1. 17 Feb, 2011 1 commit
    • Magne Mahre's avatar
      Bug#48053 String::c_ptr has a race and/or does an invalid · 65032267
      Magne Mahre authored
                memory reference
      
      There are two issues present here.
        1) There is a possibility that we test a byte beyond the
           allocated buffer
      
        2) We compare a byte that might never have been
           initalized to see if it's 0.
      
      The first issue is not triggered by existing code, but an
      ASSERT has been added to safe-guard against introducing
      new code that triggers it.
      
      The second issue is what triggers the Valgrind warnings
      reported in the bug report. A buffer is allocated in
      class String to hold the value. This buffer is populated
      by the character data constituting the string, but is not
      zero-terminated in most cases.  Testing if it is indeed
      zero-terminated means that we check a byte that has never
      been explicitly set, thus causing Valgrind to trigger.
      
      Note that issue 2 is not a serious problem.  The variable
      is read, and if it's not zero, we will set it to zero.
      There are no further consequences.
      
      Note that this patch does not fix the underlying problems
      with issue 1, as it is deemed too risky to fix at this
      point (as noted in the bug report).  As discussed in
      the report, the c_ptr() method should probably be
      replaced, but this requires a thorough analysis of the
      ~200 calls to the method.
      
      
      sql/set_var.cc:
        These two cases have been reported to fail
        with Valgrind.
      65032267
  2. 16 Feb, 2011 5 commits
    • Jonathan Perkin's avatar
      Merge to mysql-5.1 · aa8ebbee
      Jonathan Perkin authored
      aa8ebbee
    • Jonathan Perkin's avatar
      Updated README file. · e53ffb8f
      Jonathan Perkin authored
      e53ffb8f
    • Bjorn Munch's avatar
      ee2f9d86
    • Jon Olav Hauglid's avatar
      Followup to Bug #11752069 (former bug 43152) · 0e28aa2f
      Jon Olav Hauglid authored
      Assertion `bitmap_is_set_all(&table->s->all_set)' failed in
      handler::ha_reset
      
      This followup fixes the compilation warning
        'test_bit' may be used uninitialized in this function
      introduced by the previous patch.
      0e28aa2f
    • Jon Olav Hauglid's avatar
      Bug #11752069 (former bug 43152) · 6ad0c9b1
      Jon Olav Hauglid authored
      Assertion `bitmap_is_set_all(&table->s->all_set)' failed in
      handler::ha_reset
      
      This assertion could be triggered if two connections simultaneously
      executed two bitmap test functions on the same bitmap. For example,
      the assertion could be triggered if one connection executed UPDATE
      while a second connection executed SELECT on the same table.
      
      Even if bitmap test functions have read-only semantics and have
      const bitmaps as parameter, several of them modified the internal
      state of the bitmap. With interleaved execution of two such functions
      it was possible for one function to modify the state of the same
      bitmap that the other function had just modified. This lead to an
      inconsistent state and could trigger the assert.
      
      Internally the bitmap uses 32 bit words for storage. Since bitmaps
      can contain any number of bits, the last word in the bitmap may
      not be fully used. A 32 bit mask is maintained where a bit is set
      if the corresponding bit in the last bitmap word is unused.
      The problem was that several test functions applied this mask to
      the last word. Sometimes the mask was negated and used to zero out
      the remainder of the last word and sometimes the mask was used as-is
      to fill the remainder of the last word with 1's. This meant that if
      a function first used the negated mask and another function then
      used the mask as-is (or vice-versa), the first function would then
      get the wrong result.
      
      This patch fixes the problem by changing the implementation of
      9 bitmap functions that modified the bitmap state even if the 
      bitmap was declared const. These functions now preserve the
      internal state of the bitmap. This makes it possible for
      two connections to concurrently execute two of these functions
      on the same bitmap without issues.
      
      The patch also removes dead testing code from my_bitmap.c.
      These tests have already been moved to unittest/mysys/bitmap-t.c.
      Existing test coverage of my_bitmap has been extended.
      
      No MTR test case added as this would require adding several sync
      points to the bitmap functions. The patch has been tested with
      a non-deterministic test case posted on the bug report.
      
      
      include/my_bit.h:
        Removed my_count_bits_ushort() which is not needed anymore.
        Added my_count_bits_uint32().
      unittest/mysys/bitmap-t.c:
        Extended test coverage of my_bitmap.
      6ad0c9b1
  3. 15 Feb, 2011 1 commit
    • Dmitry Lenev's avatar
      Fix for bug#11766714 (former bug @59888) "debug assertion when · 9c89cca5
      Dmitry Lenev authored
      attempt to create spatial index on char > 31 bytes".
      
      Attempt to create spatial index on char field with length
      greater than 31 byte led to assertion failure on server
      compiled with safemutex support.
      
      The problem occurred in mi_create() function which was called
      to create a new version of table being altered. This function
      failed since it detected an attempt to create a spatial key
      on non-binary column and tried to return an error.
      On its error path it tried to unlock THR_LOCK_myisam mutex
      which has not been not locked at this point. Indeed such an
      incorrect behavior was caught by safemutex wrapper and caused
      assertion failure.
      
      This patch fixes the problem by ensuring that mi_create()
      doesn't releases THR_LOCK_myisam mutex on error path if it was
      not acquired.
      
      mysql-test/r/gis.result:
        Added test for bug @59888 "debug assertion when attempt to
        create spatial index on char > 31 bytes".
      mysql-test/t/gis.test:
        Added test for bug @59888 "debug assertion when attempt to
        create spatial index on char > 31 bytes".
      storage/myisam/mi_create.c:
        Changed mi_create() not to release THR_LOCK_myisam mutex on
        error path if it was not acquired.
      9c89cca5
  4. 11 Feb, 2011 1 commit
  5. 09 Feb, 2011 5 commits
  6. 08 Feb, 2011 7 commits
  7. 07 Feb, 2011 6 commits
    • Bjorn Munch's avatar
      merge 47141,59979 · 285c7d04
      Bjorn Munch authored
      285c7d04
    • Vasil Dimov's avatar
      Backport the fix for Bug#59875 Valgrind warning in buf0buddy.c from 5.5 · fe403949
      Vasil Dimov authored
      This warning also happens in 5.1 with a slightly different codepath.
      fe403949
    • Bjorn Munch's avatar
      Bug #59979 Add mtr option to run debug server, but without turning on debug · 114ac525
      Bjorn Munch authored
      Added --debug-server and use $opt_debug_server where appropriate
      Let --debug imply --debug-server
      When merging to 5.5, must adapt fix for 59148
      Oops, set debug => debug-server too late, fixed
      114ac525
    • Ole John Aske's avatar
      Fix for bug#59308: Incorrect result for SELECT DISTINCT <col>... ORDER BY <col> DESC. · 221ce922
      Ole John Aske authored
            
      Also fix bug#59110: Memory leak of QUICK_SELECT_I allocated memory.
      Includes Jørgen Lølands review comments.
            
      Root cause of these bugs are that test_if_skip_sort_order() decided to
      revert the 'skip_sort_order' descision (and use filesort) after the
      query plan has been updated to reflect a 'skip' of the sort order.
            
      This might happen in 'check_reverse_order:' if we have a 
      select->quick which could not be made descending by appending 
      a QUICK_SELECT_DESC. ().
            
      The original 'save_quick' was then restored after the QEP has been modified,
      which caused:
            
        - An incorrect 'precomputed_group_by= TRUE' may have been set, 
          and not reverted, as part of the already modifified QEP (Bug#59308)
        - A 'select->quick' might have been created which we fail to delete (bug#59110).
            
      This fix is a refactorication of test_if_skip_sort_order() where all logic
      related to modification of QEP (controlled by argument 'bool no_changes'), is
      moved to the end of test_if_skip_sort_order(), and done after *all* 'test_if_skip'
      checks has been performed - including the 'check_reverse_order:' checks.
            
      The refactorication above contains now intentional changes to the logic which 
      has been moved to the end of the function.
            
      Furthermore, a smaller part of the fix address the handling of the 
      select->quick objects which may already exists when we call 
      'test_if_skip_sort_order()' (save_quick) -and
      new select->quick's created during test_if_skip_sort_order():
            
        - Before new select->quick may be created by calling ::test_quick_select(), we
          set 'select->quick= 0' to avoid that ::test_quick_select() prematurely
          delete the save_quick's. (After this call we may have both a 'save_quick' 
          and 'select->quick')
            
        - All returns from ::test_if_skip_sort_order() where we may have both a
          'save_quick' and a 'select->quick' has been changed to goto's to the
          exit points 'skiped_sort_order:' or 'need_filesort:' where we
          decide which of the QUICK_SELECT's to keep, and delete the other.
      221ce922
    • Vasil Dimov's avatar
      Use fun:* instead of obj:*/libz.so* because when the bundled zlib is · 165ed4f1
      Vasil Dimov authored
      used (--with-zlib-dir=bundled) then there is no libz.so involved.
      165ed4f1
    • Vinay Fisrekar's avatar
      Bug#59955 - engines/funcs/ps_string_not_null test needs better cleanup · e29b40f8
      Vinay Fisrekar authored
      Correcting clean up command at the start of test.
      e29b40f8
  8. 05 Feb, 2011 1 commit
    • Dmitry Shulga's avatar
      Fixed bug#57450 - mysql client enter in an infinite loop · 980868eb
      Dmitry Shulga authored
      if the standard input is a directory.
      
      The problem is that mysql monitor try to read from stdin without
      checking input source type.
      
      The solution is to stop reading data from standard input if a call
      to read(2) failed.
      
      A new test case was added into mysql.test.
      
      client/my_readline.h:
        Data members error and truncated was added to LINE_BUFFER structure.
        These data members used instead of out parameters in functions
        batch_readline, intern_read_line.
      client/mysql.cc:
        read_and_execute() was modified: set status.exit_status to 1
        when the error occured while reading the next command line in
        non-interactive mode. Also the value of the truncated attribute
        of structure LINE_BUFF is taken into account only for non-iteractive mode.
      client/readline.cc:
        intern_read_line() was modified: cancel reading from input if
        fill_buffer() returns -1, e.g. if call to read failed.
        batch_readline was modified: set the error data member of LINE_BUFFER
        structure to value of my_errno when system error happened during call
        to my_read/my_realloc.
      mysql-test/t/mysql.test:
        Test for bug#57450 was added.
      980868eb
  9. 04 Feb, 2011 5 commits
    • Luis Soares's avatar
    • Bjorn Munch's avatar
      merge from 5.1 main · bb3e48c2
      Bjorn Munch authored
      bb3e48c2
    • Bjorn Munch's avatar
      Bug #47141 "mysqltest" breaks because it tries to act on a debug option which is disabled · cd51cbf1
      Bjorn Munch authored
      Replace --debug with --loose-debug to prevent failure exit
      Update: added workaround for 50627, skip all debugging of mysqlbinlog
      cd51cbf1
    • Vasil Dimov's avatar
      Fix Bug#59874 Valgrind warning in InnoDB compression code · 5082c4d1
      Vasil Dimov authored
      Add suppressions for a bogus valgrind warnings.
      5082c4d1
    • Dmitry Shulga's avatar
      Fixed bug#58026 - massive recursion and crash in regular expression · 378091e4
      Dmitry Shulga authored
      handling.
      
      The problem was that parsing of nested regular expression involved
      recursive calls. Such recursion didn't take into account the amount of
      available stack space, which ended up leading to stack overflow crashes.
      
      mysql-test/t/not_embedded_server.test:
        Added test for bug#58026.
      regex/my_regex.h:
        added pointer to function as last argument of my_regex_init() for check
        enough memory in stack.
      regex/regcomp.c:
        p_ere() was modified: added call to function for check enough memory
        in stack. Function for check available stack space specified by
        global variable my_regex_enough_mem_in_stack. This variable set to
        NULL for embedded mysqld and to a pointer to function
        check_enough_stack_size otherwise.
      regex/reginit.c:
        my_regex_init was modified: pass a pointer to a function for check
        enough memory in stack space. Reset this pointer to NULL in my_regex_end.
      sql/mysqld.cc:
        Added function check_enough_stack_size() for check enough memory in stack.
        Passed this function as second argument to my_regex_init. For embedded 
        mysqld passed NULL as second argument.
      378091e4
  10. 03 Feb, 2011 2 commits
    • Joerg Bruehe's avatar
      Fix Bug #56581 RPM scripts use hardcoded datadir location · 106e5900
      Joerg Bruehe authored
      When fixing the 27072 bug, the shell snippets running before/after
      a RPM upgrade got expanded to look at files in the data directory
      and at the PID file.
      In this expansion, the standard locations were used.
      
      There are users who configure their installations to use non-standard
      locations for the data directory, the PID file, and other objects.
      For these users, the fix of 27072 did not work.
      As a result, the fact that a server was running at upgrade start was
      not noticed, and the new server was not started after the upgrade.
      
      With this patch, the shell snippets now try to get these locations
      from "my_print_defaults" before falling back to the defaults.
      Now, the fact that the old server is running is again noticed (even
      with non-standard locations), and the new server is started.
      
      Also, the upgrade log is written to the correct data directory.
      
      support-files/mysql.spec.sh:
        See the global comment for the purpose of this change.
        
        In tests on SuSE 11, it was found necessary to use the full path name
        of "my_print_defaults", it seems $PATH die not include "/usr/bin".
      106e5900
    • Luis Soares's avatar
      BUG#59147: rpl_circular_for_4_hosts fails sporadically · cb10771f
      Luis Soares authored
            
      There is one part of the test case that needs to break
      and re-establish the circular topology. For this the test
      stops the slave threads on a couple of servers and restarts
      them with START SLAVE. However, no check is done on the
      status of the IO or SQL threads before proceeding with
      the subsequent commands.
            
      Because rpl_only_running_threads is set to 1 this can lead
      to silently not syncing all slave threads as expected, 
      ultimately resulting in unexpected results (and consequently
      on a failing test run).
            
      We fix this by replacing the START SLAVE instructions with
      calls to --source include/start_slave.inc, which will wait
      for the slave threads to be running (show 'Yes' in 
      Slave_IO|SQL_Running fields of SHOW SLAVE STATUS) before 
      proceeding. Additionally, we change rpl_sync.inc to make the
      IO thread report that it is running when its running status
      is any other than 'No'.
      cb10771f
  11. 02 Feb, 2011 6 commits
    • Georgi Kodinov's avatar
      merge · a265fde6
      Georgi Kodinov authored
      a265fde6
    • Georgi Kodinov's avatar
      0a8419df
    • Georgi Kodinov's avatar
      merge to 5.1. · 72ae1d65
      Georgi Kodinov authored
      72ae1d65
    • Georgi Kodinov's avatar
      Fixes for Bug #55755 and Bug #52315 part 2 · a70c34bf
      Georgi Kodinov authored
      Bug #55755 : Date STD variable signness breaks server on FreeBSD and OpenBSD
      
      * Added a check to configure on the size of time_t
      * Created a macro to check for a valid time_t that is safe to use with datetime 
        functions and store in TIMESTAMP columns.
      * Used the macro consistently instead of the ad-hoc checks introduced by 52315
      * Fixed compliation warnings on platforms where the size of time_t is smaller than
        the size of a long (e.g. OpenBSD 4.8 64 amd64).
      
      Bug #52315: utc_date() crashes when system time > year 2037
      
      * Added a correct check for the timestamp range instead of just variable size check to
      SET TIMESTAMP.
      * Added overflow checking before converting to time_t. 
      * Using a correct localized error message in this case instead of the generic error.
      * Added a test suite.
      * fixed the checks so that they check for unsigned time_t as well. Used the checks 
        consistently across the source code.
      * fixed the original test case to expect the new error code.
      a70c34bf
    • Marko Mäkelä's avatar
      Bug #55284 diagnostics: Introduce UNIV_BLOB_LIGHT_DEBUG, enabled by UNIV_DEBUG · 5adf2313
      Marko Mäkelä authored
      btr_rec_get_field_ref_offs(), btr_rec_get_field_ref(): New functions.
      Get the pointer to an externally stored field.
      
      btr_cur_set_ownership_of_extern_field(): Assert that the BLOB has not
      already been disowned.
      
      btr_store_big_rec_extern_fields(): Rename to
      btr_store_big_rec_extern_fields_func() and add the debug parameter
      update_in_place. All pointers to externally stored columns in the
      record must either be zero or they must be pointers to inherited
      columns, owned by this record or an earlier record version. For any
      BLOB that is stored, the BLOB pointer must previously have been
      zero. When the function completes, all BLOB pointers must be nonzero
      and owned by the record.
      
      rb://549 approved by Jimmy Yang
      5adf2313
    • Dmitry Lenev's avatar
      Fix for bug #58650 "Failing assertion: primary_key_no == -1 || · e805a0fd
      Dmitry Lenev authored
      primary_key_no == 0".
      
      Attempt to create InnoDB table with non-nullable column of
      geometry type having an unique key with length 12 on it and
      with some other candidate key led to server crash due to
      assertion failure in both non-debug and debug builds.
      
      The problem was that such a non-candidate key could have
      been sorted as the first key in table/.FRM, before any legit
      candidate keys. This resulted in assertion failure in InnoDB
      engine which assumes that primary key should either be the
      first key in table/.FRM or should not exist at all.
      
      The reason behind such an incorrect sorting was an wrong
      value of Create_field::key_length member for geometry field
      (which was set to its pack_length == 12) which confused code
      in mysql_prepare_create_table(), so it would skip marking
      such key as a key with partial segments.
      
      This patch fixes the problem by ensuring that this member
      gets the same value of Create_field::key_length member as 
      for other blob fields (from which geometry field class is
      inherited), and as result unique keys on geometry fields
      are correctly marked as having partial segments.
      
      
      mysql-test/include/gis_keys.inc:
        Added test case for bug #58650 "Failing assertion:
        primary_key_no == -1 || primary_key_no == 0".
      mysql-test/r/gis.result:
        Added test case for bug #58650 "Failing assertion:
        primary_key_no == -1 || primary_key_no == 0".
      mysql-test/suite/innodb/r/innodb_gis.result:
        Added test case for bug #58650 "Failing assertion:
        primary_key_no == -1 || primary_key_no == 0".
      mysql-test/suite/innodb_plugin/r/innodb_gis.result:
        Added test case for bug #58650 "Failing assertion:
        primary_key_no == -1 || primary_key_no == 0".
      sql/field.cc:
        Changed Create_field::create_length_to_internal_length() to
        correctly set Create_field::key_length member for geometry
        fields. Similar to the blob types key_length for such fields
        should be the same as length and not field's packed length
        (which is always 12 for geometry).
        
        As result of this change code handling table creation now
        always correctly identifies btree/unique keys on geometry
        fields as partial keys, so such keys can't be erroneously
        treated as candidate keys and sorted in keys array in .FRM
        before legit candidate keys.
        
        This fixes bug #58650 "Failing assertion: primary_key_no ==
        -1 || primary_key_no == 0" in which incorrect candidate key
        sorting led to assertion failure in InnoDB code.
      e805a0fd