'flush tables' crashes
The server crashes when 'show procedure status' and 'flush tables' are
run concurrently.
This is caused by the way mysql.proc table is added twice to the list
of table to lock although the requirements on the current locking API
assumes differently.
No test case is submitted because of the nature of the crash which is
currently difficult to reproduce in a deterministic way.
This is a backport from 5.1
can crash under load
Backport from 5.1.
Does also include key cache fixes from:
Bug 44068 (RESTORE can disable the MyISAM Key Cache)
Bug 40944 (Backup: crash after myisampack)
myisamchk tool generates warnings when run on an myisam files (.MYI or .MYD)
This is because of the conversion of max_value for certain options in myisamchk
from singed long to unsigned long
The max value for the options key_buffer_size, read_buffer_size, write_buffer
_size and sort_buffer_size is given as (long) ~0L which becomes -1 when casted
from signed long to longlong and then casted to ulonglong. When (ulonglong) -1
is compared with maximal value for GET_ULONG data type, we adjust it to
(ulonglong) ULONG_MAX and throw the warning.
Fixed by using the right max size.
Max values for the variables (from mysqld.cc)
----------------------------
1. key_buffer_size
5.0: ULONG_MAX
5.1: SIZE_T_MAX
6.0: SIZE_T_MAX
2. read_buffer_size and write_buffer_size
5.0: INT_MAX32
5.1: INT_MAX32
6.0: INT_MAX32
3. sort_buffer_size (aka myisam_sort_buffer_size)
5.0: UINT_MAX32
5.1: ULONG_MAX
6.0: ULONG_MAX
Note: testcase not attached
with gcc 4.3.2
This patch fixes a number of GCC warnings about variables used
before initialized. A new macro UNINIT_VAR() is introduced for
use in the variable declaration, and LINT_INIT() usage will be
gradually deprecated. (A workaround is used for g++, pending a
patch for a g++ bug.)
GCC warnings for unused results (attribute warn_unused_result)
for a number of system calls (present at least in later
Ubuntus, where the usual void cast trick doesn't work) are
also fixed.
While printing the Max keyfile length 'llstr' call was used which
was treating the max_key_file_length as negative.
Changing this to ullstr fixes the problem.
myisamchk output will differ in 32 bit and 64 bit Operating systems
so its not possible to have test case for this bug.
The test started failing following the push for BUG#41541.
Some of the algorithms access bytes beyond the input data
and this can affect up to one byte less than "word size"
which is BITS_SAVED / 8.
Fixed by adding (BITS_SAVED / 8) -1 bytes to buffer size
(i.e. Memory Segment #2) to avoid accessing un-allocated data.
After the table is compressed by the myisampack utility,
opening the table by the server produces valgrind warnings.
This happens because when we try to read a record into the buffer
we alway assume that the remaining buffer to read is always equal
to word size(4 or 8 or 2 bytes) we read. Sometimes we have
remaining buffer size less than word size and trying to read the
entire word size will end up in valgrind errors.
Fixed by reading byte by byte when we detect the remaining buffer
size is less than the word size.
are written.
When we have a myisam table with DELAY_KEY_WRITE option, index updates
are not applied until the flush tables command is issued or until the
server is shutdown. If server gets killed before the index updates are
written to disk, the index file is corrupted as expected but the table
is not marked as crashed. So when we start server with myisam-recover,
table is not repaired leaving the table unusable.
The problem is when we try to write the index updates to index file,
we decrement the open_count even before the flushing the keys to index
file.
Fixed by moving the decrement operation after flushing the keys to the
index file. So we always have non zero open count if the flush table
operation is killed and when the server is started with mysiam-recover
option, it marks the table as crashed and repairs it.
Note: No testcase for added as we need to kill the server and start the
server with different set of options and other non trivial
operations involved.
- Remove bothersome warning messages. This change focuses on the warnings
that are covered by the ignore file: support-files/compiler_warnings.supp.
- Strings are guaranteed to be max uint in length
Problem: data consistency check (maximum record length) for a correct
MyISAM table with CHECKSUM=1 and ROW_FORMAT=DYNAMIC option
may fail due to wrong inner MyISAM parameter. In result we may
have the table marked as 'corrupted'.
Fix: properly set MyISAM maximum record length parameter.
test_if_data_home_dir fixed to look into real path.
Checks added to mi_open for symlinks into data home directory.
per-file messages:
include/my_sys.h
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
my_is_symlink interface added
include/myisam.h
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
myisam_test_invalid_symlink interface added
myisam/mi_check.c
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
mi_open_datafile calls modified
myisam/mi_open.c
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
code added to mi_open to check for symlinks into data home directory.
mi_open_datafile now accepts 'original' file path to check if it's
an allowed symlink.
myisam/mi_static.c
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
myisam_test_invlaid_symlink defined
myisam/myisamchk.c
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
mi_open_datafile call modified
myisam/myisamdef.h
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
mi_open_datafile interface modified - 'real_path' parameter added
mysql-test/r/symlink.test
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
error codes corrected as some patch now rejected pointing inside datahome
mysql-test/r/symlink.result
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
error messages corrected in the result
mysys/my_symlink.c
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
my_is_symlink() implementsd
my_realpath() now returns the 'realpath' even if a file isn't a symlink
sql/mysql_priv.h
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
test_if_data_home_dir interface
sql/mysqld.cc
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
myisam_test_invalid_symlik set with the 'test_if_data_home_dir'
sql/sql_parse.cc
Bug#32167 another privilege bypass with DATA/INDEX DIRECTORY.
error messages corrected
test_if_data_home_dir code fixed
empty result when using DESC
Problem: fetching MyISAM keys we copy a key block pointer to the end of the key buffer.
However, we don't take into account the pointer length calculatig the buffer size,
that may leads to memory overwriting and in turn to unpredictable results.
Fix: increase key buffer size by length of the key block pointer.
Note: no simple test case.
at page 1024 with ucs2_bin
Inserting strings with a common prefix into a table with
characterset UCS2 corrupted the table.
An efficient search method was used, which compares end space
with ASCII blank. This doesn't work for character sets like UCS2,
which do not encode blank like ASCII does.
Use the less efficient search method _mi_seq_search()
for charsets with mbminlen > 1.
SPATIAL key is fine actually, but the chk_key() function
mistakenly returns error. It tries to compare checksums
of btree and SPATIAL keys while the checksum for the SPATIAL isn't
calculated (always 0). Same thing with FULLTEXT keys is handled
using full_text_keys counter, so fixed by counting both
SPATIAL and FULLTEXT keys in that counter.
When we insert a record into MYISAM table which is almost 'full',
we first write record data in the free space inside a file, and then
check if we have enough space after the end of the file.
So if we don't have the space, table will left corrupted.
Similar error also happens when we updata MYISAM tables.
Fixed by modifying write_dynamic_record and update_dynamic_record functions
to check for free space before writing parts of a record
With certain data sets (when compressed record length gets bigger than
uncompressed) myisamchk --unpack may corrupt data file.
Fixed that record length was wrongly restored from compressed table.
Disabling and enabling indexes on a non-empty table grows the
index file.
Disabling indexes just sets a flag per non-unique index and does not
free the index blocks of the affected indexes. Re-enabling indexes
creates new indexes with new blocks. The old blocks remain unused
in the index file.
Fixed by dropping and re-creating all indexes if non-empty disabled
indexes exist when enabling indexes. Dropping all indexes resets
the internal end-of-file marker to the end of the index file header.
It also clears the root block pointers of every index and clears the
deleted blocks chains. This way all blocks are declared as free.
fulltext index
Having a table with broken multibyte characters may cause fulltext
parser dead-loop.
Since normally it is not possible to insert broken multibyte sequence
into a table, this problem may arise only if table is damaged.
Affected statements are:
- CHECK/REPAIR against damaged table with fulltext index;
- boolean mode phrase search against damaged table with or
without fulltext inex;
- boolean mode searches without index;
- nlq searches.
No test case for this fix. Affects 5.0 only.
Fulltext boolean mode phrase search may crash server on platforms
where size of pointer is not equal to size of unsigned integer
(in other words some 64-bit platforms).
The problem was integer overflow.
Affects 4.1 only.
