABLE SHOULD BE MORE ROBUST [4] · 02501a0f
      Venkata Sidagam authored
      Problem description:
      mysql server crashes when we run repair table on currupted table.
      
      Analysis:
      The problem with this bug seem to be key_reflength out of bounds
      (186 according to debugger). We read this value from meta-data
      segment of .MYI file while doing mi_open().
      
      If you look into _mi_kpointer() you can see that the upper limit
      for key_reflength is 7.
      
      Solution:
      In mi_open() there is a line like:
        if (share->base.keystart > 65535 || share->base.rec_reflength > 8)
      we should verify key_reflength here as well.
      02501a0f
    • Ashish Agarwal's avatar
      BUG#14485479: Merge into mysql-5.5 branch · 2919ca4e
      Ashish Agarwal authored
      2919ca4e
    • Ashish Agarwal's avatar
      BUG#14485479: INSTALL AUDIT PLUGIN HANGS IF WE TRY TO · 154860ea
      Ashish Agarwal authored
                    DISABLE AND ENABLED DURING DDL OPERATION
      
      PROBLEM: Same thread trying to acquire the same mutex
               second time leads to hang/server crash.
               While [un]installing audit_log plugin
               a thread acquires the LOCK_plugin mutex
               and after successful initialization tries
               to write in mysql.plugin table. It holds
               this mutex for a long time. If some how
               plugin table is corrupted then a write to 
               plugin table will throw an error, thread try
               to log this error in the audit_log plugin,
               doing so it tries to acquire the mutex
               again and results is server hang/crash.
      
      SOLUTION: Releasing the LOCK_plugin mutex before
                writing in mysql.plugin table. We dont
                need to hold this mutex as thread already
                acquired a TL_WRITE lock on mysql.plugin
                table.
      154860ea
  10. 30 Oct, 2012 5 commits