1. 02 Jan, 2013 4 commits
    • Venkatesh Duggirala's avatar
      BUG#11753923-SQL THREAD CRASHES ON DISK FULL · ce7e7a99
      Venkatesh Duggirala authored
      Merging fix from mysql-5.1
      ce7e7a99
    • Venkatesh Duggirala's avatar
      BUG#11753923-SQL THREAD CRASHES ON DISK FULL · 39323920
      Venkatesh Duggirala authored
      Problem:If Disk becomes full while writing into the binlog,
      then the server instance hangs till someone frees the space.
      After user frees up the disk space, mysql server crashes
      with an assert (m_status != DA_EMPTY)
      
      Analysis: wait_for_free_space is being called in an
      infinite loop i.e., server instance will hang until
      someone frees up the space. So there is no need to
      set status bit in diagnostic area.
      
      Fix: Replace my_error/my_printf_error with
      sql_print_warning() which prints the warning in error log.
      
      include/my_sys.h:
        Provision to call sql_print_warning from mysys files
      mysys/errors.c:
        Replace my_error/my_printf_error with
        sql_print_warning() which prints the warning in error log.
      mysys/my_error.c:
        implementation of my_printf_warning
      mysys/my_write.c:
        Adding logic to break infinite loop in the simulation
      sql/mysqld.cc:
        Provision to call sql_print_warning from mysys files
      39323920
    • Marc Alff's avatar
      Bug#16060864 SEGMENTATION FAULT IN PERFORMANCE_SCHEMA WITH HISTORY SIZE 0 · cc2df006
      Marc Alff authored
      Before this fix, configuring the server with:
      - performance_schema_events_waits_history_size=0
      - performance_schema_events_waits_history_long_size=0
      could cause a crash in the performance schema.
      
      These settings to 0 are intended to be valid and supported,
      and are in fact working properly in mysql 5.6 and up already.
      
      This fix backports the code fix and test cases from mysql 5.6
      to the mysql 5.5 release.
      cc2df006
    • Kent Boortz's avatar
      5ff0148e
  2. 01 Jan, 2013 2 commits
  3. 29 Dec, 2012 2 commits
  4. 28 Dec, 2012 2 commits
  5. 27 Dec, 2012 4 commits
  6. 26 Dec, 2012 4 commits
  7. 24 Dec, 2012 4 commits
    • Annamalai Gurusami's avatar
      8d1923f4
    • Annamalai Gurusami's avatar
      Fixing a pb2 issue. There is some difference in the output in my local... · 76059a4a
      Annamalai Gurusami authored
      Fixing a pb2 issue.  There is some difference in the output in my local machine and pb2 machines in the explain output.  
      76059a4a
    • Chaithra Gopalareddy's avatar
      Merge from 5.1 · 777ac199
      Chaithra Gopalareddy authored
      777ac199
    • Chaithra Gopalareddy's avatar
      Bug#11757005: UNION CONVERTS UNSIGNED MEDIUMINT AND BIGINT · 259a5a30
      Chaithra Gopalareddy authored
                    TO SIGNED
      Problem:
      When we are joining types (of fields) in case of a union, we usually
      upgrade the datatypes to the largest present in the query.
      In case of mediumint, it is not happening.
      Analysis:
      When joined with types LONG and LONGLONG, mediumint should get
      upgraded to LONG and LONGLONG respectively.
      W.r.t the given query, constant '1' will be created as a LONGLONG
      internally and SIGNED flag is enabled. As a result, while combining
      types for the field, LONGLONG along with MEDIUMINT gets converted
      to LONG first. LONG with MEDIUMINT(of the third select) gets converted
      to MEDIUMINT. SIGNED FLAG would be that of the first field's.
      As a result, the final result would be SIGNED MEDIUMINT.
      Fix:
      While joining types, MEDIUMINT with LONGLONG and MEDIUMINT with LONG
      is converted to LONGLONG and LONG respectively. Also, made some 
      changes for FLOAT and DOUBLE.
      
      
      sql/field.cc:
        Changed merge types for MEDIUMINT.
      259a5a30
  8. 21 Dec, 2012 4 commits
    • Tor Didriksen's avatar
      merge 5.1 => 5.5 · 8aa2a2d6
      Tor Didriksen authored
      8aa2a2d6
    • Roy Lyseng's avatar
      Bug#15972635: Incorrect results returned in 32 table join with HAVING · 96c373c5
      Roy Lyseng authored
      The problem is a shift operation that is not 64-bit safe.
      The consequence is that used tables information for a join with 32 tables
      or more will be incorrect.
      
      Fixed by adding a type cast in Item_sum::update_used_tables().
      
      Also used the opportunity to fix some other potential bugs by adding an
      explicit type-cast to an integer in a left-shift operation.
      Some of them were quite harmless, but was fixed in order to get the same
      signed-ness as the other operand of the operation it was used in.
      
      sql/item_cmpfunc.cc
        Adjusted signed-ness for some integers in left-shift.
      
      sql/item_subselect.cc
        Added type-cast to nesting_map (which is a 32/64 bit type, so
        potential bug for deeply nested queries).
      
      sql/item_sum.cc
        Added type-cast to nesting_map (32/64-bit type) and table_map
        (64-bit type).
      
      sql/opt_range.cc
        Added type-cast to ulonglong (which is a 64-bit type).
      
      sql/sql_base.cc
        Added type-cast to nesting_map (which is a 32/64-bit type).
      
      sql/sql_select.cc
        Added type-cast to nesting_map (32/64-bit type) and key_part_map
        (64-bit type).
      
      sql/strfunc.cc
        Changed type-cast from longlong to ulonglong, to preserve signed-ness.
      96c373c5
    • prabakaran thirumalai's avatar
      Bug#14627287 THREAD CACHE - BYPASSES PRIVILEGES · 56db769e
      prabakaran thirumalai authored
      merge from 5.1
      56db769e
    • prabakaran thirumalai's avatar
      Bug#14627287 THREAD CACHE - BYPASSES PRIVILEGES · 98aaf18b
      prabakaran thirumalai authored
      Analysis:
      When thread cache is enabled, it does not properly initialize
      thd->start_utime when a thread is picked from the thread cache.
      This breaks the quota management mechanism. 
      THD::time_out_user_resource_limits() resets 
      m_user_connect->conn_per_hour to 0 based on thd->start_utime
      
      Fix:
      Initialize start_utime when cached thread is reused.
      
      Notes:
      Enabled back tests which were disabled because of this issue.
      98aaf18b
  9. 20 Dec, 2012 3 commits
    • Annamalai Gurusami's avatar
      Bug #13819630 ARCHIVE TABLE WITH 1000+ PARTITIONS CRASHES SERVER · c162202a
      Annamalai Gurusami authored
      ON "DROP TABLE"
      
      In the function ha_archive::write_row(), there is an error code path
      that exits the function without releasing the mutex that was acquired
      earlier.  
      
      rb#1743 approved by ramil.
      c162202a
    • Tor Didriksen's avatar
      Bug#16027468 ADDRESSSANITIZER BUG IN MYSQLTEST · 4a35c6d4
      Tor Didriksen authored
      DBUG_ENTER and DBUG_LEAVE must *always* match,
      otherwise all subsequent DBUG_ENTER calls will 
      be poking into undefined stack frames.
      4a35c6d4
    • Annamalai Gurusami's avatar
      Bug #14556349 RENAME OF COMPRESSED TABLE AND INSERT BUFFER MERGE CAUSE · c7fd6181
      Annamalai Gurusami authored
      HANG
      
      Problem Statement:
      
      When the operation RENAME TABLE is about rename the tablespace of the
      table, it will stop all i/o operations on the tablespace temporarily.
      For this the fil_space_t::stop_ios member is used.
      
      Once the fil_space_t::stop_ios member is set to TRUE in the RENAME
      TABLE operation, it is expected that no new i/o operation will be done
      on the tablespace and all pending i/o operation can be completed on
      the tablespace.
      
      If the pending i/o operations initiate any new i/o operations then
      there will be deadlock.  The RENAME TABLE operation will be waiting
      for pending i/o on the tablespace to be completed, and the pending i/o
      operations will be waiting on the RENAME TABLE operation to set the
      file_space_t::stop_ios flag to be set to FALSE.
      
      But in the given scenario the pending i/o operations did not initiate
      new i/o.  But they where still unnecessarily checking the
      fil_space_t::stop_ios flag.  This resulted in deadlock.
      
      Solution:
      
      I noticed that this deadlock happens in fil_space_get_size() and
      fil_space_get_zip_size() in the i/o threads.  These functions check
      the stop_ios flag even when no i/o will be initiated.  I modified
      these functions to ensure that they check the stop_ios flag only when
      they will be initiating an i/o operation.  This solves the problem.
      
      rb://1635 (mysql-5.5)
      rb://1660 (mysql-trunk) approved by Inaam, Jimmy, and ima.
      c7fd6181
  10. 19 Dec, 2012 2 commits
  11. 18 Dec, 2012 6 commits
    • Vasil Dimov's avatar
      Merge mysql-5.1 -> mysql-5.5 · e8ec0212
      Vasil Dimov authored
      e8ec0212
    • Vasil Dimov's avatar
      Fix Bug#16000909 MEMORY LEAK, MYSQL_INPLACE_ALTER_TABLE · 0dd066cb
      Vasil Dimov authored
      This is a followup to the fix of
      Bug#14628410 ASSERTION `! IS_SET()' FAILED IN DIAGNOSTICS_AREA::SET_OK_STATUS
      (satya.bodapati@oracle.com-20121213132316-5joz4phltx9yhjs7)
      
      In innobase_mysql_tmpfile(): allocate/open the file after
      the return(-1); statement.
      0dd066cb
    • Ahmad Abdullateef's avatar
      BUG#14727815 - CRASH IN PTHREAD_RWLOCK_WRLOCK/SRW_UNLOCK · b12fe502
      Ahmad Abdullateef authored
                                   IN QUERY CACHE CODE
      
      DESCRIPTION:
      MySQL Server crashes sporadically when Query Caching is on and
      the server has high contention among clients. 
      
      
      ANALYSIS :
      
      Scenario 1:
      In Query_cache::move_by_type() when handling RESULT or its related blocks,
      Write Lock is acquired on its parent Query block. However the next and prev
      pointers are cached in local variables before lock acquisition. In an extremely
      high contention scenario there exists a possibility that
      Query_cache::append_result_data() is operating on the same query block
      and as a consequence might append a new Result block to the end of Result
      blocks Linked List of the Query. This would manipulate the next, prev pointers
      of the Block being processed in move_by_type(), however the local pointers
      still point to previous nodes there by causing Data Corruption leading to crash.
      
      Scenario 2:
      In Windows SDK "BOOL" is typedefed as "int" and BOOLEAN is typedefed as
      "usigned char". The function pointer definition "srw_bool_func" mistakenly uses 
      BOOL instead of BOOLEAN thereby virtually making the function 
      my_TryAcquireSRWLockExclusive() always succeed because only the LSB of EAX
      has the actual result of the call, however due to type mismatch all bytes of EAX
      are used for evaluation. Again during high contention scenarios in 
      Query_cache::free_old_query() calls try_lock_writing() on a Query, this call 
      always succeeds and the query is freed, even though it is used by some other
      thread, in this case Query_cache::send_result_to_client() was using it and the
      code causes a crash because it accessed free or reallocated memory.
      
      FIX :
      
      Scenario 1:
      The next, prev pointers are now accessed only after Lock acquisition in 
      Query_cache::move_by_type().
      
      Scenario 2:
      In the definition of "srw_bool_func" BOOL has been replaced with "BOOLEAN"
      b12fe502
    • Ahmad Abdullateef's avatar
      BUG#14727815 - CRASH IN PTHREAD_RWLOCK_WRLOCK/SRW_UNLOCK · febe03c2
      Ahmad Abdullateef authored
                                   IN QUERY CACHE CODE
      
      DESCRIPTION:
      MySQL Server crashes sporadically when Query Caching is on and
      the server has high contention among clients. 
      
      
      ANALYSIS :
      
      Scenario 1:
      In Query_cache::move_by_type() when handling RESULT or its related blocks,
      Write Lock is acquired on its parent Query block. However the next and prev
      pointers are cached in local variables before lock acquisition. In an extremely
      high contention scenario there exists a possibility that
      Query_cache::append_result_data() is operating on the same query block
      and as a consequence might append a new Result block to the end of Result
      blocks Linked List of the Query. This would manipulate the next, prev pointers
      of the Block being processed in move_by_type(), however the local pointers
      still point to previous nodes there by causing Data Corruption leading to crash.
      
      FIX :
      
      Scenario 1:
      The next, prev pointers are now accessed only after Lock acquisition in 
      Query_cache::move_by_type().
      febe03c2
    • Vasil Dimov's avatar
      Merge mysql-5.1 -> mysql-5.5 · 5395f4a5
      Vasil Dimov authored
      5395f4a5
    • Vasil Dimov's avatar
      Fix Bug#13463493 INNODB PLUGIN WERE CHANGED, BUT STILL USE THE · 7bdd8b48
      Vasil Dimov authored
      SAME VERSION NUMBER 1.0.17
      
      Now that InnoDB/InnoDB Plugin is no longer separately developed and
      distributed from the MySQL server it does not need its own version number.
      Thus use the MySQL version instead.
      
      "Removing" the version altogether is not feasible because the config
      variable 'innodb_version' cannot be removed in GA branches.
      
      Reviewed by:	Marko (rb#1751)
      7bdd8b48
  12. 14 Dec, 2012 2 commits
  13. 13 Dec, 2012 1 commit
    • Ravinder Thakur's avatar
      bug#11761752: DO NOT ALLOW USE OF ALTERNATE DATA STREAMS ON NTFS FILESYSTEM. · 2d16c5bd
      Ravinder Thakur authored
      File names with colon are being disallowed because of the Alternate Data 
      Stream (ADS) feature of NTFS that could be misused. ADS allows data to be 
      written to alternate streams of a normal file. The data in alternate 
      streams cannot be seen by normal tools on Windows (explorer, cmd.exe). As 
      a result someone can use this feature to hide large amount of data in 
      alternate streams and admins will have no easy way of figuring out the 
      files that are using that disk space. The fix also disallows ADS in the 
      scenarios where file name is passed as some dynamic variable.
      
      An important thing about the fix is that it DOES NOT disallow ADS file 
      names if they are not dynamic (i.e. if the file is created by using some 
      option that needs local access to the MySQL server, for example error log
      file). The reasoning is that if some MySQL option related to files 
      requires access to the local machine (it is not dynamic), then user can very 
      well create data in ADS by some other means. This fixes only those scenarios 
      which can allow users to create data in ADS over the wire.
      
      File names with colon are being disallowed only on Windows. UNIX 
      (Linux in particular) supports NTFS, but it will not be a common 
      scenario for someone to configure a NTFS file system to store MySQL 
      data on Linux.
      
      Changes in file bug11761752-master.opt are needed due to 
      bug number 15937938.
      2d16c5bd