1. 28 May, 2024 1 commit
    • Souradeep Saha's avatar
      Fix Various Typos · 83a04be8
      Souradeep Saha authored
      Fix various typos, in comments and DEBUG statements, and code changes
      are non-functional.
      
      All new code of the whole pull request, including one or several files
      that are either new files or modified ones, are contributed under the
      BSD-new license. I am contributing on behalf of my employer Amazon Web
      Services, Inc.
      83a04be8
  2. 27 May, 2024 2 commits
    • Alexander Barkov's avatar
      MDEV-34226 On startup: UBSAN: applying zero offset to null pointer in... · 4a158ec1
      Alexander Barkov authored
      MDEV-34226 On startup: UBSAN: applying zero offset to null pointer in my_copy_fix_mb from strings/ctype-mb.c and other locations
      
      nullptr+0 is an UB (undefined behavior).
      
      - Fixing my_string_metadata_get_mb() to handle {nullptr,0} without UB.
      - Fixing THD::copy_with_error() to disallow {nullptr,0} by DBUG_ASSERT().
      - Fixing parse_client_handshake_packet() to call THD::copy_with_error()
        with an empty string {"",0} instead of NULL string {nullptr,0}.
      4a158ec1
    • Alexander Barkov's avatar
      MDEV-30931 UBSAN: negation of -X cannot be represented in type 'long long... · 79253261
      Alexander Barkov authored
      MDEV-30931 UBSAN: negation of -X cannot be represented in type 'long long int'; cast to an unsigned type to negate this value to itself in get_interval_value on SELECT
      
      - Fixing the code in get_interval_value() to use Longlong_hybrid_null.
        This allows to handle correctly:
      
        - Signed and unsigned arguments
          (the old code assumed the argument to be signed)
        - Avoid undefined negation behavior the corner case with LONGLONG_MIN
      
        This fixes the UBSAN warning:
          negation of -9223372036854775808 cannot be represented
          in type 'long long int';
      
      - Fixing the code in get_interval_value() to avoid overflow in
        the INTERVAL_QUARTER and INTERVAL_WEEK branches.
        This fixes the UBSAN warning:
          signed integer overflow: -9223372036854775808 * 7 cannot be represented
          in type 'long long int'
      
      - Fixing the INTERVAL_WEEK branch in date_add_interval() to handle
        huge numbers correctly. Before the change, huge positive numeber
        were treated as their negative complements.
        Note, some other branches still can be affected by this problem
        and should also be fixed eventually.
      79253261
  3. 24 May, 2024 2 commits
  4. 23 May, 2024 2 commits
    • Vladislav Vaintroub's avatar
      MDEV-34205: ASAN stack buffer overflow in strxnmov() in frm_file_exists · 736449d3
      Vladislav Vaintroub authored
      Correct the second parameter for strxnmov to prevent potential buffer
      overflows. The second parameter must be one less than the size of the
      input buffer to avoid writing past the end of the buffer.
      
      While the second parameter is usually correct, there are exceptions
      that need fixing.
      
      This commit addresses the issue within frm_file_exists() and other
      affected places.
      736449d3
    • Alexander Barkov's avatar
      MDEV-28387 UBSAN: runtime error: negation of -9223372036854775808 cannot be... · 7c4c0823
      Alexander Barkov authored
      MDEV-28387 UBSAN: runtime error: negation of -9223372036854775808 cannot be represented in type 'long long int'; cast to an unsigned type to negate this value to itself in my_strtoll10 on SELECT
      
      Fixing the condition to raise an overflow in the ulonglong
      representation of the number is greater or equal to 0x8000000000000000ULL.
      Before this change the condition did not catch -9223372036854775808
      (the smallest possible signed negative longlong number).
      7c4c0823
  5. 21 May, 2024 5 commits
    • Yuchen Pei's avatar
    • Marko Mäkelä's avatar
      MDEV-33817 fixup: Disable for macOS · 266495b9
      Marko Mäkelä authored
      According to https://discussions.apple.com/thread/8256853
      an attempt to use AVX512 registers on macOS will result in #UD
      (crash at runtime).
      
      Also, starting with clang-18 and GCC 14, we must add "evex512" to the
      target flags so that AVX and SSE instructions can use AVX512 specific
      encodings. This flag was introduced together with the avx10.1-512 target.
      Older compiler versions do not recognize "evex512". We do not want to
      write "avx10.1-512" because it could enable some AVX512 subfeatures
      that we do not have any CPUID check for.
      
      Reviewed by: Vladislav Vaintroub
      Tested on macOS by: Valerii Kravchuk
      266495b9
    • Alexander Barkov's avatar
      Backporting bugs fixes fixed by MDEV-31340 from 11.5 · 310fd6ff
      Alexander Barkov authored
      The patch for MDEV-31340 fixed the following bugs:
      
      MDEV-33084 LASTVAL(t1) and LASTVAL(T1) do not work well with lower-case-table-names=0
      MDEV-33085 Tables T1 and t1 do not work well with ENGINE=CSV and lower-case-table-names=0
      MDEV-33086 SHOW OPEN TABLES IN DB1 -- is case insensitive with lower-case-table-names=0
      MDEV-33088 Cannot create triggers in the database `MYSQL`
      MDEV-33103 LOCK TABLE t1 AS t2 -- alias is not case sensitive with lower-case-table-names=0
      MDEV-33108 TABLE_STATISTICS and INDEX_STATISTICS are case insensitive with lower-case-table-names=0
      MDEV-33109 DROP DATABASE MYSQL -- does not drop SP with lower-case-table-names=0
      MDEV-33110 HANDLER commands are case insensitive with lower-case-table-names=0
      MDEV-33119 User is case insensitive in INFORMATION_SCHEMA.VIEWS
      MDEV-33120 System log table names are case insensitive with lower-cast-table-names=0
      
      Backporting the fixes from 11.5 to 10.5
      310fd6ff
    • mariadb-DebarunBanerjee's avatar
      MDEV-34166 Server could hang with BP < 80M under stress · b2944adb
      mariadb-DebarunBanerjee authored
      BUF_LRU_MIN_LEN (256) is too high value for low buffer pool(BP) size.
      For example, for BP size lower than 80M and 16 K page size, the limit is
      more than 5% of total BP and for lowest BP 5M, it is 80% of the BP.
      Non-data objects like explicit locks could occupy part of the BP pool
      reducing the pages available for LRU. If LRU reaches minimum limit and
      if no free pages are available, server would hang with page cleaner not
      able to free any more pages.
      
      Fix: To avoid such hang, we adjust the LRU limit lower than the limit
      for data objects as checked in buf_LRU_check_size_of_non_data_objects()
      i.e. one page less than 5% of BP.
      b2944adb
    • Marko Mäkelä's avatar
      MDEV-34204 Assertion `!*detailed_error' failed on shutdown after XA PREPARE · 0907df3d
      Marko Mäkelä authored
      trx_free_at_shutdown(): Similar to trx_t::commit_in_memory(),
      clear the detailed_error (FOREIGN KEY constraint error) before
      invoking trx_t::free(). We only do this on debug instrumented
      builds in order to avoid a debug assertion failure on shutdown.
      0907df3d
  6. 20 May, 2024 4 commits
  7. 17 May, 2024 1 commit
    • Robin Newhouse's avatar
      Minimize unsafe C functions with safe_strcpy() · dc38d8ea
      Robin Newhouse authored
      Similar to #2480.
      567b6812 introduced safe_strcpy() to minimize the use of C with
      potentially unsafe memory overflow with strcpy() whose use is
      discouraged.
      Replace instances of strcpy() with safe_strcpy() where possible, limited
      here to files in the `sql/` directory.
      
      All new code of the whole pull request, including one or several files
      that are either new files or modified ones, are contributed under the
      BSD-new license. I am contributing on behalf of my employer
      Amazon Web Services, Inc.
      dc38d8ea
  8. 16 May, 2024 1 commit
  9. 15 May, 2024 1 commit
  10. 14 May, 2024 2 commits
    • Sergei Golubchik's avatar
    • Yuchen Pei's avatar
      MDEV-28105 Return error in ha_spider::write_row() if info(HA_STATUS_AUTO) fails · fd767462
      Yuchen Pei authored
      Spider calls info with HA_STATUS_AUTO to update auto increment info,
      which may attempt to connect the data node. If the connection fails,
      it may emit an error and return the same error. This error should not
      be of lower priority than any possible error from the later call to
      handler::update_auto_increment().
      
      Without this change, certain errors from update_auto_increment() such
      as HA_ERR_AUTOINC_ERANGE may get ignored, causing my_insert() to call
      my_ok(), which fails the assertion because the error was emitted in
      the info() call (Diagnostics_area::is_set() returns true).
      fd767462
  11. 12 May, 2024 3 commits
  12. 10 May, 2024 1 commit
  13. 09 May, 2024 1 commit
    • He Guohua's avatar
      MDEV-31566 Fix buffer overrun of column_json function · 86774720
      He Guohua authored
      The accounting of the limit variable that represents the
      amount of space left it the buffer was incorrect.
      
      Also there was 1 or 2 bytes left to write that occured without
      the buffer length being checked.
      
      Review: Sanja Byelkin
      86774720
  14. 08 May, 2024 7 commits
  15. 07 May, 2024 7 commits
    • Sergei Petrunia's avatar
      MDEV-28621: group by optimization incorrectly removing subquery where subject buried in a function · 40b3525f
      Sergei Petrunia authored
      Workaround patch: Do not remove GROUP BY clause when it has
      subquer(ies) in it.
      
      remove_redundant_subquery_clauses() removes redundant GROUP BY clause
      from queries in form:
        expr IN (SELECT no_aggregates GROUP BY ...)
        expr {CMP} {ALL|ANY|SOME} (SELECT no_aggregates GROUP BY ...)
      This hits problems when the GROUP BY clause itself has subquer(y/ies).
      
      This patch is just a workaround: it disables removal of GROUP BY clause
      if the clause has one or more subqueries in it.
      
      Tests:
      - subselect_elimination.test has all known crashing cases.
      - subselect4.result, insert_select.result are updated.
      Note that in some cases results of SELECT are changed too (not just
      EXPLAINs). These are caused by non-deterministic SQL: when running a
      query like:
      
        x > ANY( SELECT col1 FROM t1 GROUP BY constant_expression)
      
      without removing the GROUP BY, the executor is free to pick the value
      of t1.col1 from any row in the GROUP BY group (denote it $COL1_VAL).
      Then, it computes x > ANY(SELECT $COL1_VAL).
      
      When running the same query and removing the GROUP BY:
      
         x > ANY( SELECT col1 FROM t1)
      
      the executor will actually check all rows of t1.
      40b3525f
    • Monty's avatar
      MDEV-34055 Assertion '...' failure or corruption errors upon REPAIR on Aria tables · ec6aa9ac
      Monty authored
      The problem was two fold:
      - REPAIR TABLE t1 USE_FRM did not work for transactional
        Aria tables (Table was thought to be repaired, which it was not) which
        caused issues in later usage of the table.
      - When swapping tmp_data file to data file, sort_info files where not
        updated. This caused problems if there was several unique keys and
        there was a duplicate for the second key.
      ec6aa9ac
    • Galina Shalygina's avatar
      MDEV-23878 Wrong result with semi-join and splittable derived table · 4bc1860e
      Galina Shalygina authored
      Due to this bug a wrong result might be expected from queries with
      an IN subquery predicate in the WHERE clause and a derived table in the
      FROM clause to which split optimization could be applied.
      
      The function JOIN::fix_all_splittings_in_plan() used the value of the
      bitmap JOIN::sjm_lookup_tables() such as it had been left after the
      search for the best plan for the select containing the splittable
      derived table. That value could not be guaranteed to be correct. So the
      recalculation of this bitmap is needed to exclude the plans with key
      accesses from SJM lookup tables.
      
      Approved by Igor Babaev <igor@maridb.com>
      4bc1860e
    • Yuchen Pei's avatar
      MDEV-34036 Reset spider_hton_ptr in spider_db_done() · 10a75992
      Yuchen Pei authored
      Otherwise spider_direct_sql may still think the spider plugin is
      available even after spider_db_done() was called.
      10a75992
    • Sergei Golubchik's avatar
      42c99ef0
    • Sergei Golubchik's avatar
      Revert "MDEV-19949 mariabackup option of '--password' or '-p' without... · 421eeb18
      Sergei Golubchik authored
      Revert "MDEV-19949 mariabackup option of '--password' or '-p' without specifying password in commandline"
      
      This reverts commit 91fb8b7f.
      
      Incompatible change, see tests in the next commit
      421eeb18
    • Jan Lindström's avatar
      MDEV-33898 : Galera test failure on galera.MW-369 · 33e4fbf0
      Jan Lindström authored
      Additional changes for the galera_vote_rejoin_ddl test (for 10.5+).
      Signed-off-by: default avatarJulius Goryavsky <julius.goryavsky@mariadb.com>
      33e4fbf0