1. 06 Jun, 2022 8 commits
    • Marko Mäkelä's avatar
      MDEV-13542: Implement page read fault injection · cc4eabc7
      Marko Mäkelä authored
      --debug-dbug=d,intermittent_read_failure is effective after the
      database has been started up.
      
      --debug-dbug=d,intermittent_recovery_failure is always effective,
      including during recovery.
      cc4eabc7
    • Marko Mäkelä's avatar
      MDEV-13542: Crashing on corrupted page is unhelpful · 0b47c126
      Marko Mäkelä authored
      The approach to handling corruption that was chosen by Oracle in
      commit 177d8b0c
      is not really useful. Not only did it actually fail to prevent InnoDB
      from crashing, but it is making things worse by blocking attempts to
      rescue data from or rebuild a partially readable table.
      
      We will try to prevent crashes in a different way: by propagating
      errors up the call stack. We will never mark the clustered index
      persistently corrupted, so that data recovery may be attempted by
      reading from the table, or by rebuilding the table.
      
      This should also fix MDEV-13680 (crash on btr_page_alloc() failure);
      it was extensively tested with innodb_file_per_table=0 and a
      non-autoextend system tablespace.
      
      We should now avoid crashes in many cases, such as when a page
      cannot be read or allocated, or an inconsistency is detected when
      attempting to update multiple pages. We will not crash on double-free,
      such as on the recovery of DDL in system tablespace in case something
      was corrupted.
      
      Crashes on corrupted data are still possible. The fault injection mechanism
      that is introduced in the subsequent commit may help catch more of them.
      
      buf_page_import_corrupt_failure: Remove the fault injection, and instead
      corrupt some pages using Perl code in the tests.
      
      btr_cur_pessimistic_insert(): Always reserve extents (except for the
      change buffer), in order to prevent a subsequent allocation failure.
      
      btr_pcur_open_at_rnd_pos(): Merged to the only caller ibuf_merge_pages().
      
      btr_assert_not_corrupted(), btr_corruption_report(): Remove.
      Similar checks are already part of btr_block_get().
      
      FSEG_MAGIC_N_BYTES: Replaces FSEG_MAGIC_N_VALUE.
      
      dict_hdr_get(), trx_rsegf_get_new(), trx_undo_page_get(),
      trx_undo_page_get_s_latched(): Replaced with error-checking calls.
      
      trx_rseg_t::get(mtr_t*): Replaces trx_rsegf_get().
      
      trx_rseg_header_create(): Let the caller update the TRX_SYS page if needed.
      
      trx_sys_create_sys_pages(): Merged with trx_sysf_create().
      
      dict_check_tablespaces_and_store_max_id(): Do not access
      DICT_HDR_MAX_SPACE_ID, because it was already recovered in dict_boot().
      Merge dict_check_sys_tables() with this function.
      
      dir_pathname(): Replaces os_file_make_new_pathname().
      
      row_undo_ins_remove_sec(): Do not modify the undo page by adding
      a terminating NUL byte to the record.
      
      btr_decryption_failed(): Report decryption failures
      
      dict_set_corrupted_by_space(), dict_set_encrypted_by_space(),
      dict_set_corrupted_index_cache_only(): Remove.
      
      dict_set_corrupted(): Remove the constant parameter dict_locked=false.
      Never flag the clustered index corrupted in SYS_INDEXES, because
      that would deny further access to the table. It might be possible to
      repair the table by executing ALTER TABLE or OPTIMIZE TABLE, in case
      no B-tree leaf page is corrupted.
      
      dict_table_skip_corrupt_index(), dict_table_next_uncorrupted_index(),
      row_purge_skip_uncommitted_virtual_index(): Remove, and refactor
      the callers to read dict_index_t::type only once.
      
      dict_table_is_corrupted(): Remove.
      
      dict_index_t::is_btree(): Determine if the index is a valid B-tree.
      
      BUF_GET_NO_LATCH, BUF_EVICT_IF_IN_POOL: Remove.
      
      UNIV_BTR_DEBUG: Remove. Any inconsistency will no longer trigger
      assertion failures, but error codes being returned.
      
      buf_corrupt_page_release(): Replaced with a direct call to
      buf_pool.corrupted_evict().
      
      fil_invalid_page_access_msg(): Never crash on an invalid read;
      let the caller of buf_page_get_gen() decide.
      
      btr_pcur_t::restore_position(): Propagate failure status to the caller
      by returning CORRUPTED.
      
      opt_search_plan_for_table(): Simplify the code.
      
      row_purge_del_mark(), row_purge_upd_exist_or_extern_func(),
      row_undo_ins_remove_sec_rec(), row_undo_mod_upd_del_sec(),
      row_undo_mod_del_mark_sec(): Avoid mem_heap_create()/mem_heap_free()
      when no secondary indexes exist.
      
      row_undo_mod_upd_exist_sec(): Simplify the code.
      
      row_upd_clust_step(), dict_load_table_one(): Return DB_TABLE_CORRUPT
      if the clustered index (and therefore the table) is corrupted, similar
      to what we do in row_insert_for_mysql().
      
      fut_get_ptr(): Replace with buf_page_get_gen() calls.
      
      buf_page_get_gen(): Return nullptr and *err=DB_CORRUPTION
      if the page is marked as freed. For other modes than
      BUF_GET_POSSIBLY_FREED or BUF_PEEK_IF_IN_POOL this will
      trigger a debug assertion failure. For BUF_GET_POSSIBLY_FREED,
      we will return nullptr for freed pages, so that the callers
      can be simplified. The purge of transaction history will be
      a new user of BUF_GET_POSSIBLY_FREED, to avoid crashes on
      corrupted data.
      
      buf_page_get_low(): Never crash on a corrupted page, but simply
      return nullptr.
      
      fseg_page_is_allocated(): Replaces fseg_page_is_free().
      
      fts_drop_common_tables(): Return an error if the transaction
      was rolled back.
      
      fil_space_t::set_corrupted(): Report a tablespace as corrupted if
      it was not reported already.
      
      fil_space_t::io(): Invoke fil_space_t::set_corrupted() to report
      out-of-bounds page access or other errors.
      
      Clean up mtr_t::page_lock()
      
      buf_page_get_low(): Validate the page identifier (to check for
      recently read corrupted pages) after acquiring the page latch.
      
      buf_page_t::read_complete(): Flag uninitialized (all-zero) pages
      with DB_FAIL. Return DB_PAGE_CORRUPTED on page number mismatch.
      
      mtr_t::defer_drop_ahi(): Renamed from mtr_defer_drop_ahi().
      
      recv_sys_t::free_corrupted_page(): Only set_corrupt_fs()
      if any log records exist for the page. We do not mind if read-ahead
      produces corrupted (or all-zero) pages that were not actually needed
      during recovery.
      
      recv_recover_page(): Return whether the operation succeeded.
      
      recv_sys_t::recover_low(): Simplify the logic. Check for recovery error.
      
      Thanks to Matthias Leich for testing this extensively and to the
      authors of https://rr-project.org for making it easy to diagnose
      and fix any failures that were found during the testing.
      0b47c126
    • Marko Mäkelä's avatar
      MDEV-28525 Some conditions around btr_latch_mode could be eliminated · 75096c84
      Marko Mäkelä authored
      The types btr_latch_mode and mtr_memo_type_t are partly derived from
      rw_lock_type_t. Despite that, some code for converting between them
      is using conditions instead of bitwise arithmetics.
      
      Let us define btr_latch_mode in such a way that more conversions to
      rw_lock_type_t are possible by bitwise and.
      
      Some SPATIAL INDEX code that assumed !(BTR_MODIFY_TREE & BTR_MODIFY_LEAF)
      was adjusted.
      75096c84
    • Marko Mäkelä's avatar
      Cleanup: Make fil_space_t::freed_ranges private · aa458506
      Marko Mäkelä authored
      fil_space_t::is_freed(): Check if a page is in freed_ranges.
      
      fil_space_t::flush_freed(): Replaces buf_flush_freed_pages().
      aa458506
    • Marko Mäkelä's avatar
      Cleanup: Remove fil_space_t::magic_n · b29a8118
      Marko Mäkelä authored
      b29a8118
    • Marko Mäkelä's avatar
      Cleanup: Remove some redundant reads · c86d1daa
      Marko Mäkelä authored
      c86d1daa
    • Marko Mäkelä's avatar
      MDEV-28752 Rollback of RENAME is broken if innodb_file_per_table=0 · a98ac436
      Marko Mäkelä authored
      This was broken in 54e2e701 (MDEV-25524).
      a98ac436
    • Marko Mäkelä's avatar
      MDEV-15528 fixup: Remove some dead code · 1b03db11
      Marko Mäkelä authored
      btr_page_split_and_insert(): Declare all parameters nonnull.
      btr_pessimistic_scrub() was removed
      in commit a5584b13 (MDEV-15528).
      1b03db11
  2. 02 Jun, 2022 6 commits
  3. 01 Jun, 2022 2 commits
  4. 31 May, 2022 3 commits
  5. 30 May, 2022 9 commits
    • Monty's avatar
      Bug fixes for S3 · e7de50a8
      Monty authored
      - Fixed wrong DBUG_ASSERT when waiting for big-block-read
      - Update S3_pagecache_reads counter when reading a block from S3.
        Before this patch the variable value was always 0
      
      Reviewer: Oleksandr Byelkin <sanja@mariadb.com>
      e7de50a8
    • Monty's avatar
      Fixed bug in ma_loghandler.cc that could cause an assert · 9d10b710
      Monty authored
      The assert happens in 10.6 with the following command:
      
      ./mtr --no-reorder --verbose-restart main.update_ignore_216 main.upgrade_MDEV-19650 main.upgrade_MDEV-23102-1 main.upgrade_MDEV-23102-2 main.upgrade_geometrycolumn_procedure_definer main.upgrade_mdev_24363 main.varbinary sys_vars.aria_log_file_size_basic
      
      Reviewer: Oleksandr Byelkin <sanja@mariadb.com>
      9d10b710
    • Monty's avatar
      Remove compiler warning about unused variables · 131c318b
      Monty authored
      131c318b
    • Marko Mäkelä's avatar
      MDEV-28689, MDEV-28690: Incorrect error handling for ctrl_mutex · 863c3eda
      Marko Mäkelä authored
      comp_thread_ctxt_t: Remove ctrl_mutex, ctrl_cond, started. We do not
      actually need them for anything.
      
      destroy_worker_thread(): Split from destroy_worker_threads().
      
      create_worker_threads(): We already initialize
      thd->data_avail=FALSE and thd->cancelled=FALSE before
      invoking pthread_create(). If any thread creation fails,
      clean up by destroy_worker_thread().
      
      compress_worker_thread_func(): Assume that thd->started and
      thd->data_avail are already initialized.
      
      Reviewed by: Vladislav Vaintroub
      863c3eda
    • Masashi Tomooka's avatar
      MDEV-28599 EXCHANGE PARTITION on view causes ER_CHECK_NO_SUCH_TABLE instead of ER_WRONG_OBJECT · f7137a61
      Masashi Tomooka authored
      ER_CHECK_NO_SUCH_TABLE was raised because a view does not have
      the corresponding TABLE instance connected to TABLE_LIST and the
      server interprets the absence as the absence of the table itself.
      
      To fix the problem, we add a check to ensure that the target table
      to be swapped with a partition is not a view.
      
      Reviewed by: Nayuta Yanagisawa
      f7137a61
    • mkaruza's avatar
      MDEV-27862 Galera should replicate nextval()-related changes in sequences with... · ebbd5ef6
      mkaruza authored
      MDEV-27862 Galera should replicate nextval()-related changes in sequences with INCREMENT <> 0, at least NOCACHE ones with engine=InnoDB
      
      Sequence storage engine is not transactionl so cache will be written in
      stmt_cache that is not replicated in cluster. To fix this replicate
      what is available in both trans_cache and stmt_cache.
      
      Sequences will only work when NOCACHE keyword is used when sequnce is
      created. If WSREP is enabled and we don't have this keyword report error
      indicting that sequence will not work correctly in cluster.
      
      When binlog is enabled statement cache will be cleared in transaction
      before COMMIT so cache generated from sequence will not be replicated.
      We need to keep cache until replication.
      
      Tests are re-recorded because of replication changes that were
      introducted with this PR.
      Reviewed-by: default avatarJan Lindström <jan.lindstrom@mariadb.com>
      ebbd5ef6
    • Jan Lindström's avatar
      MDEV-20627 : Galera 4 not able to report proper wsrep_incoming_addresses · c8fabbed
      Jan Lindström authored
      wsrep_server_incoming_address function always returned value of the
      wsrep_node_incoming_address even when actual incoming address
      was resolved to inc_addr variable. Fixed by returning inc_addr
      if it does contain incoming address.
      c8fabbed
    • Sergei Golubchik's avatar
      2840d775
    • Sergei Golubchik's avatar
      move alter_table combinations to a separate test file · 8b19f521
      Sergei Golubchik authored
      no need to run all alter tests three times with no changes whatsoever
      8b19f521
  6. 29 May, 2022 1 commit
  7. 27 May, 2022 1 commit
  8. 26 May, 2022 1 commit
    • Ting Nian's avatar
      Add option --enable-cleartext-plugin to the MariaDB client · 31e30329
      Ting Nian authored
      For compatibility reasons, add the option to the MariaDB client without
      any functional changes besides simply accepting the option and emitting
      a warning that it is obsolete.
      
      In MySQL this security related option is compulsory in certain use
      cases. When users switch to MariaDB, this client command that used to
      work starts failing without a sensible error message. In worst case
      users resort to re-installing the mysql client from MySQL.
      
      In MariaDB the option is obsolete and should simply be ignored. Users
      however don't have any opportunity to learn that unless the client
      program tells them so.
      
      Before:
      
          mysql --enable-cleartext-plugin ...
          mysql: unknown option '--enable-cleartext-plugin'
      
          (program terminates)
      
      After:
      
          mysql --enable-cleartext-plugin ...
          WARNING: option '--enable-cleartext-plugin' is obsolete.
      
          (program executes)
      
      All new code of the whole pull request, including one or several files
      that are either new files or modified ones, are contributed under the
      BSD-new license. I am contributing on behalf of my employer Amazon Web
      Services, Inc.
      31e30329
  9. 25 May, 2022 7 commits
    • kkz's avatar
    • Marko Mäkelä's avatar
      Merge 10.5 into 10.6 · 05d049bd
      Marko Mäkelä authored
      05d049bd
    • Marko Mäkelä's avatar
      Merge 10.4 into 10.5 · ea40c75c
      Marko Mäkelä authored
      ea40c75c
    • Marko Mäkelä's avatar
      MDEV-28601 InnoDB history list length was reverted to 32 bits · 99c8aed0
      Marko Mäkelä authored
      srv_do_purge(): In commit edde1f6e
      when the de-facto 32-bit trx_sys_t::history_size() was replaced with
      32-bit trx_sys.rseg_history_len, some more variables were changed
      from ulint (size_t) to uint32_t.
      
      The history list length is the number of committed transactions whose
      undo logs are waiting to be purged. Each TRX_RSEG_HISTORY list is
      storing the number of entries in a 32-bit field and each transaction
      will occupy at least one undo log page. It is thinkable that the
      length of each TRX_RSEG_HISTORY list may approach the maximum
      representable number. The number cannot be exceeded, because the
      rollback segment header is allocated from the same tablespace as
      the undo log header pages it is pointing to, and because the page
      numbers of a tablespace are stored in 32 bits. In any case, it is
      possible that the total number of unpurged committed transactions
      cannot be represented in 32 but 39 bits (corresponding to
      128 rollback segments and undo tablespaces).
      99c8aed0
    • Marko Mäkelä's avatar
      MDEV-28665 aio_uring::thread_routine terminates prematurely, causing hang · db0fde3f
      Marko Mäkelä authored
      aio_uring::thread_routine(): Handle -EINTR from io_uring_wait_cqe()
      in the same way as aio_linux::getevent_thread_routine() does it:
      simply ignore it and invoke the system call again.
      
      Reviewed by: Vladislav Vaintroub
      db0fde3f
    • Marko Mäkelä's avatar
      MDEV-28668 Recovery or backup of INSERT may be incorrect · a0e4853e
      Marko Mäkelä authored
      page_cur_insert_rec_low(): When checking for common bytes with
      the preceding record, exclude the header bytes of next_rec
      that could have been updated by this function.
      
      The scenario where this caused corruption was an insert of
      a node pointer record. The child page number was written as
      0x203 but recovered as 0x103 because the n_owned field of next_rec
      was changed from 1 to 2 before the comparison was invoked.
      a0e4853e
    • Thirunarayanan Balathandayuthapani's avatar
      MDEV-25257 SEGV in fts_get_next_doc_id upon some INSERT · 7fe474fe
      Thirunarayanan Balathandayuthapani authored
      - InnoDB fails to create a fts cache while loading the innodb fts
      table which is stored in system tablespace. InnoDB should create
      the fts cache while loading FTS_DOC_ID column from system column.
      7fe474fe
  10. 24 May, 2022 2 commits