1. 22 Dec, 2021 1 commit
    • Alexander Barkov's avatar
      MDEV-27195 SIGSEGV in Table_scope_and_contents_source_st::vers_check_system_fields · a5ef74e7
      Alexander Barkov authored
      The old code erroneously used default_charset_info to compare field names.
      default_charset_info can point to any arbitrary collation,
      including ucs2*, utf16*, utf32*, including those that do not
      support strcasecmp().
      
      my_charset_utf8mb4_unicode_ci, which is used in this scenario:
      
      CREATE TABLE t1 ENGINE=InnoDB WITH SYSTEM VERSIONING AS SELECT 0;
      
      does not support strcasecmp().
      
      Fixing the code to use Lex_ident::streq(), which uses
      system_charset_info instead of default_charset_info.
      a5ef74e7
  2. 21 Dec, 2021 1 commit
    • Marko Mäkelä's avatar
      MDEV-27332 SIGSEGV in fetch_data_into_cache() · 3b33593f
      Marko Mäkelä authored
      Since commit fb335b48 we may have
      a null pointer in purge_sys.query when fetch_data_into_cache() is
      invoked and innodb_force_recovery>4. This is because the call to
      purge_sys.create() would be skipped.
      
      fetch_data_into_cache(): Load the purge_sys pseudo transaction pointer
      to a local variable (null pointer if purge_sys is not initialized).
      3b33593f
  3. 16 Dec, 2021 2 commits
    • Aleksey Midenkov's avatar
      MDEV-27244 Table corruption upon adding serial data type · 3fd80d08
      Aleksey Midenkov authored
      MDEV-25803 excluded some cases from key sort upon alter table. That
      particularly depends on ALTER_ADD_INDEX flag. Creating a column of
      SERIAL data type missed that flag. Though equivalent operation
      
        alter table t1 add x bigint unsigned not null auto_increment unique;
      
      has ALTER_ADD_INDEX flag.
      3fd80d08
    • Dmitry Shulga's avatar
      MDEV-23182: Server crashes in Item::fix_fields_if_needed /... · a65d01a4
      Dmitry Shulga authored
      MDEV-23182: Server crashes in Item::fix_fields_if_needed / table_value_constr::prepare upon 2nd execution of PS
      
      Repeating execution of a query containing the clause IN with string literals
      in environment where the server variable in_predicate_conversion_threshold
      is set results in server abnormal termination in case the query is run
      as a Prepared Statement and conversion of charsets for string values in the
      query are required.
      
      The reason for server abnormal termination is that instances of the class
      Item_string created on transforming the IN clause into subquery were created
      on runtime memory root that is deallocated on finishing execution of Prepared
      statement. On the other hand, references to Items placed on deallocated memory
      root still exist in objects of the class table_value_constr. Subsequent running
      of the same prepared statement leads to dereferencing of pointers to already
      deallocated memory that could lead to undefined behaviour.
      
      To fix the issue the values being pushed into a values list for TVC are created
      by cloning their original items. This way the cloned items are allocate on
      the PS memroot and as consequences no dangling pointer does more exist.
      a65d01a4
  4. 14 Dec, 2021 1 commit
    • Julius Goryavsky's avatar
      MDEV-27181: Galera SST scripts should use ssl_capath for CA directory · 7bc629a5
      Julius Goryavsky authored
      1. Galera SST scripts should use ssl_capath (not ssl_ca) for CA
         directory. The current implementation tries to automatically
         detect the path using the trailing slash in the ssl_ca variable
         value, but this approach is not compatible with the server
         configuration. Now, by analogy with the server, SST scripts
         also use a separate ssl_capath variable. In addition, a similar
         tcapath variable has been added for the old-style configuration
         (in the "sst" section).
      2. Openssl utility detection made more reliable.
      3. Removed extra spaces in automatically generated command lines -
         to simplify debugging of the SST scripts.
      4. In general, the code for detecting the presence or absence of
         auxiliary utilities has been improved - it is made more reliable
         in some configurations (and for shells other than bash).
      7bc629a5
  5. 07 Dec, 2021 1 commit
  6. 06 Dec, 2021 3 commits
  7. 02 Dec, 2021 1 commit
  8. 30 Nov, 2021 2 commits
    • Martin Beck's avatar
      MDEV-27088: lf unit tests - cycles insufficient · 17802165
      Martin Beck authored
      Per bug report, cycles was woefully insufficient to
      detect any implementation error.
      17802165
    • Martin Beck's avatar
      MDEV-27088: Server crash on ARM (WMM architecture) due to missing barriers in lf-hash · 4e0dcf10
      Martin Beck authored
      MariaDB server crashes on ARM (weak memory model architecture) while
      concurrently executing l_find to load node->key and add_to_purgatory
      to store node->key = NULL. l_find then uses key (which is NULL), to
      pass it to a comparison function.
      
      The specific problem is the out-of-order execution that happens on a
      weak memory model architecture. Two essential reorderings are possible,
      which need to be prevented.
      
      a) As l_find has no barriers in place between the optimistic read of
      the key field lf_hash.cc#L117 and the verification of link lf_hash.cc#L124,
      the processor can reorder the load to happen after the while-loop.
      
      In that case, a concurrent thread executing add_to_purgatory on the same
      node can be scheduled to store NULL at the key field lf_alloc-pin.c#L253
      before key is loaded in l_find.
      
      b) A node is marked as deleted by a CAS in l_delete lf_hash.cc#L247 and
      taken off the list with an upfollowing CAS lf_hash.cc#L252. Only if both
      CAS succeed, the key field is written to by add_to_purgatory. However,
      due to a missing barrier, the relaxed store of key lf_alloc-pin.c#L253
      can be moved ahead of the two CAS operations, which makes the value of
      the local purgatory list stored by add_to_purgatory visible to all threads
      operating on the list. As the node is not marked as deleted yet, the
      same error occurs in l_find.
      
      This change three accesses to be atomic.
      
      * optimistic read of key in l_find lf_hash.cc#L117
      * read of link for verification lf_hash.cc#L124
      * write of key in add_to_purgatory lf_alloc-pin.c#L253
      
      Reviewers: Sergei Vojtovich, Sergei Golubchik
      
      Fixes: MDEV-23510 / d30c1331a18d875e553f3fcf544997e4f33fb943
      4e0dcf10
  9. 29 Nov, 2021 2 commits
  10. 26 Nov, 2021 4 commits
    • Igor Babaev's avatar
      MDEV-26553 NOT IN subquery construct crashing 10.1 and up · ac963142
      Igor Babaev authored
      This bug was introduced by commit be00e279
      The commit was applied for the task MDEV-6480 that allowed to remove top
      level disjuncts from WHERE conditions if the range optimizer evaluated them
      as always equal to FALSE/NULL.
      If such disjuncts are removed the WHERE condition may become an AND formula
      and if this formula contains multiple equalities the field JOIN::item_equal
      must be updated to refer to these equalities. The above mentioned commit
      forgot to do this and it could cause crashes for some queries.
      
      Approved by Oleksandr Byelkin <sanja@mariadb.com>
      ac963142
    • Sergei Golubchik's avatar
      MDEV-26972 MTR worker aborts after server restart failure · f5441ef4
      Sergei Golubchik authored
      restore the old behavior where without a debugger mtr does not
      wait for mysqld to start. It was broken in feacc0aa
      f5441ef4
    • Sergei Golubchik's avatar
      MDEV-26755 innodb.undo_truncate: ilink::assert_linked(): Assertion `prev != 0 && next != 0' failed · a96b4282
      Sergei Golubchik authored
      close_connections() in mysqld.cc sends a signal to all threads.
      But InnoDB is too busy purging, doesn't react immediately.
      close_connections() waits 20 seconds, which isn't enough in this
      particular case, and then unlinks all threads from
      the list and forcibly closes their vio connection.
      
      InnoDB background  threads have no vio connection to close, but
      they're unlinked all the same. So when later they finally notice
      the shutdown request and try to unlink themselves, they fail to
      assert that they're still linked.
      
      Fix: don't assert_linked, as another thread can unlink this THD anytime
      a96b4282
    • Sergei Golubchik's avatar
      add a test case · 4ba74785
      Sergei Golubchik authored
      MDEV-20330 Combination of "," (comma), cross join and left join fails to parse
      4ba74785
  11. 24 Nov, 2021 3 commits
    • ryancaicse's avatar
      MDEV-26558 Fix a deadlock due to cyclic dependence · f809a4fb
      ryancaicse authored
      Fix a potential deadlock bug between locks ctrl_mutex and entry->mutex
      f809a4fb
    • Daniel Black's avatar
      mysql_install_db: remove MySQL references · ef179dad
      Daniel Black authored
      MySQL documentation isn't going to help our
      users and we shouldn't refer to it.
      ef179dad
    • Marc Olivier Bergeron's avatar
      MDEV-27066: Fixed scientific notation parsing bug · 749d8ded
      Marc Olivier Bergeron authored
      The bug occurs where the float token containing a dot with an 'e'
      notation was dropped from the request completely.
      
      This causes a manner of invalid SQL statements like:
      
      select id 1.e, char 10.e(id 2.e), concat 3.e('a'12356.e,'b'1.e,'c'1.1234e)1.e, 12 1.e*2 1.e, 12 1.e/2 1.e, 12 1.e|2 1.e, 12 1.e^2 1.e, 12 1.e%2 1.e, 12 1.e&2 from test;
      
      To be parsed correctly as if it was:
      
      select id, char(id), concat('a','b','c'), 12*2, 12/2, 12|2, 12^2, 12%2, 12&2 from test.test;
      
      This correct parsing occurs when e is followed by any of:
      
      ( ) . , | & % * ^ /
      749d8ded
  12. 23 Nov, 2021 3 commits
    • Alexey Bychko's avatar
      MDEV-22522 RPM packages have meaningless summary/description · fe065f8d
      Alexey Bychko authored
      this patch moves cpack summury and description for optional packages
      to the appropriate CMakeLists.txt files
      fe065f8d
    • Julius Goryavsky's avatar
      MDEV-26915: SST scripts do not take log_bin_index setting into account · 2f51511c
      Julius Goryavsky authored
      Currently, SST scripts assume that the filename specified in
      the --log-bin-index argument either does not contain an extension
      or uses the standard ".index" extension. Similar assumptions are
      used for the log_bin_index parameter read from the configuration
      file. This commit adds support for arbitrary extensions for the
      index file paths.
      2f51511c
    • Julius Goryavsky's avatar
      MDEV-26064: mariabackup SST fails when starting with --innodb-force-recovery · b9525997
      Julius Goryavsky authored
      If the server is started with the --innodb-force-recovery argument
      on the command line, then during SST this argument can be passed to
      mariabackup only at the --prepare stage, and accordingly it must be
      removed from the --mysqld-args list (and it is not should be passed
      to mariabackup otherwise).
      
      This commit fixes a flaw in the SST scripts and add a test that
      checks the ability to run the joiner node in a configuration that
      uses --innodb-force-recovery=1.
      b9525997
  13. 21 Nov, 2021 1 commit
    • Igor Babaev's avatar
      MDEV-26470 "No database" selected when using CTE in a subquery of DELETE statement · 114e18b8
      Igor Babaev authored
      This bug led to reporting bogus messages "No database selected" for DELETE
      statements if they used subqueries in their WHERE conditions and these
      subqueries contained references to CTEs.
      The bug happened because the grammar rule for DELETE statement did not
      call the function LEX::check_cte_dependencies_and_resolve_references() and
      as a result of it references to CTEs were not identified as such.
      
      Approved by Oleksandr Byelkin <sanja@mariadb.com>
      114e18b8
  14. 20 Nov, 2021 3 commits
  15. 17 Nov, 2021 4 commits
    • Vladislav Vaintroub's avatar
      MDEV-27075 mysql_upgrade_service.exe - using uninitialized memory 'defaults_file' · 81d7adb1
      Vladislav Vaintroub authored
      Remove section that was trying to rename default-character-set to character-set-server
      
      This seems to be an old workaround for some upgrade warning, which did not
      work for some time already, because the ini filename was not initialized.
      81d7adb1
    • Marko Mäkelä's avatar
      Merge 10.2 into 10.3 · 9962cda5
      Marko Mäkelä authored
      9962cda5
    • Eugene Kosov's avatar
      MDEV-26747 improve corruption check for encrypted tables on ALTER IMPORT · ed0a224b
      Eugene Kosov authored
      fil_space_decrypt(): change signature to return status via dberr_t only.
      Also replace impossible condition with an assertion and prove it via
      test cases.
      ed0a224b
    • Igor Babaev's avatar
      MDEV-26825 Bogus error for query with two usage of CTE referring another CTE · 8f24f5fe
      Igor Babaev authored
        This bug affected queries with two or more references to a CTE referring
      another CTE if the definition of the latter contained an invocation of
      a stored function that used a base table. The bug could lead to a bogus
      error message or to an assertion failure.
        For any non-first reference to CTE cte1 With_element::clone_parsed_spec()
      is called that parses the specification of cte1 to construct the unit
      structure for this usage of cte1. If cte1 refers to another CTE cte2
      outside of the specification of cte1 then With_element::clone_parsed_spec()
      has to be called for cte2 as well. This call is made by the function
      LEX::resolve_references_to_cte() within the invocation of the function
      With_element::clone_parsed_spec() for cte1.
        When the specification of a CTE is parsed all table references encountered
      in it must be added to the global list of table references for the query.
      As the specification for the non-first usage of a CTE is parsed at a
      recursive call of the parser the function With_element::clone_parsed_spec()
      invoked at this recursive call should takes care of appending the list of
      table references encountered in the specification of this CTE cte1 to the
      list of table references created for the query. And it should do it after
      the call of LEX::resolve_references_to_cte() that resolves references to
      CTEs defined outside of the specification of cte1 because this call may
      invoke the parser again for specifications of other CTEs and  the table
      references from their specifications must ultimately appear in the global
      list of table references of the query.
        The code of With_element::clone_parsed_spec() misplaced the call of
      LEX::resolve_references_to_cte(). As a result LEX::query_tables_last used
      for the query that was supposed to point to the field 'next_global' of the
      last element in the global list of table references actually pointed to
      'next_global' of the previous element.
        The above inconsistency certainly caused serious problems when table
      references used in the stored functions invoked in cloned specifications
      of CTEs were added to the global list of table references.
      8f24f5fe
  16. 16 Nov, 2021 2 commits
  17. 11 Nov, 2021 3 commits
  18. 09 Nov, 2021 3 commits