Also fixes:
MDEV-17741 Assertion `thd->Item_change_list::is_empty()' failed in mysql_parse after unsuccessful PS

The problem was introduced by:
  commit f033fbd9
  Changed the test case for MDEV-15571

It was later fixed, but in 10.3 only:

  commit ce2cf855
  MDEV-16043 Assertion thd->Item_change_list::is_empty() failed in mysql_parse
  upon SELECT from a view reading from a versioned table

This patch is a backport of ce2cf855 to 10.2

it'll be either system zlib.so or bundled with the server (but still
external to C/C) zlib.a

Part two, temporary tables.

Make temporary tables respect TABLE::m_needs_reopen.

See also 77cd7542

Simplify the check, remove redundant code.

Add a safety check to avoid linking with static jemalloc_pic.a
if jemalloc version is 5+.

This doesn't fix the issue on Gentoo, it should be fixed in the ebuild.

MDEV-17755 Assertion `!table || (!table->read_set || bitmap_is_set(table->read_set, field_index) || (!(ptr >= table->record[0] && ptr < table->record[0] + table->s->reclength)))' failed in Field_bit::val_int upon SELECT with JOIN, partitions, indexed virtual column

add a test case

MDEV-16429: Assertion `!table || (!table->read_set || bitmap_is_set(table->read_set, field_index))' fails upon attempt to update virtual column on partitioned versioned table

When using buffered sort in `UPDATE`, keyread is used. In this case,
`TABLE::update_virtual_field` should be aborted, but it actually isn't,
because it is called not with a top-level handler, but with the one that
is actually going to access the disk. Here the problemm is issued with
partitioning, so the solution is to recursively mark for keyread all the
underlying partition handlers.

* ha_partition: update keyread state for child partitions

Closes #800

MDEV-16903 Assertion `!auto_increment_field_not_null' failed in TABLE::init after unsuccessful attempt to add CHECK constraint on temporary table

if the CHECK constraint failed in copy_data_between_tables(),
the loop was aborted prematurely and to->auto_increment_field_not_null
wasn't reset.

use frm_version, not mysql_version when parsing frm

In particular, virtual columns are stored according to
frm_version. And CHECK TABLE will overwrite mysql_version
to the current server version, so it cannot correctly
describe frm format.

Before MDEV-5800 in MariaDB 10.2.2, InnoDB knew nothing about
virtual columns. But, they would be present in the TABLE_SHARE.

It appears that the MDEV-12936 fix only worked in the special case
when the virtual columns are the last columns in a table definition.

mysql_fields(): Remove.

build_template_needs_field(): Omit virtual columns if the
InnoDB table definition is known to not contain them, based
on the .frm file version.

build_template_field(): Clean up some code.

ha_innobase::build_template(): Remove redundant computations.
Loop over all MariaDB columns. Skip virtual columns if
InnoDB does not know about them.

calc_row_difference(): Skip not-known-to-InnoDB virtual columns.

wsrep_calc_row_hash(): Skip all virtual columns. This would
fix an out-of-bounds access to dict_table_t::cols[]. Also,
remove some redundant computations and variables.

create_table_check_doc_id_col(): Assert that the .frm file
for a newly created table will be in a format where InnoDB
knows about virtual columns.

Write a test case that computes valid crc32 checksums for
an encrypted page, but zeroes out the payload area, so
that the checksum after decryption fails.

xb_fil_cur_read(): Validate the page number before trying
any checksum calculation or decrypting or decompression.
Also, skip zero-filled pages. For page_compressed pages,
ensure that the FIL_PAGE_TYPE was changed. Also, reject
FIL_PAGE_PAGE_COMPRESSED_ENCRYPTED if no decryption was attempted.

While printing a view containing a window function we were printing it as an
Item_field object instead of an Item_window_func object. This is incorrect and this
leads to us throwing an error ER_VIEW_INVALID.
Fixed by adjusting the Item_ref:print function.
Also made UDF function aware if there arguments have window function.

Attempt to fix by retrying srv_sys_space.open_or_create() if it reports
corruption.

The fix was accidentally only applied to InnoDB, and encryption tests
were not adjusted.

Problem:
=======
Mariabackup seems to fail to verify the pages of compressed tables.
The reason is that both fil_space_verify_crypt_checksum() and
buf_page_is_corrupted() will skip the validation for compressed pages.

Fix:
====
Mariabackup should call fil_page_decompress() for compressed and encrypted
compressed page. After that, call buf_page_is_corrupted() to
check the page corruption.

Starting with commit 6b698715
the encrypted page checksum is only computed with crc32.
Encrypted data pages that were written earlier can contain
other checksums, but new ones will only contain crc32.

Because of this, it does not make sense to implement strict
checks of innodb_checksum_algorithm for other than strict_crc32.

fil_space_verify_crypt_checksum(): Treat strict_innodb as innodb
and strict_none as none. That is, allow a match from any of the
algorithms none, innodb, crc32. (This is how it worked before the
second MDEV-12112 fix.)

Thanks to Thirunarayanan Balathandayuthapani for pointing this out.

fil_space_verify_crypt_checksum(): Compute the bug-compatible variant
of the CRC-32C checksum if the correct one does not match.

fil_space_verify_crypt_checksum(): Add a dummy return statement
in case memory is corrupted and innodb_checksum_algorithm has
an invalid value.

The initial fix only covered a part of Mariabackup.
This fix hardens InnoDB and XtraDB in a similar way, in order
to reduce the probability of mistaking a corrupted encrypted page
for a valid unencrypted one.

This is based on work by Thirunarayanan Balathandayuthapani.

fil_space_verify_crypt_checksum(): Assert that key_version!=0.
Let the callers guarantee that. Now that we have this assertion,
we also know that buf_page_is_zeroes() cannot hold.
Also, remove all diagnostic output and related parameters,
and let the relevant callers emit such messages.
Last but not least, validate the post-encryption checksum
according to the innodb_checksum_algorithm (only accepting
one checksum for the strict variants), and no longer
try to validate the page as if it was unencrypted.

buf_page_is_zeroes(): Move to the compilation unit of the only callers,
and declare static.

xb_fil_cur_read(), buf_page_check_corrupt(): Add a condition before
calling fil_space_verify_crypt_checksum(). This is a non-functional
change.

buf_dblwr_process(): Validate the page only as encrypted or unencrypted,
but not both.

A static analysis tool suggested that in the function
row_merge_read_clustered_index(), ut_free(nonnull) could
be invoked twice for nonnull!=NULL. While a manual review
of the code disproved this, it should not hurt to clean up
the code so that the static analysis tool will not complain.

index_tuple_info_t::insert(), row_mtuple_cmp(): Remove the
parameter mtr_committed, which duplicated !mtr->is_active().

row_merge_read_clustered_index(): Initialize row_heap = NULL.
Remove a duplicated call mem_heap_empty(row_heap) that was
inadvertently added in commit cb1e76e4.

Replace a "goto func_exit" with "break", to get consistent error
handling for both failures to create or write a temporary file.

end_of_index: Assign row_heap=NULL and nonnull=NULL to prevent
double freeing.

func_exit: Check for row_heap!=NULL before invoking mem_heap_free().

Closes #959

Remove provider defaults check from 'galera_defaults' MTR test

Problem is that if you use bundled yassl AES_CTR is not supported. There is a way to detect that but as we really want to keep this test enabled did not add
skip for missing support. Changed method to AES_CBC as there is no need to
use AES_CTR.

Add check that file key management plugin is found.

While calculating distinct with the function remove_dup_with_compare, we don't have rnd_end calls
when we have completed the scan over the temporary table.
Added ha_rnd_end calls when we are done with the scan of the table.

galera_prepared_statement test fixed.

connect.xml2 test result fixed.

The error message modified.
Then the TABLE_SHARE::error_table_name() implementation taken from 10.3,
          to be used as a name of the table in this message.

ported privilege checking from xtrabackup.
Now, mariabackup would terminate early if either RELOAD or PROCESS privilege
is not held, not at the very end of backup

The behavior can be disabled with nre setting --check-privileges=0.
Also , --no-lock does not need all of these privileges, since it skips
FTWRL and SHOW ENGINE STATUS INNODB.

From time to time Galera adds new parameters or changes defaults to
existing ones. Every time this happens galera_defaults test needs a
fix (and a commit) because it insists on checking these defaults.
This is making life hard because any Galera update may require a fix
to MariaDB code even though it is totally unrelated and defeats the
whole idea of a provider living its own life.
This commit removes checking for provider defaults to avoid false
positive failures on MariaDB side.