1. 12 Feb, 2010 1 commit
    • Sergey Vojtovich's avatar
      BUG#48438 - crash with error in unioned query against merge · 63058aa9
      Sergey Vojtovich authored
                  table and view...
      
      Invalid memory reads after a query referencing MyISAM table
      multiple times with write lock. Invalid memory reads may
      lead to server crash, valgrind warnings, incorrect values
      in INFORMATION_SCHEMA.TABLES.{TABLE_ROWS, DATA_LENGTH,
      INDEX_LENGTH, ...}.
      
      This may happen when one of the table instances gets closed
      after a query, e.g. out of slots in open tables cache. UNION,
      MERGE and VIEW are irrelevant.
      
      The problem was that MyISAM didn't restore state info
      pointer to default value.
      
      myisam/mi_locking.c:
        When a query is referencing MyISAM table multiple times
        with a write lock, all table instances share the same
        state info, pointing to MI_INFO::save_state of
        "primary" table instance.
        
        When lock is released, state pointer was restored only
        for the primary table instance. Secondary table instances
        are still pointing to save_state of primary table
        instance.
        
        Primary table instance may get closed, leaving secondary
        table instances state pointer pointing to freed memory.
        
        That's mostly ok, since next lock will update state info
        pointer to correct value. But there're some cases, when
        this secondary table instance state info is accessed
        without a lock, e.g. INFORMATION_SCHEMA, MERGE (in 5.1
        and up), MyISAM itself for DBUG purposes.
        
        Restore default value of state pointer unconditionally,
        for both primary and secondary table instances.
      mysql-test/r/myisam.result:
        A test case for BUG#48438.
      mysql-test/t/myisam.test:
        A test case for BUG#48438.
      63058aa9
  2. 03 Feb, 2010 1 commit
  3. 01 Feb, 2010 1 commit
  4. 29 Jan, 2010 2 commits
    • Georgi Kodinov's avatar
      Bug #50642 : ssl certs in test suite are expiring soon. · a9e65862
      Georgi Kodinov authored
      Updated the certs to expire on 2015. 
      Made sure they work with both yassl and openssl.
      a9e65862
    • Ramil Kalimullin's avatar
      Fix for bug#49897: crash in ptr_compare when char(0) NOT NULL · 57f9915f
      Ramil Kalimullin authored
      column is used for ORDER BY
      
      Problem: filesort isn't meant for null length sort data
      (e.g. char(0)), that leads to a server crash.
      
      Fix: disregard sort order if sort data record length is 0 (nothing
      to sort).
      
      
      mysql-test/r/select.result:
        Fix for bug#49897: crash in ptr_compare when char(0) NOT NULL 
        column is used for ORDER BY
          - test result.
      mysql-test/t/select.test:
        Fix for bug#49897: crash in ptr_compare when char(0) NOT NULL 
        column is used for ORDER BY
          - test case.
      sql/filesort.cc:
        Fix for bug#49897: crash in ptr_compare when char(0) NOT NULL 
        column is used for ORDER BY
          - assert added as filesort cannot handle null length sort data.
      sql/sql_select.cc:
        Fix for bug#49897: crash in ptr_compare when char(0) NOT NULL 
        column is used for ORDER BY
          - don't sort null length data e.g. in case of ORDER BY CHAR(0).
      57f9915f
  5. 27 Jan, 2010 2 commits
  6. 15 Jan, 2010 1 commit
  7. 14 Jan, 2010 1 commit
  8. 13 Jan, 2010 2 commits
    • Ramil Kalimullin's avatar
      Auto-merge. · c95e80b7
      Ramil Kalimullin authored
      c95e80b7
    • Ramil Kalimullin's avatar
      Fix for bug#50227: Pre-auth buffer-overflow in mySQL through yaSSL · 36e579e2
      Ramil Kalimullin authored
      Problem: copying issuer's (or subject's) name tags into an internal
      buffer from incoming stream we didn't check the buffer overflow. 
      That may lead to memory overrun, crash etc.
      
      Fix: ensure we don't overrun the buffer.
      
      Note: there's no simple test case (exploit needed).
      
      
      extra/yassl/taocrypt/include/asn.hpp:
        Fix for bug#50227: Pre-auth buffer-overflow in mySQL through yaSSL
          - CertDecoder::AddTag() introduced.
      extra/yassl/taocrypt/src/asn.cpp:
        Fix for bug#50227: Pre-auth buffer-overflow in mySQL through yaSSL
          - copying data from incoming stream to the issuer_ or subject_
        buffers ensure we don't overrun them.
          - code cleanup.
      36e579e2
  9. 12 Jan, 2010 2 commits
  10. 11 Jan, 2010 1 commit
    • Gleb Shchepa's avatar
      Bug #49955: ld error message: undefined reference to `strmov_overlapp' · 2976c8fc
      Gleb Shchepa authored
      32bit builds with the --enable-assembler flag (enabled by default)
      fail with an error message: undefined reference to `strmov_overlapp'.
      
      Since the fix for bug 48866 we use a home-grown strmov function
      instead of the ctpcpy function, but the source file for this
      function was missed in the Makefile.am.
      
      The strings/Makefile.am file has been modified to include strmov.c
      file into ASSEMBLER_x86 and ASSEMBLER_sparc32 sections.
      
      
      strings/Makefile.am:
        Bug #49955: ld error message: undefined reference to `strmov_overlapp'
        
        The strings/Makefile.am file has been modified to include
        strmov.c file into ASSEMBLER_x86 and ASSEMBLER_sparc32 sections.
      2976c8fc
  11. 06 Jan, 2010 2 commits
  12. 31 Dec, 2009 1 commit
    • unknown's avatar
      Bug #49137 Replication failure on SBR/MBR + multi-table DROP TEMPORARY TABLE · 28baa532
      unknown authored
            
      In statement-based or mixed-mode replication, use DROP TEMPORARY TABLE
      to drop multiple tables causes different errors on master and slave, 
      when one or more of these tables do not exist. Because when executed
      on slave, it would automatically add IF EXISTS to the query to ignore
      all ER_BAD_TABLE_ERROR errors.
      
      To fix the problem, do not add IF EXISTS when executing DROP TEMPORARY
      TABLE on the slave, and clear the ER_BAD_TABLE_ERROR error after
      execution if the query does not expect any errors.
      
      
      mysql-test/r/rpl_drop_temp.result:
        Updated for the patch of bug#49137.
      mysql-test/t/rpl_drop_temp.test:
        Added the test file to verify if DROP MULTI TEMPORARY TABLE
        will cause different errors on master and slave, when one or
        more of these tables do not exist.
      sql/log_event.cc:
        Added code to handle above cases which are
        removed from sql_parse.cc
      sql/sql_parse.cc:
        Remove the code to issue the 'Unknown table' error,
        if the temporary table does not exist when dropping
        it on slave. The above cases decribed in comments
        will be handled later in log_event.cc.
      28baa532
  13. 26 Dec, 2009 1 commit
  14. 24 Dec, 2009 1 commit
  15. 22 Dec, 2009 1 commit
    • Ramil Kalimullin's avatar
      Fix for bug#49570: Assertion failed: !(order->used & map) · 6bc9c950
      Ramil Kalimullin authored
      on re-execution of prepared statement
      
      Problem: some (see eq_ref_table()) ORDER BY/GROUP BY optimization
      is called before each PS execution. However, we don't properly 
      initialize its stucture every time before the call.
      
      Fix: properly initialize the sturture used.
      
      
      
      mysql-test/r/ps.result:
        Fix for bug#49570: Assertion failed: !(order->used & map) 
        on re-execution of prepared statement
          - test result.
      mysql-test/t/ps.test:
        Fix for bug#49570: Assertion failed: !(order->used & map) 
        on re-execution of prepared statement
          - test case.
      sql/sql_select.cc:
        Fix for bug#49570: Assertion failed: !(order->used & map) 
        on re-execution of prepared statement
          - set order->used to 0 before each eq_ref_table() call,
        as the function relies on that.
      6bc9c950
  16. 21 Dec, 2009 1 commit
  17. 17 Dec, 2009 4 commits
    • Davi Arnaut's avatar
      Bug#48983: Bad strmake calls (length one too long) · c2fb2a9a
      Davi Arnaut authored
      The problem is a somewhat common misusage of the strmake function.
      The strmake(dst, src, len) function writes at most /len/ bytes to
      the string pointed to by src, not including the trailing null byte.
      Hence, if /len/ is the exact length of the destination buffer, a
      one byte buffer overflow can occur if the length of the source
      string is equal to or greater than /len/.
      
      client/mysqldump.c:
        Make room for the trailing null byte.
      libmysql/libmysql.c:
        Add comment, there is enough room in the buffer.
        Increase buffer length, two strings are concatenated.
      libmysqld/lib_sql.cc:
        Make room for the trailing null byte.
      mysys/default.c:
        Make room for the trailing null bytes.
      mysys/mf_pack.c:
        Make room for the trailing null byte.
      server-tools/instance-manager/commands.cc:
        Copy only if overflow isn't possible in both cases.
      server-tools/instance-manager/listener.cc:
        Make room for the trailing null byte.
      sql/log.cc:
        Make room for the trailing null byte.
      sql/sp_pcontext.h:
        Cosmetic fix.
      sql/sql_acl.cc:
        MAX_HOSTNAME already specifies space for the trailing null byte.
      sql/sql_parse.cc:
        Make room for the trailing null byte.
      sql/sql_table.cc:
        Make room for the trailing null byte.
      c2fb2a9a
    • Andrei Elkin's avatar
      Bug #49740 rpl.rpl_temporary fails in PB2 in mysql-trunk-merge · 119349c1
      Andrei Elkin authored
      The test allowed random coincidence of connection ids for two concurrent
      sessions performing CREATE/DROP temp tables.
      
      Fixed with correcting the test. The sessions connection ids are not changed
      from their defaults anymore.
      119349c1
    • Satya B's avatar
      Fix for Bug#37408 - Compressed MyISAM files should not require/use mmap() · 6547f51c
      Satya B authored
                        
      When compressed myisam files are opened, they are always memory mapped
      sometimes causing memory swapping problems.
      
      When we mmap the myisam compressed tables of size greater than the memory 
      available, the kswapd0 process utilization is very high consuming 30-40% of 
      the cpu. This happens only with linux kernels older than 2.6.9
      
      With newer linux kernels, we don't have this problem of high cpu consumption
      and this option may not be required.
       
      The option 'myisam_mmap_size' is added to limit the amount of memory used for
      memory mapping of myisam files. This option is not dynamic.
      
      The default value on 32 bit system is 4294967295 bytes and on 64 bit system it
      is 18446744073709547520 bytes.
      
      Note: Testcase only tests the option variable. The actual bug has be to 
      tested manually.
      
      include/my_global.h:
        Fix for Bug #37408 - Compressed MyISAM files should not require/use mmap()
        
        define SIZE_T_MAX
      include/myisam.h:
        Fix for Bug #37408 - Compressed MyISAM files should not require/use mmap()
        
        declare 'myisam_mmap_size' and 'myisam_mmap_used' variables and the mutex
        THR_LOCK_myisam_mmap
      myisam/mi_packrec.c:
        Fix for Bug #37408 - Compressed MyISAM files should not require/use mmap()
        
        add 'myisam_mmap_size' option which limits the memory available to mmap of 
        myisam files
      myisam/mi_static.c:
        Fix for Bug #37408 - Compressed MyISAM files should not require/use mmap()
        
        declare 'myisam_mmap_size' and 'myisam_mmap_used' variables and the mutex
        THR_LOCK_myisam_mmap
      myisam/myisamdef.h:
        Fix for Bug #37408 - Compressed MyISAM files should not require/use mmap()
        
        move MEMMAP_EXTRA_MARGIN to myisam.h so that it can be used in mysqld.cc
      mysql-test/r/variables.result:
        Fix for Bug #37408 - Compressed MyISAM files should not require/use mmap()
        
        Testcase for BUG#37408 to test the myisam_mmap_size option
      mysql-test/t/variables.test:
        Fix for Bug #37408 - Compressed MyISAM files should not require/use mmap()
        
        Testcase for BUG#37408 to test the myisam_mmap_size option
      mysys/my_thr_init.c:
        Fix for Bug #37408 - Compressed MyISAM files should not require/use mmap()
        
        intialize the lock THR_LOCK_myisam_mmap
      sql/mysqld.cc:
        Fix for Bug #37408 - Compressed MyISAM files should not require/use mmap()
        
        add the 'myisam_mmap_size' option
      sql/set_var.cc:
        Fix for Bug #37408 - Compressed MyISAM files should not require/use mmap()
        
        add the 'myisam_mmap_size' to the SHOW VARIABLES list
      6547f51c
    • Ramil Kalimullin's avatar
      Fix for bug#49465: valgrind warnings and incorrect live checksum... · 6123407d
      Ramil Kalimullin authored
      Problem: inserting a record we don't set unused null bits in the
      record buffer if no default field values used.
      That may lead to wrong live checksum calculation.
      
      Fix: set unused null bits in the record buffer in such cases.
      
      
      mysql-test/r/myisam.result:
        Fix for bug#49465: valgrind warnings and incorrect live checksum...
          - test result.
      mysql-test/t/myisam.test:
        Fix for bug#49465: valgrind warnings and incorrect live checksum...
          - test case.
      sql/sql_insert.cc:
        Fix for bug#49465: valgrind warnings and incorrect live checksum...
          - set unused null bits to 1 in the record buffer in case we
        don't call restore_record() before a fill_record() call
        (when no default values used).
      6123407d
  18. 16 Dec, 2009 1 commit
    • Georgi Kodinov's avatar
      Bug #48866: mysql.test fails under Fedora 12 · e60a88db
      Georgi Kodinov authored
      strmov() is not guaranteed to work correctly on overlapping
      source and destination buffers. On some OSes it may work,
      but Fedora 12 has a stpcpy() that's not working correctly 
      on overlapping buffers.
      Fixed to use the overlap-safe version of strmov instead.
      Re-vitalized the overlap-safe version of strmov. 
      e60a88db
  19. 24 Dec, 2009 2 commits
  20. 22 Dec, 2009 1 commit
    • Sergey Glukhov's avatar
      Bug#47371 reference by same column name · 1cffb859
      Sergey Glukhov authored
      At the end of execution top level join execution
      we cleanup this join with true argument.
      It leads to underlying join cleanup(subquery) with true argument too
      and to tmp_table_param->field array cleanup which is required later.
      The problem is that Item_func_set_user_var does not set
      result_filed which leads to unnecessary repeated excution of subquery
      on final stage.
      The fix is to set result_field for Item_func_set_user_var.
      
      
      mysql-test/r/count_distinct.result:
        test result
      mysql-test/r/user_var.result:
        test result
      mysql-test/t/count_distinct.test:
        test case
      mysql-test/t/user_var.test:
        test case
      sql/item_func.cc:
        At the end of execution top level join execution
        we cleanup this join with true argument.
        It leads to underlying join cleanup(subquery) with true argument too
        and to tmp_table_param->field array cleanup which is required later.
        The problem is that Item_func_set_user_var does not set
        result_filed which leads to unnecessary repeated excution of subquery
        on final stage.
        The fix is to set result_field for Item_func_set_user_var.
      1cffb859
  21. 15 Dec, 2009 1 commit
    • Georgi Kodinov's avatar
      Bug #48709: Assertion failed in sql_select.cc:11782: · 4a41e5b1
      Georgi Kodinov authored
       int join_read_key(JOIN_TAB*)
      
      The eq_ref access method TABLE_REF (accessed through 
      JOIN_TAB) to save state and to track if this is the 
      first row it finds or not.
      This state was not reset on subquery re-execution
      causing an assert.
      
      Fixed by resetting the state before the subquery 
      re-execution.
      4a41e5b1
  22. 14 Dec, 2009 1 commit
  23. 13 Dec, 2009 1 commit
    • unknown's avatar
      This is a patch for Bug#48500 · 34ae4a35
      unknown authored
      5.0 buffer overflow for ER_UPDATE_INFO, or truncated info message in 5.1
            
      5.0.86 has a buffer overflow/crash, and 5.1.40 has a truncated message.
            
      errmsg.txt contains this:
            
      ER_UPDATE_INFO
      rum "Linii identificate (matched): %ld  Schimbate: %ld  Atentionari 
      (warnings): %ld"
      When that is sprintf'd into a buffer of STRING_BUFFER_USUAL_SIZE size,
      a buffer overflow can happen.
            
      The solution to this is to use MYSQL_ERRMSG_SIZE for the buffer size, 
      instead of STRING_BUFFER_USUAL_SIZE. This will allow longer strings. 
      To avoid potential crashes, we will also use my_snprintf instead of
      sprintf.
      
      sql/sql_update.cc:
        sing MYSQL_ERRMSG_SIZE instead of STRING_BUFFER_USUAL_SIZE.
        Using my_snprintf instead of sprintf.
      34ae4a35
  24. 11 Dec, 2009 3 commits
    • Kent Boortz's avatar
      Define _WIN32_WINNT to the minimum supported Windows version, 0x0500 i.e · 35ad1c3d
      Kent Boortz authored
      Windows 2000.
            
            Visual Studio 2003 and 2005 require
              _WIN32_WINNT >= 0x0500 (Win2000)  for TryEnterCriticalSection.
      35ad1c3d
    • Georgi Kodinov's avatar
      merge · 6ba2a984
      Georgi Kodinov authored
      6ba2a984
    • unknown's avatar
      Bug #48742 Replication: incorrect help text for --init-slave · 6ff3ee2d
      unknown authored
      The help text for --init-slave=name:
      "Command(s) that are executed when a slave connects to this master".
      This text indicate that the --init-slave option is set on a  master 
      server, and the master server passes the option's argument to slave 
      which connects to it. This is wrong. Actually the --init-slave option 
      just can be set on a slave server, and then the slave server executes 
      the argument each time the SQL thread starts.
      
      Correct the help text for --init-slave option as following:
      "Command(s) that are executed by a slave server each time the SQL thread starts."
      
      
      sql/mysqld.cc:
        Correct the help text for --init-slave option.
      6ff3ee2d
  25. 10 Dec, 2009 1 commit
  26. 08 Dec, 2009 1 commit
  27. 07 Dec, 2009 1 commit
    • Georgi Kodinov's avatar
      Bug #42760: Select doesn't return desired results when we have null values · b19593a5
      Georgi Kodinov authored
      Part 2 : 
      There was a special optimization on the ref access method for 
      ORDER BY ... DESC that was set without actually looking on the type of the 
      selected index for ORDER BY.
      Fixed the SELECT ... ORDER BY .. DESC (it uses a different code path compared
      to the ASC that has been fixed with the previous fix).
      b19593a5
  28. 10 Dec, 2009 2 commits
    • Ramil Kalimullin's avatar
      Auto-merge. · 587e4742
      Ramil Kalimullin authored
      587e4742
    • He Zhenxing's avatar
      Post fix for bug#45520 · 48adc9ac
      He Zhenxing authored
      mysql-test/include/kill_query.inc:
        Error 1034 can be generated when change MyISAM table indexes was interrupted
      mysql-test/r/rpl_killed_ddl.result:
        table t4 may not exists because the ALTER above was interrupted
      mysql-test/t/rpl_killed_ddl.test:
        table t4 may not exists because the ALTER above was interrupted
      48adc9ac