Bug #43203 Overflow from auto incrementing causes server segv
Detailed revision comments:
r4325 | sunny | 2009-03-02 02:28:52 +0200 (Mon, 02 Mar 2009) | 10 lines
branches/5.1: Bug#43203: Overflow from auto incrementing causes server segv
It was not a SIGSEGV but an assertion failure. The assertion was checking
the invariant that *first_value passed in by MySQL doesn't contain a value
that is greater than the max value for that type. The assertion has been
changed to a check and if the value is greater than the max we report a
generic AUTOINC failure.
rb://93
Approved by Heikki
Bug #42714 AUTO_INCREMENT errors in 5.1.31
Detailed revision comments:
r4287 | sunny | 2009-02-25 05:32:01 +0200 (Wed, 25 Feb 2009) | 10 lines
branches/5.1: Fix Bug#42714 AUTO_INCREMENT errors in 5.1.31. There are two
changes to the autoinc handling.
1. To fix the immediate problem from the bug report, we must ensure that the
value written to the table is always less than the max value stored in
dict_table_t.
2. The second related change is that according to MySQL documentation when
the offset is greater than the increment, we should ignore the offset.
Bug #42400 InnoDB autoinc code can't handle floating-point columns
Detailed revision comments:
r4065 | sunny | 2009-01-29 16:01:36 +0200 (Thu, 29 Jan 2009) | 8 lines
branches/5.1: In the last round of AUTOINC cleanup we assumed that AUTOINC
is only defined for integer columns. This caused an assertion failure when
we checked for the maximum value of a column type. We now calculate the
max value for floating-point autoinc columns too.
Fix Bug#42400 - InnoDB autoinc code can't handle floating-point columns
rb://84 and Mantis issue://162
r4111 | sunny | 2009-02-03 22:06:52 +0200 (Tue, 03 Feb 2009) | 2 lines
branches/5.1: Add the ULL suffix otherwise there is an overflow.
Bug #42279 Race condition in btr_search_drop_page_hash_when_freed()
Detailed revision comments:
r4032 | marko | 2009-01-23 15:43:51 +0200 (Fri, 23 Jan 2009) | 10 lines
branches/5.1: Merge r4031 from branches/5.0:
btr_search_drop_page_hash_when_freed(): Check if buf_page_get_gen()
returns NULL. The page may have been evicted from the buffer pool
between buf_page_peek_if_search_hashed() and buf_page_get_gen(),
because the buffer pool mutex will be released between these two calls.
(Bug #42279)
rb://82 approved by Heikki Tuuri
This problem comes while inserting a duplicate row in merge table
without key but the child table has a primary key.
While forming the error message handler tries to locate the key field
which is creating this problem but as there is no key on the merge
table there is a segmentation fault.
Bug #42152: Race condition in lock_is_table_exclusive()
Detailed revision comments:
r4005 | marko | 2009-01-20 16:22:36 +0200 (Tue, 20 Jan 2009) | 8 lines
branches/5.1: lock_is_table_exclusive(): Acquire kernel_mutex before
accessing table->locks and release kernel_mutex before returning from
the function. This fixes a portential race condition in the
"commit every 10,000 rows" in ALTER TABLE, CREATE INDEX, DROP INDEX,
and OPTIMIZE TABLE. (Bug #42152)
rb://80 approved by Heikki Tuuri
Bug #41571: MySQL segfaults after innodb recovery
Detailed revision comments:
r4004 | marko | 2009-01-20 16:19:00 +0200 (Tue, 20 Jan 2009) | 12 lines
branches/5.1: Merge r4003 from branches/5.0:
rec_set_nth_field(): When the field already is SQL null,
do nothing when it is being changed to SQL null. (Bug #41571)
Normally, MySQL does not pass "do-nothing" updates to the storage engine.
When it does and a column of an InnoDB table that is in ROW_FORMAT=COMPACT
is being updated from NULL to NULL, the InnoDB buffer pool will be corrupted
without this fix.
rb://81 approved by Heikki Tuuri
Bug #42075: dict_load_indexes failure in dict_load_table will corrupt the dictionary cache
Detailed revision comments:
r3930 | marko | 2009-01-14 15:51:30 +0200 (Wed, 14 Jan 2009) | 4 lines
branches/5.1: dict_load_table(): If dict_load_indexes() fails,
invoke dict_table_remove_from_cache() instead of dict_mem_table_free(),
so that the data dictionary will not point to freed data.
(Bug #42075, Issue #153, rb://76 approved by Heikki Tuuri)
Bug #38187: Error 153 when creating savepoints
Detailed revision comments:
r3911 | sunny | 2009-01-13 14:15:24 +0200 (Tue, 13 Jan 2009) | 13 lines
branches/5.1: Fix Bug#38187 Error 153 when creating savepoints
InnoDB previously treated savepoints as a stack e.g.,
SAVEPOINT a;
SAVEPOINT b;
SAVEPOINT c;
SAVEPOINT b; <- This would delete b and c.
This fix changes the behavior to:
SAVEPOINT a;
SAVEPOINT b;
SAVEPOINT c;
SAVEPOINT b; <- Does not delete savepoint c
The problem is that select queries executed concurrently with
a concurrent insert on a MyISAM table could be cached if the
select started after the query cache invalidation but before
the unlock of tables performed by the concurrent insert. This
race could happen because the concurrent insert was failing
to prevent cache of select queries happening at the same time.
The solution is to add a 'uncacheable' status flag to signal
that a concurrent insert is being performed on the table and
that queries executing at the same time shouldn't cache the
results.
Modify plugins.m4 configuration framework so that plugins which are
not built still get added to the source distribution during make dist.
This came up now because we can only build ibmdb2i on i5/OS, and we
can't bootstrap our source dist on that platform. The solution is to
specify DIST_SUBDIRS containing all plugins, separate from SUBDIRS
which contains the plugins which are actually built.
This ibmdb2i code is from the ibmdb2i-ga3-src.zip file, with a patch
to plug.in to disable the plugin if the PASE environment isn't available.
MyISAM did copy of key statistics incorrectly, which may cause
server crash or incorrect cardinality values. This may happen only on
platforms where size of long differs from size of pointer.
To determine number of bytes to be copied from array of ulong,
MyISAM mistakenly used sizoef(pointer) instead of sizeof(ulong).
A Query in the MyISAM merge table was crashing
if the index merge algorithm was being used
Index Merge optimization requires the reading of
multiple indexes at the same time. Reading multiple
indexes at once with current SE API means that we
need to have handler instance for each to-be-read
index. This is done by creating clones of the handlers
instances. The clone internally does a open of the handler.
The open for a MERGE engine is handled in the following
phases
1) open parent table
2) generate list of underlying
table
3) attach underlying tables
But the current implementation does only the first
phase (i.e.) open parent table.
The current patch fixes this at the MERGE engine level,
by handling the clone operation within the MERGE engine
rather than in the storage engine API. It opens and
attaches the MyISAM tables on the MyISAM storage engine
interface directly within the MERGE engine. The new MyISAM
table instances, as well as the MERGE clone itself, are not
visible in the table cache. This is not a problem because
all locking is handled by the original MERGE table from which
this is cloned of.
Every subsequent query to a merge table with indexes was lowering
down cardinality.
The problem was that key statistics was not cleared when merge
children were detached. Causing next attach children perform
incremental key statistics calculation.
Fixed by clearing key statistics when attaching first child.
code backported from 6.0
per-file messages:
include/my_global.h
Remove SC_MAXWIDTH. This is unused and irrelevant nowadays.
include/my_sys.h
Remove errbuf declaration and unused definitions.
mysys/my_error.c
Remove errbuf definition and move and adjust ERRMSGSIZE.
mysys/my_init.c
Declare buffer on the stack and use my_snprintf.
mysys/safemalloc.c
Use size explicitly. It's more than enough for the message at hand.
sql/sql_error.cc
Use size explicitly. It's more than enough for the message at hand.
sql/sql_parse.cc
Declare buffer on the stack. Use my_snprintf as it will result in
less stack space being used than by a system provided sprintf --
this allows us to put the buffer on the stack without causing much
trouble. Also, the use of errbuff here was not thread-safe as the
function can be entered concurrently from multiple threads.
sql/sql_table.cc
Use MYSQL_ERRMSG_SIZE. Extra space is not needed as my_snprintf will
nul terminate strings.
storage/myisam/ha_myisam.cc
Use MYSQL_ERRMSG_SIZE.
sql/share/errmsg.txt
Error message truncation in test "innodb" in embedded mode
filename in the error message can safely take up to 210 symbols.
There was a type casting problem in the storage/innobase/handler/ha_innodb.cc,
(int ha_innobase::write_row(...)). Innobase uses has an internal error variable
of type 'ulint' while mysql uses an 'int'.
To fix the problem the function manipulates an error variable of
type 'ulint' and only casts it into 'int' when needs to return the value.
myisam_repair_threads > 1 causes crash
Problem: parallel repair (myisam_repair_threads > 1) of a myisam
table with two or more fulltext keys that use the same parser may
lead to a server crash. ALTER TABLE ENABLE KEYS is affected as well.
Fix: properly initialize fulltext structures for parallel repair.
Note: 1. there's no deterministic test case.
2. now we call parser->init() for each fulltext key
(not for each fulltext parser used).
conflicts:
Text conflict in client/mysqltest.cc
Text conflict in mysql-test/include/wait_until_connected_again.inc
Text conflict in mysql-test/lib/mtr_report.pm
Text conflict in mysql-test/mysql-test-run.pl
Text conflict in mysql-test/r/events_bugs.result
Text conflict in mysql-test/r/log_state.result
Text conflict in mysql-test/r/myisam_data_pointer_size_func.result
Text conflict in mysql-test/r/mysqlcheck.result
Text conflict in mysql-test/r/query_cache.result
Text conflict in mysql-test/r/status.result
Text conflict in mysql-test/suite/binlog/r/binlog_index.result
Text conflict in mysql-test/suite/binlog/r/binlog_innodb.result
Text conflict in mysql-test/suite/rpl/r/rpl_packet.result
Text conflict in mysql-test/suite/rpl/t/rpl_packet.test
Text conflict in mysql-test/t/disabled.def
Text conflict in mysql-test/t/events_bugs.test
Text conflict in mysql-test/t/log_state.test
Text conflict in mysql-test/t/myisam_data_pointer_size_func.test
Text conflict in mysql-test/t/mysqlcheck.test
Text conflict in mysql-test/t/query_cache.test
Text conflict in mysql-test/t/rpl_init_slave_func.test
Text conflict in mysql-test/t/status.test
Detailed description of changes:
r3601 | marko | 2008-12-22 16:05:19 +0200 (Mon, 22 Dec 2008) | 9 lines
branches/5.1: Make
SET SESSION TRANSACTION ISOLATION LEVEL READ COMMITTED
a true replacement of SET GLOBAL INNODB_LOCKS_UNSAFE_FOR_BINLOG=1.
This fixes an error that was introduced in r370, causing
semi-consistent read not to not unlock rows in READ UNCOMMITTED mode.
(Bug #41671, Issue #146)
rb://67 approved by Heikki Tuuri
Detailed description of changes:
r3590 | marko | 2008-12-18 15:33:36 +0200 (Thu, 18 Dec 2008) | 11 lines
branches/5.1: When converting a record to MySQL format, copy the default
column values for columns that are SQL NULL. This addresses failures in
row-based replication (Bug #39648).
row_prebuilt_t: Add default_rec, for the default values of the columns in
MySQL format.
row_sel_store_mysql_rec(): Use prebuilt->default_rec instead of
padding columns.
rb://64 approved by Heikki Tuuri
Detailed description of changes:
r3588 | inaam | 2008-12-18 14:26:54 +0200 (Thu, 18 Dec 2008) | 8 lines
branches/5.1
It is a bug in unused code. If we don't calculate the hash value when
calculating the mutex number then two pages which map to same hash
value can get two different mutex numbers.
Approved by: Marko
Detailed description of changes:
r3412 | vasil | 2008-12-05 10:46:18 +0200 (Fri, 05 Dec 2008) | 7 lines
branches/5.1:
Add the traditional 2 spaces after the timestamp so the message does
not look like:
070223 13:26:01InnoDB: Warning: canno....
Detailed description of changes:
r3257 | inaam | 2008-11-24 22:06:50 +0200 (Mon, 24 Nov 2008) | 13 lines
branches/5.1 bug#40760
The config param innodb_thread_concurrency is dynamically set and is
read when a thread enters/exits innodb. If the value is changed between
the enter and exit time the behaviour becomes erratic.
The fix is not to use srv_thread_concurrency when exiting, instead use
the flag trx->declared_to_be_inside_innodb.
rb://57
Approved by: Marko
Detailed description of changes:
r2981 | marko | 2008-11-07 14:54:10 +0200 (Fri, 07 Nov 2008) | 6 lines
branches/5.1: row_mysql_store_col_in_innobase_format(): Correct a misleading
comment. In the UTF-8 encoding, ASCII takes 1 byte per character, while
the "latin1" character set (normally ISO-8859-1, but in MySQL it actually
refers to the Windows Code Page 1252 a.k.a. CP1252, WinLatin1)
takes 1 to 3 bytes (1 to 2 bytes for the ISO-8859-1 subset).
r3114 | calvin | 2008-11-14 20:31:48 +0200 (Fri, 14 Nov 2008) | 8 lines
branches/5.1: fix bug#40386: Not flushing query cache after truncate
ha_statistics.records can not be 0 unless the table is empty, set to
1 instead. The original problem of bug 29507 is fixed in the server.
Additional test was done with the fix of bug 29507 in the server.
Approved by: Heikki (on IM)
Detailed description of changes:
r2929 | marko | 2008-10-29 21:26:14 +0200 (Wed, 29 Oct 2008) | 13 lines
branches/5.1: dtype_get_sql_null_size(): return the correct storage
size of a SQL NULL column. (Bug #40369)
When MySQL Bug #20877 was fixed in r834, this function was
accidentally modified to return 0 or 1. Apparently, the only impact of
this bug is that fixed-length columns cannot be updated in-place from
or to SQL NULL, even in ROW_FORMAT=REDUNDANT. After this fix,
fixed-length columns in ROW_FORMAT=REDUNDANT will have a constant
storage size as they should, no matter if NULL or non-NULL. The bug
caused fixed-length NULL columns to occupy 1 byte.
rb://37 approved by Heikki over IM.
Detailed description of changes:
r2902 | vasil | 2008-10-28 12:10:25 +0200 (Tue, 28 Oct 2008) | 10 lines
branches/5.1:
Fix Bug#38189 innodb_stats_on_metadata missing
Make the variable innodb_stats_on_metadata visible to the users and
also settable at runtime. Previously it was only "visible" as a command
line startup option to mysqld.
Approved by: Marko (https://svn.innodb.com/rb/r/36)
Bounds-checks and blocksize corrections were applied to user-input,
but constants in the server were trusted implicitly. If these values
did not actually meet the requirements, the user could not set change
a variable, then set it back to the (wonky) factory default or maximum
by explicitly specifying it (SET <var>=<value> vs SET <var>=DEFAULT).
Now checks also apply to the server's presets. Wonky values and maxima
get corrected at startup. Consequently all non-offsetted values the user
sees are valid, and users can set the variable to that exact value if
they so desire.
The problem: data file can not be deleted on win because
there is another opened instance of this file.
Data file might be opened twice, on table opening stage and
during write_row execution. We need to close both instances
to satisfy Win.
Bug #39830: Table autoinc value not updated on first insert.
Bug #35498: Cannot get table test/table1 auto-inccounter value in ::info
Bug #36411: Failed to read auto-increment value from storage engine" in 5.1.24 auto-inc
Detailed revision comments:
r2854 | sunny | 2008-10-23 08:30:32 +0300 (Thu, 23 Oct 2008) | 13 lines
branches/5.1: Backport changes from branches/zip r2725
Simplify the autoinc initialization code. This removes the
non-determinism related to reading the table's autoinc value for the first
time. This change has also reduced the sizeof dict_table_t by sizeof(ibool)
bytes because we don't need the dict_table_t::autoinc_inited field anymore.
rb://16
Bug #37788: InnoDB Plugin: AUTO_INCREMENT wrong for compressed tables
(Note, this bug is not only in the plugin, the overflow checks are relevant
for MySQL's InnoDB as well.)
Detailed revision comments:
r2852 | sunny | 2008-10-23 01:42:24 +0300 (Thu, 23 Oct 2008) | 9 lines
branches/5.1: Backport r2724 from branches/zip
Check column value against the col max value before updating the table's
global autoinc counter value. This is part of simplifying the AUTOINC
sub-system. We extract the type info from MySQL data structures at runtime.
Bug #40224: New AUTOINC changes mask reporting of deadlock/timeout errors
Detailed revision comments:
r2849 | sunny | 2008-10-22 12:01:18 +0300 (Wed, 22 Oct 2008) | 8 lines
branches/5.1: Return the actual error code encountered when allocating
a new autoinc value. The change in behavior (bug) was introduced in 5.1.22
when we introduced the new AUTOINC locking model.
rb://31
A follow-up to fix for bug #39438. This moves some errro messages from the
server error log to the client, to make it easier for users (especially in
shared hosting environment) to get info about why their statement is failing.
Detailed revision comments:
r2832 | vasil | 2008-10-21 10:08:30 +0300 (Tue, 21 Oct 2008) | 10 lines
branches/5.1:
In ha_innobase::info():
Replace sql_print_warning() which prints to mysqld error log with
push_warning_printf() which sends the error message to the client.
Suggested by: Marko, Sunny, Michael
Objected by: Inaam