- 19 Jan, 2021 1 commit
-
-
Marko Mäkelä authored
-
- 14 Jan, 2021 1 commit
-
-
Dmitry Shulga authored
MDEV-23666: Assertion `m_cpp_buf <= ptr && ptr <= m_cpp_buf + m_buf_length' failed in Lex_input_stream::body_utf8_append On parsing statements for which a starting backtick (`) delimiter doesn't have a corresponding ending backtick, a current pointer to a position inside a pre-processed buffer could go beyond the end of the buffer. This bug report caused by the commit d4967659 "MDEV-22022 Various mangled SQL statements will crash 10.3 to 10.5 debug builds". In order to fix the issue both pointers m_ptr and m_cpp_ptr must be rolled back to previous position in raw input and pre-processed input streams correspondingly in case end of query reached during parsing.
-
- 13 Jan, 2021 1 commit
-
-
Rucha Deodhar authored
constellation Analysis: The decimals is set to NOT_FIXED_DEC for Field_str even if it is NULL. Unsigned has decimals=0. So Type_std_attributes::decimals is set to 39 (maximum between 0 and 39). This results in incorrect number of decimals when we have union of unsigned and NULL type. Fix: Check if the field is created from NULL value. If yes, set decimals to 0 otherwise set it to NOT_FIXED_DEC.
-
- 12 Jan, 2021 10 commits
-
-
Aleksey Midenkov authored
-
Sergei Golubchik authored
MDEV-17227 Server crash in TABLE_SHARE::init_from_sql_statement_string upon table discovery with non-existent database * failed init_from_binary_frm_image can clear share->db_plugin, don't use it on the error path * cleanup the test a bit
-
Sergei Golubchik authored
force alter_algorithm=DEFAULT in mysql_system_tables_fix.sql, in case my.cnf sets it to something incompatible
-
Sergei Golubchik authored
MDEV-20763 Table corruption or Assertion `btr_validate_index(index, 0, false)' failed in row_upd_sec_index_entry with virtual column and EMPTY_STRING_IS_NULL SQL mode unset empty_string_is_null mode when parsing generated columns in a table, this mode affects pasring.
-
Sergei Golubchik authored
the test was doing --replace_result $con_id con_id eval SHOW EXPLAIN FOR $con_id; with the intention of replacing the variable part of the statement in the result log. But actually replace_result replaces everything that matches. In particular, when $con_id is 100, the warning Note 1003 select sleep(100000) becomes Note con_id3 select sleep(con_id000)
-
Sergei Golubchik authored
-
Sergei Golubchik authored
MDEV-24524 Assertion `ls->length < 0xFFFFFFFFL && ((ls->length == 0 && !ls->str) || ls->length == strlen(ls->str))' failed in String::append on SELECT from I_S don't expect return type of a stored function to be valid. it's read from a table, so can be messed with. it even can contain \0 bytes in the middle of the type name
-
Kentoku SHIBA authored
MDEV-20502 Queries against spider tables return wrong values for columns following constant declarations. Add test cases.
-
Kentoku SHIBA authored
MDEV-20502 Queries against spider tables return wrong values for columns following constant declarations. When executing a query like "select id, 0 as const, val from ...", there are 3 columns(items) in Query->select at handlerton->create_group_by(). After that, MariaDB makes a temporary table with 2 columns. The skipped items are const item, so fixing Spider to skip const items for items at Query->select.
-
Varun Gupta authored
-
- 11 Jan, 2021 2 commits
-
-
Thirunarayanan Balathandayuthapani authored
with wrong data type is added Inplace alter fails to report error when fts_doc_id column with wrong data type is added. prepare_inplace_alter_table_dict(): Should check whether the column is fts_doc_id. It should be of bigint type, should accept non null data type and it should be in capital letters.
-
Marko Mäkelä authored
The fix of MDEV-17556 (commit e25623e7 and commit 61a362c9) has been omitted due to conflicts and will have to be applied separately later.
-
- 09 Jan, 2021 1 commit
-
-
Vladislav Vaintroub authored
-
- 08 Jan, 2021 5 commits
-
-
Jan Lindström authored
A race condition may occur between the execution of transaction commit, and an execution of a KILL statement that would attempt to abort that transaction. MDEV-17092 worked around this race condition by modifying InnoDB code. After that issue was closed, Sergey Vojtovich pointed out that this race condition would better be fixed above the storage engine layer: If you look carefully into the above, you can conclude that thd->free_connection() can be called concurrently with KILL/thd->awake(). Which is the bug. And it is partially fixed in THD::~THD(), that is destructor waits for KILL completion: Fix: Add necessary mutex operations to THD::free_connection() and move WSREP specific code also there. This ensures that no one is using THD while we do free_connection(). These mutexes will also ensures that there can't be concurrent KILL/THD::awake(). innobase_kill_query We can now remove usage of trx_sys_mutex introduced on MDEV-17092. trx_t::free() Poison trx->state and trx->mysql_thd This patch is validated with an RQG run similar to the one that reproduced MDEV-17092.
-
Marko Mäkelä authored
-
Nikita Malyavin authored
-
Marko Mäkelä authored
-
Nikita Malyavin authored
The assertion failed in handler::ha_reset upon SELECT under READ UNCOMMITTED from table with index on virtual column. This was the debug-only failure, though the problem is mush wider: * MY_BITMAP is a structure containing my_bitmap_map, the latter is a raw bitmap. * read_set, write_set and vcol_set of TABLE are the pointers to MY_BITMAP * The rest of MY_BITMAPs are stored in TABLE and TABLE_SHARE * The pointers to the stored MY_BITMAPs, like orig_read_set etc, and sometimes all_set and tmp_set, are assigned to the pointers. * Sometimes tmp_use_all_columns is used to substitute the raw bitmap directly with all_set.bitmap * Sometimes even bitmaps are directly modified, like in TABLE::update_virtual_field(): bitmap_clear_all(&tmp_set) is called. The last three bullets in the list, when used together (which is mostly always) make the program flow cumbersome and impossible to follow, notwithstanding the errors they cause, like this MDEV-17556, where tmp_set pointer was assigned to read_set, write_set and vcol_set, then its bitmap was substituted with all_set.bitmap by dbug_tmp_use_all_columns() call, and then bitmap_clear_all(&tmp_set) was applied to all this. To untangle this knot, the rule should be applied: * Never substitute bitmaps! This patch is about this. orig_*, all_set bitmaps are never substituted already. This patch changes the following function prototypes: * tmp_use_all_columns, dbug_tmp_use_all_columns to accept MY_BITMAP** and to return MY_BITMAP * instead of my_bitmap_map* * tmp_restore_column_map, dbug_tmp_restore_column_maps to accept MY_BITMAP* instead of my_bitmap_map* These functions now will substitute read_set/write_set/vcol_set directly, and won't touch underlying bitmaps.
-
- 07 Jan, 2021 3 commits
-
-
Alice Sherepa authored
MDEV-16272 rpl.rpl_semisync_ali_issues failed in buildbot, SHOW variable was done instead of waiting for the value of that variable
-
Oleksandr Byelkin authored
Use the same variable in both scopes (from where we have "goto error" and target of the goto)
-
Nikita Malyavin authored
Problem: Assertion `transactional_table || !changed || thd->transaction.stmt.modified_non_trans_table' failed due REPLACE into a versioned table. It is not specific to system versioning/pertitioning/heap, but this combination makes it much easier to reproduce. The thing is to make first ha_update_row call succeed to make info->deleted != 0. And then make REPLACE fail by any reason. In this scenario we overflow versioned partition, so next ha_update_row succeeds, but corresponding ha_write_row fails to insert history record. Fix: modified_non_trans_table is set in one missed place
-
- 06 Jan, 2021 1 commit
-
-
Andrei Elkin authored
fixing windows build.
-
- 05 Jan, 2021 3 commits
-
-
Nikita Malyavin authored
mysql_col_offset was not updated after the new column has been added by an INSTANT ALTER TABLE -- table data dictionary had been remaining the same. When the virtual column is added or removed, table was usually evicted and then reopened, which triggered vcol info rebuild on the next open. However this also should be done when the usual column is added or removed: mariadb always stores virtual field at the end of maria record, so the shift should always happen. Fix: expand the eviction condition to the case when usual fields are added/removed Note: this should happen only in the case of !new_clustered: * When new_clustered is true, a new data dictionary is created, and vcol metadata is rebuilt in `alter_rebuild_apply_log()` * We can't do it in `new_clustered` case, because the old table is not yet subctituted correctly
-
Nikita Malyavin authored
-
Nikita Malyavin authored
-
- 04 Jan, 2021 7 commits
-
-
Stepan Patryshev authored
-
Stepan Patryshev authored
-
Stepan Patryshev authored
-
Stepan Patryshev authored
-
Stepan Patryshev authored
-
Sujatha authored
Problem: ======= Upon deleting or updating a row in a parent table (with primary key), if the child table has virtual column and an associated key with ON UPDATE CASCADE/ON DELETE CASCADE, it will result in slave crash. Analysis: ======== Tables which are related through foreign key require prelocking similar to triggers. i.e If a table has triggers/foreign keys we should add all tables and routines used by them to the prelocking set. This prelocking happens during 'open_and_lock_tables' call. Each table being opened is checked for foreign key references. If foreign key reference exists then the child table is opened and it is linked to the table_list. Upon any modification to parent table its corresponding child tables are retried from table_list and they are updated accordingly. This prelocking work fine on master. On slave prelocking works for following cases. - Statement/mixed based replication - In row based replication when trigger execution is enabled through 'slave_run_triggers_for_rbr=YES/LOGGING/ENFORCE' Otherwise it results in an assert/crash, as the parent table will not find the corresponding child table and it will be NULL. Dereferencing NULL pointer leads to slave server exit. Fix: === Introduce a new 'slave_fk_event_map' flag similar to 'trg_event_map'. This flag will ensure that when foreign key is enabled in row based replication all the parent and child tables are prelocked, so that parent is able to locate the child table. Note: This issue is specific to slave, hence only slave needs to be upgraded.
-
Rucha Deodhar authored
-
- 31 Dec, 2020 1 commit
-
-
Rucha Deodhar authored
Analysis: select into outfile creates files everytime with 666 permission, regardsless if umask environment variables and umask settings on OS level. It seems hardcoded. Fix: change 0666 to 0644 which will let anybody consume the file but not change it.
-
- 29 Dec, 2020 1 commit
-
-
Igor Babaev authored
(correction for commit 6fed6de9)
-
- 28 Dec, 2020 3 commits
-
-
Marko Mäkelä authored
-
Alexey Botchkov authored
MDEV-19442 server_audit plugin doesn't consider proxy users in server_audit_excl_users/server_audit_incl_users. Check the proxy user just as the connection user against the incl_users_list and excl_users_list.
-
Marko Mäkelä authored
This corresponds to 10.5 commit 39378e13. With a patched version of the test innodb.ibuf_not_empty (so that it would trigger crash recovery after using the change buffer), and patched code that would modify the os_thread_sleep() in recv_apply_hashed_log_recs() to be 1ms as well as add a sleep of the same duration to the end of recv_recover_page() when recv_sys->n_addrs=0, we can demonstrate a race condition. After disabling some debug checks in buf_all_freed_instance(), buf_pool_invalidate_instance() and buf_validate(), we managed to trigger an assertion failure in fseg_free_step(), on the XDES_FREE_BIT. In other words, an trx_undo_seg_free() call during trx_rollback_resurrected() was attempting a double-free of a page. This was repeated about once in 400 to 500 test runs. With the fix applied, the test passed 2,000 runs. recv_apply_hashed_log_recs(): Do not only wait for recv_sys->n_addrs to reach 0, but also wait for buf_get_n_pending_read_ios() to reach 0, to guarantee that buf_page_io_complete() will not be executing ibuf_merge_or_delete_for_page().
-