The issue of the current bug is unguarded access to mi->slave_running
by the shutdown thread calling end_slave() that is bug#29968
(alas happened not to be cross-linked with the current bug)
Fixed:
with removing the unguarded read of the running status
and perform reading it in terminate_slave_thread()
at time run_lock is taken (mostly bug#29968 backporting, still with some
improvements over that patch - see the error reporting from
terminate_slave_thread()).
Issue of bug#38716 is fixed here for 5.0 branch as well.
Note:
There has been a separate artifact identified -
a race condition between init_slave() and end_slave() -
reported as Bug#44467.
mysql-test/r/rpl_bug38694.result:
a new results file is added.
mysql-test/t/rpl_bug38694-slave.opt:
simulating delay at slave threads shutdown.
mysql-test/t/rpl_bug38694.test:
A new test to check if a delay at the termination phase of slave threads
could cause any issue.
sql/slave.cc:
The unguarded read of the running status is removed. Its reading is done in
terminate_slave_thread() at time run_lock is taken;
Calling terminate_slave_threads(skip_lock := !need_slave_mutex) in the failing branch of start_slave_threads() which is bug#38716 issue.
sql/slave.h:
removing terminate_slave_thread() out of the global interface scope.
the Point() and Linestring() functions create WKB representation of an
object instead of an real geometry object.
That produced bugs when these were inserted into tables.
GIS tests fixed accordingly.
per-file messages:
mysql-test/r/gis-rtree.result
Bug#38990 Arbitrary data input plus GIS functions causes mysql server crash
test result
mysql-test/r/gis.result
Bug#38990 Arbitrary data input plus GIS functions causes mysql server crash
test result
mysql-test/t/gis-rtree.test
Bug#38990 Arbitrary data input plus GIS functions causes mysql server crash
test fixed - GeomFromWKB invocations removed
mysql-test/t/gis.test
Bug#38990 Arbitrary data input plus GIS functions causes mysql server crash
test fixed - AsWKB invocations added
sql/item_geofunc.cc
Bug#38990 Arbitrary data input plus GIS functions causes mysql server crash
Point() and similar functions to create a proper object
Bug #40925: Equality propagation takes non indexed attribute
Query execution plans and execution time of queries like
select a, b, c from t1
where a > '2008-11-21' and b = a limit 10
depended on the order of equality operator parameters:
"b = a" and "a = b" are not same.
An equality propagation algorithm has been fixed:
the substitute_for_best_equal_field function should not
substitute a field for an equal field if both fields belong
to the same table.
mysql-test/r/select.result:
Added test case for bug #40925.
mysql-test/t/select.test:
Added test case for bug #40925.
sql/item.cc:
Bug #40925: Equality propagation takes non indexed attribute
An equality propagation algorithm has been fixed:
the substitute_for_best_equal_field function should not
substitute a field for an equal field if both fields belong
to the same table.
for indexes of InnoDB table
Fixes by replacing the PRNG that is used to pick random pages with a
better one.
Also adds a configuration option "innodb_use_legacy_cardinality_algorithm"
to enable the fix only when the option is set.
This patch is from http://bugs.mysql.com/file.php?id=11789
replaced String->c_ptr() with String->c_ptr_safe()
mysql-test/r/func_encrypt.result:
test result
mysql-test/t/func_encrypt.test:
test case
sql/item_strfunc.cc:
replaced String->c_ptr() with String->c_ptr_safe()
The warning happens because string argument is not zero ended.
The fix is to add new parameter 'length' to SQL_CRYPT() and
use ptr() instead of c_ptr().
mysql-test/r/func_str.result:
test result
mysql-test/t/func_str.test:
test case
sql/item_strfunc.cc:
Added new parameter 'length' to SQL_CRYPT
sql/sql_crypt.cc:
Added new parameter 'length' to SQL_CRYPT
sql/sql_crypt.h:
Added new parameter 'length' to SQL_CRYPT
The rpl_binlog_corruption test case was inject failures, specifically,
incidents with invalid numbers to see if the replication was failing
gracefully. However, this test was causing the following warning message
in Valgrind: "Conditional jump or move depends on uninitialised value(s)"
The patch fixes the problem by correctly initializing the m_inicident
number.
In order to define the --slave-load-tmpdir, the init_relay_log_file()
was calling fn_format(MY_PACK_FILENAME) which internally was indirectly
calling strmov_overlapp() (through pack_dirname) and the following
warning message was being printed out while running in Valgrind:
"source and destination overlap in strcpy".
We fixed the issue by removing the flag MY_PACK_FILENAME as it was not
necessary. In a nutshell, with this flag the function fn_format() tried
to replace a directory by either "~", "." or "..". However, we wanted
exactly to remove such strings.
In this patch, we also refactored the functions init_relay_log_file()
and check_temp_dir(). The former was refactored to call the fn_format()
with the flag MY_SAFE_PATH along with the MY_RETURN_REAL_PATH, in order
to avoid issues with long directories and return an absolute path,
respectively. The flag MY_SAFE_UNPACK_FILENAME was removed too as it was
responsible for removing "~", "." or ".." only from the file parameter
and we wanted to remove such strings from the directory parameter in
the fn_format(). This result is stored in an rli variable, which is then
processed by the other function in order to verify if the directory exists
and if we are able to create files in it.
mysql-test/suite/rpl/t/rpl_slave_load_tmpdir_not_exist.test:
Changed the output to make it consistent among different runs.
mysys/mf_format.c:
Replaced a return for DBUG_RETURN.
to wrong results
3 problems found with DES_ENCRYPT/DES_DECRYPT :
1. The max length was not calculated properly. Fixed in fix_length_and_dec()
2. DES_ENCRYPT had a side effect of sometimes reallocating and changing
the value of its argument. Fixed by explicitly pre-allocating the necessary
space to pad the argument with trailing '*' (stars) when calculating the
DES digest.
3. in DES_ENCRYPT the string buffer for the result value was not
reallocated to the correct size and only string length was assigned to it.
Fixed by making sure there's enough space to hold the result.
information schema tables are based on internal tmp tables which are removed
after each statement execution. So HANDLER comands can not be used with
information schema.
mysql-test/r/handler.result:
test result
mysql-test/t/handler.test:
test case
sql/sql_handler.cc:
information schema tables are based on internal tmp tables which are removed
after each statement execution. So HANDLER comands can not be used with
information schema.
using it.
The crash was due to a null pointer present for select_lex while
processing the view.
Adding a check while opening the view to see if its a child of a
merge table fixed this problem.
mysql-test/r/merge.result:
Updated result for the new test case.
mysql-test/t/merge.test:
Added test case based on the bug description.
sql/sql_base.cc:
Added a check to check if the view being opened is a child table of a
merge table and return error if it is.
The problem was that new lock types were being added without a
corresponding description. Since the lock types (enum values)
are used as indices to the description array, the descriptions
could be shifted depending on the lock type. The solution is to
ensure that every lock type has a correspondent description.
include/thr_lock.h:
Add warning.
sql/sql_test.cc:
Update lock descriptions.
Engine doesn't allow me to.
In case of incompatible changes between old and new table
versions, the mysqlcheck program prints error messages like
this:
error: Table upgrade required. Please do
"REPAIR TABLE `table_name`" to fix it!
However, InnoDB doesn't support REPAIR TABLE query, so the
message is confusing.
Error message text has been changed to:
Table upgrade required. Please do "REPAIR TABLE `table_name`"
or dump/reload to fix it!"
mysql-test/r/repair.result:
Updated test case for bug #42563.
mysql-test/r/varbinary.result:
Updated test case for bug #42563.
sql/share/errmsg.txt:
Bug #42563: Message tells me to repair table though Storage
Engine doesn't allow me to.
The ER_TABLE_NEEDS_UPGRADE error message has been changed to:
Table upgrade required. Please do "REPAIR TABLE ``%-.32s`"
or dump/reload to fix it!"
mysql_rename_view can not rename view if database is not the same.
The fix is to add new argument 'new_db' to mysql_rename_view() and
allow rename with different databases
(only for ALTER DATABASE ... UPGRADE DATA DIRECTORY NAME).
mysql-test/t/upgrade.test:
test fix
sql/parse_file.cc:
mysql_rename_view can not rename view if database is not the same.
The fix is to add new argument 'new_db' to mysql_rename_view() and
allow rename with different databases
(only for ALTER DATABASE ... UPGRADE DATA DIRECTORY NAME).
sql/parse_file.h:
mysql_rename_view can not rename view if database is not the same.
The fix is to add new argument 'new_db' to mysql_rename_view() and
allow rename with different databases
(only for ALTER DATABASE ... UPGRADE DATA DIRECTORY NAME).
sql/sql_rename.cc:
mysql_rename_view can not rename view if database is not the same.
The fix is to add new argument 'new_db' to mysql_rename_view() and
allow rename with different databases
(only for ALTER DATABASE ... UPGRADE DATA DIRECTORY NAME).
sql/sql_view.cc:
mysql_rename_view can not rename view if database is not the same.
The fix is to add new argument 'new_db' to mysql_rename_view() and
allow rename with different databases
(only for ALTER DATABASE ... UPGRADE DATA DIRECTORY NAME).
sql/sql_view.h:
mysql_rename_view can not rename view if database is not the same.
The fix is to add new argument 'new_db' to mysql_rename_view() and
allow rename with different databases
(only for ALTER DATABASE ... UPGRADE DATA DIRECTORY NAME).
allow 'rename view' for ALTER ...UPGRADE DATA DIRECTORY NAME command.
it's safe because a view has valid internal db&table names in this case.
mysql-test/r/upgrade.result:
test result
mysql-test/t/upgrade.test:
test case
sql/sql_rename.cc:
allow 'rename view' for ALTER ...UPGRADE DATA DIRECTORY NAME command.
it's safe because a view has valid internal db&table names in this case.
comment can't be read back
A change to the lexer in 5.1 caused slash-asterisk-bang-version
sections to be terminated early if there exists a slash-asterisk-
style comment inside it. Nesting comments is usually illegal,
but we rely on versioned comment blocks in mysqldump, and the
contents of those sections must be allowed to have comments.
The problem was that when encountering open-comment tokens and
consuming -or- passing through the contents, the "in_comment"
state at the end was clobbered with the not-in-a-comment value,
regardless of whether we were in a comment before this or not.
So, """/*!VER one /* two */ three */""" would lose its in-comment
state between "two" and "three". Save the echo and in-comment
state, and restore it at the end of the comment if we consume a
comment.
Bug#44091: libmysqld gets stuck waiting on mutex on initialization
The problem was that libmysqld wasn't enforcing a certain
initialization and deinitialization order for the mysys
library. Another problem was that the global object used
for management of log event handlers (aka LOGGER) wasn't
being prepared for a possible reutilization.
What leads to the hang/crash reported is that a failure
to load the language file triggers a double call of the
cleanup functions, causing an already destroyed mutex to
be used.
The solution is enforce a order on the initialization and
deinitialization of the mysys library within the libmysqld
library and to ensure that the global LOGGER object reset
it's internal state during cleanup.
mysys/my_init.c:
Deinitialize only if initialized already.
sql/log.cc:
Reset state.
routine does not exist
There is an inconsistency with DROP DATABASE IF EXISTS, DROP TABLE IF
EXISTS and DROP VIEW IF EXISTS: those are binlogged even if the DB or
TABLE does not exist, whereas DROP PROCEDURE IF EXISTS does not. It
would be nice or at least consistent if DROP PROCEDURE/STATEMENT
worked the same too.
Fixed DROP PROCEDURE|FUNCTION IF EXISTS by adding a call to
mysql_bin_log.write in mysql_execute_command. Checked also if all
documented "DROP (...) IF EXISTS" get binlogged.
NOTE: This is a 5.0 backport patch as requested by support.
mysql-test/r/rpl_drop_if_exists.result:
Result file for test case added.
mysql-test/r/rpl_sp.result:
Updated result file for existing test case that has now extra events in
binary log (the ones from drop if exists procedure/function).
mysql-test/t/rpl_drop_if_exists.test:
Added test case for asserting validity of proposed patch.
sql/sql_parse.cc:
Added call mysql_bin_log.write when lex has drop_if_exists enabled for
stored procedures.
The crash happens due to wrong 'digits' variable value(0),
'digits' can not be 0, so the fix is use 1 as min allowed value.
mysql-test/r/insert.result:
test result
mysql-test/t/insert.test:
test case
sql/field.cc:
The crash happens due to wrong 'digits' variable value(0),
'digits' can not be 0, so the fix is use 1 as min allowed value.
Binlog the CREATE EVENT unless the created event been successfully dropped
Modified Query_log_event constructor to make sure that error_code
is not set to ER_SERVER_SHUTDOWN or ER_QUERY_INTERRUPTED errors
when NOT_KILLED
sql/events.cc:
binlog the create event unless it's been successfully dropped
sql/log_event.cc:
Modified Query_log_event constructor to make sure that error_code
is not set to ER_SERVER_SHUTDOWN or ER_QUERY_INTERRUPTED errors
when NOT_KILLED
We didn't expect "error: no error", although this is
in fact a legitimate state (if something is erroneous
on the master, but not on the slave, e.g. INSERT fails
on master due to UNIQUE constraint which does not exist
on slave).
We now list the ignore for "0: no error" the same way
as any other ignore; moreover, if no or an empty
--slave-skip-errors is passed at start-up, we show
"OFF" instead of empty list, as intended. (The code
for that was there, but was only run for the empty-
argument case, even if it subsequently tested for
both conditions.)
mysql-test/r/not_embedded_server.result:
Show that passing no --slave-skip-errors results
in "OFF" being shown as the variable's value. This
test's "twin" (also not embedded, but setting
--slave-skip-errors in its -opt file) lives in
variables-notembbeded.test.
mysql-test/r/variables-notembedded.result:
Show that error-ignore 0 is handled just like any other
ignore. This test's "twin" (also not embedded, but not
setting --slave-skip-errors in its -opt file) lives in
not_embbeded_server.test.
mysql-test/t/not_embedded_server.test:
Show that passing no --slave-skip-errors results
in "OFF" being shown as the variable's value.
mysql-test/t/variables-notembedded-master.opt:
Show that error-ignore 0 is handled just like any other
ignore.
sql/slave.cc:
- set up error-ignore-info even if --slave-skip-errors
was not passed at start-up.
- handle error 0 just like any other error.
RBR was not considering the option --slave-skip-errors.
To fix the problem, we are reporting the ignored ERROR(s) as warnings thus avoiding
stopping the SQL Thread. Besides, it fixes the output of "SHOW VARIABLES LIKE
'slave_skip_errors'" which was showing nothing when the value "all" was assigned
to --slave-skip-errors.
@sql/log_event.cc
skipped rbr errors when the option skip-slave-errors is set.
@sql/slave.cc
fixed the output of for SHOW VARIABLES LIKE 'slave_skip_errors'"
@test-cases
fixed the output of rpl.rpl_idempotency
updated the test case rpl_skip_error
The problem is that a SELECT .. FOR UPDATE statement might open
a table and later wait for a impeding global read lock without
noticing whether it is holding a table that is being waited upon
the the flush phase of the process that took the global read
lock.
The same problem also affected the following statements:
LOCK TABLES .. WRITE
UPDATE .. SET (update and multi-table update)
TRUNCATE TABLE ..
LOAD DATA ..
The solution is to make the above statements wait for a impending
global read lock before opening the tables. If there is no
impending global read lock, the statement raises a temporary
protection against global read locks and progresses smoothly
towards completion.
Important notice: the patch does not try to address all possible
cases, only those which are common and can be fixed unintrusively
enough for 5.0.
mysql-test/r/lock_multi.result:
Add test case result for Bug#43230
mysql-test/t/lock_multi.test:
Add test case for Bug#43230
sql/sql_lex.cc:
Initialize flag.
sql/sql_lex.h:
Add a flag to the lexer.
sql/sql_parse.cc:
Wait for the global read lock is a write lock is going to be
taken. The wait is done before opening tables.
sql/sql_yacc.yy:
Protect against the GRL if its a SELECT .. FOR UPDATE or LOCK TABLES
.. WRITE statement.
Mysql server crashes because unsafe statements warning is wrongly elevated to error,
which is set the error status of Diagnostics_area of the thread in THD::binlog_query().
Yet the caller believes that binary logging shouldn't touch the status, so it will
set the status also later by my_ok(), my_error() or my_message() seperately
according to the execution result of the statement or transaction.
But the status of Diagnostics_area of the thread is allowed to set only once.
Fixed to clear the error wrongly set by binary logging, but keep the warning message.
mysql-test/suite/binlog/r/binlog_stm_ps.result:
Change unsafe warning to NOTE level
mysql-test/suite/binlog/r/binlog_unsafe.result:
Test case result for unsafe statements to ensure mysql sever don't crash
mysql-test/suite/binlog/t/binlog_unsafe.test:
Test case for unsafe statements to ensure mysql sever don't crash
mysql-test/suite/rpl/r/rpl_skip_error.result:
Change unsafe warning to NOTE level
mysql-test/suite/rpl/r/rpl_stm_loadfile.result:
Change unsafe warning to NOTE level
mysql-test/suite/rpl/r/rpl_udf.result:
Change unsafe warning to NOTE level
sql/sql_class.cc:
the error status of the thread is cleared When a warning is elevated to an error
because of unsafe warning of binary log.
Original commentary:
Bug #37348: Crash in or immediately after JOIN::make_sum_func_list
The optimizer pulls up aggregate functions which should be aggregated in
an outer select. At some point it may substitute such a function for a field
in the temporary table. The setup_copy_fields function doesn't take this
into account and may overrun the copy_field buffer.
Fixed by filtering out the fields referenced through the specialized
reference for aggregates (Item_aggregate_ref).
Added an assertion to make sure bugs that cause similar discrepancy
don't go undetected.
mysql-test/r/func_group.result:
Backport bug #37348 fix 5.1 --> 5.0.
mysql-test/t/func_group.test:
Backport bug #37348 fix 5.1 --> 5.0.
sql/item.cc:
Backport bug #37348 fix 5.1 --> 5.0.
sql/item.h:
Backport bug #37348 fix 5.1 --> 5.0.
sql/sql_select.cc:
Backport bug #37348 fix 5.1 --> 5.0.
The problem is that XML functions(items) do not reset null_value
before their execution and further item excution may use
null_value value of the previous result.
The fix is to reset null_value.
mysql-test/r/xml.result:
test result
mysql-test/t/xml.test:
test case
sql/item_xmlfunc.cc:
The problem is that XML functions(items) do not reset null_value
before their execution and further item excution may use
null_value value of the previous result.
The fix is to reset null_value.
Problem: we don't prune a LESS THAN partition if MAXVALUE is given and
given value is equal to a LESS THAN value.
Fix: prune partitions in such cases.
mysql-test/r/partition.result:
Fix for bug#42944: partition not pruned correctly
- test result.
mysql-test/t/partition.test:
Fix for bug#42944: partition not pruned correctly
- test case.
sql/sql_partition.cc:
Fix for bug#42944: partition not pruned correctly
- prune partition if given value is equal to a LESS THAN value
and it's not a "PARTITION ... LESS THAN MAXVALUE" one.
