1. 14 Sep, 2022 7 commits
    • Sergei Golubchik's avatar
      MDEV-22647 Assertion `!check_audit_mask(mysql_global_audit_mask, event_class_mask)' · beffef9f
      Sergei Golubchik authored
      
      check_audit_mask(mysql_global_audit_mask, event_class_mask) is tested in
      mysql_audit_general_log() and then assert in mysql_audit_acquire_plugins()
      verifies that the condition still holds.
      But this code path is not protected by LOCK_audit_mask, so
      mysql_global_audit_mask can change its value between the if() and the
      assert. That is, the assert is invalid and will fire if the
      audit plugin is unloaded concurrently with mysql_audit_general_log().
      
      Nothing bad will happen in this case though, we'll just do a useless
      loop over all remaining installed audit plugins.
      
      That is, the fix is simply to remove the assert.
      beffef9f
    • Anel Husakovic's avatar
      Add missing comment and remove unnecessary initialization · b7928f75
      Anel Husakovic authored
      - Commit c8948b0d introduced `get_one_variable()` - updating missing argument.
      - Remove caller setting of empty string in `rpl_filter`, since underlying functions will do the same
        (commit 9584cbe7 introduced).
      
      Reviewed by: <brandon.nesterenko@mariadb.com>
      b7928f75
    • Vicențiu Ciorbaru's avatar
      MDEV-29509 execute granted indirectly (via roles) doesn't always work · 16b2bb90
      Vicențiu Ciorbaru authored
      The issue manifests due to a bug in mysql_routine_grant. This was a side
      effect of e46eea86 which fixed the problem of not giving appropriate error
      message (ER_NONEXISTING_PROC_GRANT) when a routine grant existed due to role
      inheritance.
      
      When granting a routine privilege, it is possible to have a GRANT_NAME
      entry already created from an inherited role, but with it's init_privs
      set to 0.
      
      In this case we must not create a *new* grant entry, but we must edit
      this grant entry to set its init_privs.
      
      Note that this case was already covered by MDEV-29458, however due to a
      forgotten "flush privileges;" the actual code path never got hit.
      Remove the flush privilege command as it was never intended to be there
      in the first place.
      16b2bb90
    • Vicențiu Ciorbaru's avatar
      5ad8cd93
    • Vicențiu Ciorbaru's avatar
      MDEV-29458: Role grant commands do not propagate all grants · 7735ba76
      Vicențiu Ciorbaru authored
      There was an issue in updating in-memory role datastructures when
      propagating role grants.
      
      The issue is that changing a particular role's privilege (on any
      privilege level, global, database, etc.)
      was done such that it overwrote the entire set of bits for that
      particular level of privileges.
      
      For example:
      grant select on *.* to r1 -> sets the access bits to r1 to select,
      regardless of what bits were present for role r1 (inherited from any
      other roles).
      
      Before this fix, the rights of role r1 were propagated to any roles r1
      was granted to, however the propagated rights did *not* include the
      complete rights r1 inherited from its own grants.
      
      For example:
        grant r2 to r1;
        grant select on *.* to r2;
        grant insert on *.* to r1; # This command completely disregards the
                                   # select privilege from r2.
      
      In order to correct this, ensure that before rights are propagated
      onwards, that the current's role rights have been updated from its
      grants.
      
      Additionally, the patch exposed a flaw in the DROP ROLE code.
      When deleting a role we removed all its previous grants, but what
      remained was the actual links of roles granted to the dropped role.
      Having these links present when propagating grants meant that we would
      have leftover ACL_xxx entries.
      
      Ensure that the links are removed before propagating grants.
      7735ba76
    • Vicențiu Ciorbaru's avatar
      MDEV-29465: Inherited columns privs for roles wrongly set mysql.tables_priv column · 145932a5
      Vicențiu Ciorbaru authored
      There was a bug in the ACL internal data structures GRANT_TABLE and
      GRANT_COLUMN. The semantics are: GRANT_TABLE::init_cols and
      GRANT_COLUMN::init_privs represent the bits that correspond to the
      privilege bits stored in the physical tables. The other struct members
      GRANT_TABLE::cols and GRANT_COLUMN::privs represent the actual access
      bits, as they may be modified through role grants.
      
      The error in logic was mixing the two fields and thus we ended up
      storing the logical access bits in the physical tables, instead of the
      physical (init_xxx) bits.
      
      This caused subsequent DBUG_ASSERT failures when dropping the involved
      roles.
      145932a5
    • Thirunarayanan Balathandayuthapani's avatar
      MDEV-29479 I_S.INNODB_SYS_TABLESPACES doesn't have temporary tablespace information · d7aefc0f
      Thirunarayanan Balathandayuthapani authored
      - innodb_sys_tablespaces view in information schema displays temporary
      tablespace information too.
      d7aefc0f
  2. 13 Sep, 2022 5 commits
  3. 12 Sep, 2022 2 commits
  4. 08 Sep, 2022 1 commit
  5. 07 Sep, 2022 1 commit
    • Tuukka Pasanen's avatar
      MDEV-28605: Change wrong plugin config installation location (#2160) · 04899d6d
      Tuukka Pasanen authored
      Preset include directory for configuration files below MariaDB 10.5 is
      /etc/mysql/conf.d
      
      Change installation location wrong plugin installation location from
      /etc/mysql/mariadb.d to default include directory /etc/mysql/conf.d.
      Change makes gssapi-server, oqgraph, rocksdb and tokudb plugins
      loading work after installation
      
      NOTE TO MERGERS: This commit should be upstream to MariaDB 10.4 only!
      Merging to MariaDB 10.5 and above leads to major problems.
      04899d6d
  6. 06 Sep, 2022 1 commit
  7. 03 Sep, 2022 2 commits
    • Andrei's avatar
      MDEV-28827 Minor unsafe statement warning message improvement · f501f815
      Andrei authored
      The replication unsafe warning's pattern gets corrected in the
      punctuation part.
      f501f815
    • Brandon Nesterenko's avatar
      MDEV-28530: Revoking privileges from a non-existing user on a master breaks... · 47812017
      Brandon Nesterenko authored
      MDEV-28530: Revoking privileges from a non-existing user on a master breaks replication on the slave in the presence of replication filters
      
      Problem:
      ========
      Replication can break while applying a query log event if its
      respective command errors on the primary, but is ignored by the
      replication filter within Grant_tables on the replica. The bug
      reported by MDEV-28530 shows this with REVOKE ALL PRIVILEGES using a
      non-existent user. The primary will binlog the REVOKE command with
      an error code, and the replica will think the command executed with
      success because the replication filter will ignore the command while
      accessing the Grant_tables classes. When the replica performs an
      error check, it sees the difference between the error codes, and
      replication breaks.
      
      Solution:
      ========
      If the replication filter check done by Grant_tables logic ignores
      the tables, reset thd->slave_expected_error to 0 so that
      Query_log_event::do_apply_event() can be made aware that the
      underlying query was ignored when it compares errors.
      
      Note that this bug also effects DROP USER if not all users exist
      in the provided list, and the patch fixes and tests this case.
      
      Reviewed By:
      ============
      andrei.elkin@mariadb.com
      47812017
  8. 01 Sep, 2022 1 commit
    • Nayuta Yanagisawa's avatar
      MDEV-27172 Prefix indices on Spider tables may lead to wrong query results · e4cffc92
      Nayuta Yanagisawa authored
      Spider converts HA_READ_KEY_EXACT to the equality (=) in the
      function spider_db_append_key_where_internal() but the conversion
      is not necessarily correct for tables with prefix indices.
      
      We fix the bug by converting HA_READ_KEY_EXACT to 'LIKE "foo%"' when
      a target key is a prefix key. The fix is partly inspired by FEDERATED.
      See ha_federated::create_where_from_key() for more details.
      e4cffc92
  9. 31 Aug, 2022 3 commits
    • Marko Mäkelä's avatar
      4f2dc716
    • Daniel Black's avatar
      c487eeed
    • Daniel Black's avatar
      MDEV-28592 disks plugin - getmntinfo (BSD) & getmntent (AIX) · 129616c7
      Daniel Black authored
      Thanks to references from Brad Smith, BSDs use getmntinfo as
      a system call for mounted filesystems.
      
      Most BSDs return statfs structures, (and we use OSX's statfs64),
      but NetBSD uses a statvfs structure.
      
      Simplify Linux getmntent_r to just use getmntent.
      
      AIX uses getmntent.
      
      An attempt at writing Solaris compatibility with
      a small bit of HPUX compatibility was made based on man page
      entries only. Fixes welcome.
      
      statvfs structures now use f_bsize for consistency with statfs
      
      Test case adjusted as PATH_MAX is OS defined (e.g. 1023 on AIX)
      
      Fixes: 0ee5cf83
      
      also fixes:
      
      MDEV-27818: Disk plugin does not show zpool mounted devices
      
      This is because zpool mounted point don't begin with /.
      
      Due to the proliferation of multiple filesystem types since this
      was written, we restrict the entries listed in the disks plugin
      to excude:
      * read only mount points (no point monitoring, and
        includes squash, snaps, sysfs, procfs, cgroups...)
      * mount points that aren't directories (excludes /etc/hostname and
        similar mounts in containers). (getmntent (Linux/AIX) only)
      * exclude systems where there is no capacity listed (excludes various
        virtual filesystem types).
      
      Reviewer: Sergei Golubchik
      129616c7
  10. 30 Aug, 2022 3 commits
    • Marko Mäkelä's avatar
      MDEV-13888: innodb_fts.innodb_fts_plugin failed · 57739ae9
      Marko Mäkelä authored
      Add ORDER BY to make the test deterministic.
      
      Add FLUSH TABLES to avoid crash recovery warnings about the table
      mysql.plugin. This tends to occur on Valgrind, where the server
      shutdown could presumably time out, resulting in a forced kill.
      57739ae9
    • Marko Mäkelä's avatar
      MDEV-29409 Buffer overflow in my_wc_mb_filename() on RENAME TABLE · 422f3204
      Marko Mäkelä authored
      dict_table_rename_in_cache(), dict_table_get_highest_foreign_id():
      Reserve sufficient space for the fkid[] buffer, and ensure that the
      fkid[] will be NUL-terminated.
      
      The fkid[] must accommodate both the database name (which is already
      encoded in my_charset_filename) and the constraint name
      (which must be converted to my_charset_filename) so that we can check
      if it is in the format databasename/tablename_ibfk_1 (all encoded in
      my_charset_filename).
      422f3204
    • Marko Mäkelä's avatar
      MDEV-29258 Failing assertion for name length on RENAME TABLE · b2609038
      Marko Mäkelä authored
      trx_undo_page_report_rename(): Use the correct maximum length of
      a table name. Both the database name and the table name can be up to
      NAME_CHAR_LEN (64 characters) times 5 bytes per character in the
      my_charset_filename encoding. They are not encoded in UTF-8!
      
      fil_op_write_log(): Reserve the correct amount of log buffer for
      a rename operation. The file name will be appended by
      mlog_catenate_string().
      
      rename_file_ext(): Reserve a large enough buffer for the file names.
      b2609038
  11. 28 Aug, 2022 1 commit
  12. 25 Aug, 2022 3 commits
    • Igor Babaev's avatar
      MDEV-29350 Crash when IN predicand is used in eliminated GROUP BY clause · 94e3f02d
      Igor Babaev authored
      This bug affected some queries with an IN/ALL/ANY predicand or an EXISTS
      predicate whose subquery contained a GROUP BY clause that could be
      eliminated. If this clause used a IN/ALL/ANY predicand whose left operand
      was a single-value subquery then execution of the query caused a crash of
      the server after invokation of remove_redundant_subquery_clauses().
      The crash was caused by an attempt to exclude the unit for the single-value
      subquery from the query tree for the second time by the function
      Item_subselect::eliminate_subselect_processor().
      
      This bug had been masked by the bug MDEV-28617 until a fix for the latter
      that properly excluded units was pushed into 10.3.
      
      Approved by Oleksandr Byelkin <sanja@mariadb.com>
      94e3f02d
    • Marko Mäkelä's avatar
      MDEV-29384 Hangs caused by innodb_adaptive_hash_index=ON · d1a80c42
      Marko Mäkelä authored
      buf_defer_drop_ahi(): Remove. Ever since
      commit c7f8cfc9 (MDEV-27700)
      it is safe to invoke btr_search_drop_page_hash_index(block, true)
      to remove an orphan adaptive hash index.
      
      Any attempt to upgrade page latches is prone to deadlocks. Recently,
      we observed a few hangs that involved nothing more than a small table
      consisting of one clustered index page, one secondary index page and
      some undo pages.
      d1a80c42
    • Sergei Golubchik's avatar
      update a global_suppressions() list · 2f6a7280
      Sergei Golubchik authored
      followup for "remove invalid options from warning messages"
      2f6a7280
  13. 24 Aug, 2022 4 commits
  14. 22 Aug, 2022 3 commits
    • Brandon Nesterenko's avatar
      MDEV-28294: set default role bypasses Replicate_Wild_Ignore_Table: mysql.% · 8963d64e
      Brandon Nesterenko authored
      Problem:
      ========
      When replicating SET DEFAULT ROLE, the pre-update check (i.e. that
      in set_var_default_role::check()) tries to validate the existence of
      the given rules/user even when the targeted tables are ignored. When
      previously issued CREATE USER/ROLE commands are ignored by the
      replica because of the replication filtering rules, this results in
      an error because the targeted data does not exist.
      
      Solution:
      ========
      Before checking that the given roles/user exist of a SET DEFAULT
      ROLE command, first ensure that the mysql.user and
      mysql.roles_mapping tables are not excluded by replication filters.
      
      Reviewed By:
      ============
      Andrei Elkin <andrei.elkin@mariadb.com>
      Sergei Golubchik <serg@mariadb.com>
      8963d64e
    • Thirunarayanan Balathandayuthapani's avatar
      MDEV-27700 ASAN: Heap_use_after_free in btr_search_drop_page_hash_index() · c7f8cfc9
      Thirunarayanan Balathandayuthapani authored
      Reason:
      =======
      Race condition between btr_search_drop_hash_index() and
      btr_search_lazy_free(). One thread does resizing of buffer pool
      and clears the ahi on all pages in the buffer pool, frees the
      index and table while removing the last reference. At the same time,
      other thread access index->heap in btr_search_drop_hash_index().
      
      Solution:
      =========
      Acquire the respective ahi latch before checking index->freed()
      
      btr_search_drop_page_hash_index(): Added new parameter to indicate
      that drop ahi entries only if the index is marked as freed
      
      btr_search_check_marked_free_index(): Acquire all ahi latches and
      return true if the index was freed
      c7f8cfc9
    • Marko Mäkelä's avatar
      MDEV-13013 fixup: Adjust a test · fd0cd480
      Marko Mäkelä authored
      fd0cd480
  15. 19 Aug, 2022 1 commit
    • Marko Mäkelä's avatar
      MDEV-29043 mariabackup --compress hangs · a1055ab3
      Marko Mäkelä authored
      Even though commit b817afaa passed
      the test mariabackup.compress_qpress, that test turned out to be
      too small to reveal one more problem that had previously been prevented
      by the existence of ctrl_mutex. I did not realize that there can be
      multiple concurrent callers to compress_write(). One of them is the
      log copying thread; further callers are data file copying threads
      (default: --parallel=1).
      
      By default, there is only one compression worker thread
      (--compress-threads=1).
      
      compress_write(): Fix a race condition between threads that would
      use the same worker thread object. Make thd->data_avail contain the
      thread identifier of the submitter, and add thd->avail_cond to
      notify other compress_write() threads that are waiting for a slot.
      a1055ab3
  16. 17 Aug, 2022 1 commit
  17. 16 Aug, 2022 1 commit