1. 07 Dec, 2012 1 commit
    • Joerg Bruehe's avatar
      Last-minute fix to 5.1.67, · a7f76a71
      Joerg Bruehe authored
      taking a change done to main 5.1 by Dmitri Lenev.
      
      This is the original comment:
      
      > committer: Dmitry Lenev <Dmitry.Lenev@oracle.com>
      > branch nick: mysql-5.1-15954896
      > timestamp: Wed 2012-12-05 19:26:56 +0400
      > message:
      >   Bug #15954896 "SP, MULTI-TABLE DELETE AND LONG ALIAS".
      
        Using too long table aliases in stored routines might
        have caused server crashes.
      
        Code in sp_head::merge_table_list() which is responsible
        for collecting information about tables used in stored
        routine was not aware of the fact that table alias might
        have arbitrary length. I.e. it assumed that table alias
        can't be longer than NAME_LEN bytes and allocated buffer
        for a key identifying table accordingly.
      
        This patch fixes the issue by ensuring that we use
        dynamically allocated buffer for table key when table
        alias is too long. By default stack based buffer is used
        in which NAME_LEN bytes are reserved for table alias.
      a7f76a71
  2. 29 Nov, 2012 1 commit
  3. 01 Nov, 2012 1 commit
  4. 30 Oct, 2012 2 commits
    • Anirudh Mangipudi's avatar
      BUG#11754894: MYISAMCHK ERROR HAS INCORRECT REFERENCE · f38efe40
      Anirudh Mangipudi authored
                    TO 'MYISAM_SORT_BUFFER_SIZE'
      Problem: 'myisam_sort_buffer_size' is a parameter used by 
      mysqld program only whereas 'sort_buffer_size' is used by
      mysqld and myisamchk programs. But the error message printed
      when myisamchk program is run with insufficient buffer size 
      is myisam_sort_buffer_size is too small which may mislead to the
      server parameter myisam_sort_buffer_size.
      SOLUTION: A parameter 'myisam_sort_buffer_size' is added as an
      alias for 'sort_buffer_size' and the 'sort_buffer_size' parameter
      is marked as deprecated. So myisamchk also has both the parameters
      with the same role.
      f38efe40
    • Shivji Kumar Jha's avatar
      BUG#14659685 - main.mysqlbinlog_row_myisam and · c4ded5a2
      Shivji Kumar Jha authored
                     main.mysqlbinlog_row_innodb are skipped by mtr
      
      === Problem ===
      
      The following tests are wrongly placed in main suite and as a
      result these are not run with proper binlog format combinations.
      Some are always skipped by mtr.
      1) mysqlbinlog_row_myisam
      2) mysqlbinlog_row_innodb
      3) mysqlbinlog_row.test
      4) mysqlbinlog_row_trans.test
      5) mysqlbinlog-cp932
      6) mysqlbinlog2
      7) mysqlbinlog_base64
      
      === Background ===
      
      mtr runs the tests placed in main suite with binlog format=stmt.
      Those that need to be tested against binlog format=row or mixed
      or more than one binlog format and require only one mysql server
      are placed in binlog suite. mtr runs tests in binlog suite with
      all three binlog formats(stmt,row and mixed).
      
      === Fix ===
      
      
      1) Moved the test listed in problem section above to binlog suite.
      2) Added prefix "binlog_" to the name of each test case moved.
         Renamed the coresponding result files and option files accordingly. 
      
      
      mysql-test/extra/binlog_tests/mysqlbinlog_row_engine.inc:
        include file for mysqlbinlog_row_myisam.test and 
        mysqlbinlog_row_myisam.test which are being moved to
        binlog suite.
      mysql-test/suite/binlog/r/binlog_mysqlbinlog-cp932.result:
        result file for mysqlbinlog-cp932.test which is being moved to
        binlog suite.
      mysql-test/suite/binlog/r/binlog_mysqlbinlog2.result:
        result file for mysqlbinlog2.test which is being moved to
        binlog suite.
      mysql-test/suite/binlog/r/binlog_mysqlbinlog_base64.result:
        result file for mysqlbinlog_base64.test which is being moved to
        binlog suite.
      mysql-test/suite/binlog/r/binlog_mysqlbinlog_row.result:
        result file for mysqlbinlog_row.test which is being moved to
        binlog suite.
      mysql-test/suite/binlog/r/binlog_mysqlbinlog_row_innodb.result:
        result file for mysqlbinlog_row_innodb.test which is being moved to
        binlog suite.
      mysql-test/suite/binlog/r/binlog_mysqlbinlog_row_myisam.result:
        result file for mysqlbinlog_row_myisam.test which is being moved to
        binlog suite.
      mysql-test/suite/binlog/r/binlog_mysqlbinlog_row_trans.result:
        result file for mysqlbinlog_row_trans.test which is being moved to
        binlog suite.
      mysql-test/suite/binlog/t/binlog_mysqlbinlog-cp932-master.opt:
        option file for mysqlbinlog-cp932.test which is being moved to
        binlog suite.
      mysql-test/suite/binlog/t/binlog_mysqlbinlog-cp932.test:
        the test requires binlog format=stmt or mixed. Since, it was placed in
        main suite earlier, it was only run with binlog format=stmt, and hence
        this test was never run with binlog format=mixed.
      mysql-test/suite/binlog/t/binlog_mysqlbinlog2.test:
        the test requires binlog format=stmt or mixed. Since, it was placed in
        main suite earlier, it was only run with binlog format=stmt, and hence
        this test was never run with binlog format=mixed.
      mysql-test/suite/binlog/t/binlog_mysqlbinlog_base64.test:
        the test requires binlog format=row. Since, it was placed in main
        suite earlier, it was only run with binlog format=stmt, and hence
        this test was always skipped by mtr.
      mysql-test/suite/binlog/t/binlog_mysqlbinlog_row.test:
        the test requires binlog format=row. Since, it was placed in main
        suite earlier, it was only run with binlog format=stmt, and hence
        this test was always skipped by mtr.
      mysql-test/suite/binlog/t/binlog_mysqlbinlog_row_innodb.test:
        the test requires binlog format=row. Since, it was placed in main
        suite earlier, it was only run with binlog format=stmt, and hence
        this test was always skipped by mtr.
      mysql-test/suite/binlog/t/binlog_mysqlbinlog_row_myisam.test:
        the test requires binlog format=row. Since, it was placed in main
        suite earlier, it was only run with binlog format=stmt, and hence
        this test was always skipped by mtr.
      mysql-test/suite/binlog/t/binlog_mysqlbinlog_row_trans.test:
        the test requires binlog format=row. Since, it was placed in main
        suite earlier, it was only run with binlog format=stmt, and hence
        this test was always skipped by mtr.
      c4ded5a2
  5. 29 Oct, 2012 2 commits
  6. 22 Oct, 2012 1 commit
    • Marko Mäkelä's avatar
      Backport from 5.6: Bug#14769820 ASSERT FLEN == LEN · b6bc19d5
      Marko Mäkelä authored
      IN ALTER TABLE ... ADD UNIQUE KEY
      
      A bogus debug assertion failure occurred when reporting a duplicate
      key on a column prefix of a CHAR column.
      
      This is a regression from Bug#14729221 IN-PLACE ALTER TABLE REPORTS ''
      INSTEAD OF REAL DUPLICATE VALUE FOR PREFIX KEYS. The assertion is only
      present when UNIV_DEBUG is defined (which it is in debug builds
      starting from MySQL 5.5). It is a case of overasserting.
      
      Fix approved by Inaam Rana on IM.
      b6bc19d5
  7. 21 Oct, 2012 2 commits
  8. 19 Oct, 2012 1 commit
  9. 18 Oct, 2012 2 commits
    • Neeraj Bisht's avatar
      Bug#13726751 - 8 BYTE MEMORY LEAK IN DO_SAVE_BLOB · 68df7278
      Neeraj Bisht authored
      Problem:-
      When we execute a query which has subquery with GROUP BY, ORDER BY and have a
      BLOB column,results a memory leak.
      
      Analysis:-
      In case of subquery, which have GROUP BY on BLOB and a ORDER BY on other field
      and BLOB is not a key. We allocate a tmp buffer to copy_field to take care of
      BLOB value.This copy_field value can have copies of its in two join(objects),
      so while freeing this copy_field we have to take care that it is
      not deleted twice.
      The double deletion of tmp_table_param.copy_field is handled by two patches.
      
      One by Kostja :
      revid:sp1r-konstantin@mysql.com-20050627101056-55153
      Fix the broken test suite in -debug build.
      
      and other by Oleksandr
      revid:sp1r-bell@sanja.is.com.ua-20060118114857-19905
      Excluded posibility of tmp_table_param.copy_field double deletion (BUG#14851).
      
      both of this patches are commited in different branch and while
      merging they both get placed,but there is no need for Kostja patch as Oleksandr
      patch handle this.
      
      
      sql/sql_select.cc:
        Bug13726751, tmp_join clean up is not necessary as later in the code we are taking care of cleaning up of tmp_join copy_field.
      68df7278
    • Marko Mäkelä's avatar
      Bug#14758405: ALTER TABLE: ADDING SERIAL NULL DATATYPE: ASSERTION: · dd0610e1
      Marko Mäkelä authored
      LEN <= SIZEOF(ULONGLONG)
      
      This bug was caught in the WL#6255 ALTER TABLE...ADD COLUMN in MySQL
      5.6, but there is a bug in all InnoDB versions that support
      auto-increment columns.
      
      row_search_autoinc_read_column(): When reading the maximum value of
      the auto-increment column, and the column only contains NULL values,
      return 0. This corresponds to the case when the table is empty in
      row_search_max_autoinc().
      
      rb:1415 approved by Sunny Bains
      dd0610e1
  10. 17 Oct, 2012 4 commits
  11. 16 Oct, 2012 2 commits
    • Neeraj Bisht's avatar
      Bug#11745891 - LAST_INSERT(ID) DOES NOT SUPPORT BIGINT UNSIGNED · d29fb392
      Neeraj Bisht authored
      Problem:-
      using last_insert_id() on an auto_incremented bigint unsigned does
      not work for values which are greater than max-bigint-signed.
      
      Analysis:-
      last_insert_id() returns the first auto_incremented value for a column
      and an auto_incremented value can have only positive values.
      
      In our code, when we are initializing a last_insert_id object, we are
      taking it as a signed BIGINT, So when the auto_incremented value reaches
      greater than max signed bigint, last_insert_id gives negative result.
      
      Solution:
      When we are fetching the value from last_insert_id, We are setting the 
      unsigned_flag, so that it take only unsigned BIGINT value.
      
      sql/item_func.cc:
        here unsigned value is converted to signed value.
      sql/item_func.h:
        last_insert_id() gives an auto_incremented value which can be
        positive only,so defined it as a unsigned longlong sets the
        unsigned_flag to 1.
      d29fb392
    • Marko Mäkelä's avatar
      Bug#14729221 IN-PLACE ALTER TABLE REPORTS '' INSTEAD OF · 20e1d3c6
      Marko Mäkelä authored
      REAL DUPLICATE VALUE FOR PREFIX KEYS
      
      innobase_rec_to_mysql(): Invoke dict_index_get_nth_col_or_prefix_pos()
      instead of dict_index_get_nth_col_pos() to find the column.
      20e1d3c6
  12. 15 Oct, 2012 1 commit
    • Krunal Bauskar krunal.bauskar@oracle.com's avatar
      · 5156605e
      bug#14704286
      SECONDARY INDEX UPDATES MAKE CONSISTENT READS DO O(N^2) UNDO PAGE
      LOOKUPS (honoring kill query while accessing sec_index)
      
      If secondary index is being used for select query evaluation and this
      query is operating with consistent read snapshot it might take good time for
      secondary index to return back control to mysql as MVCC would kick in.
      
      If user issues "kill query <id>" while query is actively accessing
      secondary index it will not be honored as there is no hook to check
      for this condition. Added hook for this check.
      
      -----
      Parallely secondary index taking too long to evaluate for consistent
      read snapshot case is being examined for performance improvement. WL#6540.
      5156605e
  13. 12 Oct, 2012 2 commits
    • Marc Alff's avatar
      Bug#14629232 SECURITY VULNERABILITY WITH SHOW PROFILE · 658ecfbf
      Marc Alff authored
      This fix resolves a security vulnerability of SHOW PROFILE.
      
      See the bug report for details.
      658ecfbf
    • Nuno Carvalho's avatar
      BUG#14629727: USER_VAR_EVENT IS MISSING RANGE CHECKS · f8a8ac0e
      Nuno Carvalho authored
      This bug had two problems:
       P1) Reads out of bounds;
       P2) Writes out of bounds.
      
      PROBLEM P1
      ----------
      User_var_log_event unmarshalling from binlog was not performing range
      checks when using name_len and val_len variables to walk on event
      buffer.
      
      Added range checks to User_var_log_event unmarshalling to prevent
      unmarshalling errors.
      
      PROBLEM P2
      ----------
      User_var_log_event value was allocated on thread stack, what caused
      stack frame errors when User_var_log_event value was bigger than thread
      stack size.
      
      Currently value is allocated on heap memory.
      f8a8ac0e
  14. 10 Oct, 2012 1 commit
  15. 09 Oct, 2012 3 commits
  16. 08 Oct, 2012 1 commit
    • Marko Mäkelä's avatar
      Bug#14731482 UPDATE OR DELETE CORRUPTS A RECORD WITH A LONG PRIMARY KEY · 0f762b48
      Marko Mäkelä authored
      We did not allocate enough bits for index->trx_id_offset, causing an
      UPDATE or DELETE of a table with a PRIMARY KEY longer than 1024 bytes
      to corrupt the PRIMARY KEY.
      
      dict_index_t: Allocate enough bits.
      
      dict_index_build_internal_clust(): Check for overflow of
      index->trx_id_offset. Trip a debug assertion when overflow occurs.
      
      rb:1380 approved by Jimmy Yang
      0f762b48
  17. 01 Oct, 2012 2 commits
  18. 28 Sep, 2012 1 commit
    • Annamalai Gurusami's avatar
      Bug #13249921 ASSERT !BPAGE->FILE_PAGE_WAS_FREED, USUALLY IN · c9e3a834
      Annamalai Gurusami authored
      TRANSACTION ROLLBACK
      
      Description:  During the rollback operation, a blob page 
      is removed earlier than desired.  Consider following scenario:
      
      1. create table t1(a int primary key,b blob) engine=innodb;
      2. insert into t1 values (1,repeat('b',9000));
      3. begin;
      4. update t1 set b=concat(b,'b');
      5. update t1 set a=a+1;
      6. insert into t1 values (1,repeat('b',9000));
      7. rollback;
      
      The update operation in line 5 produces 2 undo log record. The first
      undo record (TRX_UNDO_DEL_MARK_REC) goes to trx->update_undo and the
      second undo record (TRX_UNDO_INSERT_REC) goes to trx->insert_undo.
      During rollback, they are executed out of order.
      
      When the undo record TRX_UNDO_DEL_MARK_REC is applied/executed,
      the blob ownership is also reset.  Because of this the blob page
      is released earlier than desired.  This blob page must have been
      freed only as part of applying/executing the undo record
      TRX_UNDO_INSERT_REC.
      
      This problem can be avoided by executing the undo records in
      order.  This patch will make innodb to execute the undo records
      in order.
      
      rb://1125 approved by Marko.
      c9e3a834
  19. 26 Sep, 2012 2 commits
    • unknown's avatar
      No commit message · d1006884
      unknown authored
      No commit message
      d1006884
    • Akhila Maddukuri's avatar
      Description: · 2bfcfcb4
      Akhila Maddukuri authored
      ```--------
      After compiling from source, during make test I got the following error:
      
      test main.loaddata failed with error
      CURRENT_TEST: main.loaddata
      mysqltest: At line 592: query 'LOAD DATA INFILE 'tmpp.txt' INTO TABLE t1
      CHARACTER SET ucs2
      (@b) SET a=REVERSE(@b)' failed: 1115: Unknown character set: 'ucs2'
      
      I noticed other tests are skipped because of no ucs2
      main.mix2_myisam_ucs2                    [ skipped ]  Test requires:'
      have_ucs2'
      
      Should main.loaddata be skipped if there is no ucs2
      
      How To Repeat:
      ```
      
      ----------
      Run make test on compiled source that doesn't have ucs2
      
      Suggested fix:
      -------------
      the failing piece of the test should be moved from mysql-test/t/loaddata.test to
      mysql-test/t/ctype_ucs.test.
      2bfcfcb4
  20. 25 Sep, 2012 5 commits
    • Tor Didriksen's avatar
      Backport · b7169e68
      Tor Didriksen authored
      Bug #11764313 57135: CRASH IN ITEM_FUNC_CASE::FIND_ITEM WITH CASE WHEN
      Bug #11764818 57692: Crash in item_func_in::val_int() with ZEROFILL
      b7169e68
    • unknown's avatar
      No commit message · 4631687d
      unknown authored
      No commit message
      4631687d
    • unknown's avatar
      No commit message · 153d2468
      unknown authored
      No commit message
      153d2468
    • Jon Olav Hauglid's avatar
      Bug#14621627 THREAD CACHE IS UNFAIR · cbe38f3a
      Jon Olav Hauglid authored
      When a client connects to a MySQL server, first a THD object is created.
      If there are any idle server threads waiting, the THD object is then added
      to a list and a server thread is woken up. This thread then retrieves the 
      THD object from the list and starts executing.
      
      The problem was that this list of THD objects waiting for a server thread,
      was not working in a FIFO fashion, but rather LIFO. This is unfair, as it means
      that the last THD added (=last client connected) will be assigned a  server 
      thread first.
      
      Note however that for this to be a problem, several clients must be able
      to connect and have THD objects constructed before any server threads
      manages to be woken up. This is not a very likely scenario.
      
      This patch fixes the problem by changing the THD list to work FIFO
      rather than LIFO.
      
      This is the 5.1/5.5 version of the patch.
      cbe38f3a
    • Raghav Kapoor's avatar
      BUG#13864642: DROP/CREATE USER BEHAVING ODDLY · d82962d5
      Raghav Kapoor authored
      BACKGROUND:
      In certain situations DROP USER fails to remove all privileges
      belonging to user being dropped from in-memory structures.
      Current workaround is to do DROP USER twice in scenario below
      OR doing FLUSH PRIVILEGES after doing DROP USER.
      
      ANALYSIS:
      In MySQL, When we grant some stored routines privileges to a
      user they are stored in their respective hash.
      When doing DROP USER all the stored routine privilege entries
      associated with that user has to be deleted from its respective 
      hash.
      The root cause for this bug is some entries from the hash
      are not getting deleted. 
      The problem is that code that deletes entries from the hash tries
      to do so while iterating over it, without taking enough measures
      to address the fact that such deletion can reshuffle elements in 
      the hash. If the user/administrator creates the same user again 
      he is thrown an  error 'Error 1396 ER_CANNOT_USER' from MySQL.
      This prompts the user to either do FLUSH PRIVILEGES or do DROP USER 
      again. This behaviour is not desirable as it is a workaround and
      does not solves the problem mentioned above.
      
      FIX:
      This bug is fixed by introducing a dynamic array to store the 
      pointersto all stored routine privilege objects that either have
      to be deleted or updated. This is done in 3 steps.
      Step 1: Fetching the element from the hash and checking whether 
      it is to be deleted or updated.
      Step 2: Storing the pointer to that privilege object in dynamic array.
      Step 3: Traversing the dynamic array to perform the appropriate action 
      either delete or update.
      This is a much cleaner way to delete or update the privilege entries 
      associated with some user and solves the problem mentioned above.
      Also the code has been refactored a bit by introducing an enum
      instead of hard coded numbers used for respective dynamic arrays 
      and hashes in handle_grant_struct() function.
      d82962d5
  21. 23 Sep, 2012 1 commit
  22. 22 Sep, 2012 1 commit
    • Rohit Kalhans's avatar
      BUG#14548159: NUMEROUS CASES OF INCORRECT IDENTIFIER · 2d7fa159
      Rohit Kalhans authored
      QUOTING IN REPLICATION 
      
      Problem: Misquoting or unquoted identifiers may lead to
      incorrect statements to be logged to the binary log.
      
      Fix: we use specialized functions to append quoted identifiers in
      the statements generated by the server.
      2d7fa159
  23. 21 Sep, 2012 1 commit
    • Nirbhay Choubey's avatar
      Bug#14645196 MYSQL CLIENT'S USE COMMAND FAILS · 221ba6c4
      Nirbhay Choubey authored
      WHEN DBNAME CONTAINS MULTIPLE QUOTES
      
      MySQL client's USE command might fail if the
      database name contains multiple quotes (backticks).
      
      The reason behind the failure being the method
      that client uses to remove/escape the quotes
      while parsing the USE command's option (dbname),
      where the option parsing might terminate if a
      matching quote is found.
      
      Also, C-APIs like mysql_select_db() expect a
      normalized dbname. Now, in certain cases, client
      might fail to normalize dbname similar to that of
      server and hence mysql_select_db() would fail.
      
      Fixed by getting the normalized dbname (indirectly)
      from the server by directly sending the "USE dbanme"
      as query to the server followed by a "SELECT DATABASE()".
      The above steps are only performed if number of quotes
      in the dbname is greater than 2. Once the normalized
      dbname is received, the original db is restored.
      221ba6c4