1. 24 Nov, 2023 8 commits
    • Dmitry Shulga's avatar
      MDEV-32867: ASAN errors in Item_func_json_contains_path::val_int upon PS execution · 85c15780
      Dmitry Shulga authored
      This bug was caused by a patch for the task MDEV-32733.
      Incorrect memory root was used for allocation of memory
      pointed by the data memebr Item_func_json_contains_path::p_found.
      85c15780
    • Marko Mäkelä's avatar
      MDEV-32874 Test innodb.innodb-table-online,crypt occasionally fails · ead61d9b
      Marko Mäkelä authored
      Let us make the test compatible with ./mtr --repeat
      and convert variable_value to integer, so that comparisons like
      16>9 will work as intended, instead of being compared as '16'<'9'.
      ead61d9b
    • Oleg Smirnov's avatar
      MDEV-29070 SIGSEGV in my_decimal::operator= and Assertion `0' failed and in... · 69d294e7
      Oleg Smirnov authored
      MDEV-29070 SIGSEGV in my_decimal::operator= and Assertion `0' failed and in Item_type_holder::val_decimal on SELECT
      
      The bug is fixed by the patch ported from MySQL. See the comprehensive
      description below.
      
      commit 455c4e8810c76430719b1a08a63ca0f69f44678a
      Author: Guilhem Bichot <guilhem.bichot@oracle.com>
      Date:   Fri Mar 13 17:51:27 2015 +0100
      
          Bug#17668844: CRASH/ASSERT AT ITEM_TYPE_HOLDER::VAL_STR IN ITEM.C
      
          We have a predicate of the form:
          literal_row <=> (a UNION)
      
          The subquery is constant, so Item_cache objects are used for its
          SELECT list.
          In order, this happens:
          - Item_subselect::fix_fields() calls select_lex_unit::prepare,
          where we create Item_type_holder's
          (appended to unit->types list), create the tmp table (using type info
          found in unit->types), and call fill_item_list() to put the
          Item_field's of this table into unit->item_list.
          - Item_subselect::fix_length_and_dec() calls set_row() which
          makes Item_cache's of the subquery wrap the Item_type_holder's
          - When/if a first result row is found for the subquery,
          Item_cache's are re-pointed to unit->item_list
          (i.e. Item_field objects which reference the UNION's tmp table
          columns) (see call to Item_singlerow_subselect::store()).
          - In our subquery, no result row is found, so the Item_cache's
          still wrap Item_type_holder's; evaluating '<=>' reads the
          value of those, but Item_type_holder objects are not expected to be
          evaluated.
      
          Fix: instead of putting unit->types into Item_cache, and later
          replacing with unit->item_list, put unit->item_list in Item_cache from
          the start.
      
      Approved by Oleksandr Byelkin <sanja@mariadb.com>
      69d294e7
    • Dmitry Shulga's avatar
      MDEV-32466: Potential memory leak on executing of create view statement · 85f2e4f8
      Dmitry Shulga authored
      This is the follow-up patch that removes explicit use of thd->stmt_arena
      for memory allocation and replaces it with call of the method
        THD::active_stmt_arena_to_use()
      Additionally, this patch adds extra DBUG_ASSERT to check that right
      query arena is in use.
      85f2e4f8
    • Dmitry Shulga's avatar
      MDEV-32466: Potential memory leak on executing of create view statement · 5064750f
      Dmitry Shulga authored
      This patch is actually follow-up for the task
        MDEV-23902: MariaDB crash on calling function
      to use correct query arena for a statement. In case invocation of
      a function is in progress use its call arena, else use current
      query arena that can be either a statement or a regular query arena.
      5064750f
    • Yuchen Pei's avatar
      MDEV-28739 MDEV-29421 Remove spider persistent table stats · bdfd93d3
      Yuchen Pei authored
      We remove the call to update spider persistent table stats (sts/crd)
      in spider_free_share(). This prevents spider from opening and closing
      further tables during close(), which fixes the following issues:
      
      MDEV-28739: ha_spider::close() is called during tdc_start_shutdown(),
      which is called after query_cache_destroy(). Closing the sts/crd Aria
      tables will trigger a call to Query_cache::invalidate_table(), which
      will attempt to use the query cache mutex structure_guard_mutex
      destroyed previously.
      
      MDEV-29421: during ha_spider::close(), spider_free_share() could
      trigger another spider_free_share() through updating sts/crd table,
      because open_table() calls tc_add_table(), which could trigger another
      ha_spider::close()...
      
      Since spider sts/crd system tables are only updated here, there's no
      use for these tables any more, and we remove all uses of these tables
      too.
      
      The removal should not cause any performance issue, as in memory
      spider table stats are only updated based on a time
      interval (spider_sts_interval and spider_crd_interval), which defaults
      to 10 seconds. It should not affect accuracy either, due to the
      infrequency of server restart. And inaccurate stats are not a problem
      for optimizer anyway.
      
      To be on the safe side, we defer the removal of the spider sts/crd
      tables themselves to future.
      bdfd93d3
    • Yuchen Pei's avatar
      MDEV-32804 Remove references to spider_rewrite_plugin tables · 1a76d751
      Yuchen Pei authored
      They are not used. The code paths are never reached.
      1a76d751
    • Yuchen Pei's avatar
      MDEV-27575 Add sleeping statement spider/bugfix.mdev_27575 · ed0ab6e1
      Yuchen Pei authored
      This could help prevent race condition when shutting down the server
      not long after loading spider. Thus only needed for 10.4-10.6.
      ed0ab6e1
  2. 23 Nov, 2023 5 commits
  3. 22 Nov, 2023 1 commit
    • Rex's avatar
      MDEV-32829 Crash when executing PS for query with eliminated subquery using view · 32c68497
      Rex authored
      Statements affected by this bug have all the following
      1) select statements with a sub-query
      2) that sub-query includes a group-by clause
      3) that group-by clause contains an expression
      4) that expression has a reference to view
      
      When a view is used in a group by expression, and that group by can be
      eliminated in a sub-query simplification as part of and outer condition
      that could be in, exists, > or <, then the table structure left behind
      will have a unit that contains a null select_lex pointer.
      
      If this happens as part of a prepared statement, or execute in a stored
      procedure for the second time, then, when the statement is executed, the table
      list entry for that, now eliminated, view is "opened" and "reinit"ialized.
      This table entry's unit no longer has a select_lex pointer.
      Prior to MDEV-31995 this was of little consequence, but now following this
      null pointer will cause a crash.
      
      Reviewed by Igor Babaev (igor@mariadb.com)
      32c68497
  4. 21 Nov, 2023 6 commits
  5. 20 Nov, 2023 3 commits
  6. 19 Nov, 2023 1 commit
  7. 18 Nov, 2023 1 commit
  8. 17 Nov, 2023 12 commits
    • Rex's avatar
      MDEV-31995 Fix2 allocate memory in mem_root properly. · 2c1345ab
      Rex authored
      Lex_ident_sys had no new operator and was used incorrectly in
      save_item_list_names(), so leaked memory.
      2c1345ab
    • Kristian Nielsen's avatar
      MDEV-20523: rpl.create_or_replace_mix, rpl.create_or_replace_statement failed... · 36680b64
      Kristian Nielsen authored
      MDEV-20523: rpl.create_or_replace_mix, rpl.create_or_replace_statement failed in buildbot with wrong result
      
      Wait for the disconnect of the other connection to complete, before running
      SHOW BINLOG EVENTS. Otherwise the DROP TEMPORARY TABLE that is binlogged
      during disconnect may not have appeared yet depending on thread scheduling.
      Signed-off-by: default avatarKristian Nielsen <knielsen@knielsen-hq.org>
      36680b64
    • Kristian Nielsen's avatar
      MDEV-32168: slave_error_param condition is never checked from the wait_for_slave_param.inc · 0258ad54
      Kristian Nielsen authored
      Fix wrong change to rpl.rpl_shutdown_wait_slaves. After shutting down the
      master, slaves may or may not succeed in reconnecting depending on the timing
      on their reconnect relative to master restart. So don't assume all IO threads
      will be running, just restart any slave that needs it.
      Signed-off-by: default avatarKristian Nielsen <knielsen@knielsen-hq.org>
      0258ad54
    • Kristian Nielsen's avatar
      MDEV-32168: slave_error_param condition is never checked from the wait_for_slave_param.inc · 7e394d0b
      Kristian Nielsen authored
      Fix sporadic test failure in rpl.rpl_ssl1. The test incorrectly did a STOP
      SLAVE too early, which could race with the expected 'Access denied' error.
      Signed-off-by: default avatarKristian Nielsen <knielsen@knielsen-hq.org>
      7e394d0b
    • Kristian Nielsen's avatar
      MDEV-32168: slave_error_param condition is never checked from the wait_for_slave_param.inc · 30ec1b3e
      Kristian Nielsen authored
      Fix sporadic test failures in rpl.rpl_set_statement_default_master and
      rpl.rpl_slave_load_tmpdir_not_exist. A race between START and STOP
      SLAVE could leave an error condition that causes test failure after
      MDEV-32168.
      Signed-off-by: default avatarKristian Nielsen <knielsen@knielsen-hq.org>
      30ec1b3e
    • Kristian Nielsen's avatar
      MDEV-32168: slave_error_param condition is never checked from the wait_for_slave_param.inc · 17430d94
      Kristian Nielsen authored
      Test rpl.show_status_stop_slave_race-7126 now fails sporadically
      because it is expected to sometimes (but not always) leave an error
      condition after slave stop. Fix by explicitly allowing the error
      condition in this case.
      Signed-off-by: default avatarKristian Nielsen <knielsen@knielsen-hq.org>
      17430d94
    • Kristian Nielsen's avatar
      MDEV-32168: slave_error_param condition is never checked from the wait_for_slave_param.inc · d95fa7e3
      Kristian Nielsen authored
      Fix a start/stop race that causes occasional test failure after more the more
      strict error check of MDEV-32168.
      Signed-off-by: default avatarKristian Nielsen <knielsen@knielsen-hq.org>
      d95fa7e3
    • Brandon Nesterenko's avatar
      MDEV-32628: Cryptic ERROR message & inconsistent behavior on incorrect SHOW BINLOG EVENTS FROM ... · c42aadc3
      Brandon Nesterenko authored
      Calling SHOW BINLOG EVENTS FROM <offset> with an invalid offset
      writes error messages into the server log about invalid reads. The
      read errors that occur from this command should only be relayed back
      to the user though, and not written into the server log. This is
      because they are read-only and have no impact on server operation,
      and the client only need be informed to correct the parameter.
      
      This patch fixes this by omitting binary log read errors from the
      server when the invocation happens from SHOW BINLOG EVENTS.
      Additionally, redundant error messages are omitted when calling the
      string based read_log_event from the IO_Cache based read_log_event,
      as the later already will report the error of the former.
      
      Reviewed By:
      ============
      Kristian Nielsen <knielsen@knielsen-hq.org>
      Andrei Elkin <andrei.elkin@mariadb.com>
      c42aadc3
    • Marko Mäkelä's avatar
      MDEV-16660: Increase the DEFAULT_THREAD_STACK for ASAN · f5fdb9ce
      Marko Mäkelä authored
      To allow cmake -DWITH_ASAN=ON to work out of the box when using
      newer compilers, we must increase the default thread stack size.
      
      By design, AddressSanitizer will allocate some "sentinel" areas in
      stack frames so that it can better catch buffer overflows, by trapping
      access to memory addresses that reside between stack-allocated variables.
      
      Apparently, some parameters related to this have been changed
      recently, possibly to allow -fsanitize=address to catch more errors.
      f5fdb9ce
    • Yuchen Pei's avatar
      MDEV-30014 Spider should not second guess server when locking / unlocking · 03811978
      Yuchen Pei authored
      This fixes MDEV-30014, MDEV-29456, MDEV-29667, and MDEV-30049.
      
      The server may ask storage engines to unlock when the original sql
      command is not UNLOCK. This patch makes sure that spider honours these
      requests, so that the server has the correct idea which tables are
      locked and which are not.
      
      MDEV-29456, MDEV-29667, MDEV-30049: a later LOCK statement would, as
      the first step, unlock locked tables and clear the OPTION_TABLE_LOCK
      bit in thd->variables.option_bits, as well as locked_tables_list,
      indicating no tables are locked. If Spider does not unlock because the
      sql command is not UNLOCK, and if after this the LOCK statement fails
      to lock any tables, these indications that no tables are locked
      remains, so a later UNLOCK TABLES; statement would not try to unlock
      any table. Causing later statements requiring mdl locks to hang on
      waiting until lock_wait_timeout (default 1h) has passed.
      
      MDEV-30014: when a LOCK statement tries to lock more than one tables,
      say t2 and t3 as in mdev_30014.test, and t2 succeeds but t3 fails, the
      sql layer would try to undo by unlocking t2, and again, if Spider does
      not honour this request, the sql layer would assume t2 has been
      unlocked, but later actions on t2 or t2's remote table could hang on
      waiting for the mdl.
      03811978
    • Yuchen Pei's avatar
      MDEV-29963 MDEV-31357 Spider should clear its lock lists when locking fails · 52a5b16b
      Yuchen Pei authored
      Spider populates its lock lists (a hash) in store_lock(), and normally
      clears them in the actual lock_tables(). However, if lock_tables()
      fails, there's no reset_lock() method for storage engine handlers,
      which can cause bad things to happen. For example, if one of the table
      involved is dropped and recreated, or simply TRUNCATEd, when executing
      LOCK TABLES again, the lock lists would be queried again in
      store_lock(), which could cause access to freed space associated with
      the dropped table.
      52a5b16b
    • Yuchen Pei's avatar
      MDEV-26247 Re-implement spider gbh query rewrite of tables · 17839657
      Yuchen Pei authored
      Spider GBH's query rewrite of table joins is overly complex and
      error-prone. We replace it with something closer to what
      dbug_print() (more specifically, print_join()) does, but catered to
      spider.
      
      More specifically, we replace the body of
      spider_db_mbase_util::append_from_and_tables() with a call to
      spider_db_mbase_util::append_join(), and remove downstream append_X
      functions.
      
      We make it handle const tables by rewriting them as (select 1). This
      fixes the main issue in MDEV-26247.
      
      We also ban semijoin from spider gbh, which fixes MDEV-31645 and
      MDEV-30392, as semi-join is an "internal" join, and "semi join" does
      not parse, and it is different from "join" in that it deduplicates the
      right hand side
      
      Not all queries passed to a group by handler are valid (MDEV-32273),
      for example, a join on expr may refer outer fields not in the current
      context. We detect this during the handler creation when walking the
      join. See also gbh_outer_fields_in_join.test.
      
      It also skips eliminated tables, which fixes MDEV-26193.
      17839657
  9. 16 Nov, 2023 3 commits
    • Yuchen Pei's avatar
      0bacef76
    • Yuchen Pei's avatar
      MDEV-26247 Clean up spider_fields · 2d1e09a7
      Yuchen Pei authored
      Spider gbh query rewrite should get table for fields in a simple way.
      Add a method spider_fields::find_table that searches its table holders
      to find table for a given field. This way we will be able to get rid
      of the first pass during the gbh creation where field_chains and
      field_holders are created.
      
      We also check that the field belongs to a spider table while walking
      through the query, so we could remove
      all_query_fields_are_query_table_members(). However, this requires an
      earlier creation of the table_holder so that tables are added before
      checking. We do that, and in doing so, also decouple table_holder and
      spider_fields
      
      Remove unused methods and fields. Add comments.
      2d1e09a7
    • Yuchen Pei's avatar
      MDEV-26247 Remove some unused spider methods · 8c1dcb25
      Yuchen Pei authored
      Two methods from spider_fields. There are probably more of these
      conn_holder related methods that can be removed
      
      reappend_tables_part()
      reappend_tables()
      8c1dcb25