- 22 Jun, 2010 9 commits
-
-
MySQL Build Team authored
> ------------------------------------------------------------ > revno: 1810.3987.13 > revision-id: ramil@mysql.com-20100429044232-f0pkyx8fnpszf142 > parent: alexey.kopytov@sun.com-20100426200600-op06qy98llzpzgl1 > committer: Ramil Kalimullin <ramil@mysql.com> > branch nick: b53237-5.0-bugteam > timestamp: Thu 2010-04-29 08:42:32 +0400 > message: > Fix for bug #53237: mysql_list_fields/COM_FIELD_LIST stack smashing > > Problem: "COM_FIELD_LIST is an old command of the MySQL server, before there was real move to only > SQL. Seems that the data sent to COM_FIELD_LIST( mysql_list_fields() function) is not > checked for sanity. By sending long data for the table a buffer is overflown, which can > be used deliberately to include code that harms". > > Fix: check incoming data length. The patch did not apply cleanly: - Line numbers are completely off, roughly it is 2030 -> 1313 - What is called "pend" in the patch, is "arg_end" in the source.
-
MySQL Build Team authored
> revno: 3351.14.56 > committer: Marko Mdkeld <marko.makela@oracle.com> > branch nick: 5.1-innodb > timestamp: Mon 2010-04-26 14:08:56 +0300 > message: > Add a test case for Bug #52745.
-
MySQL Build Team authored
> ------------------------------------------------------------ > revno: 3351.14.47 > revision-id: marko.makela@oracle.com-20100421095033-0acvzxb8um8cms0a > parent: marko.makela@oracle.com-20100421094032-ir4glqk46qvg2ywn > committer: Marko Mäkelä <marko.makela@oracle.com> > branch nick: 5.1-innodb > timestamp: Wed 2010-04-21 12:50:33 +0300 > message: > dtuple_convert_big_rec(): Store locally any fields whose maximum length > is less than 256 bytes. (Bug #52745) > Add related comments and debug assertions to the "offsets" > functions in rem0rec.c. > Approved by Sunny Bains
-
MySQL Build Team authored
> ------------------------------------------------------------ > revno: 3351.47.2 > revision-id: marko.makela@oracle.com-20100511104910-nim8kgguawpis7zo > parent: marko.makela@oracle.com-20100511104500-c6kzd0bg5s42p8e9 > committer: Marko Mäkelä <marko.makela@oracle.com> > branch nick: mysql-5.1-innodb2 > timestamp: Tue 2010-05-11 13:49:10 +0300 > message: > btr_page_split_and_insert(): Add an assertion > suggested by Sunny Bains when reviewing Bug #52964.
-
MySQL Build Team authored
> ------------------------------------------------------------ > revno: 3351.47.1 > revision-id: marko.makela@oracle.com-20100511104500-c6kzd0bg5s42p8e9 > parent: vasil.dimov@oracle.com-20100510132852-cz457uqvj8iiy9mm > committer: Marko Mäkelä <marko.makela@oracle.com> > branch nick: mysql-5.1-innodb2 > timestamp: Tue 2010-05-11 13:45:00 +0300 > message: > Remove a stray expression. Spotted by Sunny Bains.
-
MySQL Build Team authored
> ------------------------------------------------------------ > revno: 3351.14.74 > revision-id: marko.makela@oracle.com-20100504093128-44v6glupe1dsh0ug > parent: marko.makela@oracle.com-20100503122859-k73bl51re93o0mt4 > committer: Marko Mäkelä <marko.makela@oracle.com> > branch nick: 5.1-innodb > timestamp: Tue 2010-05-04 12:31:28 +0300 > message: > btr_page_split_and_insert(): Correct the fix of Bug #52964. > When split_rec==NULL, choose the correct node pointer key (first_rec).
-
MySQL Build Team authored
> ------------------------------------------------------------ > revno: 3351.14.50 > revision-id: marko.makela@oracle.com-20100421185359-8qaxoa2yyrpzwdd7 > parent: marko.makela@oracle.com-20100421102723-0i80uezbyu0ekj5d > committer: Marko Mäkelä <marko.makela@oracle.com> > branch nick: 5.1-innodb > timestamp: Wed 2010-04-21 21:53:59 +0300 > message: > btr_page_split_and_insert(): Avoid an infinite loop. (Bug #52964) > > btr_page_tuple_smaller(): New function, refactored from > btr_page_split_and_insert(). > > btr_page_get_split_rec(): Renamed from btr_page_get_sure_split_rec(). > Note that a NULL return may mean that the tuple is to be inserted into > either the lower or upper page, to be determined by btr_page_tuple_smaller(). > > btr_page_split_and_insert(): When btr_page_get_split_rec() returns NULL, > invoke btr_page_tuple_smaller() to determine which half-page the tuple > belongs to. > > Reviewed by Sunny Bains
-
MySQL Build Team authored
> ------------------------------------------------------------ > revno: 3362 > revision-id: davi.arnaut@sun.com-20100401131522-895y8uzvv8ag44gs > parent: ramil@mysql.com-20100429045409-r7r5lcyiruis15v7 > committer: Davi Arnaut <Davi.Arnaut@Sun.COM> > branch nick: 50755-5.1 > timestamp: Thu 2010-04-01 10:15:22 -0300 > message: > Bug#50755: Crash if stored routine def contains version comments > > The problem was that a syntactically invalid trigger could cause > the server to crash when trying to list triggers. The crash would > happen due to a mishap in the backup/restore procedure that should > protect parser items which are not associated with the trigger. The > backup/restore is used to isolate the parse tree (and context) of > a statement from the load (and parsing) of a trigger. In this case, > a error during the parsing of a trigger could cause the improper > backup/restore sequence. > > The solution is to properly restore the original statement context > before the parser is exited due to syntax errors in the trigger body.
-
unknown authored
-
- 06 Apr, 2010 2 commits
-
-
Georgi Kodinov authored
-
Georgi Kodinov authored
-
- 05 Apr, 2010 1 commit
-
-
Sergey Glukhov authored
The problem is that we can not use make_cond_for_table(). This function relies on used_tables() condition which is not set properly for subqueries. As result subquery is not filtered out. The fix is to use remove_eq_conds() function instead of make_cond_for_table() func. 'remove_eq_conds()' algorithm relies on const_item() value and it allows to handle subqueries in right way. mysql-test/r/having.result: test case mysql-test/t/having.test: test case sql/sql_select.cc: The fix is to use remove_eq_conds() function instead of make_cond_for_table() function.
-
- 02 Apr, 2010 1 commit
-
-
Gleb Shchepa authored
Procedure, while DECIMAL works Selecting of the CONCAT(...<SP variable>...) result into a user variable may return wrong data. Item_func_concat::val_str contains a number of memory allocation-saving tricks. One of them concatenates strings inplace inserting the value of one string at the beginning of the other string. However, this trick didn't care about strings those points to the same data buffer: this is possible when a CONCAT() parameter is a stored procedure variable - Item_sp_variable::val_str() uses the intermediate Item_sp_variable::str_value field, where it may store a reference to an external buffer. The Item_func_concat::val_str function has been modified to take into account val_str functions (such as Item_sp_variable::val_str) that return a pointer to an internal Item member variable that may reference to a buffer provided. mysql-test/r/func_concat.result: Test case for the bug #40625. mysql-test/t/func_concat.test: Test case for the bug #40625. sql/item_strfunc.cc: Bug #40625: Concat fails on DOUBLE values in a Stored Procedure, while DECIMAL works The Item_func_concat::val_str function has been modified to take into account val_str functions (such as Item_sp_variable::val_str) that return a pointer to an internal Item member variable that may reference to a buffer provided.
-
- 01 Apr, 2010 27 commits
-
-
Anurag Shekhar authored
on index 'my_decimal' class has two members which can be used to access the value. The member variable buf (inherited from parent class decimal_t) is set to member variable buffer so that both are pointing to same value. Item_copy_decimal::copy() uses memcpy to clone 'my_decimal'. The member buffer is declared as an array and memcpy results in copying the values of the array, but the inherited member buf, which should be pointing at the begining of the array 'buffer' starts pointing to the begining of buffer in original object (which is being cloned). Further updates on 'my_decimal' updates only the inherited member 'buf' but leaves buffer unchanged. Later when the new object (which now holds a inconsistent value) is cloned again using proper cloning function 'my_decimal2decimal' the buf pointer is fixed resulting in loss of the current value. Using my_decimal2decimal instead of memcpy in Item_copy_decimal::copy() fixed this problem. mysql-test/r/subselect.result: Updated result file after addding test case for bug#47904. mysql-test/t/subselect.test: Added test case for bug#47904. sql/item.cc: Memcopy shouldn't be used to clone my_decimal. Use my_decimal2decimal instead.
-
Sergey Vojtovich authored
-
Sergey Vojtovich authored
-
Sergey Vojtovich authored
data and index files It was possible if DATA/INDEX DIRECTORY is pointing to symlinked MySQL data home directory. Do not allow to drop data/index files implicitly symlinked to data home directory. For such tables remove symlink only. mysql-test/r/symlink.result: A test case for BUG#40980. mysql-test/t/symlink.test: A test case for BUG#40980. storage/myisam/mi_delete_table.c: Do not allow to drop data/index files implicitly symlinked to data home directory. For such tables remove symlink only.
-
Sergey Vojtovich authored
Detailed revision comments: r6900 | mmakela | 2010-03-29 13:54:57 +0300 (Mon, 29 Mar 2010) | 5 lines branches/zip: Merge c6899 from branches/innodb+: Add debug assertions to track down Bug #52360. hash_table_t::magic_n: Add HASH_TABLE_MAGIC_N checks, which were fully absent. ut_hash_ulint(): Assert table_size > 0 before division.
-
Sergey Vojtovich authored
Detailed revision comments: r6897 | mmakela | 2010-03-29 11:36:19 +0300 (Mon, 29 Mar 2010) | 3 lines branches/zip: innodb_mutex_show_status(): Fix a condition that was accidentally negated in r6781, making SHOW ENGINE INNODB MUTEX STATUS display only locks with no OS waits.
-
Sergey Vojtovich authored
Detailed revision comments: r6891 | vdimov | 2010-03-26 16:19:01 +0200 (Fri, 26 Mar 2010) | 5 lines Non-functional change: update copyright year to 2010 of the files that have been modified after 2010-01-01 according to svn. for f in $(svn log -v -r{2010-01-01}:HEAD |grep "^ M " |cut -b 16- |sort -u) ; do sed -i "" -E 's/(Copyright \(c\) [0-9]{4},) [0-9]{4}, (.*Innobase Oy.+All Rights Reserved)/\1 2010, \2/' $f ; done
-
Sergey Vojtovich authored
Detailed revision comments: r6875 | vdimov | 2010-03-25 18:18:15 +0200 (Thu, 25 Mar 2010) | 4 lines branches/zip: Wrap line at 78 column in ChangeLog.
-
Sergey Vojtovich authored
Detailed revision comments: r6874 | vdimov | 2010-03-25 17:17:52 +0200 (Thu, 25 Mar 2010) | 4 lines branches/zip: Wrap ChangeLog at 78th column
-
Sergey Vojtovich authored
Detailed revision comments: r6873 | vdimov | 2010-03-25 17:06:56 +0200 (Thu, 25 Mar 2010) | 4 lines branches/zip: Use Bug#N instead of Bug #N to be consistent with the rest of the fil.
-
Sergey Vojtovich authored
Detailed revision comments: r6872 | vdimov | 2010-03-25 17:03:17 +0200 (Thu, 25 Mar 2010) | 4 lines branches/zip: Fix ChangeLog - write only the bug title in bugs.mysql.com-related entires.
-
Sergey Vojtovich authored
Detailed revision comments: r6871 | vdimov | 2010-03-25 16:39:44 +0200 (Thu, 25 Mar 2010) | 4 lines branches/zip: Whitespace fixup to be consistent with the rest of the file.
-
Sergey Vojtovich authored
Detailed revision comments: r6868 | mmakela | 2010-03-25 13:03:08 +0200 (Thu, 25 Mar 2010) | 1 line branches/zip: page_validate(): Check the buf[] bounds.
-
Sergey Vojtovich authored
Detailed revision comments: r6864 | mmakela | 2010-03-24 14:05:53 +0200 (Wed, 24 Mar 2010) | 1 line branches/zip: dtype_new_store_for_order_and_null_size(): Add ut_ad() on mtype.
-
Sergey Vojtovich authored
Detailed revision comments: r6861 | vdimov | 2010-03-23 19:31:02 +0200 (Tue, 23 Mar 2010) | 36 lines branches/zip: Merge joerg@mysql.com-20100322150231-vdq0afbqtmbs6phy from BZR, Including univ.i before mysql/plugin.h is needed to avoid this compiler error: o This is how gcc puts it: o > > ccache /usr/local/gcc-4.3.2/bin/gcc -static-libgcc -DHAVE_CONFIG_H -I. -I../../include -I../../include -I../../include -I../../regex -I./include -I../../sql -I. -I../../zlib -g -O3 -march=i686 -DUNIV_LINUX -MT libinnobase_a-trx0i_s.o -MD -MP -MF .deps/libinnobase_a-trx0i_s.Tpo -c -o libinnobase_a-trx0i_s.o `test -f 'trx/trx0i_s.c' || echo './'`trx/trx0i_s.c o > > In file included from ./include/univ.i:114, o > > from trx/trx0i_s.c:36: o > > ../../include/my_pthread.h:628: error: expected ')' before '*' token o > > In file included from ../../include/my_pthread.h:732, o > > from ./include/univ.i:114, o > > from trx/trx0i_s.c:36: o > > ../../include/mysql/psi/mysql_thread.h:100: error: expected specifier-qualifier-list before 'pthread_rwlock_t' o > > ../../include/mysql/psi/mysql_thread.h:116: error: expected specifier-qualifier-list before 'pthread_rwlock_t' o > > ../../include/mysql/psi/mysql_thread.h: In function 'inline_mysql_rwlock_init': o > > ../../include/mysql/psi/mysql_thread.h:711: error: 'mysql_rwlock_t' has no member named 'm_psi' o > > ../../include/mysql/psi/mysql_thread.h:716: error: 'mysql_rwlock_t' has no member named 'm_rwlock' o > > .... ((continued)) o o Intel's icc gives slightly clearer messages: o > > icc -static-intel -static-libgcc -DHAVE_CONFIG_H -I. -I../../include -I../../include -I../../include -I../../regex -I./include -I../../sql -I. -I../../zlib -O3 -g -unroll2 -ip -mp -restrict -no-ftz -no-prefetch -DUNIV_LINUX -MT libinnobase_a-trx0i_s.o -MD -MP -MF .deps/libinnobase_a-trx0i_s.Tpo -c -o libinnobase_a-trx0i_s.o `test -f 'trx/trx0i_s.c' || echo './'`trx/trx0i_s.c o > > ../../include/my_pthread.h(628): error: identifier "pthread_rwlock_t" is undefined o > > extern int rw_pr_init(rw_pr_lock_t *); o > > ^ o > > o > > ../../include/mysql/psi/mysql_thread.h(100): error: identifier "pthread_rwlock_t" is undefined o > > rw_lock_t m_rwlock; o > > ^ o > > o > > ../../include/mysql/psi/mysql_thread.h(116): error: identifier "pthread_rwlock_t" is undefined o > > rw_pr_lock_t m_prlock; o > > ^
-
Sergey Vojtovich authored
Detailed revision comments: r6860 | jyang | 2010-03-23 18:20:36 +0200 (Tue, 23 Mar 2010) | 5 lines branches/zip: This is patch from Inaam that uses red-black tree to speed up insertions into the flush_list and thus the recovery process. The patch has been tested by Nokia.
-
Sergey Vojtovich authored
Detailed revision comments: r6858 | mmakela | 2010-03-23 14:09:24 +0200 (Tue, 23 Mar 2010) | 1 line branches/zip: innodb_read_ahead_threshold: Add missing space to help string.
-
Sergey Vojtovich authored
Detailed revision comments: r6857 | mmakela | 2010-03-23 14:07:53 +0200 (Tue, 23 Mar 2010) | 1 line branches/zip: innodb_change_buffering: Correct the documentation.
-
Sergey Vojtovich authored
Detailed revision comments: r6853 | marko | 2010-03-22 13:35:29 +0200 (Mon, 22 Mar 2010) | 1 line branches/zip: mutex_own(), rw_lock_own(): Add attribute((warn_unused_result)).
-
Sergey Vojtovich authored
Detailed revision comments: r6840 | calvin | 2010-03-19 00:32:23 +0200 (Fri, 19 Mar 2010) | 6 lines branches/zip: Fix Bug #52102 InnoDB Plugin shows performance drop comparing to builtin InnoDB (Windows only). Disable Windows atomics by default. Approved by: Inaam
-
Sergey Vojtovich authored
Detailed revision comments: r6830 | marko | 2010-03-18 09:48:18 +0200 (Thu, 18 Mar 2010) | 3 lines branches/zip: buf_page_peek_if_too_old(): Use 32-bit arithmetics when comparing the age of access_time to buf_LRU_old_threshold_ms. This fixes a bug on 64-bit systems.
-
Sergey Vojtovich authored
Detailed revision comments: r6828 | calvin | 2010-03-17 17:16:38 +0200 (Wed, 17 Mar 2010) | 7 lines branches/zip: rename IB_HAVE_PAUSE_INSTRUCTION to HAVE_IB_PAUSE_INSTRUCTION in CMakeLists.txt. The rename was done as r5871, but CMakeLists.txt was forgotten. Also, add INNODB_RW_LOCKS_USE_ATOMICS to CMake.
-
Sergey Vojtovich authored
Detailed revision comments: r6805 | inaam | 2010-03-11 23:15:17 +0200 (Thu, 11 Mar 2010) | 6 lines branches/zip issue#463 Fixed compiler warning about uninitialized variable. Non-functional change.
-
Sergey Vojtovich authored
Detailed revision comments: r6801 | marko | 2010-03-11 13:34:28 +0200 (Thu, 11 Mar 2010) | 2 lines branches/zip: mtr_memo_contains(): Relax the assertion of r6800, allowing mtr->state == MTR_COMMITTING.
-
Sergey Vojtovich authored
Detailed revision comments: r6800 | marko | 2010-03-11 12:02:57 +0200 (Thu, 11 Mar 2010) | 1 line branches/zip: Add ut_ad(mtr->state == MTR_ACTIVE) to various places.
-
Sergey Vojtovich authored
Detailed revision comments: r6799 | jyang | 2010-03-11 09:59:42 +0200 (Thu, 11 Mar 2010) | 5 lines branches/zip: Once change in bug #47621 merges into zip branch, zip only test innodb_bug44571 needs to be updated to reflect the column name change would be successful be done in InnoDB as well.
-
Sergey Vojtovich authored
Detailed revision comments: r6798 | marko | 2010-03-11 09:53:01 +0200 (Thu, 11 Mar 2010) | 14 lines branches/zip: Fix and clarify the latching of some buf_block_t members. buf_block_t::check_index_page_at_flush: Note that this field is not protected by any mutex. Make it a separate field, not a bitfield that could share the machine word with other fields. buf_block_t::lock_hash_val: Note that this field is protected by buf_block_t::lock (or during block creation, by buf_pool_mutex and buf_block_t::mutex). buf_block_get_lock_hash_val(): Assert that block->lock is held by the current thread. Issue #465, rb://267 approved by Inaam Rana
-