Home - Waterfall Grid T-Grid Console Builders Recent Builds Buildslaves Changesources - JSON API - About

Console View


Categories: connectors experimental galera main
Legend:   Passed Failed Warnings Failed Again Running Exception Offline No data

connectors experimental galera main
fcd3f81e08da...
fcd3f81e08daea471d371d3be051e6feabb06399
Vladislav Vaintroub
MDEV-37556 Memory leak in proxy protocol with name resolution enabled

When proxy protocol is used and --skip-name-resolve is not set,
thd_set_peer_addr() is called twice per connection: once for the real TCP peer (in check_connection),
and again for the proxied address (in handle_proxy_header).
Each call invokes ip_to_hostname(), which allocates a hostname string
(unless loopback connection is used) and stores it as
thd->main_security_ctx.host. That code missed to free previously
allocated hostname, which results into memory leak.

This is now fixed. Also added debug-only test to mysql_client_test, which
fakes DNS and IP resolution the same way some perfschema tests do, to
emulate remote TCP connection in MTR.
f80219f1ffad...
f80219f1ffade1ec861b25b5da7b837f94f09889
Sergei Golubchik
MDEV-39292 fix incorrect merge
f139e207175b...
f139e207175b5bbb9f8f0bc24227c61379746218
Jan Lindström
MDEV-40027 : Galera Cluster-peer > Donor command execution

An appropriately privileged user (with SUPER privileges) could
execute shell commands as the uid of the mariadbd process
because the values of the system variable wsrep_sst_auth,
which can be modified at runtime, were not properly
sanitized when used to construct a shell command.

Combined rsync and mariabackup test cases and added
test case for incorrect values for wsrep_sst_auth.
e8b54ecaddde...
e8b54ecadddecc80f19c3015fb40e7d9605b6cff
Vladislav Vaintroub
bla
df45a6e92570...
df45a6e92570c1df90f72d3ebdc63df4fa1ed849
Vladislav Vaintroub
meh
d404a47c25b8...
d404a47c25b8d5d3b37d9d62c14311934523fd17
Teemu Ollakka
Add missing notify_state_change() in Wsrep_client_service.

The change was forgotten from previous rebase/wsrep-lib update.
d1693276d534...
d1693276d5344ba794805e8b5902aaff61edb77f
Sergei Golubchik
MDEV-40059 too long character_set_collations crash
c8f382faa795...
c8f382faa795c6e64dd3514586b2b8e191b57db3
drrtuy
disable sfinae-incomplete warning for DuckDB code.
bbd558c38616...
bbd558c38616ce24bd2973486763c2a7c4db0969
forkfun
Merge branch '10.11' into '11.4'
b9809c07b412...
b9809c07b412456b194ab342e26d6432e85edf09
Kristian Nielsen
Document the correct use of replication terminology

Signed-off-by: Kristian Nielsen <[email protected]>
b3525354f3c1...
b3525354f3c1ae4a9f13acf55abe154d1320db49
Raghunandan Bhat
MDEV-38971: ASAN/UBSAN errors, assertion `is_valid_value_slow()` failure upon combination temporal functions and `ZERO_DATE_TIME_CAST`

Problem:
  `Item_func_last_day::get_date` forwarded the TIME_INTERVAL_DAY /
  TIME_INTERVAL_hhmmssff flag from an enclosing EXTRACT into the
  Datetime conversion of its argument, making LAST_DAY(200012010000)
  parse as a TIME interval instead of a DATETIME. Under
  ZERO_DATE_TIME_CAST that hour became an out-of-range month,
  overflowing days_in_month[] in `check_date` and invalidating the
  Datetime.

Fix:
  A DATE/DATETIME can never be an interval, so suppress the
  TIME_INTERVAL_hhmmssff / TIME_INTERVAL_DAY flags when `LAST_DAY`
  converts its argument.
aefe48e6ef95...
aefe48e6ef955947d139ff04488d6890034ed034
Marko Mäkelä
MDEV-39344: trx_disconnect_prepared() uses wrong mutex

trx_t::disconnect_prepared(): Replaces trx_disconnect_prepared().
Protect is_recovered, mysql_thd with mutex, to be consistent with
protecting fetch_data_into_cache_low().

This fixes up
commit c0817dac99c28698dfc2b548d89acf1fb41dc32e (MDEV-29575).

Suggested by: Sergey Vojtovich
9f4f8d6f1f55...
9f4f8d6f1f559a3a5fd864b4669da5555279a201
Vladislav Vaintroub
meh
8ccef67aef61...
8ccef67aef61a1200fcde2685018f795c64b63b6
Rex Johnston
MDEV-30073 Wrong result on 2nd execution of PS for query with NOT EXISTS

Summary: Items of type Item_direct_view_ref which are reverted with the
change_item_tree mechanism are involved in permanent optimizer
transformations.  This commit ensures that items involved in these
permanent transformations are created during the first execution
and re-used for subsequent executions.

Queries affected by this bug are numerous, but will always involve
1) 2nd execution of a prepared statement or procedure
2) a permanent transformation, such as a semi-join optimization

Detail:

Consider this run as a prepared statement
SELECT * FROM t1
  WHERE EXISTS
  (
    SELECT dt.a FROM
      (
        SELECT t2a as a, t2b as b FROM t2
      ) dt
      WHERE dt.b = t1a
  )

During name resolution of field dt.b (in the where clause) we end
up calling find_field_in_view()/.../create_view_field().
This is responsible for creating a wrapper around the found Item
(Item_field*)`test`.`t2`.`t2b`
While this Item_direct_view_ref representing 'dt.b' is allocated on
Statement (permanent) memory the change is registered to be reversed
at the end of statement execution.  This is odd and contrary to the
permanent nature of this transformation.

Item::exists2in_processor() is called during the preparation in the
first execution.
We transform the query from
select * from t1 where
exists
(
  select `test`.`t2`.`t2b` from
    (
      select `test`.`t2`.`t2a` AS `a`,`test`.`t2`.`t2b` AS `b` from `test`.`t2`
    ) `dt`
    where `test`.`t2`.`t2b` = `test`.`t1`.`t1a`
    limit 1
)

select * from t1 where
`test`.`t1`.`t1a` in
(
  select `test`.`t2`.`t2b` from
    (
      select `test`.`t2`.`t2a` AS `a`,`test`.`t2`.`t2b` AS `b` from `test`.`t2`
    ) `dt`
    where 1
)

later, the optimizer merges the derived table dt into it's parent

select * from t1 where
`test`.`t1`.`t1a` in
(
  select `test`.`t2`.`t2b` from t2 where 1
)

then this is transformed into a semi-join

select t1.* from t1 semi join t2 on t1a = t2b

At the end of the first execution, the item t2b above is reverted to
dt.b.  During the subsequent name resolution of dt.b, it is resolved
t2a, and the semi-join executed corresponds to

select t1.* from t1 semi join t2 on t1a = t2a

causing a different result set.

Initial Author: Igor Babaev
Reformatted and refactored by: Rex Johnston ([email protected])

Add assert to ensure Item_direct_view_refs are not allocated on
the 2nd execution.
8b27beead627...
8b27beead6277f1fc15a750f7c226be3761e14cc
Jan Lindström
MDEV-40056 : Analyze Galera Dynamic Variables Susceptible to RCEs

Fix potential issue with wsrep_node_address by allowing
only correctly constructed address.
8a7be7e9aac2...
8a7be7e9aac2ea79cd6ae63baab8ff547c1e3da9
Hemant Dangi
MDEV-38843: BF applier failed on a node causing complete Cluster lockup

Issue:
When a BF applier failed to apply a write set and the transaction
rollback returned non-zero, wsrep-lib's apply_write_set() short-circuited
log_dummy_write_set(). That call releases commit order through
commit_order_leave() -- which drives the inconsistency vote -- and
advances the storage engine checkpoint. Skipping it left the seqno stuck
in commit order, so following appliers blocked on commit_order_enter and
the node silently locked the cluster while staying in the primary
component.

Solution:
wsrep-lib now always calls log_dummy_write_set() on the apply-error path,
so the apply error reaches the provider and the node is voted out and
evicted instead of hanging. The rollback result is still folded into ret,
and Wsrep_high_priority_service::rollback() returns its real result again.
86c9bc3fd153...
86c9bc3fd153bbad865f7642e877c46df4d8828f
Thirunarayanan Balathandayuthapani
- Changing the order how --prepare resolves mariadbd
867d16cea744...
867d16cea74450d2cd331f9e8d6564bd70c6fe13
forkfun
Merge branch '11.4' into '11.8'
821fe49dbbb2...
821fe49dbbb29235f721ebdfbefad17002f0272c
Vladislav Vaintroub
MDEV-40001 my_sync() does not use NtFlushBuffersFileEx()

Copy the logic from Innodb. Use a fallback to FlushFileBuffers(), if
NtFlushBuffersFileEx() fails.

my_winfile.c is renamed to my_winfile.cc, since it is using a C++ feature,
initialization of global variable using non-constant expression.
Exported functions remain extern "C"
7fc6fce20dbb...
7fc6fce20dbb89b04af77bee540e4451a6a7c9c6
Sergei Golubchik
update CODING_STANDARDS.md for agent era

* moved human-oriented hopefully eventually consistent codiing style
  document to https://mariadb.org/about/coding-style/
* rewrote the document in an agent friendly way: main rule first,
  don't repeat rules that the agent would follow by default anyway,
  highlight differences with the defaults, don't overdo explaining.
* asked claude to look through sql/ and mysys/ extract common patterns and
  add them here as rules
7f4d14a771f9...
7f4d14a771f9b4d117338d5090c671a9f2a1892e
Vladislav Vaintroub
meh2
760b57814f01...
760b57814f010d66f53ee5e7f885035180ff609b
Daniel Bartholomew
bump the VERSION
70a88a6b6e11...
70a88a6b6e11d3cb840d5b27d05d967aff099ef0
Thirunarayanan Balathandayuthapani
MDEV-34998 Assertion `n_fields > n_cols || type & 32' failed in dict_index_t::init_change_cols on ALTER

Problem:
=======
During ALTER TABLE with column type modification and index addition,
InnoDB aborts with an assertion failure when processing collation
changes for single-column secondary indexes.

Solution:
========
dict_index_t::init_change_cols(): A single-column prefix secondary
index can have n_cols == n_fields when the column is the same as
the primary key column and undergoes a collation or type change
during ALTER TABLE.
5ce03b58068f...
5ce03b58068ff808a3f445935d7cea4a04586eef
forkfun
Merge branch '12.3' into '13.0'
4ec1ff493ea8...
4ec1ff493ea8da5867f9763b2ee4ef70684e4d80
drrtuy
chore: avoid building DuckDB at x86_32.
4ddfb70fedbb...
4ddfb70fedbbbaa95381c81e04f253678c134275
Vladislav Vaintroub
meh3
4ca92bb20f26...
4ca92bb20f2655c4a06eca9159457ac5cc170070
bsrikanth-mariadb
MDEV-21735: Wrong result with prefix indexes using rocksdb

Rows are missing from the output when searching by indexed text column
when the value is longer than the index's prefix length.
Using "like 'prefix%'" only works when the prefix is shorter than the
index's length (or equal, if value=prefix).
The issue seems to only happen when using utf8/utf8mb4/utf16/utf32 collations.
However, latin1/ascii/ucs2 collations work correctly.

For non-working collations, the mem-comparable buffer created for values
put into the index and the one read from the index are different.

When buffer is being filled with binary form data, the length, and
weights arguments are set to the same value for strnxfrm() when invoked
from Field_blob::sort_string(). Since weights are set to a larger value, we
fill space with unnecessary data in the buffer, and hence
the buffer comparison fail.

Solution
--------
Set the weights argument to length/charset::mbmaxlen() value, which is
what was being done in other types such as Field_varstring, as well as
other methods in Field_blob.
4b8695b8d865...
4b8695b8d865bd72d1212db317a61900f348a52e
Vladislav Vaintroub
meh4
3dee39ab4389...
3dee39ab4389b3875d36670db3fa13573be70852
forkfun
MDEV-35630 Wrong ER_FK_COLUMN_CANNOT_CHANGE with a STORED column before the FK column

prepare_inplace_alter_table() maps a field position to an InnoDB
cols[] position by skipping columns absent from that array. It used
Field::vcol_info, which is also set for STORED generated columns, so
such a column shifted the mapping by one and the FK-membership check
examined the wrong column, raising a false ER_FK_COLUMN_CANNOT_CHANGE.

Skip only truly virtual columns: use !stored_in_db() instead of
vcol_info.
3c684f1e6942...
3c684f1e694281a48c257496f09ccc61dde960fc
Oleg Smirnov
MDEV-36344: UBSAN Lifo_buffer::have_space_for change

Adjust Lifo_buffer::have_space_for to not lead itself to UBSAN
overflows.
34fd0fedc5f3...
34fd0fedc5f3b612958b4a88bcc083a4bfd2ebd8
Marko Mäkelä
MDEV-39344: fetch_data_into_cache() clears "is_truncated"

There is a memory limit implemented for the INFORMATION_SCHEMA tables
innodb_trx, innodb_locks, innodb_lock_waits. The predicate
trx_i_s_cache_is_truncated() would never hold in
trx_i_s_common_fill_table() due to a logic bug that had been
introduced in a refactoring.

fetch_data_into_cache(): Shrink the critical section of lock_sys.latch
and do not unconditionally reset cache->is_truncated when leaving the
function. This fixes a correctness regression that had been introduced
back in 2007 by commit 5cbf4e3840491c2d80928641bc0fbb8135e9c201
for the InnoDB Plugin for MySQL 5.1, which later became
the built-in InnoDB in MySQL 5.5 and MariaDB Server 5.5.

Reviewed by: Sergey Vojtovich
3170875cb60b...
3170875cb60bd1d2003bbf765a2158e60d1ed46d
forkfun
Merge branch '11.8' into '12.3'
29e43967f4f2...
29e43967f4f2c1a1d4af3372354bd203b8418152
Sergei Golubchik
only check for duckdb stuff if target duckdb is enabled
1fb075512a7a...
1fb075512a7aeab8646a163cbb6f265c49f4c075
Sergei Golubchik
refactor submodule.cmake to fetch less

don't update all submodules automatically,
only update those that are actually used by the build
160695101c17...
160695101c171378b5a35972cc042be076e23776
Marko Mäkelä
MDEV-39344: Fix a TOCTOU race

trx_i_s_possibly_fetch_data_into_cache(): Fetch into the cache and
return whether the cache was truncated. Previously, we checked this
flag without holding any latch.

trx_i_s_cache_start_write(), trx_i_s_cache_end_write(),
trx_i_s_cache_is_truncated(): Remove. These are now part of
trx_i_s_possibly_fetch_data_into_cache().

trx_i_s_cache: Remove. The singleton cache object can be a static object
with no pointer indirection.
0ec9282ffb34...
0ec9282ffb345ba442304b18ced5b64b680697b2
Vladislav Vaintroub
meh
0d59c434fab0...
0d59c434fab044ad5a28e24c5608959da14e5b0b
Oleksandr Byelkin
Merge branch '10.6' into 10.11
0cb2cc959eb4...
0cb2cc959eb4ecaed42deadb5eb93e13dd6835e3
Dmitry Shulga
MDEV-40004: Server crashes in sp_head::register_instr_mem_root_for_deallocation upon shutdown

n shutdown server could crash in case triggers executed during server run
and some of triggers instructions were re-compiled.

The crash is caused by attempt to allocate a memory for storing pointers
on mem_roots used for memory allocation taken place on re-parsing failing
trigger's statements. The reason of crash is dereferencing of nullptr
returning by the function current_thd().

To fix the issue, use dummy THD on shutdown the table definition cache.
tdc_start_shutdown() is solely invoked from the function clean_up()
but the later is called from many places around the source code, not only
from mysql_main(), particularly clean_up() is called from unireg_abort().
Therefore, the extra argument added into the signature of the function
cleanup() to allow explicit request of use dummy THD on shutdown the table
definition cache.
0bf0e13a2238...
0bf0e13a2238a97593feda1fea133340861c0736
Sergei Golubchik
MDEV-40058 cached_sha2_password crashes on zero-length password

valid encrypted password cannot have zero length and must end with '\0'
087a948e2e46...
087a948e2e4620901d2c358b46907a15b0987059
Daniel Black
MDEV-36344: UBSAN DsMrr_impl::dsmrr_init on null ptr

Under SQL_SELECT::test_quick_select there isn't
a mrr buffer. The TRP_RANGE.mrr_buf_size is explictly
sets its size to 0 in get_best_index_intersect.

Rather than hit undefined behaviour in what
eventually results in full_buf being nullptr,
jump the case and go directly to use_default_impl.
BuildBot (0.8.9) working for the MariaDB project.
Page built: Wed 24 Jun 2026 21:35:38 (UTC)