From 84de3b930bcae8af7a7b5613dd8be514afbb8661 Mon Sep 17 00:00:00 2001 From: Sergey Glukhov Date: Wed, 10 Dec 2008 18:13:11 +0400 Subject: Bug#37956 memory leak and / or crash with geometry and prepared statements! Bug#37671 crash on prepared statement + cursor + geometry + too many open files! if mysql_execute_command() returns error then free materialized_cursor object. is_rnd_inited is added to satisfy rnd_end() assertion (handler may be uninitialized in some cases) sql/sql_cursor.cc: if mysql_execute_command() returns error then free materialized_cursor object. is_rnd_inited is added to satisfy rnd_end() assertion (handler may be uninitialized in some cases) sql/sql_select.cc: added result check tests/mysql_client_test.c: test case --- tests/mysql_client_test.c | 54 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+) (limited to 'tests/mysql_client_test.c') diff --git a/tests/mysql_client_test.c b/tests/mysql_client_test.c index ee3a053f8bd..ea4d363bdac 100644 --- a/tests/mysql_client_test.c +++ b/tests/mysql_client_test.c @@ -15899,6 +15899,59 @@ static void test_bug28934() } +/** + Bug#37956 memory leak and / or crash with geometry and prepared statements! +*/ + +static void test_bug37956(void) +{ + const char *query="select point(?,?)"; + MYSQL_STMT *stmt=NULL; + unsigned int val=0; + MYSQL_BIND bind_param[2]; + unsigned char buff[2]= { 134, 211 }; + DBUG_ENTER("test_bug37956"); + myheader("test_bug37956"); + + stmt= mysql_simple_prepare(mysql, query); + check_stmt(stmt); + + val=1; + mysql_stmt_attr_set(stmt, STMT_ATTR_UPDATE_MAX_LENGTH, (void *)&val); + val=CURSOR_TYPE_READ_ONLY; + mysql_stmt_attr_set(stmt, STMT_ATTR_CURSOR_TYPE, (void *)&val); + val=0; + mysql_stmt_attr_set(stmt, STMT_ATTR_PREFETCH_ROWS, (void *)&val); + + memset(bind_param, 0, sizeof(bind_param)); + bind_param[0].buffer_type=MYSQL_TYPE_TINY; + bind_param[0].buffer= (void *)buff; + bind_param[0].is_null=NULL; + bind_param[0].error=NULL; + bind_param[0].is_unsigned=1; + bind_param[1].buffer_type=MYSQL_TYPE_TINY; + bind_param[1].buffer= (void *)(buff+1); + bind_param[1].is_null=NULL; + bind_param[1].error=NULL; + bind_param[1].is_unsigned=1; + + if (mysql_stmt_bind_param(stmt, bind_param)) + { + mysql_stmt_close(stmt); + DIE_UNLESS(0); + } + + if (mysql_stmt_execute(stmt)) + { + mysql_stmt_close(stmt); + DBUG_VOID_RETURN; + } + /* Should never reach here: execution returns an error. */ + mysql_stmt_close(stmt); + DIE_UNLESS(0); + DBUG_VOID_RETURN; +} + /* Bug#27592 (stack overrun when storing datetime value using prepared statements) */ @@ -16595,6 +16648,7 @@ static struct my_tests_st my_tests[]= { { "test_bug32265", test_bug32265 }, { "test_bug38486", test_bug38486 }, { "test_bug40365", test_bug40365 }, + { "test_bug37956", test_bug37956 }, { 0, 0 } }; -- cgit v1.2.1 From 7f5d980af70c2d7c8ba88a3ef8bef45fca4e635b Mon Sep 17 00:00:00 2001 From: Sergey Glukhov Date: Thu, 11 Dec 2008 12:57:59 +0400 Subject: disable bug37956 test if geometry package is not enabled --- tests/mysql_client_test.c | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'tests/mysql_client_test.c') diff --git a/tests/mysql_client_test.c b/tests/mysql_client_test.c index ea4d363bdac..79d188c252c 100644 --- a/tests/mysql_client_test.c +++ b/tests/mysql_client_test.c @@ -15899,6 +15899,7 @@ static void test_bug28934() } +#ifdef HAVE_SPATIAL /** Bug#37956 memory leak and / or crash with geometry and prepared statements! */ @@ -15951,6 +15952,7 @@ static void test_bug37956(void) DIE_UNLESS(0); DBUG_VOID_RETURN; } +#endif /* Bug#27592 (stack overrun when storing datetime value using prepared statements) @@ -16648,7 +16650,9 @@ static struct my_tests_st my_tests[]= { { "test_bug32265", test_bug32265 }, { "test_bug38486", test_bug38486 }, { "test_bug40365", test_bug40365 }, +#ifdef HAVE_SPATIAL { "test_bug37956", test_bug37956 }, +#endif { 0, 0 } }; -- cgit v1.2.1 From d2cd545b53397f36572001def335cf75c86570cf Mon Sep 17 00:00:00 2001 From: Sergey Glukhov Date: Thu, 11 Dec 2008 14:37:18 +0400 Subject: fix for pushbuild failure on 64 linux --- tests/mysql_client_test.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'tests/mysql_client_test.c') diff --git a/tests/mysql_client_test.c b/tests/mysql_client_test.c index 79d188c252c..50f03a1a086 100644 --- a/tests/mysql_client_test.c +++ b/tests/mysql_client_test.c @@ -15908,7 +15908,7 @@ static void test_bug37956(void) { const char *query="select point(?,?)"; MYSQL_STMT *stmt=NULL; - unsigned int val=0; + ulong val=0; MYSQL_BIND bind_param[2]; unsigned char buff[2]= { 134, 211 }; DBUG_ENTER("test_bug37956"); -- cgit v1.2.1 From 3d6cea324a8ab76e6ff0b1b948beee261278ed40 Mon Sep 17 00:00:00 2001 From: Davi Arnaut Date: Tue, 13 Jan 2009 20:07:06 -0200 Subject: Bug#36326: nested transaction and select The problem is that the query cache stores packets containing the server status of the time when the cached statement was run. This might lead to a wrong transaction status in the client side if a statement is cached during a transaction and is later served outside a transaction context (and vice-versa). The solution is to take into account the transaction status when storing in and serving from the query cache. mysql-test/r/innodb_cache.result: Update test case result. mysql-test/r/query_cache.result: Add test case result for Bug#36326 mysql-test/t/query_cache.test: Add test case for Bug#36326 sql/mysql_priv.h: Add new flags. sql/sql_cache.cc: Remember the transaction and autocommit status stored in the packet. tests/mysql_client_test.c: Add test case for Bug#36326 --- tests/mysql_client_test.c | 60 +++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) (limited to 'tests/mysql_client_test.c') diff --git a/tests/mysql_client_test.c b/tests/mysql_client_test.c index 50f03a1a086..0fddffebf82 100644 --- a/tests/mysql_client_test.c +++ b/tests/mysql_client_test.c @@ -16354,6 +16354,63 @@ static void test_bug40365(void) DBUG_VOID_RETURN; } + + +/** + Bug#36326: nested transaction and select +*/ + +#ifdef HAVE_QUERY_CACHE + +static void test_bug36326() +{ + int rc; + + DBUG_ENTER("test_bug36326"); + myheader("test_bug36326"); + + rc= mysql_autocommit(mysql, TRUE); + myquery(rc); + rc= mysql_query(mysql, "DROP TABLE IF EXISTS t1"); + myquery(rc); + rc= mysql_query(mysql, "CREATE TABLE t1 (a INTEGER)"); + myquery(rc); + rc= mysql_query(mysql, "INSERT INTO t1 VALUES (1)"); + myquery(rc); + rc= mysql_query(mysql, "SET GLOBAL query_cache_type = 1"); + myquery(rc); + rc= mysql_query(mysql, "SET GLOBAL query_cache_size = 1048576"); + myquery(rc); + DIE_UNLESS(!(mysql->server_status & SERVER_STATUS_IN_TRANS)); + DIE_UNLESS(mysql->server_status & SERVER_STATUS_AUTOCOMMIT); + rc= mysql_query(mysql, "BEGIN"); + myquery(rc); + DIE_UNLESS(mysql->server_status & SERVER_STATUS_IN_TRANS); + rc= mysql_query(mysql, "SELECT * FROM t1"); + myquery(rc); + rc= my_process_result(mysql); + DIE_UNLESS(rc == 1); + rc= mysql_rollback(mysql); + myquery(rc); + rc= mysql_query(mysql, "ROLLBACK"); + myquery(rc); + DIE_UNLESS(!(mysql->server_status & SERVER_STATUS_IN_TRANS)); + rc= mysql_query(mysql, "SELECT * FROM t1"); + myquery(rc); + DIE_UNLESS(!(mysql->server_status & SERVER_STATUS_IN_TRANS)); + rc= my_process_result(mysql); + DIE_UNLESS(rc == 1); + rc= mysql_query(mysql, "DROP TABLE t1"); + myquery(rc); + rc= mysql_query(mysql, "SET GLOBAL query_cache_size = 0"); + myquery(rc); + + DBUG_VOID_RETURN; +} + +#endif + + /* Read and parse arguments and MySQL options from my.cnf */ @@ -16652,6 +16709,9 @@ static struct my_tests_st my_tests[]= { { "test_bug40365", test_bug40365 }, #ifdef HAVE_SPATIAL { "test_bug37956", test_bug37956 }, +#endif +#ifdef HAVE_QUERY_CACHE + { "test_bug36326", test_bug36326 }, #endif { 0, 0 } }; -- cgit v1.2.1