> ------------------------------------------------------------
> revno: 3536
> revision-id: davi.arnaut@oracle.com-20110107183336-kp8niwm2hz3wb4c3
> parent: saikumar.v@sun.com-20110106103945-rhsek9uy6f63db44
> committer: Davi Arnaut <davi.arnaut@oracle.com>
> branch nick: 51023-5.1
> timestamp: Fri 2011-01-07 16:33:36 -0200
> message:
> Bug#51023: Mysql server crashes on SIGHUP and destroys InnoDB files
>
> From a user perspective, the problem is that a FLUSH LOGS or SIGHUP
> signal could end up associating the stdout and stderr to random
> files. In the case of this bug report, the streams would end up
> associated to InnoDB ibd files.
>
> The freopen(3) function is not thread-safe on FreeBSD. What this
> means is that if another thread calls open(2) during freopen()
> is executing that another thread's fd returned by open(2) may get
> re-associated with the file being passed to freopen(3). See FreeBSD
> PR number 79887 for reference:
>
> http://www.freebsd.org/cgi/query-pr.cgi?pr=79887
>
> This problem is worked around by substituting a internal hook within
> the FILE structure. This avoids the loss of atomicity by not having
> the original fd closed before its duplicated.
>
> Patch based on the original work by Vasil Dimov.
> ------------------------------------------------------------
> revno: 3527.3.1
> revision-id: mattias.jonsson@oracle.com-20101222095036-2lpx0gqu4i45jtkz
> parent: sven.sandberg@oracle.com-20101220090735-psae11j9nwuj8vzl
> committer: Mattias Jonsson <mattias.jonsson@oracle.com>
> branch nick: b54483-51-bt_2
> timestamp: Wed 2010-12-22 10:50:36 +0100
> message:
> Bug#54483: valgrind errors when making warnings for multiline inserts into partition
> Bug#57071: EXTRACT(WEEK from date_col) cannot be allowed as partitioning function
>
> There were functions allowed as partitioning functions
> that implicit allowed cast. That could result in unacceptable
> behaviour.
>
> Solution was to check that the arguments of date and time functions
> have allowed types (field and date/datetime/time depending on function).
> ------------------------------------------------------------
> revno: 3520
> revision-id: sergey.glukhov@oracle.com-20101214093303-wmo9mqcb8rz0wv9f
> parent: tor.didriksen@oracle.com-20101213161301-81lprlbune7r98dl
> committer: Sergey Glukhov <sergey.glukhov@oracle.com>
> branch nick: mysql-5.1-bugteam
> timestamp: Tue 2010-12-14 12:33:03 +0300
> message:
> Fixed following problems:
> --Bug#52157 various crashes and assertions with multi-table update, stored function
> --Bug#54475 improper error handling causes cascading crashing failures in innodb/ndb
> --Bug#57703 create view cause Assertion failed: 0, file .\item_subselect.cc, line 846
> --Bug#57352 valgrind warnings when creating view
> --Recently discovered problem when a nested materialized derived table is used
> before being populated and it leads to incorrect result
>
> We have several modes when we should disable subquery evaluation.
> The reasons for disabling are different. It could be
> uselessness of the evaluation as in case of 'CREATE VIEW'
> or 'PREPARE stmt', or we should disable subquery evaluation
> if tables are not locked yet as it happens in bug#54475, or
> too early evaluation of subqueries can lead to wrong result
> as it happened in Bug#19077.
> Main problem is that if subquery items are treated as const
> they are evaluated in ::fix_fields(), ::fix_length_and_dec()
> of the parental items as a lot of these methods have
> Item::val_...() calls inside.
> We have to make subqueries non-const to prevent unnecessary
> subquery evaluation. At the moment we have different methods
> for this. Here is a list of these modes:
>
> 1. PREPARE stmt;
> We use UNCACHEABLE_PREPARE flag.
> It is set during parsing in sql_parse.cc, mysql_new_select() for
> each SELECT_LEX object and cleared at the end of PREPARE in
> sql_prepare.cc, init_stmt_after_parse(). If this flag is set
> subquery becomes non-const and evaluation does not happen.
>
> 2. CREATE|ALTER VIEW, SHOW CREATE VIEW, I_S tables which
> process FRM files
> We use LEX::view_prepare_mode field. We set it before
> view preparation and check this flag in
> ::fix_fields(), ::fix_length_and_dec().
> Some bugs are fixed using this approach,
> some are not(Bug#57352, Bug#57703). The problem here is
> that we have a lot of ::fix_fields(), ::fix_length_and_dec()
> where we use Item::val_...() calls for const items.
>
> 3. Derived tables with subquery = wrong result(Bug19077)
> The reason of this bug is too early subquery evaluation.
> It was fixed by adding Item::with_subselect field
> The check of this field in appropriate places prevents
> const item evaluation if the item have subquery.
> The fix for Bug19077 fixes only the problem with
> convert_constant_item() function and does not cover
> other places(::fix_fields(), ::fix_length_and_dec() again)
> where subqueries could be evaluated.
>
> Example:
> CREATE TABLE t1 (i INT, j BIGINT);
> INSERT INTO t1 VALUES (1, 2), (2, 2), (3, 2);
> SELECT * FROM (SELECT MIN(i) FROM t1
> WHERE j = SUBSTRING('12', (SELECT * FROM (SELECT MIN(j) FROM t1) t2))) t3;
> DROP TABLE t1;
>
> 4. Derived tables with subquery where subquery
> is evaluated before table locking(Bug#54475, Bug#52157)
>
> Suggested solution is following:
>
> -Introduce new field LEX::context_analysis_only with the following
> possible flags:
> #define CONTEXT_ANALYSIS_ONLY_PREPARE 1
> #define CONTEXT_ANALYSIS_ONLY_VIEW 2
> #define CONTEXT_ANALYSIS_ONLY_DERIVED 4
> -Set/clean these flags when we perform
> context analysis operation
> -Item_subselect::const_item() returns
> result depending on LEX::context_analysis_only.
> If context_analysis_only is set then we return
> FALSE that means that subquery is non-const.
> As all subquery types are wrapped by Item_subselect
> it allow as to make subquery non-const when
> it's necessary.
> ------------------------------------------------------------
> revno: 3518
> revision-id: sergey.glukhov@oracle.com-20101213114812-kaq7sh0s623128lv
> parent: sergey.glukhov@oracle.com-20101213103926-okypkn10adeeyns8
> committer: Sergey Glukhov <sergey.glukhov@oracle.com>
> branch nick: mysql-5.1-bugteam
> timestamp: Mon 2010-12-13 14:48:12 +0300
> message:
> Bug#39828 : Autoinc wraps around when offset and increment > 1
> Auto increment value wraps when performing a bulk insert with
> auto_increment_increment and auto_increment_offset greater than
> one.
> The fix:
> If overflow happened then return MAX_ULONGLONG value as an
> indication of overflow and check this before storing the
> value into the field in update_auto_increment().
> ------------------------------------------------------------
> revno: 3517
> revision-id: sergey.glukhov@oracle.com-20101213103926-okypkn10adeeyns8
> parent: davi.arnaut@oracle.com-20101207150620-s49dstok48oy585o
> committer: Sergey Glukhov <sergey.glukhov@oracle.com>
> branch nick: mysql-5.1-bugteam
> timestamp: Mon 2010-12-13 13:39:26 +0300
> message:
> Bug#58396 group_concat and explain extended are still crashy
> Explain fails at fix_fields stage and some items are left unfixed,
> particulary Item_group_concat. Item_group_concat::orig_args field
> is uninitialized in this case and Item_group_concat::print call
> leads to crash.
> The fix:
> move the initialization of Item_group_concat::orig_args
> into constructor.
> ------------------------------------------------------------
> revno: 3507.1.26
> revision-id: mattias.jonsson@oracle.com-20101201112046-2ugtweya0dltcrys
> parent: nirbhay.choubey@sun.com-20101201065531-w2f0j3g5yzok8z9x
> committer: Mattias Jonsson <mattias.jonsson@oracle.com>
> branch nick: b56380-51-bt
> timestamp: Wed 2010-12-01 12:20:46 +0100
> message:
> Bug#56380: valgrind memory leak warning from partition tests
>
> There could be memory leaks if ALTER ... PARTITION command fails.
>
> Problem was that the list of items to free was not set in
> the partition info structure when fix_partition_func call failed
> during ALTER ... PARTITION.
>
> Solved by always setting the list in the partition info struct.
> ------------------------------------------------------------
> revno: 3496.1.39
> revision-id: jon.hauglid@oracle.com-20101019081957-zf2ohl7wgnhvnnb0
> parent: tor.didriksen@oracle.com-20101019070648-jhi9ezq3b5qk4wcm
> committer: Jon Olav Hauglid <jon.hauglid@oracle.com>
> branch nick: mysql-5.1-bugteam-bug57274
> timestamp: Tue 2010-10-19 10:19:57 +0200
> message:
> Bug #57274 SET GLOBAL debug crashes on Solaris in embedded server mode
> (variables_debug fails)
>
> The problem was that "SET GLOBAL debug" could cause a crash on Solaris.
> The crash happened if the server failed to open the trace file given in
> the "SET GLOBAL debug" statement. This caused an error message to be
> printed to stderr containing the process name. However, printing to
> stderr crashed the server since the pointer to the process name had
> not been initialized.
>
> This patch fixes the problem by initializing the process name
> properly when doing "SET GLOBAL debug".
>
> No test case added as this bug was repeatable with existing test
> coverage in variables_debug.test.
> ------------------------------------------------------------
> revno: 3452.17.1
> revision-id: mattias.jonsson@oracle.com-20101005125751-ds92svhhb13ds8ri
> parent: sergey.glukhov@sun.com-20101004085126-ia6veky4w6j87i43
> committer: Mattias Jonsson <mattias.jonsson@oracle.com>
> branch nick: b55091-51-security
> timestamp: Tue 2010-10-05 14:57:51 +0200
> message:
> Bug#55091: Server crashes on ADD PARTITION after a failed attempt
>
> In case of failure in ALTER ... PARTITION under LOCK TABLE
> the server could crash, due to it had modified the locked
> table object, which was not reverted in case of failure,
> resulting in a bad table definition used after the failed
> command.
>
> Solved by always closing the LOCKED TABLE, even in case
> of error.
>
> Note: this is a 5.1-only fix, bug#56172 fixed it in 5.5+
> ------------------------------------------------------------
> revno: 3452.13.54
> revision-id: oystein.grovlen@oracle.com-20110112093715-tc076voaxwblqk8v
> parent: georgi.kodinov@oracle.com-20110110130833-1c9q21mr7zoq07vg
> committer: Oystein Grovlen <oystein.grovlen@oracle.com>
> branch nick: mysql-5.1-security
> timestamp: Wed 2011-01-12 10:37:15 +0100
> message:
> Bug#59211: Select Returns Different Value for min(year) Function
>
> get_year_value() contains code to convert 2-digits year to
> 4-digits. The fix for Bug#49910 added a check on the size of
> the underlying field so that this conversion is not done for
> YEAR(4) values. (Since otherwise one would convert invalid
> YEAR(4) values to valid ones.)
>
> The existing check does not work when Item_cache is used, since
> it is not detected when the cache is based on a Field. The
> reported change in behavior is due to Bug#58030 which added
> extra cached items in min/max computations.
>
> The elegant solution would be to implement
> Item_cache::real_item() to return the underlying Item.
> However, some side effects are observed (change in explain
> output) that indicates that such a change is not straight-
> forward, and definitely not appropriate for an MRU.
>
> Instead, a Item_cache::field() method has been added in order
> to get access to the underlying field. (This field() method
> eliminates the need for Item_cache::eq_def() used in
> test_if_ref(), but in order to limit the scope of this fix,
> that code has been left as is.)
batch_readline_init() was modified - make check for
type of file for input stream unless target platform
is WINDOWS since on this platform S_IFBLK is undefined.
Reverse DNS lookup of "localhost" returns "broadcasthost" on Snow Leopard (Mac), and NULL on most others.
Simply ignore the output, as this is not an essential part of UDF testing.
batch_readline_init() was modified - return an error
if the input source is a directory or a block device.
This follow-up is necessary because on some platforms,
such as Solaris, call to read() from directory may be
successful.
This option is known to be broken when tablespaces contain off-page
columns after crash recovery. It has only been tested when creating
the data files from the scratch.
btr_blob_dbg_t: A map from page_no:heap_no:field_no to first_blob_page_no.
This map is instantiated for every clustered index in index->blobs.
It is protected by index->blobs_mutex.
btr_blob_dbg_msg_issue(): Issue a diagnostic message.
Invoked when btr_blob_dbg_msg is set.
btr_blob_dbg_rbt_insert(): Insert a btr_blob_dbg_t into index->blobs.
btr_blob_dbg_rbt_delete(): Remove a btr_blob_dbg_t from index->blobs.
btr_blob_dbg_cmp(): Comparator for btr_blob_dbg_t.
btr_blob_dbg_add_blob(): Add a BLOB reference to the map.
btr_blob_dbg_add_rec(): Add all BLOB references from a record to the map.
btr_blob_dbg_print(): Display the map of BLOB references in an index.
btr_blob_dbg_remove_rec(): Remove all BLOB references of a record from
the map.
btr_blob_dbg_is_empty(): Check that no BLOB references exist to or
from a page. Disowned references from delete-marked records are
tolerated.
btr_blob_dbg_op(): Perform an operation on all BLOB references on a
B-tree page.
btr_blob_dbg_add(): Add all BLOB references from a B-tree page to the
map.
btr_blob_dbg_remove(): Remove all BLOB references from a B-tree page
from the map.
btr_blob_dbg_restore(): Restore the BLOB references after a failed
page reorganize.
btr_blob_dbg_set_deleted_flag(): Modify the 'deleted' flag in the BLOB
references of a record.
btr_blob_dbg_owner(): Own or disown a BLOB reference.
btr_page_create(), btr_page_free_low(): Assert that no BLOB references exist.
btr_create(): Create index->blobs for clustered indexes.
btr_page_reorganize_low(): Invoke btr_blob_dbg_remove() before copying
the records. Invoke btr_blob_dbg_restore() if the operation fails.
btr_page_empty(), btr_lift_page_up(), btr_compress(), btr_discard_page():
Invoke btr_blob_dbg_remove().
btr_cur_del_mark_set_clust_rec(): Invoke btr_blob_dbg_set_deleted_flag().
Other cases of modifying the delete mark are either in the secondary
index or during crash recovery, which we do not promise to support.
btr_cur_set_ownership_of_extern_field(): Invoke btr_blob_dbg_owner().
btr_store_big_rec_extern_fields(): Invoke btr_blob_dbg_add_blob().
btr_free_externally_stored_field(): Invoke btr_blob_dbg_assert_empty()
on the first BLOB page.
page_cur_insert_rec_low(), page_cur_insert_rec_zip(),
page_copy_rec_list_end_to_created_page(): Invoke btr_blob_dbg_add_rec().
page_cur_insert_rec_zip_reorg(), page_copy_rec_list_end(),
page_copy_rec_list_start(): After failure, invoke
btr_blob_dbg_remove() and btr_blob_dbg_add().
page_cur_delete_rec(): Invoke btr_blob_dbg_remove_rec().
page_delete_rec_list_end(): Invoke btr_blob_dbg_op(btr_blob_dbg_remove_rec).
page_zip_reorganize(): Invoke btr_blob_dbg_remove() before copying the records.
page_zip_copy_recs(): Invoke btr_blob_dbg_add().
row_upd_rec_in_place(): Invoke btr_blob_dbg_rbt_delete() and
btr_blob_dbg_rbt_insert().
innobase_start_or_create_for_mysql(): Warn when UNIV_BLOB_DEBUG is enabled.
rb://550 approved by Jimmy Yang
Test failed on a certain Linux platform in automated environment. It turns out that this platform has an old version of Perl modules DBI and DBD::mysql installed, as well as the OS itself being relatively old.
Allowing error code 11 to be returned from mysqlhotcopy on expected error seems harmless and will make the test pass also with older libraries.
Added --debug-server and use $opt_debug_server where appropriate
Let --debug imply --debug-server
When merging to 5.5, must adapt fix for 59148
Oops, set debug => debug-server too late, fixed
privileges".
The first problem was that DROP USER didn't properly remove privileges
on stored functions from in-memory structures. So the dropped user
could have called stored functions on which he had privileges before
being dropped while his connection was still around.
Even worse if a new user with the same name was created he would
inherit privileges on stored functions from the dropped user.
Similar thing happened with old user name and function privileges
during RENAME USER.
This problem stemmed from the fact that the handle_grant_data() function
which handled DROP/RENAME USER didn't take any measures to update
in-memory hash with information about function privileges after
updating them on disk.
This patch solves this problem by adding code doing just that.
The second problem was that RENAME USER didn't properly update in-memory
structures describing table-level privileges and privileges on stored
procedures. As result such privileges could have been lost after a rename
(i.e. not associated with the new name of user) and inherited by a new
user with the same name as the old name of the original user.
This problem was caused by code handling RENAME USER in
handle_grant_struct() which [sic!]:
a) tried to update wrong (tables) hash when updating stored procedure
privileges for new user name.
b) passed wrong arguments to function performing the hash update and
didn't take into account the way in which such update could have
changed the order of the hash elements.
This patch solves this problem by ensuring that a) the correct hash
is updated, b) correct arguments are used for the hash_update()
function and c) we take into account possible changes in the order
of hash elements.
Also fix bug#59110: Memory leak of QUICK_SELECT_I allocated memory.
Includes Jørgen Lølands review comments.
Root cause of these bugs are that test_if_skip_sort_order() decided to
revert the 'skip_sort_order' descision (and use filesort) after the
query plan has been updated to reflect a 'skip' of the sort order.
This might happen in 'check_reverse_order:' if we have a
select->quick which could not be made descending by appending
a QUICK_SELECT_DESC. ().
The original 'save_quick' was then restored after the QEP has been modified,
which caused:
- An incorrect 'precomputed_group_by= TRUE' may have been set,
and not reverted, as part of the already modifified QEP (Bug#59308)
- A 'select->quick' might have been created which we fail to delete (bug#59110).
This fix is a refactorication of test_if_skip_sort_order() where all logic
related to modification of QEP (controlled by argument 'bool no_changes'), is
moved to the end of test_if_skip_sort_order(), and done after *all* 'test_if_skip'
checks has been performed - including the 'check_reverse_order:' checks.
The refactorication above contains now intentional changes to the logic which
has been moved to the end of the function.
Furthermore, a smaller part of the fix address the handling of the
select->quick objects which may already exists when we call
'test_if_skip_sort_order()' (save_quick) -and
new select->quick's created during test_if_skip_sort_order():
- Before new select->quick may be created by calling ::test_quick_select(), we
set 'select->quick= 0' to avoid that ::test_quick_select() prematurely
delete the save_quick's. (After this call we may have both a 'save_quick'
and 'select->quick')
- All returns from ::test_if_skip_sort_order() where we may have both a
'save_quick' and a 'select->quick' has been changed to goto's to the
exit points 'skiped_sort_order:' or 'need_filesort:' where we
decide which of the QUICK_SELECT's to keep, and delete the other.
if the standard input is a directory.
The problem is that mysql monitor try to read from stdin without
checking input source type.
The solution is to stop reading data from standard input if a call
to read(2) failed.
A new test case was added into mysql.test.
handling.
The problem was that parsing of nested regular expression involved
recursive calls. Such recursion didn't take into account the amount of
available stack space, which ended up leading to stack overflow crashes.
When fixing the 27072 bug, the shell snippets running before/after
a RPM upgrade got expanded to look at files in the data directory
and at the PID file.
In this expansion, the standard locations were used.
There are users who configure their installations to use non-standard
locations for the data directory, the PID file, and other objects.
For these users, the fix of 27072 did not work.
As a result, the fact that a server was running at upgrade start was
not noticed, and the new server was not started after the upgrade.
With this patch, the shell snippets now try to get these locations
from "my_print_defaults" before falling back to the defaults.
Now, the fact that the old server is running is again noticed (even
with non-standard locations), and the new server is started.
Also, the upgrade log is written to the correct data directory.
There is one part of the test case that needs to break
and re-establish the circular topology. For this the test
stops the slave threads on a couple of servers and restarts
them with START SLAVE. However, no check is done on the
status of the IO or SQL threads before proceeding with
the subsequent commands.
Because rpl_only_running_threads is set to 1 this can lead
to silently not syncing all slave threads as expected,
ultimately resulting in unexpected results (and consequently
on a failing test run).
We fix this by replacing the START SLAVE instructions with
calls to --source include/start_slave.inc, which will wait
for the slave threads to be running (show 'Yes' in
Slave_IO|SQL_Running fields of SHOW SLAVE STATUS) before
proceeding. Additionally, we change rpl_sync.inc to make the
IO thread report that it is running when its running status
is any other than 'No'.