Home - Waterfall Grid T-Grid Console Builders Recent Builds Buildslaves Changesources - JSON API - About

Console View


Categories: connectors experimental galera main
Legend:   Passed Failed Warnings Failed Again Running Exception Offline No data

connectors experimental galera main
fe3039eef7b8...
fe3039eef7b8b6d86458d9ef63554647d85dcd54
Sergei Golubchik
MDEV-39673 group_concat ignores max_allowed_packet

GROUP_CONCAT is limited by group_concat_max_len,
but also, as a string function it must respect max_allowed_packet.

Let's introduce THD::gconcat_max_len() helper to simplify checks.

Also:
* make max group_concat_max_len value the same as max max_allowed_packet
* use the same MY_MIN((ulonglong) ..., UINT_MAX32) in
  Item_func_json_objectagg as in Item_func_group_concat
* use overflow-safe type for lengths in Item_func_quote
  (MAX_MAX_ALLOWED_PACKET is 1G so uint cannot overflow yet, but it's
  a fragile assumption)
fcd3f81e08da...
fcd3f81e08daea471d371d3be051e6feabb06399
Vladislav Vaintroub
MDEV-37556 Memory leak in proxy protocol with name resolution enabled

When proxy protocol is used and --skip-name-resolve is not set,
thd_set_peer_addr() is called twice per connection: once for the real TCP peer (in check_connection),
and again for the proxied address (in handle_proxy_header).
Each call invokes ip_to_hostname(), which allocates a hostname string
(unless loopback connection is used) and stores it as
thd->main_security_ctx.host. That code missed to free previously
allocated hostname, which results into memory leak.

This is now fixed. Also added debug-only test to mysql_client_test, which
fakes DNS and IP resolution the same way some perfschema tests do, to
emulate remote TCP connection in MTR.
f139e207175b...
f139e207175b5bbb9f8f0bc24227c61379746218
Jan Lindström
MDEV-40027 : Galera Cluster-peer > Donor command execution

An appropriately privileged user (with SUPER privileges) could
execute shell commands as the uid of the mariadbd process
because the values of the system variable wsrep_sst_auth,
which can be modified at runtime, were not properly
sanitized when used to construct a shell command.

Combined rsync and mariabackup test cases and added
test case for incorrect values for wsrep_sst_auth.
f0ae019e1a7d...
f0ae019e1a7d736500072ce62e6e107d0fb71062
Daniel Bartholomew
bump the VERSION
ed8404a73f93...
ed8404a73f93e79aff7227bb4560a44cbfdb5d1c
Hemant Dangi
MDEV-39721: wsrep_notify.cc: reject shell-unsafe characters in joiner-supplied member fields

Issue:
wsrep_notify_status() interpolated members[i].name() (the peer's
wsrep_node_name) and members[i].incoming() verbatim into a command
string that is then executed via 'sh -c' by wsp::process. A peer
joining the cluster with shell metacharacters in its wsrep_node_name
or wsrep_node_incoming_address caused arbitrary commands to run on
every cluster member that had wsrep_notify_cmd configured.
MDEV-39413 introduced safe() for the same threat class in the SST
scripts but did not cover the C++ wsrep_notify path.

Solution:
Validate each substituted field against a narrow whitelist before
interpolating. Node name allows alnum and -_. ; node address
additionally allows :[]/ for host:port and [ipv6] forms. On bad
input the notification is skipped with an error log instead of
forwarding the unsafe value to sh -c.
e5dffa6a4f3a...
e5dffa6a4f3a8df4f5d60192f1f81c65bea19b73
Vladislav Vaintroub
MDEV-40026 acl_insert_db crashes on overlong dbname in "denies" array.

Fix to return error when json_unescape() fails.
Also return error, if length from json_unescape happens to be larger
that size of buffer - 1, to make sure that null-termination of string
does not override memory.

Some cleanup - only complain once about invalid "denies" entry during
FLUSH privileges. Avoid full parsing during when processing
mysql.global_priv in grant_reload() in the first pass.
e4b6a4623d20...
e4b6a4623d2023de24c9e9b6c4c126066b28d85a
Marko Mäkelä
Simplify the logic around max_first_lsn
deb6b0b03da9...
deb6b0b03da9a95f241d4aad278e1a098f79e657
ParadoxV5
MDEV-38972 Refactor MDEV-37530 and MDEV-28302 to Use Internal Data Structures

Replace the `std::unordered_map` in `Info_file::load_from_file_impl()`
with `Hash_set` from `sql/sql_hset.h`.

For consistency’s sake, as long as there is no call to switch to a
“third-party alternative” (C++ Standard, Boost, etc.) library (if ever),
we should prever in-house data structures whenever feasible.

As this commit contains no other changes,
this change from one library to the other is also a
suitable sample for a formal performance comparison.
dcfe8dc65635...
dcfe8dc6563578070b29b318be8a259158e47835
ParadoxV5
fixup force reorganize

Reörganize
dae315a7b2bf...
dae315a7b2bf8bd2fd0449467e711e5a2db26669
Hemant Dangi
MDEV-39648: wsrep_sst_rsync.sh: apply safe() to joiner-supplied parameters

Issue:
wsrep_sst_rsync.sh interpolated WSREP_SST_OPT_REMOTE_USER and
WSREP_SST_OPT_REMOTE_PSWD verbatim. Because both values originate from
the joiner side of the SST request, a newline in either could splice
an extra directive into the donor-written stunnel.conf (silently
downgrading peer-cert verification) or an extra line into the rsync
magic file. MDEV-39413 had introduced safe() for the same threat class
in wsrep_sst_mariabackup but did not extend it to the rsync script.

Solution:
Routing the rsync interpolations through safe() closes the gap, and
extending safe() to also reject tab and newline ensures multi-line
values cannot survive into a config-file heredoc.
da58c0c137a0...
da58c0c137a066ccdad682dacef4cb2c57331e86
Monty
Ensure that mtr.out-of-source is not acccidently calling itself

Calling itself will cause extensive memory usage that can kill
the machine when it runs out of memory (happend to me).

Fixed by having mtr.out-of-source checking that it is not calling itself.
In addition added a check for cmake to expand symlinks to make the
check if we are running mtr 'out of source' safer.

Author: Sergei Golubchik <[email protected]> (CMakeList.txt changes)
d404a47c25b8...
d404a47c25b8d5d3b37d9d62c14311934523fd17
Teemu Ollakka
Add missing notify_state_change() in Wsrep_client_service.

The change was forgotten from previous rebase/wsrep-lib update.
ccc9a558f4d4...
ccc9a558f4d446efcb20755d8ab4e16ff2cfd118
ParadoxV5
amend "remodel structs"

TODO fixup (cosmetic issues made obsolete by later changes):
* `mysqld.cc` `master_heartbeat_period` use `std::move()`
* fix doc for `operator T()`:
  ```c++
  ///@pre @ref optional and @ref default_value are not both null.
  ```
c5409caab043...
c5409caab0430c6ec93afa881418d681e00543c9
Sergei Golubchik
MDEV-39564 One-byte OOB write in PROXY protocol v1 header parser
b2050fdb4a87...
b2050fdb4a8776422baf01a41bf86845994edb97
Sergei Golubchik
strengthen safe() in wsrep_sst_common, just in case
aefe48e6ef95...
aefe48e6ef955947d139ff04488d6890034ed034
Marko Mäkelä
MDEV-39344: trx_disconnect_prepared() uses wrong mutex

trx_t::disconnect_prepared(): Replaces trx_disconnect_prepared().
Protect is_recovered, mysql_thd with mutex, to be consistent with
protecting fetch_data_into_cache_low().

This fixes up
commit c0817dac99c28698dfc2b548d89acf1fb41dc32e (MDEV-29575).

Suggested by: Sergey Vojtovich
aedf5898670e...
aedf5898670ed254eac30b75f909b01884ead584
ParadoxV5
MDEV-38972 Refactor MDEV-37530 and MDEV-28302 to Use Internal Data Structures

For consistency with the (dated) rest of the codebase, this commit
replaces most miscellaneous C++ standard utilities MDEV-37530
used with equivalents in the C standard and MariaDB libraries:

* `std::initializer_list<E>` → `E *, size_t`
* `std::optional<T>` → `T, bool`
  * `::master_heartbeat_period` is refactored
* `std::pair<K, V>` → `struct { K; V; }`
* `std::string_view` → `LEX_CSTRING`

The following are kept:
* `std::numeric_limits<T>`:
  Alternatives (`UINTn_MAX`, `MY_INTn_NUM_DECIMAL_DIGITS`)
  don’t integrate well with templates, *especially when `T`
  is `my_off_t` (a platform-dependent MariaDB-library type)*.
  * Though `std::numeric_limits<T>::is_signed` is currently not used.
* Explicit move-semantic markers `std::move()` and `std::forward()`

The commit also unrolls the structured binding in
the `for` loop in `sql_repl.cc`’s `change_master()`.

The changeset of this separate commit is mainly a comparison of style,
as the performance differences are well expected to be negligible.
a9e2f7f648f3...
a9e2f7f648f339c6f49b5bbe0435fa6b04a27ed2
Sergei Golubchik
MDEV-39676 disallow global.wsrep_sst_donor=NULL again

it crashes in galera.mdev-28433
9a3e15318816...
9a3e15318816616bbdbc2b83a8f7171fa4fd42f8
Sergei Golubchik
MDEV-39581 dynamic column header missing sanity checks
8b27beead627...
8b27beead6277f1fc15a750f7c226be3761e14cc
Jan Lindström
MDEV-40056 : Analyze Galera Dynamic Variables Susceptible to RCEs

Fix potential issue with wsrep_node_address by allowing
only correctly constructed address.
8a7be7e9aac2...
8a7be7e9aac2ea79cd6ae63baab8ff547c1e3da9
Hemant Dangi
MDEV-38843: BF applier failed on a node causing complete Cluster lockup

Issue:
When a BF applier failed to apply a write set and the transaction
rollback returned non-zero, wsrep-lib's apply_write_set() short-circuited
log_dummy_write_set(). That call releases commit order through
commit_order_leave() -- which drives the inconsistency vote -- and
advances the storage engine checkpoint. Skipping it left the seqno stuck
in commit order, so following appliers blocked on commit_order_enter and
the node silently locked the cluster while staying in the primary
component.

Solution:
wsrep-lib now always calls log_dummy_write_set() on the apply-error path,
so the apply error reaches the provider and the node is voted out and
evicted instead of hanging. The rollback result is still folded into ret,
and Wsrep_high_priority_service::rollback() returns its real result again.
819288bf80a0...
819288bf80a0751096582fd3644443387ace860c
ParadoxV5
fixup "move to init list"

This reverts a9a2aa90be for `sql/rpl_info_file.h`.
76af0610e2b6...
76af0610e2b65602f527b7e271cc9150faa91320
Rex Johnston
MDEV-30073 Wrong result on 2nd execution of PS for query with NOT EXISTS

Summary: Items of type Item_direct_view_ref which are reverted with the
change_item_tree mechanism are involved in permanent optimizer
transformations.  This commit ensures that items involved in these
permanent transformations are created during the first execution
and re-used for subsequent executions.

Queries affected by this bug are numerous, but will always involve
1) 2nd execution of a prepared statement or procedure
2) a permanent transformation, such as a semi-join optimization

Detail:

Consider this run as a prepared statement
SELECT * FROM t1
  WHERE EXISTS
  (
    SELECT dt.a FROM
      (
        SELECT t2a as a, t2b as b FROM t2
      ) dt
      WHERE dt.b = t1a
  )

During name resolution of field dt.b (in the where clause) we end
up calling find_field_in_view()/.../create_view_field().
This is responsible for creating a wrapper around the found Item
(Item_field*)`test`.`t2`.`t2b`
While this Item_direct_view_ref representing 'dt.b' is allocated on
Statement (permanent) memory the change is registered to be reversed
at the end of statement execution.  This is odd and contrary to the
permanent nature of this transformation.

Item::exists2in_processor() is called during the preparation in the
first execution.
We transform the query from
select * from t1 where
exists
(
  select `test`.`t2`.`t2b` from
    (
      select `test`.`t2`.`t2a` AS `a`,`test`.`t2`.`t2b` AS `b` from `test`.`t2`
    ) `dt`
    where `test`.`t2`.`t2b` = `test`.`t1`.`t1a`
    limit 1
)

select * from t1 where
`test`.`t1`.`t1a` in
(
  select `test`.`t2`.`t2b` from
    (
      select `test`.`t2`.`t2a` AS `a`,`test`.`t2`.`t2b` AS `b` from `test`.`t2`
    ) `dt`
    where 1
)

later, the optimizer merges the derived table dt into it's parent

select * from t1 where
`test`.`t1`.`t1a` in
(
  select `test`.`t2`.`t2b` from t2 where 1
)

then this is transformed into a semi-join

select t1.* from t1 semi join t2 on t1a = t2b

At the end of the first execution, the item t2b above is reverted to
dt.b.  During the subsequent name resolution of dt.b, it is resolved
t2a, and the semi-join executed corresponds to

select t1.* from t1 semi join t2 on t1a = t2a

causing a different result set.

Initial Author: Igor Babaev
Reformatted and refactored by: Rex Johnston ([email protected])

Add assert to ensure Item_direct_view_refs are not allocated on
the 2nd execution.
760b57814f01...
760b57814f010d66f53ee5e7f885035180ff609b
Daniel Bartholomew
bump the VERSION
70a88a6b6e11...
70a88a6b6e11d3cb840d5b27d05d967aff099ef0
Thirunarayanan Balathandayuthapani
MDEV-34998 Assertion `n_fields > n_cols || type & 32' failed in dict_index_t::init_change_cols on ALTER

Problem:
=======
During ALTER TABLE with column type modification and index addition,
InnoDB aborts with an assertion failure when processing collation
changes for single-column secondary indexes.

Solution:
========
dict_index_t::init_change_cols(): A single-column prefix secondary
index can have n_cols == n_fields when the column is the same as
the primary key column and undergoes a collation or type change
during ALTER TABLE.
61d251c656e1...
61d251c656e17da804ea71d811b07871b7c79c2b
Marko Mäkelä
MDEV-13542 fixup: Remove orphan trx_print()
5cedbdfcc65b...
5cedbdfcc65b07d15ab25164cdce677cf0d256fa
Sergei Golubchik
fix columnstore for new cmake
52bbe5b6e7fe...
52bbe5b6e7fe274f0c4738685326283c0d65944d
Sergei Golubchik
MDEV-39658 ASAN crash on invalid proxy_protocol_networks value

max_subnet estimate was off by one.

* only allow address with a known family
  (trips an assert in addr_matches_subnet())
* adjust max_subnet estimate accordinly
3a3c1e403ba6...
3a3c1e403ba6b94a98d40425bb50a17d7cf6edc9
Jan Lindström
Prepare for Galera library version 26.4.27
34fd0fedc5f3...
34fd0fedc5f3b612958b4a88bcc083a4bfd2ebd8
Marko Mäkelä
MDEV-39344: fetch_data_into_cache() clears "is_truncated"

There is a memory limit implemented for the INFORMATION_SCHEMA tables
innodb_trx, innodb_locks, innodb_lock_waits. The predicate
trx_i_s_cache_is_truncated() would never hold in
trx_i_s_common_fill_table() due to a logic bug that had been
introduced in a refactoring.

fetch_data_into_cache(): Shrink the critical section of lock_sys.latch
and do not unconditionally reset cache->is_truncated when leaving the
function. This fixes a correctness regression that had been introduced
back in 2007 by commit 5cbf4e3840491c2d80928641bc0fbb8135e9c201
for the InnoDB Plugin for MySQL 5.1, which later became
the built-in InnoDB in MySQL 5.5 and MariaDB Server 5.5.

Reviewed by: Sergey Vojtovich
32ab8a2d4c0f...
32ab8a2d4c0fd04e89713f63f04c6cf40248b63d
Sergei Golubchik
MDEV-39657 ASAN error on malformed WKB point

check data length for Gis_point
31319c7bc618...
31319c7bc618f669e34d5de1823142df4ec67e33
Sergei Golubchik
proxy protocol v2: fix a harmless typo

according to the rfc, the length is 2 bytes,
but the max length is 226 and there's a validity
check for length <= 240.
1648170c5c33...
1648170c5c33cf39dec34d92c653551c4fdd6f9b
Sergei Golubchik
MDEV-39565 missing filename check in mariadb-backup --decompress

check for tablename-safe characters in backed up table files
160695101c17...
160695101c171378b5a35972cc042be076e23776
Marko Mäkelä
MDEV-39344: Fix a TOCTOU race

trx_i_s_possibly_fetch_data_into_cache(): Fetch into the cache and
return whether the cache was truncated. Previously, we checked this
flag without holding any latch.

trx_i_s_cache_start_write(), trx_i_s_cache_end_write(),
trx_i_s_cache_is_truncated(): Remove. These are now part of
trx_i_s_possibly_fetch_data_into_cache().

trx_i_s_cache: Remove. The singleton cache object can be a static object
with no pointer indirection.
13e6808f0138...
13e6808f0138175ad48bf91b6487f56f33c51919
Jan Lindström
MDEV-39676 : Galera Cluster-peer > Donor command execution

Add verification of wsrep_sst_donor, wsrep_sst_method and
wsrep_sst_receive_address so that they contain only
supported characters. But allow NULL or empty value.
11c41cd93d2c...
11c41cd93d2c3732862ba043afd18508021440c0
Sergei Golubchik
MDEV-39622 OBJECT_INSTANCE_BEGIN in P_S are unstable, difficult to compare

let's show stable values that don't change between runs
0d59c434fab0...
0d59c434fab044ad5a28e24c5608959da14e5b0b
Oleksandr Byelkin
Merge branch '10.6' into 10.11
05663d1910db...
05663d1910dbbf5d63270812216326694511e73f
Sergei Golubchik
MDEV-39576 PROXY v2 protocol uninitialized memory reads
03e040ea90d7...
03e040ea90d75be093d1932232b4392dddd2fe34
Jan Lindström
Fix test failure on galera_sst_mariabackup_encrypt_with_key_server

Joiner mariadbd exits when SST is aborted; the exit code varies by
platform (clean 0 on some systems, signalled 134 / 1 on others).

pkill exit code can also vary by platform (clean 0 on some systems,
signalled 1 others).
00a17d1da365...
00a17d1da365639797dbddec505fa5ad3d496123
ParadoxV5
amend "move to init list"
BuildBot (0.8.9) working for the MariaDB project.
Page built: Mon 22 Jun 2026 09:13:39 (UTC)