1. 21 Feb, 2021 1 commit
    • Monty's avatar
      MDEV-22703 DEFAULT() on a BLOB column can overwrite the default record · 8db5274d
      Monty authored
      This can cause crashes when accessing already released memory
      
      The issue was the Item_default created a internal field, pointing to
      share->default_values, to be used with the DEFAULT() function.
      This does not work for BLOB fields as these are freed at end of query.
      Fixed by storing BLOB field data inside and area allocated by
      Item_default_value,  like we do for nondeterministic default values.
      8db5274d
  2. 11 Feb, 2021 1 commit
    • Igor Babaev's avatar
      MDEV-24840 Crash caused by query with IN subquery containing union · da88e1ec
      Igor Babaev authored
                 of two table value costructors
      
      This bug affected queries with a [NOT] IN/ANY/ALL subquery whose top level
      unit contained several table value constructors.
      The problem appeared because the code of the function
      Item_subselect::fix_fields() that was responsible for wrapping table
      value constructors encountered at the top level unit of a [NOT] IN/ANY/ALL
      subquery did not take into account that the chain of the select objects
      comprising the unit were not immutable.
      
      Approved by Oleksandr Byelkin <sanja@mariadb.com>
      da88e1ec
  3. 01 Feb, 2021 2 commits
  4. 27 Jan, 2021 1 commit
    • Igor Babaev's avatar
      MDEV-24675 Server crash when table value constructor uses a subselect · bdae8bb6
      Igor Babaev authored
      This patch actually fixes the bug MDEV-24675 and the bug MDEV-24618:
      Assertion failure when TVC uses a row in the context expecting scalar value
      
      The cause of these bugs is the same wrong call of the function that fixes
      value expressions in the value list of a table value constructor.
      The assertion failure happened when an expression in the value list is of
      the row type. In this case an error message was expected, but it was not
      issued because the function fix_fields_if_needed() was called for to
      check fields of value expressions in a TVC instead of the function
      fix_fields_if_needed_for_scalar() that would also check that the value
      expressions are are of a scalar type.
      The first bug happened when a table value expression used an expression
      returned by single-row subselect. In this case the call of the
      fix_fields_if_needed_for_scalar virtual function must be provided with
      and address to which the single-row subselect has to be attached.
      
      Test cases were added for each of the bugs.
      
      Approved by Oleksandr Byelkin <sanja@mariadb.com>
      bdae8bb6
  5. 26 Jan, 2021 2 commits
    • Nikita Malyavin's avatar
      MDEV-17556 Assertion `bitmap_is_set_all(&table->s->all_set)' failed · 21809f9a
      Nikita Malyavin authored
      The assertion failed in handler::ha_reset upon SELECT under
      READ UNCOMMITTED from table with index on virtual column.
      
      This was the debug-only failure, though the problem is mush wider:
      * MY_BITMAP is a structure containing my_bitmap_map, the latter is a raw
       bitmap.
      * read_set, write_set and vcol_set of TABLE are the pointers to MY_BITMAP
      * The rest of MY_BITMAPs are stored in TABLE and TABLE_SHARE
      * The pointers to the stored MY_BITMAPs, like orig_read_set etc, and
       sometimes all_set and tmp_set, are assigned to the pointers.
      * Sometimes tmp_use_all_columns is used to substitute the raw bitmap
       directly with all_set.bitmap
      * Sometimes even bitmaps are directly modified, like in
      TABLE::update_virtual_field(): bitmap_clear_all(&tmp_set) is called.
      
      The last three bullets in the list, when used together (which is mostly
      always) make the program flow cumbersome and impossible to follow,
      notwithstanding the errors they cause, like this MDEV-17556, where tmp_set
      pointer was assigned to read_set, write_set and vcol_set, then its bitmap
      was substituted with all_set.bitmap by dbug_tmp_use_all_columns() call,
      and then bitmap_clear_all(&tmp_set) was applied to all this.
      
      To untangle this knot, the rule should be applied:
      * Never substitute bitmaps! This patch is about this.
       orig_*, all_set bitmaps are never substituted already.
      
      This patch changes the following function prototypes:
      * tmp_use_all_columns, dbug_tmp_use_all_columns
       to accept MY_BITMAP** and to return MY_BITMAP * instead of my_bitmap_map*
      * tmp_restore_column_map, dbug_tmp_restore_column_maps to accept
       MY_BITMAP* instead of my_bitmap_map*
      
      These functions now will substitute read_set/write_set/vcol_set directly,
      and won't touch underlying bitmaps.
      21809f9a
    • Oleksandr Byelkin's avatar
      MDEV-21785: sequences used as default by other table not dumped in right order by mysqldump · c207f04e
      Oleksandr Byelkin authored
      Dump sequences first.
      
      This atch made to keep it small and
      to keep number of queries to the server the same.
      
      Order of tables in a dump can not be changed
      (except sequences first) because mysql_list_tables
      uses SHOW TABLES and I used SHOW FULL TABLES.
      c207f04e
  6. 25 Jan, 2021 2 commits
  7. 22 Jan, 2021 1 commit
  8. 21 Jan, 2021 2 commits
  9. 19 Jan, 2021 2 commits
    • sjaakola's avatar
      MDEV-21153 Replica nodes crash due to indexed virtual columns and FK cascading delete · 7d04ce6a
      sjaakola authored
      Fix for MDEV-23033 fixes a problem in replication applying of transactions, which contain cascading foreign key delete for a table, which has indexed virtual column.
      This fix adds slave_fk_event_map flag for table, to mark when the prelocking is needed for applying of a transaction.
      See commit 608b0ee5 for more details.
      However, this fix is targeted for async replication only, Rows_log_event::do_apply_event() has condition to rule out galera replication from the fix domain, and use cases suffering from MDEV-23033 and related MDEV-21153 will fail in galera cluster.
      
      The fix in this commit removes the condition to rule out the setting of slave_fk_event_map flag from galera replication, and makes the fix in MDEV-23033 effective for galera replication as well.
      
      Finally, a mtr test for virtual column support has been added. galera.galera_virtual_column.test has as first test a scenario from MDEV-21153
      Reviewed-by: default avatarJan Lindström <jan.lindstrom@mariadb.com>
      7d04ce6a
    • Marko Mäkelä's avatar
      Merge 10.2 into 10.3 · 049811ec
      Marko Mäkelä authored
      049811ec
  10. 14 Jan, 2021 1 commit
    • Dmitry Shulga's avatar
      MDEV-23666: Assertion `m_cpp_buf <= ptr && ptr <= m_cpp_buf + m_buf_length'... · f130adbf
      Dmitry Shulga authored
      MDEV-23666: Assertion `m_cpp_buf <= ptr && ptr <= m_cpp_buf + m_buf_length' failed in Lex_input_stream::body_utf8_append
      
      On parsing statements for which a starting backtick (`) delimiter doesn't have
      a corresponding ending backtick, a current pointer to a position inside a
      pre-processed buffer could go beyond the end of the buffer.
      
      This bug report caused by the commit d4967659
        "MDEV-22022 Various mangled SQL statements will crash 10.3 to 10.5 debug builds".
      
      In order to fix the issue both pointers m_ptr and m_cpp_ptr must be
      rolled back to previous position in raw input and pre-processed input streams
      correspondingly in case end of query reached during parsing.
      f130adbf
  11. 13 Jan, 2021 1 commit
    • Rucha Deodhar's avatar
      MDEV-24387: Wrong number of decimal digits in certain UNION/Subqery · fb9a9599
      Rucha Deodhar authored
      constellation
      
      Analysis: The decimals is set to NOT_FIXED_DEC for Field_str even if it is
      NULL. Unsigned has decimals=0. So Type_std_attributes::decimals is set to 39
      (maximum between 0 and 39). This results in incorrect number of decimals
      when we have union of unsigned and NULL type.
      
      Fix: Check if the field is created from NULL value. If yes, set decimals to 0
      otherwise set it to NOT_FIXED_DEC.
      fb9a9599
  12. 12 Jan, 2021 10 commits
  13. 11 Jan, 2021 2 commits
  14. 09 Jan, 2021 1 commit
  15. 08 Jan, 2021 5 commits
    • Jan Lindström's avatar
      MDEV-23536 : Race condition between KILL and transaction commit · 775fccea
      Jan Lindström authored
      A race condition may occur between the execution of transaction commit,
      and an execution of a KILL statement that would attempt to abort that
      transaction.
      
      MDEV-17092 worked around this race condition by modifying InnoDB code.
      After that issue was closed, Sergey Vojtovich pointed out that this
      race condition would better be fixed above the storage engine layer:
      
      If you look carefully into the above, you can conclude that
      thd->free_connection() can be called concurrently with
      KILL/thd->awake(). Which is the bug. And it is partially fixed in
      THD::~THD(), that is destructor waits for KILL completion:
      
      Fix: Add necessary mutex operations to THD::free_connection()
      and move WSREP specific code also there. This ensures that no
      one is using THD while we do free_connection(). These mutexes
      will also ensures that there can't be concurrent KILL/THD::awake().
      
      innobase_kill_query
        We can now remove usage of trx_sys_mutex introduced on MDEV-17092.
      
      trx_t::free()
        Poison trx->state and trx->mysql_thd
      
      This patch is validated with an RQG run similar to the one that
      reproduced MDEV-17092.
      775fccea
    • Marko Mäkelä's avatar
      18254c18
    • Nikita Malyavin's avatar
      fixup MDEV-17556: fix mroonga · 61a362c9
      Nikita Malyavin authored
      61a362c9
    • Marko Mäkelä's avatar
      cd1e5d65
    • Nikita Malyavin's avatar
      MDEV-17556 Assertion `bitmap_is_set_all(&table->s->all_set)' failed · e25623e7
      Nikita Malyavin authored
      The assertion failed in handler::ha_reset upon SELECT under
      READ UNCOMMITTED from table with index on virtual column.
      
      This was the debug-only failure, though the problem is mush wider:
      * MY_BITMAP is a structure containing my_bitmap_map, the latter is a raw
       bitmap.
      * read_set, write_set and vcol_set of TABLE are the pointers to MY_BITMAP
      * The rest of MY_BITMAPs are stored in TABLE and TABLE_SHARE
      * The pointers to the stored MY_BITMAPs, like orig_read_set etc, and
       sometimes all_set and tmp_set, are assigned to the pointers.
      * Sometimes tmp_use_all_columns is used to substitute the raw bitmap
       directly with all_set.bitmap
      * Sometimes even bitmaps are directly modified, like in
      TABLE::update_virtual_field(): bitmap_clear_all(&tmp_set) is called.
      
      The last three bullets in the list, when used together (which is mostly
      always) make the program flow cumbersome and impossible to follow,
      notwithstanding the errors they cause, like this MDEV-17556, where tmp_set
      pointer was assigned to read_set, write_set and vcol_set, then its bitmap
      was substituted with all_set.bitmap by dbug_tmp_use_all_columns() call,
      and then bitmap_clear_all(&tmp_set) was applied to all this.
      
      To untangle this knot, the rule should be applied:
      * Never substitute bitmaps! This patch is about this.
       orig_*, all_set bitmaps are never substituted already.
      
      This patch changes the following function prototypes:
      * tmp_use_all_columns, dbug_tmp_use_all_columns
       to accept MY_BITMAP** and to return MY_BITMAP * instead of my_bitmap_map*
      * tmp_restore_column_map, dbug_tmp_restore_column_maps to accept
       MY_BITMAP* instead of my_bitmap_map*
      
      These functions now will substitute read_set/write_set/vcol_set directly,
      and won't touch underlying bitmaps.
      e25623e7
  16. 07 Jan, 2021 3 commits
    • Alice Sherepa's avatar
      MDEV-16272 rpl.rpl_semisync_ali_issues failed in buildbot, SHOW variable was... · df1eefb2
      Alice Sherepa authored
      MDEV-16272 rpl.rpl_semisync_ali_issues failed in buildbot, SHOW variable was done instead of waiting for the value of that variable
      df1eefb2
    • Oleksandr Byelkin's avatar
      Urgent fix of MDEV-23446 fix: · 188b3283
      Oleksandr Byelkin authored
      Use the same variable in both scopes (from where we have "goto error" and target of the goto)
      188b3283
    • Nikita Malyavin's avatar
      MDEV-17891 Assertion failure upon attempt to replace into a full table · d846b55d
      Nikita Malyavin authored
      Problem: Assertion `transactional_table || !changed ||
      thd->transaction.stmt.modified_non_trans_table' failed due REPLACE into a
      versioned table.
      
      It is not specific to system versioning/pertitioning/heap, but this
      combination makes it much easier to reproduce.
      
      The thing is to make first ha_update_row call succeed to make
      info->deleted != 0. And then make REPLACE fail by any reason.
      
      In this scenario we overflow versioned partition, so next ha_update_row
      succeeds, but corresponding ha_write_row fails to insert history record.
      
      Fix: modified_non_trans_table is set in one missed place
      d846b55d
  17. 06 Jan, 2021 1 commit
  18. 05 Jan, 2021 2 commits
    • Nikita Malyavin's avatar
      MDEV-23632 ALTER TABLE...ADD KEY creates corrupted index on virtual column · 9a645dae
      Nikita Malyavin authored
      mysql_col_offset was not updated after the new column has been added by an
      INSTANT ALTER TABLE -- table data dictionary had been remaining the same.
      
      When the virtual column is added or removed, table was usually evicted and
      then reopened, which triggered vcol info rebuild on the next open.
      
      However this also should be done when the usual column is added or removed:
      mariadb always stores virtual field at the end of maria record,
      so the shift should always happen.
      
      Fix:
      expand the eviction condition to the case when usual fields are
      added/removed
      
      Note:
      this should happen only in the case of !new_clustered:
      * When new_clustered is true, a new data dictionary is created, and vcol
      metadata is rebuilt in `alter_rebuild_apply_log()`
      * We can't do it in `new_clustered` case, because the old table is not yet
      subctituted correctly
      9a645dae
    • Nikita Malyavin's avatar