1. 19 Jan, 2020 6 commits
  2. 17 Jan, 2020 3 commits
  3. 16 Jan, 2020 3 commits
    • Vicențiu Ciorbaru's avatar
      MDEV-21210: main.uniques_crash-7912 tries to allocate 1TB of memory · 1bee9efc
      Vicențiu Ciorbaru authored
      Remove the offending test case. This sort of error is hard to test in
      all possible corner cases and thus makes the test less valuable. The
      overflow error will be covered by warnings generated by the compiler,
      which is much more reliable in the general case.
      1bee9efc
    • Vicențiu Ciorbaru's avatar
      Improve documentation of Unique class · 409aba3d
      Vicențiu Ciorbaru authored
      * size represents the size of an element in the Unique class
      * full_size is used when the Unique class counts the number of
      duplicates stored per element. This requires additional space per Unique
      element.
      409aba3d
    • Marko Mäkelä's avatar
      MDEV-21500 Server hang when using simulated AIO · bde7e0ba
      Marko Mäkelä authored
      The write-heavy test innodb_zip.wl6501_scale_1 timed out on
      10.2 60d7011c for me.
      Out of os_aio_n_segments=6, 5 are waiting for an event in
      os_aio_simulated_handler(). One thread is waiting for a
      write to complete in buf_dblwr_add_to_batch(), but that
      would never happen, because nothing is waking up the simulated AIO
      handler threads.
      
      This hang appears to have been introduced in MySQL 5.6.12
      in mysql/mysql-server@26cfde776cdf5ce61bd5cc494dfc1df28c76977f.
      bde7e0ba
  4. 15 Jan, 2020 2 commits
  5. 14 Jan, 2020 1 commit
    • Sergei Petrunia's avatar
      MDEV-21341: Fix UBSAN failures: Issue Six · 5e5ae51b
      Sergei Petrunia authored
      (Variant #2 of the patch, which keeps the sp_head object inside the
      MEM_ROOT that sp_head object owns)
      (10.3 requires extra work due to sp_package, will commit a separate
      patch for it)
      
      sp_head::operator new() and operator delete() were dereferencing sp_head*
      pointers to memory that didn't hold a valid sp_head object (it was
      not created/already destroyed).
      This caused UBSan to crash when looking up type information.
      
      Fixed by providing static sp_head::create() and sp_head::destroy() methods.
      5e5ae51b
  6. 13 Jan, 2020 1 commit
  7. 11 Jan, 2020 3 commits
    • Olivier Bertrand's avatar
      - Update grant tests for new MariaDB version 10.1.44 · 85f2217c
      Olivier Bertrand authored
        modified:   storage/connect/mysql-test/connect/disabled.def
        modified:   storage/connect/mysql-test/connect/r/grant.result
        modified:   storage/connect/mysql-test/connect/r/ini_grant.result
        modified:   storage/connect/mysql-test/connect/r/mysql_grant.result
        modified:   storage/connect/mysql-test/connect/r/xml2_grant.result
        modified:   storage/connect/mysql-test/connect/r/xml_grant.result
        modified:   storage/connect/mysql-test/connect/t/grant.inc
        modified:   storage/connect/mysql-test/connect/t/grant.test
        modified:   storage/connect/mysql-test/connect/t/grant2.test
        modified:   storage/connect/mysql-test/connect/t/ini_grant.test
        modified:   storage/connect/mysql-test/connect/t/mysql_grant.test
      85f2217c
    • Olivier Bertrand's avatar
      Merge with last MariaDB version · 54449161
      Olivier Bertrand authored
      54449161
    • Olivier Bertrand's avatar
      - Fix MDEV-21450 · 98f70fa2
      Olivier Bertrand authored
        Failed compile when XML table type is not supported.
        Was because XMLDEF was unconditionally called from REST table.
        modified:   storage/connect/tabrest.cpp
      98f70fa2
  8. 09 Jan, 2020 1 commit
  9. 07 Jan, 2020 10 commits
    • Sujatha's avatar
      MDEV-18046: Assortment of crashes, assertion failures and ASAN errors in mysql_show_binlog_events · cb204e11
      Sujatha authored
      Problem:
      ========
      SHOW BINLOG EVENTS FROM <pos> reports following ASAN error.
      
      AddressSanitizer: heap-buffer-overflow on address
      READ of size 1 at 0x60e00009cf71 thread T28
      #0 0x55e37e034ae2 in net_field_length
      
      Fix:
      ===
      **Part10: Avoid reading out of buffer**
      cb204e11
    • Sujatha's avatar
      MDEV-18046: Assortment of crashes, assertion failures and ASAN errors in mysql_show_binlog_events · d05c511d
      Sujatha authored
      Problem:
      ========
      SHOW BINLOG EVENTS FROM <pos> reports following assert when ASAN is enabled.
      
      Query_log_event::Query_log_event(const char*, uint,
          const Format_description_log_event*, Log_event_type):
        Assertion `(pos) + (6) <= (end)' failed
      
      Fix:
      ===
      **Part9: Removed additional DBUG_ASSERT**
      d05c511d
    • Sujatha's avatar
      MDEV-18046: Assortment of crashes, assertion failures and ASAN errors in mysql_show_binlog_events · bac33533
      Sujatha authored
      Problem:
      ========
      SHOW BINLOG EVENTS FROM <pos> reports following ASAN error
      
      AddressSanitizer: SEGV on unknown address
      The signal is caused by a READ memory access.
      User_var_log_event::User_var_log_event(char const*, unsigned int,
          Format_description_log_event const*)
      
      Implemented part of upstream patch.
      commit: mysql/mysql-server@a3a497ccf7ecacc900551fb1e47ea4078b45c351
      
      Fix:
      ===
      **Part8: added checks to avoid reading out of buffer limits**
      bac33533
    • Sujatha's avatar
      MDEV-18046: Assortment of crashes, assertion failures and ASAN errors in mysql_show_binlog_events · 2187f1c2
      Sujatha authored
      Problem:
      ========
      SHOW BINLOG EVENTS FROM <pos> reports following ASAN error
      "heap-buffer-overflow on address" and some times it asserts.
      
      Table_map_log_event::Table_map_log_event(const char*, uint,
          const Format_description_log_event*)
      Assertion `m_field_metadata_size <= (m_colcnt * 2)' failed.
      
      Fix:
      ===
      **Part7: Avoid reading out of buffer**
      
      
      Converted debug assert to error handler code.
      2187f1c2
    • Sujatha's avatar
      MDEV-18046: Assortment of crashes, assertion failures and ASAN errors in mysql_show_binlog_events · d6fa69e4
      Sujatha authored
      Problem:
      ========
      SHOW BINLOG EVENTS FROM <pos> reports following ASAN error
      
      AddressSanitizer: heap-buffer-overflow on address 0x60400002acb8
      Load_log_event::copy_log_event(char const*, unsigned long, int,
          Format_description_log_event const*)
      
      Fix:
      ===
      **Part6: Moved the event_len validation to the begin of copy_log_event function**
      d6fa69e4
    • Sujatha's avatar
      MDEV-18046: Assortment of crashes, assertion failures and ASAN errors in mysql_show_binlog_events · 15781283
      Sujatha authored
      Problem:
      ========
      SHOW BINLOG EVENTS FROM <pos> reports following ASAN error
      
      AddressSanitizer: heap-buffer-overflow on address
      String::append(char const*, unsigned int)
      Query_log_event::pack_info(Protocol*)
      
      Fix:
      ===
      **Part5: Added check to catch buffer overflow**
      15781283
    • Sujatha's avatar
      MDEV-18046: Assortment of crashes, assertion failures and ASAN errors in mysql_show_binlog_events · a42ef108
      Sujatha authored
      Problem:
      ========
      SHOW BINLOG EVENTS FROM <pos> reports following ASAN error
      
      heap-buffer-overflow within "my_strndup" in Rotate_log_event
      
      my_strndup /mysys/my_malloc.c:254
      Rotate_log_event::Rotate_log_event(char const*, unsigned int,
          Format_description_log_event const*)
      
      Fix:
      ===
      **Part4: Improved the check for event_len validation**
      a42ef108
    • Sujatha's avatar
      MDEV-18046: Assortment of crashes, assertion failures and ASAN errors in mysql_show_binlog_events · 5a54e84e
      Sujatha authored
      Problem:
      ========
      SHOW BINLOG EVENTS FROM <pos> reports following crash when ASAN is enabled.
      
      SEGV on unknown address
      in inline_mysql_mutex_destroy
      in my_bitmap_free
      in Update_rows_log_event::~Update_rows_log_event()
      
      Fix:
      ===
      **Part3: Initialize m_cols_ai.bitmap to NULL**
      5a54e84e
    • Sujatha's avatar
      MDEV-18046: Assortment of crashes, assertion failures and ASAN errors in mysql_show_binlog_events · 913f405d
      Sujatha authored
      Problem:
      ========
      SHOW BINLOG EVENTS FROM <pos> reports following assert when ASAN is enabled.
      
      Rows_log_event::Rows_log_event(const char*, uint,
          const Format_description_log_event*):
      Assertion `var_header_len >= 2'
      
      Implemented part of upstream patch.
      commit: mysql/mysql-server@a3a497ccf7ecacc900551fb1e47ea4078b45c351
      
      Fix:
      ===
      **Part2: Avoid reading out of buffer limits**
      913f405d
    • Sujatha's avatar
      MDEV-18046: Assortment of crashes, assertion failures and ASAN errors in mysql_show_binlog_events · a6dd827a
      Sujatha authored
      Problem:
      ========
      SHOW BINLOG EVENTS FROM <pos> causes a variety of failures, some of which are
      listed below. It is not a race condition issue, but there is some
      non-determinism in it.
      
      Analysis:
      ========
      "show binlog events from <pos>" code considers the user given position as a
      valid event start position. The code starts reading data from this event start
      position onwards and tries to map it to a set of known events. Each event has
      a specific event structure and asserts have been added to ensure that read
      event data satisfies the event specific requirements. When a random position
      is supplied to "show binlog events command" the event structure specific
      checks will fail and they result in assert.
      
      Fix:
      ====
      The fix is split into different parts. Each part addresses either an ASAN
      issue or an assert/crash.
      
      **Part1: Checksum based position validation when checksum is enabled**
      
      
      Using checksum validate the very first event read at the user specified
      position. If there is a checksum mismatch report an appropriate error for the
      invalid event.
      a6dd827a
  10. 03 Jan, 2020 3 commits
  11. 02 Jan, 2020 1 commit
  12. 26 Dec, 2019 1 commit
    • Varun Gupta's avatar
      MDEV-19680:: Assertion `!table || (!table->read_set ||... · 359d91aa
      Varun Gupta authored
      MDEV-19680:: Assertion `!table || (!table->read_set || bitmap_is_set(table->read_set, field_index) || (!(ptr >= table->record[0] && ptr < table->record[0] + table->s->reclength)))' or alike failed upon SELECT with mix of functions from simple view
      
      Set read_set bitmap for view from the JOIN::all_fields list instead of JOIN::fields_list
      as split_sum_func would have added items to the all_fields list.
      359d91aa
  13. 23 Dec, 2019 1 commit
  14. 20 Dec, 2019 1 commit
    • Sergei Golubchik's avatar
      fix a bad merge · aade6e53
      Sergei Golubchik authored
      in 10.1+ one should use
      
      MY_CHECK_AND_SET_COMPILER_FLAG("-Wno-address-of-packed-member")
      
      and it's already done in storage/tokudb/PerconaFT/CMakeLists.txt
      aade6e53
  15. 19 Dec, 2019 1 commit
  16. 18 Dec, 2019 2 commits