- 02 Jul, 2014 1 commit
-
-
Marcin Babij authored
Mysqldump overflows stack buffer when copying table name from commandline arguments resulting in stack corruption and ability to execute arbitrary code. Fix: Check length of all positional arguments passed to mysqldump is smaller than NAME_LEN. Note: Mysqldump heavily depends on that database objects (databases, tablespaces, tables, etc) are limited to small size (now it is 64).
-
- 01 Jul, 2014 1 commit
-
-
unknown authored
-
- 30 Jun, 2014 2 commits
-
-
Venkata Sidagam authored
Description: Backporting BUG#16513435 to 5.5 and 5.6 This is a fix for REMOTE PREAUTH USER ENUMERATION FLAW bug
-
Marcin Babij authored
Reverted change due to mtr test failure.
-
- 27 Jun, 2014 5 commits
-
-
unknown authored
No commit message
-
Praveenkumar Hulakund authored
Post-push patch. Changing file permission of "scripts/mysqlaccess.conf".
-
Praveenkumar Hulakund authored
Backporting patch committed for bug 18008907 to 5.5 and 5.6.
-
Terje Rosten authored
Post push fix: add execute bit on perl script.
-
Marcin Babij authored
Mysqldump overflows stack buffer when copying table name from commandline arguments resulting in stack corruption and ability to execute arbitrary code. Fix: Check length of all positional arguments passed to mysqldump is smaller than NAME_LEN. Note: Mysqldump heavily depends on that database objects (databases, tablespaces, tables, etc) are limited to small size (now it is 64).
-
- 26 Jun, 2014 3 commits
-
-
Luis Soares authored
The test case makes use of the fine DEBUG_SYNC facility. Furthermore, since it needs synchronization on internal threads (dump and SQL threads) the server code has DEBUG_SYNC commands internally deployed and activated through the DBUG_EXECUTE_IF macro. The internal DBUG_SYNC commands are then controlled from the test case through the DEBUG variable. There were three problems around the DEBUG + DEBUG_SYNC facility usage: 1. When signaling the SQL thread to continue, the test would reset immediately the DEBUG_SYNC variable. This could mean that the SQL thread might loose the signal and continue to wait forever; 2. A similar scenario was happening with the dump thread on the master. This thread was instructed to wait, and later it would be signaled to continue, but immediately after the DEBUG_SYNC would be reset. This could lead to the dump thread missing the signal and wait forever; 3. The test was not cleaning itself up with respect to the instrumentation of the dump thread. This would leave the conditional execution of an internal DEBUG_SYNC command active (through the usage of DBUG_EXECUTE_IF). We fix #1 and #2 by waiting for the threads to receive the signal and only then issue the reset. We fix #3 by reseting the DEBUG variable, thus deactivating the dump thread internal DEBUG_SYNC command.
-
Balasubramanian Kandasamy authored
-
Arun Kuruvila authored
CERTAIN MAX_HEAP_TABLE_SIZE VALUES Followup patch to fix failure on Window machine.
-
- 25 Jun, 2014 6 commits
-
-
Raghav Kapoor authored
BACKGROUND: This bug is a followup on Bug#16368875. The assertion failure happens because in SQL layer the key does not get promoted to PRIMARY KEY but InnoDB takes it as PRIMARY KEY. ANALYSIS: Here we are trying to create an index on POINT (GEOMETRY) data type which is a type of BLOB (since GEOMETRY is a subclass of BLOB). In general, we can't create an index over GEOMETRY family type field unless we specify the length of the keypart (similar to BLOB fields). Only exception is the POINT field type. The POINT column max size is 25. The problem is that the field is not treated as PRIMARY KEY when we create a index on POINT column using its max column size as key part prefix. The fix would allow index on POINT column to be treated as PRIMARY KEY. FIX: Patch for Bug#16368875 is extended to take into account GEOMETRY datatype, POINT in particular to consider it as PRIMARY KEY in SQL layer.
-
Nisha Gopalakrishnan authored
Fix: --- The issue reported is same as the BUG#14117018. Hence backporting the patch from mysql-trunk to mysql-5.5 and mysql-5.6
-
Terje Rosten authored
Bug#16415173 CRLF INSTEAD OF LF IN SQL-BENCH SCRIPTS Correct perms and converts from Windows style to UNIX style line endings on some files. Fix perms on installed ini files. (MySQL 5.5 version)
-
Balasubramanian Kandasamy authored
-
Arun Kuruvila authored
WITH CERTAIN MAX_HEAP_TABLE_SIZE VALUES Description: When the system variable 'max_heap_table_size' is set to 20GB, the server crashes on creation of a temporary tables or tables using MEMORY storage engine. Analysis: The variable 'max_record' determines the amount heap allocated for the records of the table. This value is determined using the 'max_heap_table_size' variable. 'records_in_block' in turn uses the max_records to determine the number of records per block. When the 'max_heap_table_size' is set to 20GB, then the 'records_in_block' is calculated to a value of 2^28. The size of the block determined by multiplying the 'records_in_block' and 'recbuffer' results in overflow and hence the value becomes zero. As a result, zero bytes of the heap is allocated for the table. This will result in a server crash when the table is accessed. Fix: The variables 'records_in_block' and 'recbuffer' are typecasted to 'unsigned long' while calculating the size of the block.
-
Gopal Shankar authored
PRIMARY_KEY_NO == 0 This bug is a backport of the following revision of 5.6 source tree: # committer: Gopal Shankar <gopal.shankar@oracle.com> # branch nick: priKey56 # timestamp: Wed 2013-05-29 11:11:46 +0530 # message: # Bug#16368875 INNODB: FAILING ASSERTION:
-
- 24 Jun, 2014 2 commits
-
-
Jon Olav Hauglid authored
Set CMP0026 and CMP0045 policies when using CMake version 3 or higher to restore old CMake behavior.
-
Nisha Gopalakrishnan authored
CORRUPTS FRM Analysis: --------- ALTER TABLE on a partitioned table resulted in the wrong engine being written into the table's FRM file and displayed in SHOW CREATE TABLE. The prep_alter_part_table() modifies the partition_info object for TABLE instance representing the old version of table. If the ALTER TABLE ENGINE statement fails, the partition_info object for the TABLE contains the altered storage engine name. The SHOW CREATE TABLE uses the TABLE object to display the table information, hence displays incorrect storage engine for the table. Also a subsequent successful ALTER TABLE operation will write the incorrect engine information into the FRM file. Fix: --- A copy of the partition_info object is created before modification so that any changes would not cause the the original partition_info object to be modified if the ALTER TABLE fails.(Backported part of the code provided as fix for bug#14156617 in mysql-5.6.6).
-
- 23 Jun, 2014 2 commits
-
-
Gleb Shchepa authored
Backport of the fix: : Bug 18017820: BISON 3 BREAKS MYSQL BUILD : ======================================== : : The source of the reported problem is a removal of a few deprecated : things from Bison 3.x: : * YYPARSE_PARAM macro (use the %parse-param bison directive instead), : * YYLEX_PARAM macro (use %lex-param instead), : : The fix removes obsolete macro calls and introduces use of : %parse-param and %lex-param directives.
-
Erlend Dahl authored
-
- 19 Jun, 2014 1 commit
-
-
Jon Olav Hauglid authored
This is the 5.5/5.6 version of the patch. Add deprecation warning for timed_mutexes.
-
- 18 Jun, 2014 1 commit
-
-
Namit Sharma authored
DISCONNECT CON1 AND CON2 Problem: The test suite/binlog/t/binlog_killed.test makes the connections con1 and con2 but forgets to disconnect them + wait till that operation is finished at test end. This mistake has the potential to harm subsequent tests in case these tests depend on the content of the processlist. Solution: Added disconnect + wait_until_disconnected.inc within the test cleanup.
-
- 17 Jun, 2014 3 commits
-
-
Balasubramanian Kandasamy authored
-
Balasubramanian Kandasamy authored
-
unknown authored
No commit message
-
- 16 Jun, 2014 1 commit
-
-
Sujatha Sivakumar authored
NON-EXISTS RECORDS Problem: ======== In RBR replication, master deletes a record but the record don't exist on slave. when slave tries to apply the Delete_row_log_event from master, it will result in an assert on slave. Analysis: ======== This problem exists not only with Delete_rows event but also with Update_rows event as well. Trying to update a non existing row on the slave from the master will cause the same assert. This assert occurs only for the tables that doesn't have primary keys and which basically require sequential scan to be done to locate a record. This bug occurs only with innodb engine not with myisam. When update or delete rows is executed on a slave on a table which doesn't have primary key the updated record is stored in a buffer named table->record[0] and the same is copied to table->record[1] so that during sequential scan table->record[0] can reloaded with fetched data from the table and compared against table->record[1]. In a special case where there is no record on the slave side scan will result in EOF in that case we reinit the scan and we try to compare record[0] with record[1] which are basically the same. This comparison is incorrect. Since they both are the same record_compare() will report that record is found and we try to go ahead and try to update/delete non existing row. Ideally if the scan results in EOF means no data found hence no need to do a record_compare() at all. Fix: === Avoid comparision of records on EOF. sql/log_event.cc: Avoid record comparison on end of file. sql/log_event_old.cc: Avoid record comparison on end of file.
-
- 10 Jun, 2014 1 commit
-
-
Annamalai Gurusami authored
SLOW/CRASHES SEMAPHORE Problem: There are 2 lakh tables - fk_000001, fk_000002 ... fk_200000. All of them are related to the same parent_table through a foreign key constraint. When the parent_table is loaded into the dictionary cache, all the child table will also be loaded. This is taking lot of time. Since this operation happens when the dictionary latch is taken, the scenario leads to "long semaphore wait" situation and the server gets killed. Analysis: A simple performance analysis showed that the slowness is because of the dict_foreign_find() function. It does a linear search on two linked list table->foreign_list and table->referenced_list, looking for a particular foreign key object based on foreign->id as the key. This is called two times for each foreign key object. Solution: Introduce a rb tree in table->foreign_rbt and table->referenced_rbt, which are some sort of index on table->foreign_list and table->referenced_list respectively, using foreign->id as the key. These rbt structures will be solely used by dict_foreign_find(). rb#5599 approved by Vasil
-
- 06 Jun, 2014 1 commit
-
-
Tor Didriksen authored
For charsets with no binary collation: use my_charset_bin.
-
- 29 May, 2014 1 commit
-
-
unknown authored
-
- 22 May, 2014 1 commit
-
-
Harin Vadodaria authored
IN SSL_CTX_LOAD_VERIFY_ LOCATIONS() and OFF-BY-ONE PROBLEM IN VOID CERTDECODER:: GETDATE(DATETYPE DT) IN ASN.CPP Description : Fixes corner cases in yassl code. Refer to bug page for details.
-
- 16 May, 2014 2 commits
-
-
Tor Didriksen authored
Item_func_ltrim::val_str did not handle multibyte charsets. Fix: factor out common code for Item_func_trim and Item_func_ltrim.
-
Arun Kuruvila authored
MYSQLADMIN IN PROCESSES LIST Description: Checking the process status (with ps -ef) while executing "mysqladmin" with old password and new password via command-line will show the new password in the process list sporadically. Analysis: The old password is being masked by "mysqladmin". So masking the new password in the similar manner would reduce hitting the bug. But this would not completely fix the bug, because if "ps -ef " command hits the mysqladmin before it masks the passwords it will show both the old and new passwords in the process list. But the chances of hitting this is very less. Fix: The new password also masked in the similar manner that of the --password argument.
-
- 15 May, 2014 2 commits
-
-
Neeraj Bisht authored
Problem: Load_log_event::print_query() function does not put escape character in file name for "LOAD DATA INFILE" statement. Analysis: When we have "'" in our file name for "LOAD DATA INFILE" statement, Load_log_event::print_query() function does not put escape character in our file name. This one result that when we show binary-log, we get file name without escape character. Solution: To put escape character when we have "'" in file name, for this instead of using simple memcpy() to put file-name, we will use pretty_print_str().
-
mithun authored
"HAVING SUM(DISTINCT)": WRONG RESULTS. ISSUE: ------ If a query uses loose index scan and it has both AGG(DISTINCT) and MIN()/MAX()functions. Then, result values of MIN/MAX() is set improperly. When query has AGG(DISTINCT) then end_select is set to end_send_group. "end_send_group" keeps doing aggregation until it sees a record from next group. And, then it will send out the result row of that group. Since query also has MIN()/MAX() and loose index scan is used, values of MIN/MAX() are set as part of loose index scan itself. Setting MIN()/MAX() values as part of loose index scan overwrites values computed in end_send_group. This caused invalid result. For such queries to work loose index scan should stop performing MIN/MAX() aggregation. And, let end_send_group to do the same. But according to current design loose index scan can produce only one row per group key. If we have both MIN() and MAX() then it has to give two records out. This is not possible as interface has to use common buffer record[0]! for both records at a time. SOLUTIONS: ---------- For such queries to work we need a new interface for loose index scan. Hence, do not choose loose_index_scan for such cases. So a new rule SA7 is introduced to take care of the same. SA7: "If Q has both AGG_FUNC(DISTINCT ...) and MIN/MAX() functions then loose index scan access method is not used." mysql-test/r/group_min_max.result: Expected result. mysql-test/t/group_min_max.test: 1. Test with various combination of AGG(DISTINCT) and MIN(), MAX() functions. 2. Corrected the plan for old queries. sql/opt_range.cc: A new rule SA7 is introduced.
-
- 12 May, 2014 1 commit
-
-
Tor Didriksen authored
Bug #18382225 MYSQL_CONFIG CAN'T HANDLE RELOCABLE PACKAGES THAT USES "LIB64" OR "-64" SUFFIX 'lib' is hardcoded into mysql_config, so 'cmake -DINSTALL_LIBDIR=lib64' will not work. Use INSTALL_LIBDIR when generating mysql_config. mysql_config may be renamed to e.g. mysql_config-32, fix the basedir pattern matching.
-
- 11 May, 2014 1 commit
-
-
Balasubramanian Kandasamy authored
-
- 09 May, 2014 1 commit
-
-
Venkatesh Duggirala authored
SHOW PROCESSLIST, SHOW BINLOGS Fixing post push test failure (MTR does not like giving 127.0.0.1 for localhost incase of --embedded run, it thinks it is an external ip address)
-
- 08 May, 2014 1 commit
-
-
Venkatesh Duggirala authored
SHOW PROCESSLIST, SHOW BINLOGS Problem: A deadlock was occurring when 4 threads were involved in acquiring locks in the following way Thread 1: Dump thread ( Slave is reconnecting, so on Master, a new dump thread is trying kill zombie dump threads. It acquired thread's LOCK_thd_data and it is about to acquire mysys_var->current_mutex ( which LOCK_log) Thread 2: Application thread is executing show binlogs and acquired LOCK_log and it is about to acquire LOCK_index. Thread 3: Application thread is executing Purge binary logs and acquired LOCK_index and it is about to acquire LOCK_thread_count. Thread 4: Application thread is executing show processlist and acquired LOCK_thread_count and it is about to acquire zombie dump thread's LOCK_thd_data. Deadlock Cycle: Thread 1 -> Thread 2 -> Thread 3-> Thread 4 ->Thread 1 The same above deadlock was observed even when thread 4 is executing 'SELECT * FROM information_schema.processlist' command and acquired LOCK_thread_count and it is about to acquire zombie dump thread's LOCK_thd_data. Analysis: There are four locks involved in the deadlock. LOCK_log, LOCK_thread_count, LOCK_index and LOCK_thd_data. LOCK_log, LOCK_thread_count, LOCK_index are global mutexes where as LOCK_thd_data is local to a thread. We can divide these four locks in two groups. Group 1 consists of LOCK_log and LOCK_index and the order should be LOCK_log followed by LOCK_index. Group 2 consists of other two mutexes LOCK_thread_count, LOCK_thd_data and the order should be LOCK_thread_count followed by LOCK_thd_data. Unfortunately, there is no specific predefined lock order defined to follow in the MySQL system when it comes to locks across these two groups. In the above problematic example, there is no problem in the way we are acquiring the locks if you see each thread individually. But If you combine all 4 threads, they end up in a deadlock. Fix: Since everything seems to be fine in the way threads are taking locks, In this patch We are changing the duration of the locks in Thread 4 to break the deadlock. i.e., before the patch, Thread 4 ('show processlist' command) mysqld_list_processes() function acquires LOCK_thread_count for the complete duration of the function and it also acquires/releases each thread's LOCK_thd_data. LOCK_thread_count is used to protect addition and deletion of threads in global threads list. While show process list is looping through all the existing threads, it will be a problem if a thread is exited but there is no problem if a new thread is added to the system. Hence a new mutex is introduced "LOCK_thd_remove" which will protect deletion of a thread from global threads list. All threads which are getting exited should acquire LOCK_thd_remove followed by LOCK_thread_count. (It should take LOCK_thread_count also because other places of the code still thinks that exit thread is protected with LOCK_thread_count. In this fix, we are changing only 'show process list' query logic ) (Eg: unlink_thd logic will be protected with LOCK_thd_remove). Logic of mysqld_list_processes(or file_schema_processlist) will now be protected with 'LOCK_thd_remove' instead of 'LOCK_thread_count'. Now the new locking order after this patch is: LOCK_thd_remove -> LOCK_thd_data -> LOCK_log -> LOCK_index -> LOCK_thread_count
-