Home - Waterfall Grid T-Grid Console Builders Recent Builds Buildslaves Changesources - JSON API - About

Console View


Categories: connectors experimental galera main
Legend:   Passed Failed Warnings Failed Again Running Exception Offline No data

connectors experimental galera main
Vladislav Vaintroub
MDEV-40028 Assertion `rights.allow_bits() == merged->cols' failed

Fixed mismatched memroot in new operator, in apply_deny_column.

MDEV-40014 Crash in SHOW GRANTS FOR user after REVOKE

Fixed premature my_hash_reset in update_role_columns, should not be
done if only DENYs are present

Also fixed unintended GRANT on column privileges when DENY should be
applied.
bsrikanth-mariadb
MDEV-40220: Add server version to optimizer context

Additionaly, include Version_source_revision as well.
These are read only informative sya variables. So, they are included as
comments instead of SET commands.
bsrikanth-mariadb
MDEV-39916: Crash with having filter when being pushed down

When Item_func_not::fix_fields() is invoked, there are several instances where
ref argument being passed is NULL. One such instance is from the method
st_select_lex::pushdown_from_having_into_where().

Since a null ref is being accessed, a crash occurs.

This PR fixes the problem by not passing null to
Item_func_not::fix_fields() when caling it from
st_select_lex::pushdown_from_having_into_where()
Alexander Barkov
MDEV-39518 Allow prepared statements in stored functions in assignment right hand

Allowing prepared statements in stored functions when
a stored function is used in an assignment right hand.

Both DEFALT clause of a variable initialization and
the right side of the SET statement are supported:

  CREATE PROCEDURE p1()
  BEGIN
    -- case 1: DEFAULT clause
    DECLARE spvar1 INT DEFAULT f1_with_ps(); -- OK

    -- case 2: SP variable assignment statement
    DECLARE spvar2 INT;
    SET spvar= f1_with_ps(); -- OK
  END;

- The parser now does not reject PS statements in stored functions.
  PS applicability in stored functions is now detected as run time.
  Note, PS statements in triggers are still prohibited by the parser.

- Functions with PS do not acquire MDL locks on tables.
  They work like procedures in terms of table opening.

- Functions with PS are not replicated as a single `SELECT f1()` call.
  They are replicated per-statement, like procedures.
bsrikanth-mariadb
MDEV-16462: explain format=json produces illegal json text

The attached_condition field of the produced json text had
"String with illegal unicode symbol" instead of the proper unicode
value.

The reason is that, the item field when being written to the json
writer in write_item(), used a String with charset my_charset_bin,
and that prevented the string from being escaped.

Solution is to change the charset to system_charset_info, and also use
writer->add_str(str), instead of writer->add_str(str.c_ptr_safe());
Sergei Golubchik
MDEV-23486 RBR can bypass secure_timestamp=YES

fix TIMESTAMP DEFAULT NOW() and ON UPDATE NOW()

Caveat: rbr cannot work without an index - if the slave overwrites
timestamp columns, before-image won't match in full, this is expected.
Alexander Barkov
MDEV-39518 Allow prepared statements in stored functions in assignment right hand

Allowing prepared statements in stored functions when
a stored function is used in an assignment right hand.

Both DEFALT clause of a variable initialization and
the right side of the SET statement are supported:

  CREATE PROCEDURE p1()
  BEGIN
    -- case 1: DEFAULT clause
    DECLARE spvar1 INT DEFAULT f1_with_ps(); -- OK

    -- case 2: SP variable assignment statement
    DECLARE spvar2 INT;
    SET spvar= f1_with_ps(); -- OK
  END;

- The parser now does not reject PS statements in stored functions.
  PS applicability in stored functions is now detected as run time.
  Note, PS statements in triggers are still prohibited by the parser.

- Functions with PS do not acquire MDL locks on tables.
  They work like procedures in terms of table opening.

- Functions with PS are not replicated as a single `SELECT f1()` call.
  They are replicated per-statement, like procedures.
Brandon Nesterenko
MDEV-39710: Update git modules WSREP Links to mariadb-corporation

The .gitmodules file still uses the old Codership Github repo link. This
redirects to the mariadb-corporation repo, so it isn't a functional
problem, but it should still be updated to the correct repo.

Reviewed-by: Teemu Ollaka <[email protected]>
Sergei Golubchik
MDEV-40308 single quotes make SHOW CREATE USER invalid

use append_for_single_quote() for '-quoted strings in SHOW CREATE USER
and SHOW GRANTS. Use append_identifier() for user- and hostnames.
Alexander Barkov
MDEV-39518 Allow prepared statements in stored functions in assignment right hand

Allowing prepared statements in stored functions when
a stored function is used in an assignment right hand.

Both DEFALT clause of a variable initialization and
the right side of the SET statement are supported:

  CREATE PROCEDURE p1()
  BEGIN
    -- case 1: DEFAULT clause
    DECLARE spvar1 INT DEFAULT f1_with_ps(); -- OK

    -- case 2: SP variable assignment statement
    DECLARE spvar2 INT;
    SET spvar= f1_with_ps(); -- OK
  END;

- The parser now does not reject PS statements in stored functions.
  PS applicability in stored functions is now detected as run time.
  Note, PS statements in triggers are still prohibited by the parser.

- Functions with PS do not acquire MDL locks on tables.
  They work like procedures in terms of table opening.

- Functions with PS are not replicated as a single `SELECT f1()` call.
  They are replicated per-statement, like procedures.
Vladislav Vaintroub
MDEV-14443 DENY statement

Implements DENY/REVOKE DENY and associated tasks.
Vladislav Vaintroub
MDEV-40131 DENY granted on roles exclusively is missing after FLUSH PRIVILEGES.

Fixed: user_table_has_denies was not set for role entries, but for normal
users only.
Sergei Golubchik
MDEV-24598 Duplicate CHECK constraint names are allowed

Column-level CHECK constraints derive their effective name from the column's
field name when read from frm (name_length=0 fallback in
init_from_binary_frm_image). An explicit table-level constraint with the same
name as a column that carries a column-level check creates a duplicate in
information_schema.check_constraints.

Two cases:
1. CREATE TABLE t (a INT CHECK (a>2), CONSTRAINT a CHECK (a<5)) -- both
  end up named "a".
2. JSON columns auto-receive a JSON_VALID column check named after the field.
  CREATE TABLE t (json_c1 JSON, CONSTRAINT json_c1 CHECK (...)) produces
  a duplicate "json_c1".

Fix in mysql_prepare_create_table_finalize: when validating explicit
table-level constraint names, also check them against field names of columns
that carry column-level check constraints (ER_DUP_CONSTRAINT_NAME).

Fix in make_unique_constraint_name / fix_constraints_names: pass the column
list so that auto-generated names (CONSTRAINT_1, CONSTRAINT_2, ...) skip
names already taken by column-level checks.

Update check_constraint.test: the MDEV-16630 test relied on the now-rejected
duplicate (column check "b" + table constraint "b"). Rename the table-level
constraint to "b_and_a" to preserve the intent: verifying that field
constraints and table constraints produce distinct error-message formats.

Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
forkfun
MDEV-24557 mariadb-dump: translate MySQL 8.x user/grant syntax for MariaDB import

mariadb-dump --system=users (and --system=all) can now capture a
MySQL 8.0+ source and emit the users, roles and grants as statements
that load on MariaDB. The dump targets MariaDB only (migration is
one-way), so each statement is emitted once, in MariaDB form.

- privileges: mapped to a MariaDB equivalent where one exists
(e.g. BINLOG_ADMIN -> BINLOG REPLAY, BINLOG ADMIN), otherwise dropped
with a # WARNING;
- CREATE USER clauses, that MariaDB has no equivalent for (PASSWORD HISTORY,
PASSWORD REUSE INTERVAL, DEFAULT ROLE, ...): dropped;
- auth plugins, that MariaDB does not ship (e.g. sha256_password): the
IDENTIFIED clause is dropped and the account is forced ACCOUNT LOCK;
- roles and the role-admin hierarchy, default roles, and partial
REVOKE (no MariaDB equivalent -> # WARNING).
- identifiers containing "*/" would close the /*M!nnnnn ... */ version
comment they are wrapped in and let the trailing bytes run as SQL on
import (a comment-delimiter injection from a crafted source, since
QUOTE()/backticks cannot escape "*/" and it cannot be escaped inside a
comment); such statements are refused with a # WARNING;
- MySQL's multiple default roles are reduced to MariaDB's single default
role: the first (by a deterministic ORDER BY) is kept, the rest get a
WARNING instead of being silently overwritten.
Alexey (Holyfoot) Botchkov
MDEV-40008 sql_error.cc:357: void Diagnostics_area::set_ok_status after CHECK (XMLISVALID..

Two things fixed. Firstly the error returns proper ::fix_length_and_dec
result.
Then the XML Schema allows elements with no type specified. The element
should has no value at all or only whitespaces as a value.
Georgi (Joro) Kodinov
MDEV-39718: Produce Markdown plugin API documentation

Generated the plugin API headers using a shell script.
Fixed some doxygen comment mistakes in the headers.
Added a cmake conveninence target to generate the docs into $BUILD_DIR/docs
Added a main page for the API docs.
Included all of the existing group .md files into the CMake target
Leveraged moxygen 2.1.11's fixes to produce the full API docs in a single go
Sergei Golubchik
MDEV-37951 SHOW TABLES allows users with only GRANT OPTION privilege to read all table names in the database "mysql"

GRANT_ACL bleeds into thd->col_access via check_access()'s
"*save_priv |= db_access" path (db_access inherits master_access).
Two guards that relied on the absence of any privilege bit then
failed to treat GRANT_ACL as exceptional:

1. check_show_access() (sql_parse.cc): the fallback
  "!col_access && check_grant_db()" was bypassed when col_access
  held only GRANT_ACL, letting a global-GRANT-OPTION user pass the
  outer gate for SHOW TABLES / SHOW TABLE STATUS / SHOW TRIGGERS.
  Fix: use !(col_access & ~GRANT_ACL) so any real privilege still
  bypasses check_grant_db while GRANT_ACL alone does not.

2. get_all_tables() (sql_show.cc): the per-table shortcut
  "!(col_access & TABLE_ACLS)" was taken for col_access == GRANT_ACL
  because GRANT_ACL is part of TABLE_ACLS, skipping per-table checks
  and exposing all table names.
  Fix: use TABLE_ACLS & ~GRANT_ACL so that only genuine table-access
  bits suppress the per-table privilege check.

Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
Mohammad Tafzeel Shams
MDEV-39795: Assertion `n_reserved > 0' failed

Problem:
========

1. Assertion `n_reserved > 0` failed in fseg_create():

fsp_reserve_free_extents() has a special condition for small
tablespaces where it reserves individual pages instead of full
extents. In such cases, n_reserved can be 0 even when the
reservation succeeds, causing the assertion ut_ad(n_reserved > 0)
to fail incorrectly.

The code was checking n_reserved to determine whether a reservation
had already been attempted, but this logic breaks for small
tablespaces where pages, rather than extents, are reserved.

2. Encryption metadata not cleared for compressed-only pages:

buf_page_encrypt() only cleared encryption-related metadata
fields (key-version and crypt-checksum) when the page was
neither encrypted nor compressed. However, these fields should
also be cleared when page_compressed is true but encrypted is
false, to avoid leaving stale encryption metadata in
compressed-only pages.

Solution:
=========

buf_page_encrypt(): Refactored the early-return logic. Encryption
metadata fields are now cleared whenever encrypted is false,
regardless of page_compressed. The function returns early only
when both !encrypted and !page_compressed.

fseg_create(): Reintroduced a boolean variable `reserved` to track
whether fsp_reserve_free_extents() has been attempted (removed as
part of MDEV-38419 | c7313da), replacing assertion `n_reserved > 0`.
Added an early return when DB_DECRYPTION_FAILED is encountered
during inode allocation.

my_error_innodb(): Added handling for DB_DECRYPTION_FAILED to
report decryption errors to the user through ER_GET_ERRMSG.
Dave Gosselin
MDEV-39323: CROSS JOIN query returns wrong result with NOT BETWEEN

For 1 NOT BETWEEN float_key AND int_key, the range optimizer was
building a SEL_TREE for only float_key > 1 and dropping the
int_key < 1 disjunct.  can_optimize_range_const rejected int_key
because of a type mismatch.

The case from the ticket returned no rows (instead of the expected six
rows) because the index range scan on float_key fetched only matches for
float_key > 1 but then they were discarded by the t1.c1 = t1.int_key
predicate.

Plan before the fix (range scan on float_key, key_len 5):
  +----+-------+-------+-------------+---------+------+
  | id | table | type  | key        | key_len | rows |
  +----+-------+-------+-------------+---------+------+
  |  1 | t1    | range | float_key  |      5 |    1 |
  |  1 | t2    | index | float_key  |      6 |    3 |
  +----+-------+-------+-------------+---------+------+

Plan after the fix (Item_func_between::get_mm_tree returns no
usable range tree, so the optimizer falls back to using the
covering index scan on i0):
  +----+-------+-------+-------------+---------+------+
  | id | table | type  | key        | key_len | rows |
  +----+-------+-------+-------------+---------+------+
  |  1 | t2    | index | float_key  |      6 |    6 |
  |  1 | t1    | index | i0          |      14 |    8 |
  +----+-------+-------+-------------+---------+------+

In Item_func_between::get_mm_tree, when can_optimize_range_const fails
for a range bound argument and the predicate is negated, we now
abandon the whole tree instead of continuing the loop.  The new code
mirrors the existing guard in the same function for non FIELD_ITEM
arguments.

The bug was introduced by MDEV-36235 which added
can_optimize_range_const without considering the negated path.
While we could fine tune the rejection behavior in
can_optimize_range_const, I think that should be a separate patch as
it requires careful consideration for each pair of types that could
be supplied to [NOT] BETWEEN and that's outside the scope of this
ticket (which is intended to fix the wrong result issue).

This behavior matches MySQL 9.
Rex Johnston
MDEV-26940 Item_cond::remove_eq_conds leaves corrupt Item_equal

pushdown_cond_for_derived/merge_into_list/remove_eq_conds leaves
an Item_equal in an invalid state.  This Item_equal is later used
by find_producing_item causing an assert in debug builds and perhaps
incorrect results in a release build.

Affected queries will likely have an outer condition pushed down into
2 different derived tables based on the same base table.
Sergei Golubchik
MDEV-23486 RBR can bypass secure_timestamp=YES

Add tests for system versioning.
INSERT is fixed, but UPDATE is still broken.
Rucha Deodhar
MDEV-40125: OLD_VALUE crashes on a view with an expression

Analysis:

When OLD_VALUE() is used on a view, field resolution creates an
Item_direct_view_ref instead of an Item_field. Item_old_field::fix_fields()
continued assuming that a Field object was available, but view references
do not have a field pointer, which resulted in a crash.

Fix:
Store the real referenced item in Item_old_field::expr and use it when
the OLD_VALUE() reference does not have a Field object. This allows
OLD_VALUE() to work with view fields and avoids dereferencing a NULL
field pointer. Fix relevant methods accordingly.
Sergei Golubchik
MDEV-30555 The server does not detect changes in NULL-ability of system table columns

Table_check_intact::check() validated column names, types, and charsets but
not NULL-ability. Altering a system table column (e.g. mysql.proc.definer)
to drop NOT NULL would pass the check undetected, silently corrupting data
stored through that column.

Add a CAN_BE_NULL flag bit in the high bit of TABLE_FIELD_TYPE::type.length.
Set it on nullable column entries; the check now validates nullability in both
directions. NOT NULL columns need no annotation (the common case). The flag
is encoded as `{ STRING_WITH_LEN("type") + CAN_BE_NULL }` which keeps the
intent readable at the definition site.

Apply CAN_BE_NULL annotations to all TABLE_FIELD_TYPE arrays:
mysql.proc, mysql.event, mysql.table_stats, mysql.column_stats,
mysql.index_stats.

Co-Authored-By: Claude Sonnet 4.6 <[email protected]>
Alexey (Holyfoot) Botchkov
MDEV-40019 Xmlisvalid shows wrong result if calling it multiple times from query with UNION ALL.

Call the validation_prepare() for the tail of the list.
Vladislav Vaintroub
MDEV-40002 REVOKE DENY on table debug asserts with existing GRANT, without existing DENY

Fix handling of update_denies_in_user_table() inside replace_table_table()

replace_table_table is "special", and should return  -1 if  grant was
revoked, 1 if error, 0 if success. Whenever it is used, caller explicitly
checks for return code greater 0

It did however return -1 on all errors with denies. The debug assertion
that catches cases where my_error() is followed by my_ok() fired then.

This is now fixed. Added test cases for "REVOKE DENY on non-existing DENY
and existing GRANT" scenarios.
Daniel Black
MDEV-37869 binlog.binlog_unsafe fails on Windows

And macos.

The order of the Table_map events don't actually matter in this test.
The important aspect is the Annotate_rows and Write_rows_v1 events.

Lets exclude the Table_map events in the show_binlog_events.inc
aspect of this test.

The show_events.inc has been extended to support this
$skip_tablemap_events=1 variable. $skip_checkpoint_event only has
two usages so we haven't tried to support both together until
needed.
Pekka Lampio
MDEV-40279  Further improvements

Removed unnecessary --enable/disable_query_log statements.
Jaeheon Shim
MDEV-39932 Accept aggregated outer columns in subquery

Under ONLY_FULL_GROUP_BY, a query that aggregates an outer column inside
a subquery is wrongly rejected. This is fixed in
Item_field::fix_outer_field by not appending the field to
select->join->non_agg_fields when thd->lex->in_sum_func is not null.

Furthermore, in Item_sum::check_sum_func, for all outer fields that are
not aggregated at their SELECT_LEX's nest level, we append these fields
to sel->join->non_agg_fields in order to ensure that
ER_WRONG_FIELD_WITH_GROUP is still raised for invalid aggregation.
Rucha Deodhar
MDEV-40125: OLD_VALUE crashes on a view with an expression

Analysis:

When OLD_VALUE() is used on a view, field resolution creates an
Item_direct_view_ref instead of an Item_field. Item_old_field::fix_fields()
continued assuming that a Field object was available, but view references
do not have a field pointer, which resulted in a crash.

Fix:
Store the real referenced item in Item_old_field::expr and use it when
the OLD_VALUE() reference does not have a Field object. This allows
OLD_VALUE() to work with view fields and avoids dereferencing a NULL
field pointer. Fix relevant methods accordingly.
bsrikanth-mariadb
MDEV-16462: explain format=json produces illegal json text

The attached_condition field of the produced json text had
"String with illegal unicode symbol" instead of the proper unicode
value.

The reason is that, the item field when being written to the json
writer in write_item(), used a String with charset my_charset_bin,
and that prevented the string from being escaped.

Solution is to change the charset to utf8mb4, and also use
writer->add_str(str), instead of writer->add_str(str.c_ptr_safe());
Vladislav Vaintroub
MDEV-40115 DENY EXECUTE hides unrelated routines in SHOW commands or I_S

Fix check_routine_level_acl() to pass parent access, for accurate
calculation.

Previously, if (db_level_access & privs) returned 0, it was treated as
no-access on DB level in check_some_routine_access().

This is not the complete truth, with DENY, it may mean there is access,
but some routines have DENY. So pass the db level grants/denies to the
function for more accurate checking.
Vladislav Vaintroub
MDEV-40300 Assertion `rights.allow_bits() == merged->cols' failed in update_role_columns on DROP ROLE

For roles, privs/rights include privileges merged from granted roles.
Do not copy them into init_privs/init_rights, which must only contain
the role's own grants; apply the change to both values instead.
Yuchen Pei
MDEV-15621 [to-squash] Follow some gemini review comments

Also removed table_rows in a SELECT, to avoid an unrelated flaky failure
Alexey (Holyfoot) Botchkov
MDEV-40054 Assertion `0' failed in XMLSchema_item::validate_tag with element name "xml".

That check for the 'xml' tag makes no sence after we have the processing
instruction handler.
Brandon Nesterenko
MDEV-39710: Update git modules WSREP Links to mariadb-corporation

The .gitmodules file still uses the old Codership Github repo link. This
redirects to the mariadb-corporation repo, so it isn't a functional
problem, but it should still be updated to the correct repo.

Reviewed-by: Teemu Ollaka <[email protected]>
Vladislav Vaintroub
MDEV-40026 acl_insert_db crashes on overlong dbname in "denies" array.

Fix to return error when json_unescape() fails.
Also return error, if length from json_unescape happens to be larger
that size of buffer - 1, to make sure that null-termination of string
does not override memory.

Some cleanup - only complain once about invalid "denies" entry during
FLUSH privileges. Avoid full parsing during when processing
mysql.global_priv in grant_reload() in the first pass.
Vladislav Vaintroub
MDEV-40116 Column-level DENY SELECT hides accessible columns

Allow SHOW if grants on table level indicate "maybe allowed", i.e
there are some grants that are not all denied on this level.

Column level denies are applied in SHOW COLUMS.
They are not applied in SHOW CREATE TABLE, which will succeed if
there are appropriate table level privs, without checking columns.
Vladislav Vaintroub
MDEV-39951 DENY feature does not work for EVENT privilege

Fix calculation of need_table_or_column_check in check_access(),
so it does not consider already denied bits on DB level.

Add a test case for events (provided by Ramesh Sivaraman)
Dave Gosselin
MDEV-39323:  Use Type_handler::is_numeric() for existing numeric checks

The Type_handler::is_numeric() accessor added earlier in this branch
gives one definition of the numeric comparison family (INT, REAL,
DECIMAL).  A few other places still tested Item_result values against
those three results by hand.

Switch the checks in json_table, set_var, and window frame setup to
is_numeric().  Each already reached its type handler through
result_type(), which agrees with is_numeric() for every type, so the
behavior does not change.
Alexey (Holyfoot) Botchkov
MDEV-40008 sql_error.cc:357: void Diagnostics_area::set_ok_status after CHECK (XMLISVALID..

Two things fixed. Firstly the error returns proper ::fix_length_and_dec
result.
Then the XML Schema allows elements with no type specified. The element
should has no value at all or only whitespaces as a value.