DURING INNODB RECOVERY
Problem:
=======
The connection 'master' is dropped by mysqltest after
rpl_end.inc. At this point, dropping temporary tables
at the connection 'master' are not synced at slave.
So, the temporary tables replicated from master remain
on slave leading to an inconsistent close of the test.
The following test thus complains about the presence of
temporary table(s) left over from the previous test.
Fix:
===
- Put explicit drop commands in replication tests so
that the temporary tables are dropped at slave as well.
- Added the check for Slave_open_temp_tables in
mtr_check.sql to warn about the remaining temporary
table, if any, at the close of a test.
RPL_SEMI_SYNC_MASTER_ENABLED OFF.
Problem:
=======
If master is waiting for a reply from slave, at this time
set global rpl_semi_sync_master_enabled=OFF, the master
server will crash.
Analysis:
========
When master is waiting for a reply from slave, at this time
if semi sync is switched off on master, during switch off if
active transactions are present the transactions will be
cleared and "active_tranxs_" variable will be set to NULL.
When the waiting master connection finds that semi sync is
switched of it tries to access "active_tranxs_" without
checking if the transaction list exists or not. Accessing
NULL transaction list causes the crash.
Fix:
===
A check has been added to see a valid list exists before
accessing the "active_tranxs_".
IT IS DONE IN-PLACE
With change buffer enabled, InnoDB doesn't write a transaction log
record when it merges a record from the insert buffer to an secondary
index page if the insertion is performed as an update-in-place.
Fixed by logging the 'update-in-place' operation on secondary index
pages.
Approved by Marko. rb#2429
WITH MY_B_VPRINTF()
Issue : In LP 64 machine max long value can be 20 digit
decimal value. But in my_b_vprintf() the intermediate
buffer storage used is 17 bytes length. This will lead to
buffer overflow.
Solution : Increased the buffer storage from 17 to 32 bytes.
code is backported from 5.6
For queries like
update t1 set ... where <unique key> order by ... limit ...
we need to handle the fact that unique keys allow NULL
values, and hence can return more than one row.
Dump thread may encounter an error when reading events from the active binlog
file. However the errors may be temporary, so dump thread will try to read
the event again. But dump thread seeked to an wrong position, it caused some
events was sent twice.
To fix the bug, prev_pos is defined out the while loop and is set the correct
position after reading every event correctly.
This patch also make binlog_can_be_corrupted more accurate, only the binlogs
not closed normally are marked binlog_can_be_corrupted.
Finally, two warnings are added when dump threads encounter the temporary
errors.
DO WHAT YOU EXPECT"
Fix info:
--------
Backport of the deprecation bug fix (WL#5265) for global variable
'THREAD_CONCURRENCY' from mysql-5.6 to mysql-5.5
Note: With this backport, certain additional deprecation warnings
would be reported under error conditions while setting the
global/session variables.
CONTAINING NULL
Problem:-
In MySQL, We can obtain the number of distinct expression
combinations that do not contain NULL by giving a list of
expressions in COUNT(DISTINCT).
However rows with NULL values are
incorrectly included in the count when loose index scan is
used.
Analysis:-
In case of loose index scan, we check whether the field is null or
not and increase the count in Item_sum_count::add().
But there we are checking for the first field in COUNT(DISTINCT),
not for every field. This is causing an incorrect result.
Solution:-
Check all field in Item_sum_count::add(), whether there values
are null or not. Then only increment the count.
******
Bug#17222452 - SELECT COUNT(DISTINCT A,B) INCORRECTLY COUNTS ROWS
CONTAINING NULL
Problem:-
In MySQL, We can obtain the number of distinct expression
combinations that do not contain NULL by giving a list of
expressions in COUNT(DISTINCT).
However rows with NULL values are
incorrectly included in the count when loose index scan is
used.
Analysis:-
In case of loose index scan, we check whether the field is null or
not and increase the count in Item_sum_count::add().
But there we are checking for the first field in COUNT(DISTINCT),
not for every field. This is causing an incorrect result.
Solution:-
Check all field in Item_sum_count::add(), whether there values
are null or not. Then only increment the count.
SPECIFIED WITH THE BASEDIR OPTION
Description: The mysql_plugin client attempts to remove any
filename specified to the --basedir option. The problem is
that if the filename does not end with a slash, it will
attempt to unlink it, which succeeds for files, but not for
directories.
Analysis: When we are starting mysql_plugin with basedir
option and if we are giving path of a file as basedir, it
deletes that file. It was because it uses a function
my_delete which unlinks the file path given.
Fix: As a fix we replace that line using another function
my_free, which will only free the pointer which is having
that file path.
Memory Leak in mysql_options() was caused by missing call
to my_free() in MYSQL_SET_CLIENT_IP branch. Fixed by adding
my_free() to cleanup mysql->options.client_ip value before
assigning new value.
Memory Leak in mysql_options() was caused by missing call
to my_free() in MYSQL_SET_CLIENT_IP branch. Fixed by adding
my_free() to cleanup mysql->options.client_ip value before
assigning new value.
ERROR HANDLING CODE
BACKGROUND:
There can be a potential crash due to buffer overrun in
SSL error handling code due to missing comma in
ssl_error_string[] array in viosslfactories.c.
ANALYSIS:
Found by code Inspection.
FIX:
Added the missing comma in SSL error handling code
in ssl_error_string[] array in viosslfactories.c.
ERROR HANDLING CODE
BACKGROUND:
There can be a potential crash due to buffer overrun in
SSL error handling code due to missing comma in
ssl_error_string[] array in viosslfactories.c.
ANALYSIS:
Found by code Inspection.
FIX:
Added the missing comma in SSL error handling code
in ssl_error_string[] array in viosslfactories.c.
Problem:-
Second execution of prepared statement for query with
parameter in limit clause, causes an assert when using
connectors (e.g., Connector C).
Analysis:-
In prepared statement, LIMIT parameters can be
specified using '?' markers. Value for the parameter can
be supplied while executing the prepared statement.
Passing string, float or double values for LIMIT clause
works well from command-line client. That's because, while
setting the LIMIT parameter value from a user-variable,
the value is converted to integer value.
However, when prepared statement is executed from other
interfaces as J connectors, or C applications etc,
the value for the parameters are sent to the server
with execute command. Each item in command has value and
the data TYPE. So, while setting parameter values
from this log, value is set to all the parameters
with the same data type as passed.
Here, we have the logic to convert the value to change the
state and item_type if it is part of LIMIT parameter and
its item_type is not INT.
But when we reset this parameter we save the item_type but change
state. So on second execution we have old item_type but our state
has been changed, which make us to use string type variable
in Item_param::query_str_val(). This cause an assert.
Fix:
Instead of checking the item_type of the parameter, check for
the state of the parameter. As state value are reset everytime
we execute the statement.
