1. 07 Oct, 2020 3 commits
    • Sergei Golubchik's avatar
      Merge tag 'mariadb-10.1.47' into 10.1 · 83bd8ebf
      Sergei Golubchik authored
      83bd8ebf
    • Daniel Bartholomew's avatar
      bump the VERSION · 1a850225
      Daniel Bartholomew authored
      1a850225
    • Andrei Elkin's avatar
      MDEV-23832 Crash at startup in Log_event::read_log_event · 65c632cb
      Andrei Elkin authored
      The crash was caused by improper raising of an error or replication checksum
      verification at time of the server initialization. As there is no THD object
      associated with the main initializing thread yet the error text should be
      assigned with calling a respective macro that is aware of that possibility.
      
      Fixed accordingly.
      
      [At merging to 10.4 the new test result file needs
       +# restart: --master_verify_checksum=ON --debug_dbug=+d,corrupt_read_log_event_char
      that mtr run will hint on.]
      65c632cb
  2. 05 Oct, 2020 2 commits
  3. 02 Oct, 2020 1 commit
  4. 01 Oct, 2020 1 commit
  5. 30 Sep, 2020 1 commit
  6. 29 Sep, 2020 1 commit
  7. 28 Sep, 2020 2 commits
    • Thirunarayanan Balathandayuthapani's avatar
      MDEV-22277 LeakSanitizer: detected memory leaks in mem_heap_create_block_func... · fdb3c64e
      Thirunarayanan Balathandayuthapani authored
      MDEV-22277 LeakSanitizer: detected memory leaks in mem_heap_create_block_func after attempt to create foreign key
      
      - During online DDL, prepare phase error handler fails to remove
      the memory allocated for newly created foreign keys.
      fdb3c64e
    • Sujatha's avatar
      MDEV-22330: mysqlbinlog stops with an error Don't know how to handle column... · 15cd9195
      Sujatha authored
      MDEV-22330: mysqlbinlog stops with an error Don't know how to handle column type: 255 meta: 4 (0004)
      
      Analysis:
      ========
      "mysqlbinlog -v" option will reconstruct row events and display them as
      commented SQL statements. If this option is given twice, the output includes
      comments to indicate column data types and some metadata.
      `log_event_print_value` is the function reponsible for printing values and
      their types. This function doesn't handle GEOMETRY type. Hence the above error
      gets printed.
      
      Fix:
      ===
      Add support for GEOMETRY datatype.
      15cd9195
  8. 25 Sep, 2020 1 commit
  9. 24 Sep, 2020 1 commit
  10. 23 Sep, 2020 3 commits
  11. 22 Sep, 2020 1 commit
  12. 20 Sep, 2020 9 commits
  13. 16 Sep, 2020 1 commit
    • Sujatha's avatar
      MDEV-21839: Handle crazy offset to SHOW BINLOG EVENTS · 873cc1e7
      Sujatha authored
      Problem:
      =======
      SHOW BINLOG EVENTS FROM <"random"-pos> caused a variety of failures as
      reported in MDEV-18046. They are fixed but that approach is not future-proof
      as well as is not optimal to create extra check for being constructed event
      parameters.
      
      Analysis:
      =========
      "show binlog events from <pos>" code considers the user given position as a
      valid event start position. The code starts reading data from this event start
      position onwards and tries to map it to a set of known events. Each event has
      a specific event structure and asserts have been added to ensure that, read
      event data, satisfies the event specific requirements. When a random position
      is supplied to "show binlog events command" the event structure specific
      checks will fail and they result in assert.
      
      For example: https://jira.mariadb.org/browse/MDEV-18046
      In the bug description user executes CREATE TABLE/INSERT and ALTER SQL
      commands.
      
      When a crazy offset like "SHOW BINLOG EVENTS FROM 365" is provided code
      assumes offset 365 as valid event begin and proceeds to EVENT_LEN_OFFSET reads
      some random length and comes up with a crazy event which didn't exits in the
      binary log. In this quoted example scenario, event read at offset 365 is
      considered as "Update_rows_log_event", which is not present in binary log.
      Since this is a random event its validation fails and code results in
      assert/segmentation fault, as shown below.
      
      mysqld: /data/src/10.4/sql/log_event.cc:10863: Rows_log_event::Rows_log_event(
          const char*, uint, const Format_description_log_event*):
          Assertion `var_header_len >= 2' failed.
          181220 15:27:02 [ERROR] mysqld got signal 6 ;
      #7  0x00007fa0d96abee2 in __assert_fail () from /lib/x86_64-linux-gnu/libc.so.6
      #8  0x000055e744ef82de in Rows_log_event::Rows_log_event (this=0x7fa05800d390,
          buf=0x7fa05800d080 "", event_len=254, description_event=0x7fa058006d60) at
      /data/src/10.4/sql/log_event.cc:10863
      #9  0x000055e744f00cf8 in Update_rows_log_event::Update_rows_log_event
      
      Since we are reading random data repeating the same command SHOW BINLOG EVENTS
      FROM 365 produces different types of crashes with different events. MDEV-18046
      reported 10 such crashes.
      
      In order to avoid such scenarios user provided starting offset needs to be
      validated for its correctness. Best way of doing this is to make use of
      checksums if they are available. MDEV-18046 fix introduced the checksum based
      validation.
      
      The issue still remains in cases where binlog checksums are disabled. Please
      find the following bug reports.
      
      MDEV-22473: binlog.binlog_show_binlog_event_random_pos failed in buildbot,
                  server crashed in read_log_event
      MDEV-22455: Server crashes in Table_map_log_event,
                  binlog.binlog_invalid_read_in_rotate failed in buildbot
      
      Fix:
      ====
      When binlog checksum is disabled, perform scan(via reading event by event), to
      validate the requested FROM <pos> offset. Starting from offset 4 read the
      event_length of next_event in the binary log. Using the next_event length
      advance current offset to point to next event. Repeat this process till the
      current offset is less than or equal to crazy offset. If current offset is
      higher than crazy offset provide appropriate invalid input offset error.
      873cc1e7
  14. 14 Sep, 2020 1 commit
  15. 11 Sep, 2020 2 commits
  16. 07 Sep, 2020 2 commits
    • Sujatha's avatar
      MDEV-9501: rpl.rpl_binlog_index, rpl.rpl_gtid_crash, rpl.rpl_stm_multi_query... · a8f6bbb7
      Sujatha authored
      MDEV-9501: rpl.rpl_binlog_index, rpl.rpl_gtid_crash, rpl.rpl_stm_multi_query fail sporadically in buildbot with Master command COM_REGISTER_SLAVE failed
      
      Analysis:
      ========
      Slave server will send COM_REGISTER_SLAVE command at the time of establishing
      a connection to master. If master is down, then the command will fail and
      COM_REGISTER_SLAVE failed warning is reported.
      
      'rpl_binlog_index.test' shutsdown the master and it relocates binary logs to a
      new location and attempts to start master by pointing 'log-bin' to new
      location. During this process the slave threads are active. IO thread actively
      checks for the presence of master when it finds that the connection is lost it
      attempts a reconnect, as master is down COM_REGISTER_SLAVE command fails.
      
      As part of fix, stop the slave threads and then shutdown the master and do the
      binlog relocation. Once master is restarted start the slave threads and sync
      them with the master. In test binary logs and index files on master are
      relocated to /tmpdir but during master restart only --log-bin option is
      provided, this is incorrect. Even --log-bin-index also should be pointed to
      /tmpdir otherwise upon master server restart two index files will be created.
      One master-bin.index in /tmpdir and a new master-bin.index as per log_basename
      in datadir. Due to this slave will fail to connect to master.
      
      'rpl_gtid_crash.test' tests following scenario "crashing master, causing slave
      IO thread to reconnect while SQL thread is running". When IO thread tries to
      connect to crashed master on slow platforms COM_REGISTER_SLAVE command fails.
      This is expected hence the warning should be added to suppression list.
      a8f6bbb7
    • Kentoku SHIBA's avatar
      MDEV-7098 spider/bg.spider_fixes failed in buildbot with safe_mutex: Trying to... · 420c4dcc
      Kentoku SHIBA authored
      MDEV-7098 spider/bg.spider_fixes failed in buildbot with safe_mutex: Trying to unlock mutex conn->mta_conn_mutex that wasn't locked at storage/spider/spd_db_conn.cc, line 671
      420c4dcc
  17. 04 Sep, 2020 1 commit
  18. 03 Sep, 2020 3 commits
    • Alexander Barkov's avatar
      MDEV-23535 SIGSEGV, SIGABRT and SIGILL in typeinfo for Item_func_set_collation... · f0a57acb
      Alexander Barkov authored
      MDEV-23535 SIGSEGV, SIGABRT and SIGILL in typeinfo for Item_func_set_collation (on optimized builds)
      
      This piece of the code in Item_func_or_sum::agg_item_set_converter:
      
       if (!conv && ((*arg)->collation.repertoire == MY_REPERTOIRE_ASCII))
         conv= new (thd->mem_root) Item_func_conv_charset(thd, *arg, coll.collation, 1);
      
      was wrong because:
      
      1. It could change Item_cache to Item_func_conv_charset
        (with the old Item_cache in args[0]).
        Such Item type change is not always supported, e.g.
        the code in Item_singlerow_subselect::reset() expects only Item_cache,
        to be able to call Item_cache::set_null(). So it erroneously
        reinterpreted Item_func_conv_charset to Item_cache and called
        a non-existing method set_null(), which crashed the server.
      
      2. The 1 in the last parameter to Item_func_conv_charset() was also
        a problem. In MariaDB versions where the reported query did not crash,
        it erroneously returned "empty set" instead of one row, because
        the 1 made subselects execute too earlier and return NULL.
      
      Fix:
      
      1. Removing the above two lines from Item_func_or_sum::agg_item_set_converter()
      
      2. Adding the repertoire test inside the constructor of Item_func_conv_charset,
         so it now detects itself as "safe" in more cases than before.
         This is needed to avoid new "Illegal mix of collations" after
         removing the wrong code in various scenarios when character set
         conversion from pure ASCII happens, including the reported scenario.
      
      So now this sequence:
      
         Item_cache -> Item_func_concat
      
      is replaced to this compatible sequence (the top Item is still Item_cache):
      
         new Item_cache -> Item_func_conv_charset -> Item_func_concat
      
      Before the fix it was replaced to this incompatible sequence:
      
         Item_func_conv_charset -> old Item_cache -> Item_func_concat
      f0a57acb
    • Marko Mäkelä's avatar
      MDEV-22387: Do not pass null pointer to some memcpy() · 94a520dd
      Marko Mäkelä authored
      Passing a null pointer to a nonnull argument is not only undefined
      behaviour, but it also grants the compiler the permission to optimize
      away further checks whether the pointer is null. GCC -O2 at least
      starting with version 8 may do that, potentially causing SIGSEGV.
      
      These problems were caught in a WITH_UBSAN=ON build with the
      Bug#7024 test in main.view.
      94a520dd
    • Marko Mäkelä's avatar
      MDEV-7110 follow-up fix: Do not pass NULL as nonnull parameter · a256070e
      Marko Mäkelä authored
      Passing a null pointer to the "%s" argument of a printf-like
      function is undefined behaviour. In the GNU libc implementation
      of the printf() family of functions, it happens to work.
      
      GCC 10.2.0 would diagnose this with -Wformat-overflow -Og.
      In -fsanitize=undefined (WITH_UBSAN=ON) builds, a runtime error
      would be generated. In some other builds, GCC 8 or later might infer
      that the parameter is nonnull and optimize away further checks whether
      the parameter is null, leading to SIGSEGV.
      a256070e
  19. 02 Sep, 2020 1 commit
  20. 01 Sep, 2020 1 commit
  21. 31 Aug, 2020 1 commit
    • Andrei Elkin's avatar
      MDEV-16372 ER_BASE64_DECODE_ERROR upon replaying binary log via mysqlbinlog --verbose · feac078f
      Andrei Elkin authored
      (This commit is exclusively for 10.1 branch, do not merge it to upper ones)
      
      In case of a pattern of non-STMT_END-marked Rows-log-event (A) followed by
      a STMT_END marked one (B) mysqlbinlog mixes up the base64 encoded rows events
      with their pseudo sql representation produced by the verbose option:
            BINLOG '
              base64 encoded data for A
              ### verbose section for A
              base64 encoded data for B
              ### verbose section for B
            '/*!*/;
      In effect the produced BINLOG '...' query is not valid and is rejected with the error.
      Examples of this way malformed BINLOG could have been found in binlog_row_annotate.result
      that gets corrected with the patch.
      
      The issue is fixed with introduction an auxiliary IO_CACHE to hold on the verbose
      comments until the terminal STMT_END event is found. The new cache is emptied
      out after two pre-existing ones are done at that time.
      The correctly produced output now for the above case is as the following:
            BINLOG '
              base64 encoded data for A
              base64 encoded data for B
            '/*!*/;
              ### verbose section for A
              ### verbose section for B
      
      Thanks to Alexey Midenkov for the problem recognition and attempt to tackle,
      Venkatesh Duggirala who produced a patch for the upstream whose
      idea is exploited here, as well as to MDEV-23077 reporter LukeXwang who
      also contributed a piece of a patch aiming at this issue.
      
      Extra: mysqlbinlog_row_minimal refined to not produce mutable numeric values into the result file.
      feac078f
  22. 27 Aug, 2020 1 commit
    • Varun Gupta's avatar
      MDEV-23596: Assertion `tab->ref.use_count' failed in join_read_key_unlock_row · f69cc267
      Varun Gupta authored
      The issue here was that the query was using ORDER BY LIMIT optimzation where
      the access method was changed from EQ_REF access to an index scan (index that would
      resolve the ORDER BY clause).
      But the parameter READ_RECORD::unlock_row was not reset to rr_unlock_row, which is
      used when the access method is not EQ_REF access.
      f69cc267