1. 06 Jun, 2011 2 commits
    • Georgi Kodinov's avatar
      merge of mysql-5.1->mysql-5.1-security · 4f2b3cd3
      Georgi Kodinov authored
      4f2b3cd3
    • Georgi Kodinov's avatar
      Bug #11749418: 38965: TEST CASES GIS-RTREE, TYPE_FLOAT, TYPE_NEWDECIMAL · 29d840ee
      Georgi Kodinov authored
        FAIL IN EMBEDDED SERVER
      
      FreeBSD 64 bit needs the FP_X_DNML to fpsetmask() to prevent exceptions from
      propagating into mysql (as a threaded application).
      However fpsetmask() itself is deprecated in favor of fedisableexcept().
      1. Fixed the #ifdef to check for FP_X_DNML instead of i386.
      2. Added a configure.in check for fedisableexcept() and, if present,
         this function is called insted of the fpsetmask().
      No need for new tests, as the existing tests cover this already.
      Removed the affected tests from the experimental list.
      29d840ee
  2. 03 Jun, 2011 2 commits
  3. 30 May, 2011 1 commit
    • Davi Arnaut's avatar
      Bug#12563279: REGRESSION IN HANDLING PRE-4.1 AUTHENTICATION PACKET · c20552e1
      Davi Arnaut authored
      The problem is that clients implementing the 4.0 version of the
      protocol (that is, mysql-4.0) do not null terminate a string
      at the end of the authentication packet. These clients denote
      the end of the string with the end of the packet.
      
      Although this goes against the documented (see MySQL Internals
      ClientServer Protocol wiki) description of the protocol, these
      old clients still need to be supported.
      
      The solution is to support the documented and actual behavior
      of the clients. If a client is using the pre-4.1 version of
      the protocol, the end of a string in the authentication packet
      can either be denoted with a null character or by the end of
      the packet. This restores backwards compatibility with old
      clients implementing either the documented or actual behavior.
      c20552e1
  4. 27 May, 2011 2 commits
    • Davi Arnaut's avatar
      BUG 11763056 - 55721: AIX 5.1.50 build failing, cannot locate bzero · 79de9c71
      Davi Arnaut authored
      The problem is that although AIX implements bzero, its prototype
      is not declared by default. Since AC_CHECK_FUNC(bzero) succeeds
      even though a prototype is not declared, this breaks compilation
      in C++ files where a prototype is required.
      
      The solution is to only use bzero if a prototype is also declared.
      79de9c71
    • Dmitry Shulga's avatar
      Fixed bug#12546938 (formerly known as 61005) - CREATE IF NOT EXIST EVENT · 8bb8385f
      Dmitry Shulga authored
      will create multiple running events.
      
      A CREATE IF NOT EXIST on an event that existed and was enabled caused
      multiple instances of the event to run. Disabling the event didn't  help.
      If the event was  dropped, the event stopped running, but when created
      again, multiple instances of the event were still running. The only way
      to get out of this situation was  to restart the server.
      
      The problem was that Event_db_repository::create_event() didn't return
      enough information to discriminate between situation when event didn't
      exist and was created and when event did exist and was not created
      (but a warning was emitted). As result in the latter case event
      was added to in-memory queue of events second time. And this led to
      unwarranted multiple executions of the same event.
      
      The solution is to add out-parameter to Event_db_repository::create_event()
      method which will signal that event was not created because it already
      exists and so it should not be added to the in-memory queue.
      8bb8385f
  5. 26 May, 2011 3 commits
    • Dmitry Lenev's avatar
      Fix for bug #11762012 - "54553: INNODB ASSERTS IN · d076be2a
      Dmitry Lenev authored
      HA_INNOBASE::UPDATE_ROW, TEMPORARY TABLE, TABLE LOCK".
      
      Attempt to update an InnoDB temporary table under LOCK TABLES
      led to assertion failure in both debug and production builds
      if this temporary table was explicitly locked for READ. The 
      same scenario works fine for MyISAM temporary tables.
      
      The assertion failure was caused by discrepancy between lock 
      that was requested on the rows of temporary table at LOCK TABLES
      time and by update operation. Since SQL-layer requested a 
      read-lock at LOCK TABLES time InnoDB engine assumed that upcoming
      statements which are going to be executed under LOCK TABLES will 
      only read table and therefore should acquire only S-lock.
      An update operation broken this assumption by requesting X-lock.
      
      Possible approaches to fixing this problem are:
      
      1) Skip locking of temporary tables as locking doesn't make any
         sense for connection-local objects.
      2) Prohibit changing of temporary table locked by LOCK TABLES ... 
         READ.
      
      Unfortunately both of these approaches have drawbacks which make 
      them unviable for stable versions of server.
      
      So this patch takes another approach and changes code in such way
      that LOCK TABLES for a temporary table will always request write
      lock. In 5.1 version of this patch switch from read lock to write
      lock is done inside of InnoDBs handler methods as doing it on 
      SQL-layer causes compatibility troubles with FLUSH TABLES WITH
      READ LOCK.
      d076be2a
    • Sven Sandberg's avatar
      BUG#12574820: binlog.binlog_tmp_table timing out in daily and weekly trunk run · b76c277a
      Sven Sandberg authored
      Problem: MYSQL_BIN_LOG::reset_logs acquires mutexes in wrong order.
      The correct order is first LOCK_thread_count and then LOCK_log. This function
      does it the other way around. This leads to deadlock when run in parallel
      with a thread that takes the two locks in correct order. For example, a thread
      that disconnects will take the locks in the correct order.
      Fix: change order of the locks in MYSQL_BIN_LOG::reset_logs:
      first LOCK_thread_count and then LOCK_log.
      b76c277a
    • Sergey Glukhov's avatar
      Bug#12392636 ASSERTION FAILED: SCALE >= 0 && PRECISION > 0 && SCALE <= PRECISION · aa0c8235
      Sergey Glukhov authored
      Assertion happens due to missing NULL value check in
      Item_func_round::fix_length_and_dec() function.
      The fix: added NULL value check for second parameter.
      aa0c8235
  6. 24 May, 2011 4 commits
  7. 22 May, 2011 1 commit
  8. 21 May, 2011 1 commit
  9. 20 May, 2011 1 commit
    • Dmitry Shulga's avatar
      Fixed bug#11749345 (formerly bug#38813) - increasing memory consumption · 967cf758
      Dmitry Shulga authored
      when selecting from I_S and views exist, in SP.
      
      Symptoms: re-execution of prepared statement (or statement in a stored
      routine) which read from one of I_S tables and which in order to fill
      this I_S table had to open a view led to increasing memory consumption.
      
      What happened in this situation was that during the process of view
      opening for purpose of I_S filling view-related structures (like its
      LEX) were allocated on persistent MEM_ROOT of prepared statement (or 
      stored routine). Since this MEM_ROOT is not freed until prepared
      statement deallocation (or expulsion of stored routine from the cache)
      and code responsible for filling I_S is not able to re-use results of
      view opening from previous executions this allocation ended up in
      memory hogging.
      
      This patch solves the problem by ensuring that when a view opened
      for the purpose of I_S filling all its structures are allocated on
      non-persistent runtime MEM_ROOT. This is achieved by activating a
      temporary Query_arena bound to this MEM_ROOT.
      Since this step makes impossible linking of view structures into
      LEX of our prepared statement (or stored routine statement) this
      patch also changes code filling I_S table to install a proxy LEX
      before trying to open a view or a table. Consequently some code
      which was responsible for backing-up/restoring parts of LEX when
      view/table was opened during filling of I_S table became redundant
      and was removed.
      
      This patch doesn't contain test case for this bug as it is hard
      to test memory hogging in our test suite.
      967cf758
  10. 19 May, 2011 3 commits
    • Luis Soares's avatar
      BUG#11746302 · f633e6f5
      Luis Soares authored
      Automerge mysql-5.1-gca into latest mysql-5.1.
      f633e6f5
    • Luis Soares's avatar
      BUG#11746302: 25228: RPL_RELAYSPACE.TEST FAILS ON POWERMACG5, · 21163d68
      Luis Soares authored
                    VM-WIN2003-32-A, SLES10-IA64-A 
            
      The test case waits for master_pos_wait not to timeout, which
      means that the deadlock between SQL and IO threads was 
      succesfully and automatically dealt with.
            
      However, very rarely, master_pos_wait reports a timeout. This
      happens because the time set for master_pos_wait to wait was
      too small (6 seconds). On slow test env this could be a 
      problem.
            
      We fix this by setting the timeout inline with the one used
      in sync_slave_with_master (300 seconds). In addition we 
      refactored the test case and refined some comments.
      21163d68
    • Marko Mäkelä's avatar
  11. 18 May, 2011 3 commits
    • Mayank Prasad's avatar
      Bug#11764633 : 57491: THD->MAIN_DA.IS_OK() ASSERT IN EMBEDDED · 55d3381c
      Mayank Prasad authored
      Issue:
      While running embedded server, if client issues TEE command (\T foo/bar) and
      "foo/bar" directory doesn't exist, it is suppose to give error. But it was
      aborting.  This was happening because wrong error handler was being called.
      
      Solution:
      Modified calls to correct error handler. In embedded server case, there are 
      two error handler (client and server) which are supposed to be called based 
      on which context code is in. If it is in client context, client error handler
      should be called otherwise server.
      
      Test case:
      Test case automation is not possible as current (following) code doesn't 
      allow '\T' to be executed from command line (OR command read from a file):
      [client/mysql.cc]
      ...
       static int
       com_tee(String *buffer __attribute__((unused)),
               char *line __attribute__((unused)))
       {
         char file_name[FN_REFLEN], *end, *param;
      
         if (status.batch) << THIS IS TRUE WHILE EXECUTING FROM COMMAND LINE.
            return 0;
       ...
      So, not adding test case in GA. WIll add a test case in mysql-trunk after 
      removing above code so that this could be properly tested before GA.
      55d3381c
    • Sergey Vojtovich's avatar
      BUG#12402794 - 60976: CRASH, VALGRIND WARNING AND MEMORY · 33a9d9fa
      Sergey Vojtovich authored
                     LEAK WITH PARTITIONED ARCHIVE TABLES
      
      CHECK TABLE against archive table, when file descriptors
      are exhausted, caused server crash.
      
      Archive didn't handle errors when opening data file for
      CHECK TABLE.
      33a9d9fa
    • Sergey Glukhov's avatar
      Bug#12403504 AFTER FIX FOR #11889186 : ASSERTION FAILED: DELSUM+(INT) Y/4-TEMP > 0 · a7cd008e
      Sergey Glukhov authored
      There are two problems:
      1. There is a missing check for 'year' parameter(year can not be greater than 9999) in
         makedate function. fix: added check that year can not be greater than 9999.
      2. There is a missing check for zero date in from_days() function.
         fix: added zero date check into Item_func_from_days::get_date()
         function.
      a7cd008e
  12. 16 May, 2011 1 commit
    • Guilhem Bichot's avatar
      Fix for BUG#11755168 '46895: test "outfile_loaddata" fails (reproducible)'. · 25221ccc
      Guilhem Bichot authored
      In sql_class.cc, 'row_count', of type 'ha_rows', was used as last argument for
      ER_TRUNCATED_WRONG_VALUE_FOR_FIELD which is
      "Incorrect %-.32s value: '%-.128s' for column '%.192s' at row %ld".
      So 'ha_rows' was used as 'long'.
      On SPARC32 Solaris builds, 'long' is 4 bytes and 'ha_rows' is 'longlong' i.e. 8 bytes.
      So the printf-like code was reading only the first 4 bytes.
      Because the CPU is big-endian, 1LL is 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x01
      so the first four bytes yield 0. So the warning message had "row 0" instead of
      "row 1" in test outfile_loaddata.test:
      -Warning	1366	Incorrect string value: '\xE1\xE2\xF7' for column 'b' at row 1
      +Warning	1366	Incorrect string value: '\xE1\xE2\xF7' for column 'b' at row 0
      
      All error-messaging functions which internally invoke some printf-life function
      are potential candidate for such mistakes.
      One apparently easy way to catch such mistakes is to use
      ATTRIBUTE_FORMAT (from my_attribute.h).
      But this works only when call site has both:
      a) the format as a string literal
      b) the types of arguments.
      So:
        func(ER(ER_BLAH), 10);
      will silently not be checked, because ER(ER_BLAH) is not known at
      compile time (it is known at run-time, and depends on the chosen
      language).
      And
        func("%s", a va_list argument);
      has the same problem, as the *real* type of arguments is not
      known at this site at compile time (it's known in some caller).
      Moreover,
        func(ER(ER_BLAH));
      though possibly correct (if ER(ER_BLAH) has no '%' markers), will not
      compile (gcc says "error: format not a string literal and no format
      arguments").
      
      Consequences:
      1) ATTRIBUTE_FORMAT is here added only to functions which in practice
      take "string literal" formats: "my_error_reporter" and "print_admin_msg".
      2) it cannot be added to the other functions: my_error(),
      push_warning_printf(), Table_check_intact::report_error(),
      general_log_print().
      
      To do a one-time check of functions listed in (2), the following
      "static code analysis" has been done:
      1) replace
        my_error(ER_xxx, arguments for substitution in format)
      with the equivalent
        my_printf_error(ER_xxx,ER(ER_xxx), arguments for substitution in
      format),
      so that we have ER(ER_xxx) and the arguments *in the same call site*
      2) add ATTRIBUTE_FORMAT to push_warning_printf(),
      Table_check_intact::report_error(), general_log_print()
      3) replace ER(xxx) with the hard-coded English text found in
      errmsg.txt (like: ER(ER_UNKNOWN_ERROR) is replaced with
      "Unknown error"), so that a call site has the format as string literal
      4) this way, ATTRIBUTE_FORMAT can effectively do its job
      5) compile, fix errors detected by ATTRIBUTE_FORMAT
      6) revert steps 1-2-3.
      The present patch has no compiler error when submitted again to the
      static code analysis above.
      It cannot catch all problems though: see Field::set_warning(), in
      which a call to push_warning_printf() has a variable error
      (thus, not replacable by a string literal); I checked set_warning() calls
      by hand though.
      
      See also WL 5883 for one proposal to avoid such bugs from appearing
      again in the future.
      
      The issues fixed in the patch are:
      a) mismatch in types (like 'int' passed to '%ld')
      b) more arguments passed than specified in the format.
      This patch resolves mismatches by changing the type/number of arguments,
      not by changing error messages of sql/share/errmsg.txt. The latter would be wrong,
      per the following old rule: errmsg.txt must be as stable as possible; no insertions
      or deletions of messages, no changes of type or number of printf-like format specifiers,
      are allowed, as long as the change impacts a message already released in a GA version.
      If this rule is not followed:
      - Connectors, which use error message numbers, will be confused (by insertions/deletions
      of messages)
      - using errmsg.sys of MySQL 5.1.n with mysqld of MySQL 5.1.(n+1)
      could produce wrong messages or crash; such usage can easily happen if
      installing 5.1.(n+1) while /etc/my.cnf still has --language=/path/to/5.1.n/xxx;
      or if copying mysqld from 5.1.(n+1) into a 5.1.n installation.
      When fixing b), I have verified that the superfluous arguments were not used in the format
      in the first 5.1 GA (5.1.30 'bteam@astra04-20081114162938-z8mctjp6st27uobm').
      Had they been used, then passing them today, even if the message doesn't use them
      anymore, would have been necessary, as explained above.
      25221ccc
  13. 14 May, 2011 1 commit
  14. 13 May, 2011 1 commit
  15. 12 May, 2011 3 commits
  16. 10 May, 2011 7 commits
  17. 09 May, 2011 2 commits
    • Serge Kozlov's avatar
      WL#5867 · e8b54a7c
      Serge Kozlov authored
      Replaced the error code by error name
      e8b54a7c
    • Kristofer Pettersson's avatar
      bug#10064164 · 8a3beb46
      Kristofer Pettersson authored
      Certain fields in the protcol required a strict formatting. If
      off bound values were sent to the server this could under some
      circumstances lead to a crash on the Windows platform.
      8a3beb46
  18. 06 May, 2011 2 commits