Too many cursors (more than 1024) could lead to memory corruption.
This affects both, stored routines and C API cursors, and the
threshold is per-server, not per-connection. Similarly, the
corruption could happen when the server was under heavy load
(executing more than 1024 simultaneous complex queries), and this is
the reason why this bug is fixed in 4.1, which doesn't support
cursors.
The corruption was caused by a bug in the temporary tables code, when
an attempt to create a table could lead to a write beyond allocated
space. Note, that only internal tables were affected (the tables
created internally by the server to resolve the query), not tables
created with CREATE TEMPORARY TABLE. Another pre-condition for the
bug is TRUE value of --temp-pool startup option, which, however, is a
default.
The cause of a bug was that random memory was overwritten in
bitmap_set_next() due to out-of-bound memory access.
Place mysqlmanager 'pdb' file in 'client_debug' directory
mysys.vcproj:
Removed define of __NT__ from 'Debug' target
mysqld.vcproj:
Always generate 'pdb' and 'map' files
"real" table fails in JOINs".
This is a regression caused by the fix for Bug 18444.
This fix removed the assignment of empty_c_string to table->db performed
in add_table_to_list, as neither me nor anyone else knew what it was
there for. Now we know it and it's covered with tests: the only case
when a table database name can be empty is when the table is a derived
table. The fix puts the assignment back but makes it a bit more explicit.
Additionally, finally drop sp.result.orig which was checked in by mistake.
mysqldump did not select the correct database before trying to dump
views from it. this resulted in an empty result set, which in turn
startled mysql-dump into a core-dump. this only happened for views,
not for tables, and was only visible with multiple databases that
weren't by sheer luck in the order mysqldump required, anyway. this
fixes by selecting the correct database before dumping views; it also
catches the empty set-condition if it should occur for other reasons.
Two functions have different ideas of what a string should look like;
one of them reads memory it assumes the other one may have written.
And "if you assume ..."
We now use a more defensive variety of the assuming function, this fixes
a warning thrown by the valgrind tool.
In some functions dealing with strings and character sets, the wrong
pointers were saved for restoration in THD::rollback_item_tree_changes().
This could potentially cause random corruption or crashes.
Fixed by passing the original Item ** locations, not local stack copies.
Also remove unnecessary use of default arguments.
Disable old RPM strip
my_global.h:
Fixed wrong cast, which caused problems with gcc 4.0 and
floats in prepared statements (Bug #19694)
mysqlmanager.vcproj:
Place output files in common release/debug directory
No test case as the bug is in an existing test case (rpl_trigger.test
when it is run under valgrind).
The warning was caused by memory corruption in replication slave: thd->db
was pointing at a stack address that was previously used by
sp_head::execute()::old_db. This happened because mysql_change_db
behaved differently in replication slave and did not make a copy of the
argument to assign to thd->db.
The solution is to always free the old value of thd->db and allocate a new
copy, regardless whether we're running in a replication slave or not.
