1. 25 Apr, 2022 5 commits
    • Sergei Golubchik's avatar
      MDEV-28403 ASAN heap-use-after-free in String::copy / get_field_default_value · 9b7886bb
      Sergei Golubchik authored
      This reverts commit 5ba77222
      but keeps the test. A different fix for
      
      MDEV-21028 Server crashes in Query_arena::set_query_arena upon SELECT from view
      
      internal temporary tables should use THD as expr_area
      9b7886bb
    • Igor Babaev's avatar
      MDEV-27212 Crash in Item_equal::sort on second execution of stored procedure · c5e68b6d
      Igor Babaev authored
      This bug could cause a crash of the server at the second call of a stored
      procedure when it executed a query containing a mergeable derived table /
      view whose specification used another mergeable derived_table or view and a
      subquery with outer reference in the select list of the specification.
      Such queries could cause the same problem when they were executed for the
      second time in a prepared mode.
      The problem appeared due to a typo mistake in the legacy code of the function
      create_view_field() that prevented building Item_direct_view_ref wrapper
      for the mentioned outer reference at the second execution of the query and
      setting the depended_from field for the outer reference.
      
      Approved by Oleksandr Byelkin <sanja@mariadb.com>
      c5e68b6d
    • Andrei's avatar
      MDEV-27697 slave must recognize incomplete replication event group · 1bcdc3e9
      Andrei authored
      In cases of a faulty master or an incorrect binlog event producer, that slave is working with,
      sends an incomplete group of events slave must react with an error to not to log
      into the relay-log any new events that do not belong to the incomplete group.
      
      Fixed with extending received event properties check when slave connects to master
      in gtid mode.
      Specifically for the event that can be a part of a group its relay-logging is
      permitted only when its position within the group is validated.
      Otherwise slave IO thread stops with ER_SLAVE_RELAY_LOG_WRITE_FAILURE.
      1bcdc3e9
    • Alexander Barkov's avatar
    • Alexander Barkov's avatar
      MDEV-28405 main.information_schema_tables fails sporadically with... · 3fec38d9
      Alexander Barkov authored
      MDEV-28405 main.information_schema_tables fails sporadically with ER_NEED_REPREPARE or extra warning
      3fec38d9
  2. 24 Apr, 2022 1 commit
  3. 23 Apr, 2022 1 commit
    • Daniel Black's avatar
      MDEV-28263 mariadb-tzinfo-to-sql binlog fixes · a7923b37
      Daniel Black authored
      The --skip-write-binlog message was confusing that it only had
      an effect if the galera was enabled. There are uses beyond galera
      so we apply SET SESSION SQL_LOG_BIN=0 as implied by the option
      without being conditional on the wsrep status.
      
      Remove wsrep.mysql_tzinfo_to_sql_symlink{,_skip} tests as they offered
      no additional coverage beyond main.mysql_tzinfo_to_sql_symlink as no
      server testing was done.
      
      Introduced a variant of the galera.mariadb_tzinfo_to_sql as
      galera.mysql_tzinfo_to_sql, which does testing using the mysql client
      rather than directly importing into the server via mysqltest.
      
      Update man page and mysql_tzinfo_to_sql to having a --skip-write-binlog
      option.
      
      merge notes:
      10.4:
      - conflicts in tztime.cc can revert to this version of --help text.
      - tztime.cc - merge execute immediate @prep1, and leave %s%s trunc_tables, lock_tables
        after that.
      10.6:
      - Need to remove the not_embedded.inc in mysql_tzinfo_to_sql.test and
        replace it with no_protocol.inc
      - leave both mysql_tzinfo_to_sql.test and mariadb_tzinfo_to_sql.sql
        tests.
      - sql/tztime.cc - keep entirely 10.6 version.
      a7923b37
  4. 22 Apr, 2022 2 commits
    • Dmitry Shulga's avatar
      MDEV-27758: Errors when building Connect engine on os x 11.6.2 · bc7ba7af
      Dmitry Shulga authored
      Added checking for support of vfork by a platform where
      building being done. Set HAVE_VFORK macros in case vfork()
      system call is supported. Use vfork() system call if the
      macros HAVE_VFORK is set, else use fork().
      bc7ba7af
    • Sergei Petrunia's avatar
      MDEV-25994: Crash with union of my_decimal type in ORDER BY clause · 3c209bfc
      Sergei Petrunia authored
      When single-row subquery fails with "Subquery reutrns more than 1 row"
      error, it will raise an error and return NULL.
      
      On the other hand, Item_singlerow_subselect sets item->maybe_null=0
      for table-less subqueries like "(SELECT not_null_value)"  (*)
      
      This discrepancy (item with maybe_null=0 returning NULL) causes the
      code in Type_handler_decimal_result::make_sort_key_part() to crash.
      
      Fixed this by allowing inference (*) only when the subquery is NOT a
      UNION.
      3c209bfc
  5. 21 Apr, 2022 1 commit
  6. 20 Apr, 2022 1 commit
  7. 19 Apr, 2022 3 commits
    • Sergei Golubchik's avatar
      vcols: cannot use CONTEXT_ANALYSIS_ONLY_VCOL_EXPR on fix_fields · 9c5fd0f6
      Sergei Golubchik authored
      because CONTEXT_ANALYSIS_ONLY_VCOL_EXPR can be used only for,
      exactly, context analysys. Items fixed that way cannot be evaluated.
      But vcols are going to be evaluated, so they have to be fixed properly,
      for evaluation.
      9c5fd0f6
    • Sergei Golubchik's avatar
      MDEV-28092 MariaDB SEGV issue · a59f483c
      Sergei Golubchik authored
      add test
      a59f483c
    • Marko Mäkelä's avatar
      MDEV-28317 Assertion failures in row_undo_mod on recovery · 5aef0123
      Marko Mäkelä authored
      Starting with 10.3, an assertion would fail on the rollback of
      a recovered incomplete transaction if a table definition violates
      a FOREIGN KEY constraint.
      
      DICT_ERR_IGNORE_RECOVER_LOCK: Include also DICT_ERR_IGNORE_FK_NOKEY
      so that trx_resurrect_table_locks() will be able to load
      table definitions and resurrect IX locks. Previously, if the
      FOREIGN KEY constraints of a table were incomplete, the table
      would fail to load until rollback, and in 10.3 or later an assertion
      would fail that the rollback was not protected by a table IX lock.
      
      Thanks to commit 9de2e60d there
      will be no problems to enforce subsequent FOREIGN KEY operations
      even though a table with invalid REFERENCES clause was loaded.
      5aef0123
  8. 15 Apr, 2022 1 commit
  9. 14 Apr, 2022 6 commits
    • Sergei Golubchik's avatar
      MDEV-25638 Assertion `!result' failed in convert_const_to_int · c274853c
      Sergei Golubchik authored
      When fixing vcols, fix_fields might call convert_const_to_int().
      And that will try to read the field value (from record[0]).
      Mark the table as having no data to prevent that, because record[0]
      is not initialized yet.
      c274853c
    • Sergei Golubchik's avatar
      MDEV-26281 ASAN use-after-poison when complex conversion is involved in blob · 4681b6f2
      Sergei Golubchik authored
      the bug was that in_vector array in Item_func_in was allocated in the
      statement arena, not in the table->expr_arena.
      
      revert part of the 5acd391e. Instead, change the arena correctly
      in fix_all_session_vcol_exprs().
      
      Remove TABLE_ARENA, that was introduced in 5acd391e to force
      item tree changes to be rolled back (because they were allocated in the
      wrong arena and didn't persist. now they do)
      4681b6f2
    • Sergei Golubchik's avatar
      cc08c43e
    • Sergei Golubchik's avatar
      MDEV-26061 MariaDB server crash at Field::set_default · b5e16a6e
      Sergei Golubchik authored
      * Item_default_value::fix_fields creates a copy of its argument's field.
      * Field::default_value is changed when its expression is prepared in
        unpack_vcol_info_from_frm()
      
      This means we must unpack any vcol expression that includes DEFAULT(x)
      strictly after unpacking x->default_value.
      
      To avoid building and solving this dependency graph on every table open,
      we update Item_default_value::field->default_value after all vcols
      are unpacked and fixed.
      b5e16a6e
    • Alexander Barkov's avatar
      c05fd700
    • Daniel Black's avatar
      mtr: extend gdb backtace info · 66832e3a
      Daniel Black authored
      bt full - to include args and locals.
      
      set print sevenbit on
        - it is more useful to be able to see the exact bytes
          (in case something is dumped as a string and not hexadecimal digits)
      set print static-members off
        - there are many interesting (non-const) static members
      set frame-arguments all
        - even non-printables are useful to see.
      
      Let's make our bb logs give a little bit more detail on those
      hard to reproduce bugs.
      
      Tests on rhel7's gdb-7.6.1-120.el7
      66832e3a
  10. 11 Apr, 2022 3 commits
  11. 08 Apr, 2022 1 commit
    • Nayuta Yanagisawa's avatar
      MDEV-27065 Partitioning tables with custom data directories moves data back to default directory · 27b5d814
      Nayuta Yanagisawa authored
      The partitioning engine does not support the table-level DATA/INDEX
      DIRECTORY specification.
      
      If one create a non-partitioned table with the DATA/INDEX DIRECTORY
      option and then performs ALTER TABLE ... PARTITION BY on it, the
      DATA/INDEX DIRECTORY specification of the old schema is ignored.
      
      The behavior might be a bit surprising for users because the value
      of a usual table option applies to all the partitions. Thus, we raise
      a warning on such ALTER TABLE ... PARTITION BY.
      27b5d814
  12. 07 Apr, 2022 1 commit
  13. 06 Apr, 2022 2 commits
    • Oleg Smirnov's avatar
      MDEV-28077 'Wrong create options' error with 'big_tables' enabled · 53b580a9
      Oleg Smirnov authored
      The cause of the bug is overflow of uint16 KEY_PART_INFO::length and/or
      uint16 KEY_PART_INFO::store_length. The solution is to increase the size
      of those variables to the 'uint' type (which is 32-bit long)
      53b580a9
    • Oleg Smirnov's avatar
      MDEV-24560 SIGSEGV in st_join_table::cleanup · 85192553
      Oleg Smirnov authored
      If JOIN::create_postjoin_aggr_table encounters errors during execution
      then free_tmp_table() is then called twice for JOIN_TAB::aggr.
      The solution is to initialize JOIN_TAB::aggr only on successful completion
      of JOIN::create_postjoin_aggr_table
      85192553
  14. 03 Apr, 2022 1 commit
    • Daniel Black's avatar
      MDEV-26136: Correct AIX/macOS cast warning (my_time.h) · 75b9014f
      Daniel Black authored
      tv_usec is a (suseconds_t) so we cast to it. Prevents the AIX(gcc-10) warning:
      
      include/my_time.h: In function 'void my_timeval_trunc(timeval*, uint)':
      include/my_time.h:249:65: warning: conversion from 'long int' to 'suseconds_t' {aka 'int'} may change value [-Wconversion]
        249 |   tv->tv_usec-= my_time_fraction_remainder(tv->tv_usec, decimals);
            |
      
      macOS is: conversion from 'long int' to '__darwin_suseconds_t' {aka 'int'} may change value
      
      On Windows suseconds_t isn't defined so we use the existing
      long return type of my_time_fraction_remainder.
      
      Reviewed by Marko Mäkelä
      
      Closes: #2079
      75b9014f
  15. 30 Mar, 2022 3 commits
    • Vlad Lesin's avatar
      MDEV-27343 Useless warning "InnoDB: Allocated tablespace ID <id> for... · c1ab0e6f
      Vlad Lesin authored
      MDEV-27343 Useless warning "InnoDB: Allocated tablespace ID <id> for <tablename>, old maximum was 0" during backup stage
      
      mariabackup does not load dictionary during backup, but it loads
      tablespaces, that is why fil_system.max_assigned_id is not set with
      dict_check_tablespaces_and_store_max_id(). There is no sense to issue the
      warning during backup.
      c1ab0e6f
    • Marko Mäkelä's avatar
      Cleanup: Remove some unused functions · 35425cfc
      Marko Mäkelä authored
      35425cfc
    • Dmitry Shulga's avatar
      MDEV-19631: Assertion `0' failed in st_select_lex_unit::optimize or different... · bdba1d46
      Dmitry Shulga authored
      MDEV-19631: Assertion `0' failed in st_select_lex_unit::optimize or different plan upon 2nd execution of PS with EXPLAIN
      
      Second execution of a prepared statement for a query containing a constant
      subquery with union that can be optimized away, could result in server abnormal
      termination for debug build or incorrect result set output for release build.
      
      For example, the following test case crashes a server built with debug on second
      run of the statement EXECUTE stmt
        CREATE TABLE t1 (a INT);
        PREPARE stmt FROM 'EXPLAIN SELECT * FROM t1 HAVING 6 IN ( SELECT 6 UNION SELECT 5 )';
        EXECUTE stmt;
        EXECUTE stmt;
      
      The reason for incorrect result set output or abnormal server termination
      is careless working with the data member fake_select_lex->options inside
      the function mysql_explain_union(). Once the flag SELECT_DESCRIBE is set in
      the data member fake_select_lex->option before calling the methods
        SELECT_LEX_UNIT::prepare/SELECT_LEX_UNIT::execute
      the original value of the option is no longer restored.
      As a consequence, next time the prepared statement is re-executed we have
      the fake_select_lex with the flag SELECT_DESCRIBE set in the data member
      fake_select_lex->option, that is incorrect. In result, the method
        Item_subselect::assigned()
      is not invoked during evaluation of a constant condition (constant subquery
      with union) that being performed on OPTIMIZE phase of query handling.
      
      This leads to the fact that records in the temporary table are not deleted
      before calling
        table->file->ha_enable_indexes(HA_KEY_SWITCH_ALL)
      in the method st_select_lex_unit::optimize().
      In result table->file->ha_enable_indexes(HA_KEY_SWITCH_ALL) returns error
      and DBUG_ASSERT(0) is fired.
      
      Stack trace to the line where the error generated on re-enabling indexes
      for next subselect iteration is below:
      st_select_lex_unit::optimize (at sql_union.cc:954)
        handler::ha_enable_indexes (at handler.cc:4338)
          ha_heap::enable_indexes (at ha_heap.cc:519)
            heap_enable_indexes (at hp_clear.c:164)
      
      The code snippet to clarify raising the error is also listed:
      int heap_enable_indexes(HP_INFO *info)
      {
        int error= 0;
        HP_SHARE *share= info->s;
      
        if (share->data_length || share->index_length)
          error= HA_ERR_CRASHED; <<== set error the value HA_ERR_CRASHED
                                      since share->data_length != 0
      
      To fix this issue the original value of unit->fake_select_lex->options
      has to be saved before setting the flag SELECT_DESCRIBE and restored
      on return from invocation of SELECT_LEX_UNIT::prepare/SELECT_LEX_UNIT::execute
      bdba1d46
  16. 29 Mar, 2022 1 commit
  17. 28 Mar, 2022 2 commits
    • Marko Mäkelä's avatar
      MDEV-27931: buf_page_is_corrupted() wrongly claims corruption · 303448bc
      Marko Mäkelä authored
      In commit 437da7bc (MDEV-19534),
      the default value of the global variable srv_checksum_algorithm
      in innochecksum was changed from SRV_CHECKSUM_ALGORITHM_INNODB
      to implied 0 (innodb_checksum_algorithm=crc32). As a result,
      the function buf_page_is_corrupted() would by default invoke
      buf_calc_page_crc32() in innochecksum, and crc32_inited would hold.
      
      This would cause "innochecksum" to fail on a particular page.
      
      The actual problem is older, introduced in 2011 in
      mysql/mysql-server@17e497bdb793bc6b8360aa1c626dcd8bb5cfad1b
      (MySQL 5.6.3). It should affect the validation of pages of old
      data files that were written with innodb_checksum_algorithm=innodb.
      When using innodb_checksum_algorithm=crc32 (the default setting
      since MariaDB Server 10.2), some valid pages would be rejected
      only because exactly one of the two checksum fields accidentally
      matches the innodb_checksum_algorithm=crc32 value.
      
      buf_page_is_corrupted(): Simplify the logic of non-strict
      checksum validation, by always invoking buf_calc_page_crc32().
      Remove a bogus condition that if only one of the checksum fields
      contains the value returned by buf_calc_page_crc32(), the page
      is corrupted.
      303448bc
    • hongdongjian's avatar
      MDEV-28177: server_audit; Update the offset of dbName on the aarch64 platform. · 7af133cc
      hongdongjian authored
      On the aarch64 platform, MySQL 5.7.33 cannot install this version of the audit
      plugin, but X86_64 can run well。
      7af133cc
  18. 25 Mar, 2022 1 commit
    • Sachin Kumar's avatar
      MDEV-24667 LOAD DATA INFILE on temporary table not written to slave binlog · 9f4ba624
      Sachin Kumar authored
      Problem: In regular replication, when master binlogged using statement format
      slave might not have written an event to its binary log when the Query
      event aimed at a temporary table.
      Specifically this was observed with LOAD DATA INFILE.
      
      This effect was possible because unlike master slave holds temporary
      tables in its pool and the master side check of existence of a
      temporary table at the format bin-logging decision did not apply.
      
      Solution: replace THD::has_thd_temporary_tables() with
      THD::has_temporary_tables which allows to identify temporary table
      presence on either side.
      
      --
      Reviewed by Andrei Elkin.
      9f4ba624
  19. 24 Mar, 2022 1 commit
    • Brandon Nesterenko's avatar
      MDEV-14608: mysqlbinlog lastest backupfile size is 0 · 174f1734
      Brandon Nesterenko authored
      Problem:
      ========
      When using mariadb-binlog with --raw and --stop-never, events from
      the master's currently active log file should be written to their
      respective log file specified by --result-file, and shown on-disk.
      There is a bug where mariadb-binlog does not flush the result file
      to disk when new events are received
      
      Solution:
      ========
      Add a function call to flush mariadb-binlog’s result file after
      receiving an event in --raw mode.
      
      Reviewed By:
      ============
      Andrei Elkin <andrei.elkin@mariadb.com>
      174f1734
  20. 22 Mar, 2022 1 commit
  21. 21 Mar, 2022 2 commits