1. 19 Dec, 2020 5 commits
    • Sergei Golubchik's avatar
      Item_func_like::walk() was ignoring escape_item · 6f40d5c8
      Sergei Golubchik authored
      in particular, it caused escape_item->is_expensive() property
      to be lost instead of being properly propagated up.
      6f40d5c8
    • Sergei Golubchik's avatar
      MDEV-24346 valgrind error in main.precedence · 59211ab7
      Sergei Golubchik authored
      Part II.
      
      It's still possible to bypass Item_func_like::escape
      initialization in Item_func_like::fix_fields().
      
      This requires ESCAPE argument being a cacheable subquery
      that uses tables and is inside a derived table which
      is used in multi-update.
      
      Instead of implementing a complex or expensive fix for
      this particular ridiculously artificial case, let's simply disallow it.
      59211ab7
    • Sergei Golubchik's avatar
      MDEV-24346 valgrind error in main.precedence · a587ded2
      Sergei Golubchik authored
      in queries like
      
        create view v1 as select 2 like 1 escape (3 in (select 0 union select 1));
        select 2 union select * from v1;
      
      Item_func_like::escape was left uninitialized, because
      Item_in_optimizer is const_during_execution()
      but not actually const_item() during execution.
      
      It's not, because const subquery evaluation was disabled for derived.
      Practically it only needs to be disabled for multi-update
      that runs fix_fields() before all tables are locked.
      a587ded2
    • Sergei Golubchik's avatar
      Item_func_like calls escape_item->fix_fields() twice · 5785de72
      Sergei Golubchik authored
      this happens if Item_func_like is copied (get_copy()).
      after one copy gets fixed, the other tries to fix escape item again.
      5785de72
    • Jan Lindström's avatar
      MDEV-23065 : Crash after setting wsrep_on to ON dynamically and reconnect · d1e9a4c1
      Jan Lindström authored
      At end_connection make sure we have wsrep before trying to free
      connection assigned to it.
      d1e9a4c1
  2. 18 Dec, 2020 2 commits
    • Alice Sherepa's avatar
      MDEV-22008 rpl.rpl_semi_sync fails in bb, MDEV-24418 reenable... · 4e43e2f9
      Alice Sherepa authored
      MDEV-22008 rpl.rpl_semi_sync fails in bb, MDEV-24418 reenable binlog_truncate_innodb and binlog_spurious_ddl_errors, rpl_parallel_retry fails in bb
      4e43e2f9
    • Nikita Malyavin's avatar
      MDEV-24041 Generated column DELETE with FOREIGN KEY crash InnoDB · 83d2e084
      Nikita Malyavin authored
      row_upd_clust_step() calls row_upd_del_mark_clust_rec() which would
      allocate some memory in row_ins_foreign_fill_virtual(). Then,
      row_upd_store_row() would access the allocated memory, but only after
      potentially freeing that memory by invoking mem_heap_empty(),
      leading to ASAN heap-use-after-free diagnostics.
      
      row_ins_foreign_fill_virtual(): Use a more appropriate memory heap with a
      longer lifetime.
      83d2e084
  3. 17 Dec, 2020 2 commits
    • Igor Babaev's avatar
      MDEV-20751 Permission Issue With Nested CTEs · 25d6f634
      Igor Babaev authored
      Due to this bug the server reported bogus messages about lack of SELECT
      privileges for base tables used in the specifications of CTE tables.
      It happened only if such a CTE were referred to at least twice.
      For any non-recursive reference to CTE that is not primary the
      specification of the CTE is cloned. The function check_table_access() is
      called for such reference. The function checks privileges of the tables
      referenced in the specification. As no name resolution was performed for
      CTE references whose definitions occurred outside the specification before
      the call of check_table_access() that was supposed to check the access
      rights of the underlying tables these references were considered
      as references to base tables rather than references to CTEs. Yet for CTEs
      as well as for derived tables no privileges are needed and thus cannot
      be granted.
      The patch ensures proper name resolution of all references to CTEs before
      any acl checks.
      
      Approved by Oleksandr Byelkin <sanja@mariadb.com>
      25d6f634
    • sjaakola's avatar
      MDEV-24327 wsrep XID checkpointing order with log_slave_updates=OFF · 2cb5fb60
      sjaakola authored
      If log_slave_updates==OFF, wsrep applier threads used to be configured
      with option: thd->variables.option_bits&= ~(OPTION_BIN_LOG);
      (i.e. like sql_log_bin=ON). And this was regardless of log-bin configuration.
      
      With this, having configuration of: --log-bin && --log-slave-updates=OFF,
      local threads used binlogging, but applier threads did not. And further:
      local threads went through binlog group commit, while applier threads did
      direct commits. This resulted in situation, where applier threads entered
      earlier in wsrep XID checkpointing, and could sync their wsrep XID out of order.
      Later local thread commit would see that higher seqno was already checkpointed,
      and fire an assert because of this.
      
      As a fix, applier threads are now forced to enable binlogging regardless of
      log-slave-updates configuration.
      
      This PR comes with new mtr test: galera.MDEV-24327, which causes a scenario
      where applier transaction is applied and committed while earlier local transaction
      is parked before commit order monitor enter. A buggy mariadb versoin would fail
      for assertion because of wsrep XID checkpoint order violation.
      Reviewed-by: default avatarJan Lindström <jan.lindstrom@mariadb.com>
      2cb5fb60
  4. 16 Dec, 2020 2 commits
    • Igor Babaev's avatar
      MDEV-23406 Signal 8 in maria_create after recursive cte query · a244be70
      Igor Babaev authored
      This bug could cause a crash when executing queries that used mutually
      recursive CTEs with system variable big_tables set to 1. It happened due
      to several bugs in the code that handled recursive table references
      referred mutually recursive CTEs. For each recursive table reference a
      temporary table is created that contains all rows generated for the
      corresponding recursive CTE table on the previous step of recursion.
      This temporary table should be created in the same way as the temporary
      table created for a regular materialized derived table using the
      method select_union::create_result_table(). In this case when the
      temporary table is created it uses the select_union::TMP_TABLE_PARAM
      structure as the parameter for the table construction. However the
      code created the temporary table using just the function create_tmp_table()
      and passed pointers to certain fields of the TMP_TABLE_PARAM structure
      used for accumulation of rows of the recursive CTE table as parameters
      for update. This was a mistake because now different temporary tables
      cannot share some TMP_TABLE_PARAM fields in a general case. Besides,
      depending on how mutually recursive CTE tables were defined and which
      of them were referred in the executed query the select_union object
      allocated for a recursive table reference could be allocated again after
      the the temporary table had been created. In this case the TMP_TABLE_PARAM
      object associated with the temporary table created for the recursive
      table reference contained unassigned fields needed for execution when
      Aria engine is employed as the engine for temporary tables.
      This patch ensures that
      - select_union object is created only once for any recursive table
        reference
      - any temporary table created for recursive CTEs uses its own
        TMP_TABLE_PARAM structure
      The patch also fixes a problem caused by incomplete cleanup of join tables
      associated with recursive table references.
      
      Approved by Oleksandr Byelkin <sanja@mariadb.com>
      a244be70
    • Vlad Lesin's avatar
      MDEV-22810 mariabackup does not honor open_files_limit from option during backup prepare · 719da2c4
      Vlad Lesin authored
      open_files_limit option was processed only for --backup, but not for
      --prepare.
      719da2c4
  5. 15 Dec, 2020 8 commits
    • Daniel Black's avatar
      aebb1112
    • Daniel Black's avatar
      MDEV-24172: innodb stats table last_update is TIMESTAMP · 2c4761cc
      Daniel Black authored
      The last_updated column of innodb_table_stats and innodb_index_stats
      hasn't been DATA_FIXBINARY for many years.
      
      Innodb represents TIMESTAMP as INT of length 4. Let's test it with this
      and stop hiding the result in mysql_upgrade test.
      
      Reviewer: Marko
      2c4761cc
    • Stepan Patryshev's avatar
      dc62a67e
    • Sergei Petrunia's avatar
      MDEV-21958: Query having many NOT-IN clauses running forever · 066212d1
      Sergei Petrunia authored
      Basic variant of the fix: do not consider conditions in form
      
        unique_key NOT IN (c1,c2...)
      
      to be sargable. If there are only a few constants, the condition
      is not selective. If there are a lot constants, the overhead of
      processing such a huge range list is not worth it.
      
      (Backport to 10.2)
      066212d1
    • Vladislav Vaintroub's avatar
      MDEV-24034 Policy CMP0075 is not set during compile · ac9c6f53
      Vladislav Vaintroub authored
      The policy is not set for 10.2
      If it is set, CMake would complain about bundled zlib for which the policy
      is not set.
      
      Fix:
      - Set policy for 10.2 for the top level project.
      For 10.3+ it was already set
      
      - Cleanup zlib to remove unneeded stuff. It is an internal static library,
      it needs none of PROJECT, library versioning, RC file on Windows.
      The name of the library on Unix does not make any difference, since it is
      static and compiled in.
      ac9c6f53
    • Rucha Deodhar's avatar
      MDEV-23209: Assertion `!is_set() || (m_status == DA_OK_BULK && is_bulk_op())' · 74223c33
      Rucha Deodhar authored
      failed in Diagnostics_area::set_ok_status on INSERT
      
      Analysis: Error is not returned when strict mode is enabled and value is
      truncated because double is outside range.
      Fix: Return HA_ERR_AUTOINC_ERANGE if the error was reported when double is
      outside range.
      74223c33
    • Rucha Deodhar's avatar
      MDEV-22422: Assertion `! is_set()' failed in Diagnostics_area::set_eof_status · 5f4d351d
      Rucha Deodhar authored
      Analysis: The error is not returned when the statement can't be used.
      And so we still go on to search for keywords.
      Fix: Return the error state.
      5f4d351d
    • Daniel Black's avatar
      MDEV-21646: postfix - my_addr_resolve: static Dl_info info · 384f107a
      Daniel Black authored
      Encountered the linker failure on Debug build in 10.4:
      
      [53/585] Linking CXX executable unittest/sql/mf_iocache-t
      FAILED: unittest/sql/mf_iocache-t
      : && /usr/bin/c++  -pie -fPIC -fstack-protector --param=ssp-buffer-size=4 -fPIC -g -DENABLED_DEBUG_SYNC -ggdb3 -DSAFE_MUTEX -DSAFEMALLOC -DTRASH_FREED_MEMORY -Wall -Wextra -Wno-format-truncation -Wno-init-self -Wno-nonnull-compare -Wno-unused-parameter -Woverloaded-virtual -Wnon-virtual-dtor -Wvla -Wwrite-strings -Werror  -Wl,-z,relro,-z,now unittest/sql/CMakeFiles/mf_iocache-t.dir/mf_iocache-t.cc.o unittest/sql/CMakeFiles/mf_iocache-t.dir/__/__/sql/mf_iocache_encr.cc.o  -o unittest/sql/mf_iocache-t  -lpthread  mysys/libmysys.a  unittest/mytap/libmytap.a  mysys_ssl/libmysys_ssl.a  mysys/libmysys.a  dbug/libdbug.a  mysys/libmysys.a  dbug/libdbug.a  -lz  -lm  strings/libstrings.a  -lpthread  -lssl  -lcrypto  -ldl && :
      /usr/bin/ld: mysys/libmysys.a(my_addr_resolve.c.o):/home/dan/repos/mariadb-server-10.4/mysys/my_addr_resolve.c:173: multiple definition of `info'; unittest/sql/CMakeFiles/mf_iocache-t.dir/mf_iocache-t.cc.o:/home/dan/repos/mariadb-server-10.4/unittest/sql/mf_iocache-t.cc:99: first defined here
      
      We make Dl_info static as in MDEV-21646 moving it out of the function
      was the main goal and having it scope limited by static doesn't affect
      the function.
      384f107a
  6. 11 Dec, 2020 1 commit
  7. 10 Dec, 2020 9 commits
  8. 09 Dec, 2020 1 commit
    • Aleksey Midenkov's avatar
      MDEV-17573 Assertion in federatedx on multi-update · f99abb45
      Aleksey Midenkov authored
      Cause: shared federatedx_io cannot store table-specific data.
      
      Fix: move current row reference `federatedx_io_mysql::current` to
      ha_federatedx.
      
      FederatedX connection (represented by federatedx_io) is stored into
      federatedx_txn::txn_list of per-server connections (see
      federatedx_txn::acquire()). federatedx_txn object is stored into THD
      (see ha_federatedx::external_lock()). When multiple handlers acquire
      FederatedX connection they get single federatedx_io instance. Multiple
      handlers do their operation via federatedx_io_mysql::mark_position()
      and federatedx_io_mysql::fetch_row() in arbitrarty manner. They access
      the same federatedx_io_mysql instance and same MYSQL_ROWS *current
      pointer, so one handler disrupts the work of the other.
      
      Related to "MDEV-14551 Can't find record in table on multi-table update
      with ORDER BY".
      f99abb45
  9. 08 Dec, 2020 1 commit
    • Igor Babaev's avatar
      MDEV-24019 Assertion is hit for query using recursive CTE with no default DB · a3f7f233
      Igor Babaev authored
      When the query using a recursive CTE whose definition contained wildcard
      symbols in the recursive part was processed at the prepare stage an
      assertion was hit if the query was executed without any default database
      set. The failure happened when the function insert_fields() tried to check
      column privileges for the temporary table created for a recursive
      reference to the CTE. No acl checks are needed for any CTE. That's why this
      check should be blocked as well. The patch formulates a stricter condition
      at which this check is to be blocked that covers the case when a query
      using recursive CTEs is executed with no default database set.
      
      Approved by Oleksandr Byelkin <sanja@mariadb.com>
      a3f7f233
  10. 07 Dec, 2020 4 commits
  11. 04 Dec, 2020 2 commits
  12. 01 Dec, 2020 2 commits
    • Alexey Botchkov's avatar
      MDEV-24318 server_audit doesn't respect filters for PROXY_CONNECT · 178d32f0
      Alexey Botchkov authored
      events.
      
      The log line should be added behind the filters.
      178d32f0
    • Vlad Lesin's avatar
      MDEV-22929 MariaBackup option to report and/or continue when corruption is encountered · e6b3e38d
      Vlad Lesin authored
      The new option --log-innodb-page-corruption is introduced.
      
      When this option is set, backup is not interrupted if innodb corrupted
      page is detected. Instead it logs all found corrupted pages in
      innodb_corrupted_pages file in backup directory and finishes with error.
      
      For incremental backup corrupted pages are also copied to .delta file,
      because we can't do LSN check for such pages during backup,
      innodb_corrupted_pages will also be created in incremental backup
      directory.
      
      During --prepare, corrupted pages list is read from the file just after
      redo log is applied, and each page from the list is checked if it is allocated
      in it's tablespace or not. If it is not allocated, then it is zeroed out,
      flushed to the tablespace and removed from the list. If all pages are removed
      from the list, then --prepare is finished successfully and
      innodb_corrupted_pages file is removed from backup directory. Otherwise
      --prepare is finished with error message and innodb_corrupted_pages contains
      the list of the pages, which are detected as corrupted during backup, and are
      allocated in their tablespaces, what means backup directory contains corrupted
      innodb pages, and backup can not be considered as consistent.
      
      For incremental --prepare corrupted pages from .delta files are applied
      to the base backup, innodb_corrupted_pages is read from both base in
      incremental directories, and the same action is proceded for corrupted
      pages list as for full --prepare. innodb_corrupted_pages file is
      modified or removed only in base directory.
      
      If DDL happens during backup, it is also processed at the end of backup
      to have correct tablespace names in innodb_corrupted_pages.
      e6b3e38d
  13. 30 Nov, 2020 1 commit
    • Monty's avatar
      MDEV 15532 Assertion `!log->same_pk' failed in row_log_table_apply_delete · 828471cb
      Monty authored
      The reason for the failure is that
      thd->mdl_context.release_transactional_locks()
      was called after commit & rollback even in cases where the current
      transaction is still active.
      
      For 10.2, 10.3 and 10.4 the fix is simple:
      - Replace all calls to thd->mdl_context.release_transactional_locks() with
        thd->release_transactional_locks(). The thd function will only call
        the mdl_context function if there are no active transactional locks.
        In 10.6 we will better fix where we will change the return value for
        some trans_xxx() functions to indicate if transaction did close the
        transaction or not. This will avoid the need of the indirect call.
      
      Other things:
      - trans_xa_commit() and trans_xa_rollback() will automatically
        call release_transactional_locks() if the transaction is closed.
      - We can't do that for the other functions as the caller of many of these
        are doing additional work (like close_thread_tables) before calling
        release_transactional_locks().
      - Added missing abort_result_set() and missing DBUG_RETURN in
        select_create::send_eof()
      - Fixed wrong indentation in injector::transaction::commit()
      828471cb