1. 08 Jan, 2009 1 commit
    • Tatiana A. Nurnberg's avatar
      Bug#41470: DATE_FORMAT() crashes the complete server with a valid date · 1dee1dd4
      Tatiana A. Nurnberg authored
      Passing dubious "year zero" in non-zero date (not "0000-00-00") could
      lead to negative value for year internally, while variable was unsigned.
      This led to Really Bad Things further down the line.
      
      Now doing calculations with signed type for year internally.
      
      mysql-test/r/date_formats.result:
        show that very early dates no longer break DATE_FORMAT(..., '%W')
      mysql-test/t/date_formats.test:
        show that very early dates no longer break DATE_FORMAT(..., '%W')
      sql-common/my_time.c:
        Allow negative years numbers internally while keeping the interface.
        otherwise if somebody passes year zero for whatever reason, we'll
        get an integer wrap-around that can lead to Really Bad Things further
        down the line. Note that amusingly, calcday_nr() already had signed
        output and calc_weekday() already had signed input, anyway.
      1dee1dd4
  2. 05 Jan, 2009 2 commits
  3. 30 Dec, 2008 1 commit
  4. 29 Dec, 2008 1 commit
    • Sergey Glukhov's avatar
      Bug#41131 "Questions" fails to increment - ignores statements instead stored procs(5.0 ver) · 397a36c7
      Sergey Glukhov authored
      Added global status variable 'Queries' which represents
      total amount of queries executed by server including
      statements executed by SPs.
      note: It's old behaviour of 'Questions' variable.
      
      
      mysql-test/r/status.result:
        test result
      mysql-test/t/status.test:
        test case
      sql/mysqld.cc:
        Added global status variable 'Queries' which represents
        total amount of queries executed by server including
        statements executed by SPs.
        note: It's old behaviour of 'Questions' variable.
      sql/sql_show.cc:
        Added global status variable 'Queries' which represents
        total amount of queries executed by server including
        statements executed by SPs.
        note: It's old behaviour of 'Questions' variable.
      sql/structs.h:
        Added global status variable 'Queries' which represents
        total amount of queries executed by server including
        statements executed by SPs.
        note: It's old behaviour of 'Questions' variable.
      397a36c7
  5. 28 Dec, 2008 2 commits
  6. 24 Dec, 2008 4 commits
    • Sergey Glukhov's avatar
      Bug#40953 SELECT query throws "ERROR 1062 (23000): Duplicate entry..." error · 4c689750
      Sergey Glukhov authored
      Table could be marked dependent because it is
      either 1) an inner table of an outer join, or 2) it is a part of
      STRAIGHT_JOIN. In case of STRAIGHT_JOIN table->maybe_null should not
      be assigned. The fix is to set st_table::maybe_null to 'true' only
      for those tables which are used in outer join.
      
      
      
      mysql-test/r/select.result:
        test result
      mysql-test/t/select.test:
        test case
      sql/sql_select.cc:
        Table could be marked dependent because it is
        either 1) an inner table of an outer join, or 2) it is a part of
        STRAIGHT_JOIN. In case of STRAIGHT_JOIN table->maybe_null should not
        be assigned. The fix is to set st_table::maybe_null to 'true' only
        for those tables which are used in outer join.
      sql/sql_select.h:
        added comment
      4c689750
    • Sergey Glukhov's avatar
      Bug#41456 SET PASSWORD hates CURRENT_USER() · 0efc5005
      Sergey Glukhov authored
      init user->user struct with 
      thd->security_ctx->priv_user context
      if user->user is not initializied
      
      mysql-test/r/grant.result:
        test result
      mysql-test/t/grant.test:
        test case
      sql/set_var.cc:
        init user->user struct with 
        thd->security_ctx->priv_user context
        if user->user is not initializied
      0efc5005
    • Sergey Glukhov's avatar
      Bug#25830 SHOW TABLE STATUS behaves differently depending on table name · 9c7f798a
      Sergey Glukhov authored
      replace wild_case_compare with my_wildcmp which is multibyte safe function
      
      
      mysql-test/r/lowercase_utf8.result:
        test result
      mysql-test/t/lowercase_utf8-master.opt:
        test case
      mysql-test/t/lowercase_utf8.test:
        test case
      sql/sql_show.cc:
        replace wild_case_compare with my_wildcmp which is multibyte safe function
      9c7f798a
    • Sergey Glukhov's avatar
      compiler warning fix · ccc8a8c2
      Sergey Glukhov authored
      ccc8a8c2
  7. 23 Dec, 2008 2 commits
    • Sergey Glukhov's avatar
      Bug#41079 information_schema.schema_privileges is limited to 7680 records. · 5f8ed9c9
      Sergey Glukhov authored
      The problem is that we cannot insert new record into memory table
      when table size exceeds max memory table size.
      The fix is to use schema_table_store_record() function which
      converts memory table into MyISAM in case of table size exceeding.
      
      Note:
      There is no test case for this bug, the reason is that
      1. The code  that was added already is checked(i.e. works) with existing tests
      2. Correct work of schema_table_store_record() is checked with other test cases
         (information_schema tests)
      So new code is fully covered with existing test cases.
      
      
      sql/mysql_priv.h:
        make schema_table_store_record() function global
      sql/sql_acl.cc:
        The problem is that we cannot insert new record into memory table
        when table size exceeds max memory table size.
        The fix is to use schema_table_store_record() function which
        converts memory table into MyISAM in case of table size exceeding.
      sql/sql_show.cc:
        make schema_table_store_record() function global
      5f8ed9c9
    • Sergey Glukhov's avatar
      Bug#37575 UCASE fails on monthname · 43ee0f9f
      Sergey Glukhov authored
      The MONTHNAME/DAYNAME functions
      returns binary string, so the LOWER/UPPER functions
      are not effective on the result of MONTHNAME/DAYNAME call.  
      Character set of the MONTHNAME/DAYNAME function
      result has been changed to connection character set.
      
      
      include/m_ctype.h:
        added my_charset_repertoire function
      mysql-test/r/ctype_ucs.result:
        test result
      mysql-test/r/func_time.result:
        test result
      mysql-test/t/ctype_ucs.test:
        test case
      mysql-test/t/func_time.test:
        test case
      sql/item_timefunc.cc:
        Item_func_monthname::fix_length_and_dec and
        Item_func_dayname::fix_length_and_dec methods have been
        modified to use connection character set
      sql/item_timefunc.h:
        Item_func_monthname::fix_length_and_dec and
        Item_func_dayname::fix_length_and_dec methods have been
        modified to use connection character set
      sql/mysql_priv.h:
        added max_month_name_length, max_day_name_length fields into MY_LOCALE struct
      sql/mysqld.cc:
        The test_lc_time_sz function controls modifications
        of the locale database in debugging mode.
      sql/sql_locale.cc:
        initialization of max_month_name_length, max_day_name_length fields
      strings/ctype.c:
        added my_charset_repertoire function
      43ee0f9f
  8. 22 Dec, 2008 1 commit
  9. 19 Dec, 2008 1 commit
    • Sergey Petrunia's avatar
      BUG#40974: Incorrect query results when using clause evaluated using range check · 8cecb71d
      Sergey Petrunia authored
      - QUICK_INDEX_MERGE_SELECT deinitializes its rnd_pos() scan when it reaches EOF, but we 
        need to make the deinitialization in QUICK_INDEX_MERGE_SELECT destructor also. This is because
        certain execution strategies can stop scanning without reaching EOF, then then try to do a full
        table scan on this table. Failure to deinitialize caused the full scan to use (already empty) 
        table->sort and produce zero records.
      
      mysql-test/r/index_merge.result:
        BUG#40974: Incorrect query results when using clause evaluated using range check
        - Testcase
      mysql-test/t/index_merge.test:
        BUG#40974: Incorrect query results when using clause evaluated using range check
        - Testcase
      8cecb71d
  10. 17 Dec, 2008 1 commit
  11. 15 Dec, 2008 1 commit
  12. 13 Dec, 2008 2 commits
    • Timothy Smith's avatar
      r2629 | inaam | 2008-09-16 18:46:00 +0300 (Tue, 16 Sep 2008) | 9 lines · 879254e9
      Timothy Smith authored
      branches/5.0   bug#39483 InnoDB hang on adaptive hash because of out
      of order ::open() call by MySQL
      
      Under some conditions MySQL calls ::open with search_latch leading
      to a deadlock as we try to acquire dict_sys->mutex inside ::open
      breaking the latching order. The fix is to release search_latch.
      
      Reviewed by: Heikki
      879254e9
    • Timothy Smith's avatar
      Apply 3 patches from innodb-5.0-ss2637. · 955d8184
      Timothy Smith authored
      This fixes Bug#36149: Read buffer overflow in srv0start.c found during "make
      test"
      
      Per-revision comments:
      
      r2484 | vasil | 2008-05-28 15:32:48 +0300 (Wed, 28 May 2008) | 9 lines
      
      Fix Bug#36149 Read buffer overflow in srv0start.c found during "make test"
      
      Use strncmp(3) instead of memcmp(3) to avoid reading past end of the string
      if it is empty (*str == '\0'). This bug is _not_ a buffer overflow.
      
      Discussed with:	Sunny (via IM)
      
      r2538 | inaam | 2008-07-15 21:24:02 +0300 (Tue, 15 Jul 2008) | 15 lines
      
      Fix of issue# 4
      
      Fixed a timing hole where a thread dropping an index can free the
      in-memory index struct while another thread is still using
      that structure to remove entries from adaptive hash index belonging
      to one of the pages that belongs to the index being dropped.
      
      The fix is to have a reference counter in the index struct and to
      wait for this counter to drop to zero beforing freeing the struct.
      
      Reviewed by: Heikki
      
      
      r2544 | inaam | 2008-07-22 18:58:11 +0300 (Tue, 22 Jul 2008) | 8 lines
      
      Removed UNIV_INLINE qualifier from btr_search_info_get_ref_count().
      Otherwise compilation failed on non-debug builds.
      
      Pointed by: Vasil
      955d8184
  13. 12 Dec, 2008 4 commits
    • Timothy Smith's avatar
      Apply the rest of innodb-5.0-ss2475. This fixes Bug#36819, "ut_usectime does · dbb060b2
      Timothy Smith authored
      not handle errors from gettimeofday".
      
      r2475 | vasil | 2008-05-22 19:35:30 +0300 (Thu, 22 May 2008) | 13 lines
      
      Fix by retrying gettimeofday() several times if it fails in ut_usectime().
      If it fails on all calls then return error to the caller to be handled
      at higher level.
      
      Update the variable innodb_row_lock_time_max in SHOW STATUS output only
      if ut_usectime() was successful.
      dbb060b2
    • Bjorn Munch's avatar
      Bug #31983 Running mysql-test from RPM fails for NDB · 5ee9db71
      Bjorn Munch authored
      Added $glob_basedir/sbin to search path for relevant binaries
      5ee9db71
    • Gleb Shchepa's avatar
      Bug #40761: Assert on sum function on · 423ca289
      Gleb Shchepa authored
                  IF(..., CAST(longtext AS UNSIGNED), signed_val)
                  (was: LEFT JOIN on inline view crashes server)
      
      Select from a LONGTEXT column wrapped with an expression
      like "IF(..., CAST(longtext_column AS UNSIGNED), smth_signed)"
      failed an assertion or crashed the server. IFNULL function was
      affected too.
      
      LONGTEXT column item has a maximum length of 32^2-1 bytes,
      at the same time this is a maximum possible length of any
      MySQL item. CAST(longtext_column AS UNSIGNED) returns some
      unsigned numeric result of length 32^2-1, so the result of
      IF/IFNULL function of this number and some other signed number
      will have text length of (32^2-1)+1=32^2 (one byte for the
      minus sign) - there is integer overflow, and the length is
      equal to zero. That caused assert/crash.
      
      CAST AS UNSIGNED function has been modified to limit maximal
      length of resulting number to 67 (maximal length of DECIMAL
      and two characters for minus sign and dot).
      
      
      mysql-test/r/func_if.result:
        Added test case for bug #40761.
      mysql-test/t/func_if.test:
        Added test case for bug #40761.
      sql/item_func.h:
        Bug #40761: Assert on sum function on
                    IF(..., CAST(longtext AS UNSIGNED), signed_val)
        
        CAST AS UNSIGNED function has been modified to limit maximal
        length of resulting number to 67 (maximal length of DECIMAL
        and two characters for minus sign and dot).
      423ca289
    • Gleb Shchepa's avatar
      rollback of bug #40761 fix · 646d87da
      Gleb Shchepa authored
      646d87da
  14. 11 Dec, 2008 6 commits
    • Gleb Shchepa's avatar
      Bug #40761: Assert on sum function on · 3aadda91
      Gleb Shchepa authored
                  IF(..., CAST(longtext AS UNSIGNED), signed_val)
                  (was: LEFT JOIN on inline view crashes server)
      
      Select from a LONGTEXT column wrapped with an expression
      like "IF(..., CAST(longtext_column AS UNSIGNED), smth_signed)"
      failed an assertion or crashed the server. IFNULL function was
      affected too.
      
      LONGTEXT column item has a maximum length of 32^2-1 bytes,
      at the same time this is a maximum possible length of any
      MySQL item. CAST(longtext_column AS UNSIGNED) returns some
      unsigned numeric result of length 32^2-1, so the result of
      IF/IFNULL function of this number and some other signed number
      will have text length of (32^2-1)+1=32^2 (one byte for the
      minus sign) - there is integer overflow, and the length is
      equal to zero. That caused assert/crash.
      
      The bug has been fixed by the same solution as in the CASE
      function implementation.
      
      
      mysql-test/r/func_if.result:
        Added test case for bug #40761.
      mysql-test/t/func_if.test:
        Added test case for bug #40761.
      sql/item_cmpfunc.cc:
        Bug #40761: Assert on sum function on
                    IF(..., CAST(longtext AS UNSIGNED), signed_val)
        
        1. Item_func_case::agg_str_lengths method has been moved
           to the Item_func superclass.
        2. Item_func_ifnull/Item_func_if::fix_length_and_dec methods
           have been updated to calculate max_length, decimals and
           unsigned flag like Item_func_case.
      sql/item_cmpfunc.h:
        Bug #40761: Assert on sum function on
                    IF(..., CAST(longtext AS UNSIGNED), signed_val)
        
        Item_func_case::agg_str_lengths method has been moved to
        the Item_func superclass.
      sql/item_func.cc:
        Bug #40761: Assert on sum function on
                    IF(..., CAST(longtext AS UNSIGNED), signed_val)
        
        Item_func_case::agg_str_lengths method has been moved to
        the Item_func superclass.
      sql/item_func.h:
        Bug #40761: Assert on sum function on
                    IF(..., CAST(longtext AS UNSIGNED), signed_val)
        
        Item_func_case::agg_str_lengths method has been moved to
        the Item_func superclass.
      3aadda91
    • Chad MILLER's avatar
      Merge from bugteam trunk. · 2c646687
      Chad MILLER authored
      2c646687
    • Chad MILLER's avatar
      Bug#33812: mysql client incorrectly parsing DELIMITER · b109150d
      Chad MILLER authored
      Fix parsing of mysql client commands, especially in relation to
      single-line comments when --comments was specified.
      
      This is a little tricky, because we need to allow single-line
      comments in the middle of statements, but we don't want to allow
      client commands in the middle of statements. So in
      comment-preservation mode, we go ahead and send single-line
      comments to the server immediately when we encounter them on their
      own. 
      
      This is still slightly flawed, in that it does not handle a
      single-line comment with leading spaces, followed by a client-side
      command when --comment has been enabled. But this isn't a new
      problem, and it is quite an edge condition. Fixing it would require
      a more extensive overall of how the mysql client parses commands. 
      b109150d
    • Luis Soares's avatar
      Fix PB warnings for parenthesis and valgrind leak report. · c4e3f7f9
      Luis Soares authored
      BUG#38826
      c4e3f7f9
    • Sergey Glukhov's avatar
      fix for pushbuild failure on 64 linux · 3b3594b6
      Sergey Glukhov authored
      3b3594b6
    • Sergey Glukhov's avatar
  15. 10 Dec, 2008 6 commits
  16. 09 Dec, 2008 5 commits