1. 11 Jun, 2019 1 commit
    • Igor Babaev's avatar
      MDEV-18479 Another complement · 96ee9ea0
      Igor Babaev authored
      This patch complements the patch that fixes bug MDEV-18479.
      This patch takes care of possible overflow in JOIN::get_examined_rows().
      96ee9ea0
  2. 09 Jun, 2019 1 commit
    • Igor Babaev's avatar
      MDEV-19580 Unrelated JOINs corrupt usage of 'WHERE function() IN (subquery)' · 6db2ebbb
      Igor Babaev authored
      Handling of top level conjuncts in WHERE whose used_tables() contained
      RAND_TABLE_BIT in the function make_join_select() was incorrect.
      As a result if such a conjunct referred to fields non of which belonged
      to the last joined table  it was pushed twice. (This could be seen
      for a test case from subselect.test whose output was changed after this
      patch had been applied. In 10.1 when running EXPLAIN FORMAT=JSON for
      the query from this test case we clearly see that one of the conjuncts
      is pushed twice.) This fact by itself was not good. Besides, if such a
      conjunct was pushed to a table that was the result of materialization
      of a semi-join the query could return a wrong result set. In particular
      we could watch it for queries with semi-join subqueries whose left parts
      used stored functions without "deterministic' specifier.
      6db2ebbb
  3. 01 Jun, 2019 2 commits
    • Sergei Golubchik's avatar
      MDEV-19491 update query stopped working after mariadb upgrade 10.2.23 -> 10.2.24 · 6660c072
      Sergei Golubchik authored
      as well as
      
      MDEV-19500 Update with join stopped worked if there is a call to a procedure in a trigger
      MDEV-19521 Update Table Fails with Trigger and Stored Function
      MDEV-19497 Replication stops because table not found
      MDEV-19527 UPDATE + JOIN + TRIGGERS = table doesn't exists error
      
      Reimplement the fix for (5d510fdb)
      
      MDEV-18507 can't update temporary table when joined with table with triggers on read-only
      
      instead of calling open_tables() twice, put multi-update
      prepare code inside open_tables() loop.
      
      Add a test for a MDL backoff-and-retry loop inside open_tables()
      across multi-update prepare code.
      6660c072
    • Sergei Golubchik's avatar
      cleanup · 1d4ac3d4
      Sergei Golubchik authored
      1d4ac3d4
  4. 30 May, 2019 1 commit
  5. 29 May, 2019 1 commit
    • Igor Babaev's avatar
      MDEV-18479 Complement · cbb90f77
      Igor Babaev authored
      This patch complements the patch that fixes bug MDEV-18479.
      This patch takes care of possible overflow when calculating the
      estimated number of rows in a materialized derived table / view.
      cbb90f77
  6. 28 May, 2019 2 commits
    • Igor Babaev's avatar
      MDEV-19588 Wrong results from query, using left join. · eb09580b
      Igor Babaev authored
      This bug could happen when queries with nested outer joins were
      executed employing join buffers. At such an execution if the method
      JOIN_CACHE::join_records() is called when a join buffer has become
      full no 'first_unmatched' field should be cleaned up in the JOIN_TAB
      structure to which the join cache with this buffer is attached.
      eb09580b
    • Igor Babaev's avatar
      MDEV-18479 Assertion `join->best_read < double(1.79769313486231570815e+308L)' · 0955462d
      Igor Babaev authored
      or server crashes in JOIN::fix_all_splittings_in_plan after EXPLAIN
      
      This patch resolves the problem of overflowing when performing
      calculations to estimate the cost of an evaluated query execution plan.
      The overflowing in a non-debug build could cause different kind of
      problems uncluding crashes of the server.
      0955462d
  7. 21 May, 2019 1 commit
  8. 20 May, 2019 2 commits
  9. 19 May, 2019 1 commit
    • Igor Babaev's avatar
      MDEV-18896 Crash in convert_join_subqueries_to_semijoins : Correction · 2c9844a4
      Igor Babaev authored
      This patch complements the original patch for MDEV-18896 that prevents
      conversions to semi-joins in tableless selects used in INSERT statements
      in post-5.5 versions of the server.
      The test case was corrected as well to ensure that potential conversion
      to jtbm semi-joins is also checked (the problem was that one of
      the preceeding testcases in subselect_sj.test did not restore the
      state of the optimizer switch leaving the 'materialization' in the state
      'off' and so blocking this check).
      Noticed an inconsistency in the state of select_lex::table_list used
      in INSERT statements and left a comment about this.
      2c9844a4
  10. 11 May, 2019 2 commits
  11. 10 May, 2019 1 commit
    • Michal Schorm's avatar
      Update FSF address · 17b4f999
      Michal Schorm authored
      This commit is based on the work of Michal Schorm, rebased on the
      earliest MariaDB version.
      
      Th command line used to generate this diff was:
      
      find ./ -type f \
        -exec sed -i -e 's/Foundation, Inc., 59 Temple Place, Suite 330, Boston, /Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, /g' {} \; \
        -exec sed -i -e 's/Foundation, Inc. 59 Temple Place.* Suite 330, Boston, /Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, /g' {} \; \
        -exec sed -i -e 's/MA.*.....-1307.*USA/MA 02110-1335 USA/g' {} \; \
        -exec sed -i -e 's/Foundation, Inc., 59 Temple/Foundation, Inc., 51 Franklin/g' {} \; \
        -exec sed -i -e 's/Place, Suite 330, Boston, MA.*02111-1307.*USA/Street, Fifth Floor, Boston, MA 02110-1335 USA/g' {} \; \
        -exec sed -i -e 's/MA.*.....-1307/MA 02110-1335/g' {} \;
      17b4f999
  12. 01 May, 2019 1 commit
  13. 29 Apr, 2019 1 commit
  14. 26 Apr, 2019 2 commits
  15. 25 Apr, 2019 3 commits
  16. 24 Apr, 2019 9 commits
    • Sergei Golubchik's avatar
      MDEV-15907 ASAN heap-use-after-free in strnmov / .. /... · 2be3ab97
      Sergei Golubchik authored
      MDEV-15907 ASAN heap-use-after-free in strnmov / .. / fill_effective_table_privileges on concurrent GRANT and CREATE VIEW
      
      rename a test file.
      
      Closes #1253
      2be3ab97
    • Robert Bindar's avatar
      MDEV-15907 ASAN heap-use-after-free · e52a4ab6
      Robert Bindar authored
      This patch fixes an invalid read in fill_effective_table_privileges
      triggered by a grant_version increase between a PREPARE for a
      statement creating a view from I_S and EXECUTE.
      A tmp table was created and free'd while preparing the statement,
      TABLE_LIST::table_name was set to point to the tmp table
      TABLE_SHARE::table_name which no longer existed after preparing was
      done.
      The grant version increase made fill_effective_table_privileges
      called during EXECUTE to try fetch the updated grant info and
      this is where the dangling table name was used.
      e52a4ab6
    • Sergei Golubchik's avatar
      MDEV-18507 can't update temporary table when joined with table with triggers on read-only · 5d510fdb
      Sergei Golubchik authored
      triggers are opened and tables used in triggers are prelocked in
      open_tables(). But multi-update can detect what tables will actually
      be updated only later, after all main tables are opened.
      
      Meaning, if a table is used in multi-update, but is not actually updated,
      its on-update treggers will be opened and tables will be prelocked,
      even if it's unnecessary. This can cause more tables to be
      write-locked than needed, causing read_only errors, privilege errors
      and lock waits.
      
      Fix: don't open/prelock triggers unless table->updating is true.
      In multi-update after setting table->updating=true, do a second
      open_tables() for newly added tables, if any.
      5d510fdb
    • Sergei Golubchik's avatar
      bugfix: multi-update checked privileges on views incorrectly · 5057d463
      Sergei Golubchik authored
      it always required UPDATE privilege on views, not being able to detect
      when a views was not actually updated in multi-update.
      
      fix: instead of marking all tables as "updating" by default,
      only set "updating" on tables that will actually be updated
      by multi-update. And mark the view "updating" if any of the
      view's tables is.
      5057d463
    • Sergei Golubchik's avatar
      MDEV-18241 Downgrade from 10.4 to 10.3 crashes · 822071ca
      Sergei Golubchik authored
      privilege tables can never be views or temporary tables,
      don't even try to open them, if they are.
      822071ca
    • Sergei Golubchik's avatar
      cleanup · 66099b8f
      Sergei Golubchik authored
      66099b8f
    • Sergei Golubchik's avatar
      MDEV-18923 Assertion `!lex_string_cmp(system_charset_info,... · 81a8d8be
      Sergei Golubchik authored
      MDEV-18923 Assertion `!lex_string_cmp(system_charset_info, fk_info->referenced_table, &table->s->table_name)' failed in fk_truncate_illegal_if_parent
      
      don't assert the correctness of FK constraints, as it can be
      broken under `SET FOREIGN_KEY_CHECKS= OFF`
      81a8d8be
    • Thirunarayanan Balathandayuthapani's avatar
      MDEV-15772 Potential list overrun during XA recovery · d5da8ae0
      Thirunarayanan Balathandayuthapani authored
      InnoDB could return the same list again and again if the buffer
      passed to trx_recover_for_mysql() is smaller than the number of
      transactions that InnoDB recovered in XA PREPARE state.
      
      We introduce the transaction state TRX_PREPARED_RECOVERED, which
      is like TRX_PREPARED, but will be set during trx_recover_for_mysql()
      so that each transaction will only be returned once.
      
      Because init_server_components() is invoking ha_recover() twice,
      we must reset the state of the transactions back to TRX_PREPARED
      after returning the complete list, so that repeated traversals
      will see the complete list again, instead of seeing an empty list.
      Without this tweak, the test main.tc_heuristic_recover would hang
      in MariaDB 10.1.
      d5da8ae0
    • Sujatha Sivakumar's avatar
      MDEV-17260: Memory leaks in mysqlbinlog · cb8d888c
      Sujatha Sivakumar authored
      Problem:
      ========
      The mysqlbinlog tool is leaking memory, causing failures in various tests when
      compiling and testing with AddressSanitizer or LeakSanitizer like this:
      
      cmake -DCMAKE_BUILD_TYPE=Debug -DWITH_ASAN:BOOL=ON /path/to/source
      make -j$(nproc)
      cd mysql-test
      ASAN_OPTIONS=abort_on_error=1 ./mtr --parallel=auto rpl.rpl_row_mysqlbinlog
      
      CURRENT_TEST: rpl.rpl_row_mysqlbinlog
      
      Direct leak of 112 byte(s) in 1 object(s) allocated from:
      #0 0x4eff87 in __interceptor_malloc (/dev/shm/5.5/client/mysqlbinlog+0x4eff87)
      #1 0x60eaab in my_malloc /mariadb/5.5/mysys/my_malloc.c:41:10
      #2 0x5300dd in Log_event::read_log_event(char const*, unsigned int, char const**,
         Format_description_log_event const*, char) /mariadb/5.5/sql/log_event.cc:1568:
      #3 0x564a9c in dump_remote_log_entries(st_print_event_info*, char const*)
      /mariadb/5.5/client/mysqlbinlog.cc:1978:17
      
      Analysis:
      ========
      'mysqlbinlog' tool is being used to read binary log events from a remote server.
      While reading binary log, if a fake rotate event is found following actions are
      taken.
      
      If 'to-last-log' option is specified, then fake rotate event is processed.
      In the absence of 'to-last-log' skip the fake rotate event.
      
      In this skipped case the fake rotate event object is not getting cleaned up
      resulting in memory leak.
      
      Fix:
      ===
      Cleanup the fake rotate event.
      
      This issues is already fixed in MariaDB 10.0.23 and higher versions as part of
      commit c3018b0f
      cb8d888c
  17. 23 Apr, 2019 2 commits
  18. 04 Apr, 2019 1 commit
  19. 27 Mar, 2019 1 commit
    • Sujatha Sivakumar's avatar
      MDEV-14784: Slave crashes in show_status_array upon running a trigger with · f2d549d8
      Sujatha Sivakumar authored
      select from I_S
      
      Problem:
      ========
      When applier thread tries to access 'variable_name' of
      INFORMATION_SCHEMA.SESSION_VARIABLES table through triggers, it results in an
      abnormal exit of slave server.
      
      Analysis:
      ========
      At the time of replication of stored routines and triggers, their associated
      security context will be sent by the master. The applier thread on the slave
      server will use this information to set the required security context for the
      execution of stored routines and triggers. This is achieved as follows.
      
      ->The stored routine object has a member named 'm_security_ctx' which holds the
        security context received from master.
      ->The applier thread's security_ctx is stored into a 'backup' object.
      
      ->Set the applier thread's security_ctx to 'm_security_ctx'.
      
      ->Upon the completion of stored routine execution restore the original security
        context of applier thread from the backup.
      
      During the above process the 'm_security_ctx' object is not initialized
      properly. Hence the 'external_user' of 'm_security_ctx' has invalid value for
      this variable and accessing this variable results in abnormal exit of server.
      
      Fix:
      ===
      Invoke the Security_context::init() call from the constructor of stored routine
      so that 'm_security_ctx' gets initialized properly.
      f2d549d8
  20. 25 Mar, 2019 2 commits
  21. 24 Mar, 2019 1 commit
  22. 22 Mar, 2019 2 commits