1. 17 Feb, 2011 1 commit
    • Magne Mahre's avatar
      Bug#48053 String::c_ptr has a race and/or does an invalid · f2a42aee
      Magne Mahre authored
                memory reference
      
      There are two issues present here.
        1) There is a possibility that we test a byte beyond the
           allocated buffer
      
        2) We compare a byte that might never have been
           initalized to see if it's 0.
      
      The first issue is not triggered by existing code, but an
      ASSERT has been added to safe-guard against introducing
      new code that triggers it.
      
      The second issue is what triggers the Valgrind warnings
      reported in the bug report. A buffer is allocated in
      class String to hold the value. This buffer is populated
      by the character data constituting the string, but is not
      zero-terminated in most cases.  Testing if it is indeed
      zero-terminated means that we check a byte that has never
      been explicitly set, thus causing Valgrind to trigger.
      
      Note that issue 2 is not a serious problem.  The variable
      is read, and if it's not zero, we will set it to zero.
      There are no further consequences.
      
      Note that this patch does not fix the underlying problems
      with issue 1, as it is deemed too risky to fix at this
      point (as noted in the bug report).  As discussed in
      the report, the c_ptr() method should probably be
      replaced, but this requires a thorough analysis of the
      ~200 calls to the method.
      f2a42aee
  2. 16 Feb, 2011 5 commits
    • Jonathan Perkin's avatar
      Merge to mysql-5.1 · 1ce649d5
      Jonathan Perkin authored
      1ce649d5
    • Jonathan Perkin's avatar
      Updated README file. · edcdc79e
      Jonathan Perkin authored
      edcdc79e
    • Bjorn Munch's avatar
      378ddd47
    • Jon Olav Hauglid's avatar
      Followup to Bug #11752069 (former bug 43152) · d1192eb8
      Jon Olav Hauglid authored
      Assertion `bitmap_is_set_all(&table->s->all_set)' failed in
      handler::ha_reset
      
      This followup fixes the compilation warning
        'test_bit' may be used uninitialized in this function
      introduced by the previous patch.
      d1192eb8
    • Jon Olav Hauglid's avatar
      Bug #11752069 (former bug 43152) · ba5b9734
      Jon Olav Hauglid authored
      Assertion `bitmap_is_set_all(&table->s->all_set)' failed in
      handler::ha_reset
      
      This assertion could be triggered if two connections simultaneously
      executed two bitmap test functions on the same bitmap. For example,
      the assertion could be triggered if one connection executed UPDATE
      while a second connection executed SELECT on the same table.
      
      Even if bitmap test functions have read-only semantics and have
      const bitmaps as parameter, several of them modified the internal
      state of the bitmap. With interleaved execution of two such functions
      it was possible for one function to modify the state of the same
      bitmap that the other function had just modified. This lead to an
      inconsistent state and could trigger the assert.
      
      Internally the bitmap uses 32 bit words for storage. Since bitmaps
      can contain any number of bits, the last word in the bitmap may
      not be fully used. A 32 bit mask is maintained where a bit is set
      if the corresponding bit in the last bitmap word is unused.
      The problem was that several test functions applied this mask to
      the last word. Sometimes the mask was negated and used to zero out
      the remainder of the last word and sometimes the mask was used as-is
      to fill the remainder of the last word with 1's. This meant that if
      a function first used the negated mask and another function then
      used the mask as-is (or vice-versa), the first function would then
      get the wrong result.
      
      This patch fixes the problem by changing the implementation of
      9 bitmap functions that modified the bitmap state even if the 
      bitmap was declared const. These functions now preserve the
      internal state of the bitmap. This makes it possible for
      two connections to concurrently execute two of these functions
      on the same bitmap without issues.
      
      The patch also removes dead testing code from my_bitmap.c.
      These tests have already been moved to unittest/mysys/bitmap-t.c.
      Existing test coverage of my_bitmap has been extended.
      
      No MTR test case added as this would require adding several sync
      points to the bitmap functions. The patch has been tested with
      a non-deterministic test case posted on the bug report.
      ba5b9734
  3. 15 Feb, 2011 1 commit
    • Dmitry Lenev's avatar
      Fix for bug#11766714 (former bug @59888) "debug assertion when · 7e1cd4ae
      Dmitry Lenev authored
      attempt to create spatial index on char > 31 bytes".
      
      Attempt to create spatial index on char field with length
      greater than 31 byte led to assertion failure on server
      compiled with safemutex support.
      
      The problem occurred in mi_create() function which was called
      to create a new version of table being altered. This function
      failed since it detected an attempt to create a spatial key
      on non-binary column and tried to return an error.
      On its error path it tried to unlock THR_LOCK_myisam mutex
      which has not been not locked at this point. Indeed such an
      incorrect behavior was caught by safemutex wrapper and caused
      assertion failure.
      
      This patch fixes the problem by ensuring that mi_create()
      doesn't releases THR_LOCK_myisam mutex on error path if it was
      not acquired.
      7e1cd4ae
  4. 11 Feb, 2011 1 commit
  5. 09 Feb, 2011 5 commits
  6. 08 Feb, 2011 7 commits
  7. 07 Feb, 2011 6 commits
    • Bjorn Munch's avatar
      merge 47141,59979 · 1e7fac2d
      Bjorn Munch authored
      1e7fac2d
    • Vasil Dimov's avatar
      Backport the fix for Bug#59875 Valgrind warning in buf0buddy.c from 5.5 · b7cc4aa0
      Vasil Dimov authored
      This warning also happens in 5.1 with a slightly different codepath.
      b7cc4aa0
    • Bjorn Munch's avatar
      Bug #59979 Add mtr option to run debug server, but without turning on debug · 3cde3f30
      Bjorn Munch authored
      Added --debug-server and use $opt_debug_server where appropriate
      Let --debug imply --debug-server
      When merging to 5.5, must adapt fix for 59148
      Oops, set debug => debug-server too late, fixed
      3cde3f30
    • Ole John Aske's avatar
      Fix for bug#59308: Incorrect result for SELECT DISTINCT <col>... ORDER BY <col> DESC. · 3e533efa
      Ole John Aske authored
            
      Also fix bug#59110: Memory leak of QUICK_SELECT_I allocated memory.
      Includes Jørgen Lølands review comments.
            
      Root cause of these bugs are that test_if_skip_sort_order() decided to
      revert the 'skip_sort_order' descision (and use filesort) after the
      query plan has been updated to reflect a 'skip' of the sort order.
            
      This might happen in 'check_reverse_order:' if we have a 
      select->quick which could not be made descending by appending 
      a QUICK_SELECT_DESC. ().
            
      The original 'save_quick' was then restored after the QEP has been modified,
      which caused:
            
        - An incorrect 'precomputed_group_by= TRUE' may have been set, 
          and not reverted, as part of the already modifified QEP (Bug#59308)
        - A 'select->quick' might have been created which we fail to delete (bug#59110).
            
      This fix is a refactorication of test_if_skip_sort_order() where all logic
      related to modification of QEP (controlled by argument 'bool no_changes'), is
      moved to the end of test_if_skip_sort_order(), and done after *all* 'test_if_skip'
      checks has been performed - including the 'check_reverse_order:' checks.
            
      The refactorication above contains now intentional changes to the logic which 
      has been moved to the end of the function.
            
      Furthermore, a smaller part of the fix address the handling of the 
      select->quick objects which may already exists when we call 
      'test_if_skip_sort_order()' (save_quick) -and
      new select->quick's created during test_if_skip_sort_order():
            
        - Before new select->quick may be created by calling ::test_quick_select(), we
          set 'select->quick= 0' to avoid that ::test_quick_select() prematurely
          delete the save_quick's. (After this call we may have both a 'save_quick' 
          and 'select->quick')
            
        - All returns from ::test_if_skip_sort_order() where we may have both a
          'save_quick' and a 'select->quick' has been changed to goto's to the
          exit points 'skiped_sort_order:' or 'need_filesort:' where we
          decide which of the QUICK_SELECT's to keep, and delete the other.
      3e533efa
    • Vasil Dimov's avatar
      Use fun:* instead of obj:*/libz.so* because when the bundled zlib is · 098a2ee8
      Vasil Dimov authored
      used (--with-zlib-dir=bundled) then there is no libz.so involved.
      098a2ee8
    • Vinay Fisrekar's avatar
      Bug#59955 - engines/funcs/ps_string_not_null test needs better cleanup · 4a20a603
      Vinay Fisrekar authored
      Correcting clean up command at the start of test.
      4a20a603
  8. 05 Feb, 2011 1 commit
    • Dmitry Shulga's avatar
      Fixed bug#57450 - mysql client enter in an infinite loop · 2f0ba4c3
      Dmitry Shulga authored
      if the standard input is a directory.
      
      The problem is that mysql monitor try to read from stdin without
      checking input source type.
      
      The solution is to stop reading data from standard input if a call
      to read(2) failed.
      
      A new test case was added into mysql.test.
      2f0ba4c3
  9. 04 Feb, 2011 5 commits
  10. 03 Feb, 2011 2 commits
    • Joerg Bruehe's avatar
      Fix Bug #56581 RPM scripts use hardcoded datadir location · 796672c4
      Joerg Bruehe authored
      When fixing the 27072 bug, the shell snippets running before/after
      a RPM upgrade got expanded to look at files in the data directory
      and at the PID file.
      In this expansion, the standard locations were used.
      
      There are users who configure their installations to use non-standard
      locations for the data directory, the PID file, and other objects.
      For these users, the fix of 27072 did not work.
      As a result, the fact that a server was running at upgrade start was
      not noticed, and the new server was not started after the upgrade.
      
      With this patch, the shell snippets now try to get these locations
      from "my_print_defaults" before falling back to the defaults.
      Now, the fact that the old server is running is again noticed (even
      with non-standard locations), and the new server is started.
      
      Also, the upgrade log is written to the correct data directory.
      796672c4
    • Luis Soares's avatar
      BUG#59147: rpl_circular_for_4_hosts fails sporadically · 64b0591d
      Luis Soares authored
            
      There is one part of the test case that needs to break
      and re-establish the circular topology. For this the test
      stops the slave threads on a couple of servers and restarts
      them with START SLAVE. However, no check is done on the
      status of the IO or SQL threads before proceeding with
      the subsequent commands.
            
      Because rpl_only_running_threads is set to 1 this can lead
      to silently not syncing all slave threads as expected, 
      ultimately resulting in unexpected results (and consequently
      on a failing test run).
            
      We fix this by replacing the START SLAVE instructions with
      calls to --source include/start_slave.inc, which will wait
      for the slave threads to be running (show 'Yes' in 
      Slave_IO|SQL_Running fields of SHOW SLAVE STATUS) before 
      proceeding. Additionally, we change rpl_sync.inc to make the
      IO thread report that it is running when its running status
      is any other than 'No'.
      64b0591d
  11. 02 Feb, 2011 6 commits
    • Georgi Kodinov's avatar
      merge · 63a40fe6
      Georgi Kodinov authored
      63a40fe6
    • Georgi Kodinov's avatar
      6954b672
    • Georgi Kodinov's avatar
      merge to 5.1. · ac3243c8
      Georgi Kodinov authored
      ac3243c8
    • Georgi Kodinov's avatar
      Fixes for Bug #55755 and Bug #52315 part 2 · 59f68983
      Georgi Kodinov authored
      Bug #55755 : Date STD variable signness breaks server on FreeBSD and OpenBSD
      
      * Added a check to configure on the size of time_t
      * Created a macro to check for a valid time_t that is safe to use with datetime 
        functions and store in TIMESTAMP columns.
      * Used the macro consistently instead of the ad-hoc checks introduced by 52315
      * Fixed compliation warnings on platforms where the size of time_t is smaller than
        the size of a long (e.g. OpenBSD 4.8 64 amd64).
      
      Bug #52315: utc_date() crashes when system time > year 2037
      
      * Added a correct check for the timestamp range instead of just variable size check to
      SET TIMESTAMP.
      * Added overflow checking before converting to time_t. 
      * Using a correct localized error message in this case instead of the generic error.
      * Added a test suite.
      * fixed the checks so that they check for unsigned time_t as well. Used the checks 
        consistently across the source code.
      * fixed the original test case to expect the new error code.
      59f68983
    • Marko Mäkelä's avatar
      Bug #55284 diagnostics: Introduce UNIV_BLOB_LIGHT_DEBUG, enabled by UNIV_DEBUG · e67169ee
      Marko Mäkelä authored
      btr_rec_get_field_ref_offs(), btr_rec_get_field_ref(): New functions.
      Get the pointer to an externally stored field.
      
      btr_cur_set_ownership_of_extern_field(): Assert that the BLOB has not
      already been disowned.
      
      btr_store_big_rec_extern_fields(): Rename to
      btr_store_big_rec_extern_fields_func() and add the debug parameter
      update_in_place. All pointers to externally stored columns in the
      record must either be zero or they must be pointers to inherited
      columns, owned by this record or an earlier record version. For any
      BLOB that is stored, the BLOB pointer must previously have been
      zero. When the function completes, all BLOB pointers must be nonzero
      and owned by the record.
      
      rb://549 approved by Jimmy Yang
      e67169ee
    • Dmitry Lenev's avatar
      Fix for bug #58650 "Failing assertion: primary_key_no == -1 || · 3473329d
      Dmitry Lenev authored
      primary_key_no == 0".
      
      Attempt to create InnoDB table with non-nullable column of
      geometry type having an unique key with length 12 on it and
      with some other candidate key led to server crash due to
      assertion failure in both non-debug and debug builds.
      
      The problem was that such a non-candidate key could have
      been sorted as the first key in table/.FRM, before any legit
      candidate keys. This resulted in assertion failure in InnoDB
      engine which assumes that primary key should either be the
      first key in table/.FRM or should not exist at all.
      
      The reason behind such an incorrect sorting was an wrong
      value of Create_field::key_length member for geometry field
      (which was set to its pack_length == 12) which confused code
      in mysql_prepare_create_table(), so it would skip marking
      such key as a key with partial segments.
      
      This patch fixes the problem by ensuring that this member
      gets the same value of Create_field::key_length member as 
      for other blob fields (from which geometry field class is
      inherited), and as result unique keys on geometry fields
      are correctly marked as having partial segments.
      3473329d