Home - Waterfall Grid T-Grid Console Builders Recent Builds Buildslaves Changesources - JSON API - About

Console View


Categories: connectors experimental galera main
Legend:   Passed Failed Warnings Failed Again Running Exception Offline No data

connectors experimental galera main
Sergei Golubchik
MDEV-35254 post-review fixes

* reduced PARSEC_ITERATIONS_MAX because PKCS5_PBKDF2_HMAC() takes
  a signed int
* instead of checking for '0'..'L' range (which includes punctuation,
  check for the valid result of base62_to_uchar()
* add a connection test with non-default parsec_iterations
* make parsec_iterations a normal command line option
* update C/C to allow larger number of iterations in the client parsec
Alexey (Holyfoot) Botchkov
MDEV-39683 Numeric aggregates should end up with an error for xmltype.

Appropriate xxx_fix_length_and_dec() added to the Type_handler_xmltype.
Vladislav Vaintroub
MDEV-39047 Impossible to create DB grant for long escaped DB name

Reject GRANT if the database name (or pattern) does not fit into the
mysql.db.Db column.

It was silently truncated previously.
While this does not fix users problem, at least it would complain at
"Incorrect database name" with the overlong name listed at GRANT time.
Dave Gosselin
MDEV-40143: st_isvalid() does not clear NULL state between rows

The st_isvalid() function evaluates nullability on every row.  Previously,
it would preserve potentially stale null state between rows, so the first
row yielding a null result for st_isvalid() would propagate to the results
for the remaining rows.

Implementation-wise, this patch changes the Item_func_isvalid::val_int
method implementation to work like Item_func_validate::val_str in that it
assumes that the method will indicate a null result for the row unless
it returns a non-null result, at which point it clears the null_value flag.
Dave Gosselin
MDEV-39914:  Crash in ST_SIMPLIFY used in an IN list

A geometry function writes its binary result into a buffer given by
the caller.  ST_SIMPLIFY did not set the charset of that buffer.  A
constant value in an IN list, though, is stored into the array that IN
builds for its comparisons, and that array has no charset.  Appending
the geometry then read an invalid charset and crashed the server.

Set the result buffer to the binary charset before writing the
geometry, matching what the other geometry functions already do.
Alexey (Holyfoot) Botchkov
MDEV-39654 No warning after CAST( AS xmltype).

Warning added.
Dave Gosselin
MDEV-40143: st_isvalid() does not clear NULL state between rows

The st_isvalid() function evaluates nullability on every row.  Previously,
it would preserve potentially stale null state between rows, so the first
row yielding a null result for st_isvalid() would propagate to the results
for the remaining rows.

Implementation-wise, this patch changes the Item_func_isvalid::val_int
method implementation to work like Item_func_validate::val_str in that it
assumes that the method will indicate a null result for the row unless
it returns a non-null result, at which point it clears the null_value flag.
PranavKTiwari
MDEV-40167: GTT created with the InnoDB incorrectly accept FULLTEXT/VECTOR indexes
Problem:
GLOBAL TEMPORARY tables were not subject to the same option/index restrictions as session TEMPORARY tables. Several InnoDB and server-layer checks tested only tmp_table(), so GLOBAL TEMPORARY tables could bypass validation for VECTOR/FULLTEXT indexes, DATA DIRECTORY, KEY_BLOCK_SIZE, and ROW_FORMAT=COMPRESSED.

Cause:
global_tmp_table() was added as a separate predicate from tmp_table(), but not all temp-table checks were updated to test both, so GLOBAL TEMPORARY tables fell through to "permanent table" logic in several places.

Fix:
Added global_tmp_table() alongside tmp_table() at each affected check:

Reject VECTOR and FULLTEXT indexes on GLOBAL TEMPORARY tables.
Reject/warn on DATA DIRECTORY, KEY_BLOCK_SIZE, and ROW_FORMAT=COMPRESSED for GLOBAL TEMPORARY tables, with accurate wording in the DATA DIRECTORY warning.
Fixed zip_allowed and related ut_ad assertions to exclude GLOBAL TEMPORARY tables.
Fixed m_use_file_per_table in set_tablespace_type() to exclude GLOBAL TEMPORARY tables (also fixes m_use_data_dir).
GLOBAL TEMPORARY tables now validate the same as session TEMPORARY tables across these options.
Thirunarayanan Balathandayuthapani
MDEV-27569  Valgrind/MSAN errors in ha_partition::swap_blobs() for BLOB not in secondary index

Problem:
=======
On a partitioned table containing a BLOB/TEXT column, an ordered
index scan calls ha_partition::swap_blobs() for every buffered
row, because it is being called only when table has blob fields.

When the buffered row comes from a secondary index that does not
cover the blob (e.g. KEY(f2) on (f2,f1)), InnoDB's
row_sel_store_mysql_rec() populates only the templated columns.
The blob column's null bit and its value-pointer bytes in
table->record[0] are left uninitialized. The partition handler
memcpy() this record into rec_buf, then swap_blobs() evaluates
blob->is_null(), reading the uninitialized null bit leads to
"use-of-uninitialized-value".

Solution:
=========
row_sel_store_mysql_rec(): When the record is being stored
from a secondary index, seed the NULL bitmap of mysql_rec
from prebuilt->default_rec before populating the templated columns.
Columns present in the index template have their NULL bit rewritten
explicitly while the row is stored, so only the columns absent from
the template (the uncovered blob) rely on this seed.
default_rec marks such nullable columns as NULL and preserves the
reserved NULL bit, so the uncovered blob is now defined as NULL.

Because of this, ha_partition::swap_blobs() skips it via its
"!bitmap_is_set(read_set) || blob->is_null()" guard and
never calls Field_blob::cached()/get_ptr(). This avoids not
only the uninitialized null-bit read and the follow-on
uninitialized blob value-pointer read.
Daniel Bartholomew
bump the VERSION
Kristian Nielsen
MDEV-40057: Virtual column included in after-image with unique BLOB index, asserts

Do not put any virtual column values into the before-image or after-image of
row events.

These virtual column values were causing assertion and probably other issues
as well. Concretely, a UNIQUE index on (int_col, blob_col) where the int_col
is being updated would include the hidden virtual column for the index in
the after-image, without including the value of the blob_col in
binlog_row_image=MINIMAL. This would cause an assertion during
TABLE::update_virtual_fields() due to missing bit in the bitmap.

Even if it doesn't cause an assertion, including the virtual column values
makes no sense, as they are recomputed anyway on the slave when applying the
row events.

Reviewed-by: Monty <[email protected]>
Brandon Nesterenko <[email protected]>
Signed-off-by: Kristian Nielsen <[email protected]>
Aleksey Midenkov
MDEV-39384 Use index in TR_table::query

TR_table::query() used table scan. Now utilize the index if possible,
with minimum validity detection. Getting trx_id by commit_ts is still
suboptimal is it does two index accesses (as limited by fields in
commit_ts index).

When the index detection fails TR_table::query() falls back to
original table scanning method.
Dave Gosselin
MDEV-28509: Dereferenced null pointer of type 'struct JOIN_TAB' in add_key_field

This patch fixes a crash when calculating join statistics during query
optimization for queries with an unused WINDOW definition.  Put another
way, the system may crash when a query defines a WINDOW but doesn't then
refer to it.

Item::marker is overloaded for different uses, many of which treat it as
a bit field.  However, the setup_group function uses it to mark that a
field was found when traversing a GROUP BY.  Originally, this marking
set the Item::marker field to 1 to indicate that it was found.  Later
on in setup_group (and only when SQL mode ONLY_FULL_GROUP_BY is
enabled), we would skip any such marked fields when checking that
fields only referenced those found in the GROUP BY; otherwise, it would
be silly to find fields of the GROUP BY within the GROUP BY field
itself.  Setting Item::marker to 1 seemed mostly harmless at that point
in time.  But later, in git sha 4d143a6ff6, we introduced several
changes: (1) the value of marker in setup_group was changed from 1 to
UNDEF_POS, (2) Item::marker was changed from uint8 to int8 (which has
since been changed to an int), and (3) UNDEF_POS which is defined to be
-1 was also added.

Queries that define WINDOWs internally will setup groups and orders as
part of query processing via the setup_group function.  Consequently
because of the behavior described earlier above, such queries may have
items with markers as UNDEF_POS (-1, or 0xffffffff) which is the same
as marking all of the flag bits as set.  This is disastrous for those
users of Item::marker which refer to it as a bit field, because every
flag bit appears set at once, including bits that are mutually
exclusive in meaning.  Even a masked test such as marker &
SUBSTITUTION_FL returns true when marker is -1.  In particular, the
method Item_direct_view_ref::grouping_field_transformer_for_where then
treats the ref as flagged for substitution and takes the wrong
execution path, leading to the crash.

Upon return from the setup_group function, we set the value of the
marker flag to zero if we set it to -1.  This preserves the marker
behavior for 'full group by' (if configured) while not otherwise
allowing the marker flag state to leak outside of this function.
forkfun
MDEV-39380 Assertion `arg2_int >= 0' failed in Item_func_additive_op::result_precision

A 0xHHHH / b'..' literal keeps its hex_hybrid type through COALESCE/IF/CASE/...,
but was evaluated, sized and stored as a string, so it behaved differently from
a bare literal (10+COALESCE(0x31) gave 11, not 59).

Type_handler_hex_hybrid now implements the numeric side to match the bare
literal: val_int/val_real/val_decimal read bytes as a hybrid, Item_decimal_precision
returns the integer precision, Item_save_in_field stores like the bare literal.
The traditional type merge keeps the hybrid through a typeless NULL (as for BIT),
and Item_hybrid_func_fix_attributes attributes it binary/unsigned.
Vladislav Vaintroub
MDEV-33480 Windows MSI installer, convert from WIX v3 to supported versions

Support both modern WiX (wix.exe, v5/v6) and legacy v3.x toolsets.
WXS sources stay in v3 format, the modern toolset builds them after
on-the-fly 'wix convert'. Modern WiX is preferred when installed,
use WITH_WIX3=1 to force legacy.
Daniel Bartholomew
bump the VERSION
Daniel Bartholomew
bump the VERSION
Alexey Yurchenko
MDEV-40179 Found N prepared transactions after mariabackup SST

With log_bin=ON a transaction is committed via two-phase commit (the
binary log is the second participant), so it passes through the InnoDB
XA-prepare state. While a donor is held in BLOCK_COMMIT for a mariabackup
backup, its parallel appliers (wsrep_slave_threads > 1) leave one or more
such writesets prepared-but-not-yet-committed, and the snapshot captures
them. On a freshly SST'd joiner nothing resolves these prepared
transactions: binlog crash recovery does not run (the joiner has no in-use
binlog to recover from), and the wsrep continuity-based commit is inactive
because wsrep_emulate_bin_log is FALSE when log_bin is ON. The leftover
prepared transactions then abort startup with "Found <N> prepared
transactions!". Note this does not depend on the prepared set being
non-contiguous - even a contiguous run aborts, because nothing commits
or rolls it back.

Rollback these transactions in xarecover_handlerton().

Co-Authored-By: Claude Opus 4.8 <[email protected]>
Aleksey Midenkov
MDEV-38839 table_list->updating flag comment
Kristian Nielsen
MDEV-40057: Virtual column included in after-image with unique BLOB index, asserts

Do not put any virtual column values into the before-image or after-image of
row events.

These virtual column values were causing assertion and probably other issues
as well. Concretely, a UNIQUE index on (int_col, blob_col) where the int_col
is being updated would include the hidden virtual column for the index in
the after-image, without including the value of the blob_col in
binlog_row_image=MINIMAL. This would cause an assertion during
TABLE::update_virtual_fields() due to missing bit in the bitmap.

Even if it doesn't cause an assertion, including the virtual column values
makes no sense, as they are recomputed anyway on the slave when applying the
row events.

Reviewed-by: Monty <[email protected]>
Brandon Nesterenko <[email protected]>
Signed-off-by: Kristian Nielsen <[email protected]>
forkfun
MDEV-23444 ASAN dynamic-stack-buffer-overflow or Assertion `precision > 0'
failed in decimal_bin_size with div_precision_increment=0

A signed numeric value of display length 1 (WEEKDAY(), DAYOFWEEK(), @v:=<int>)
had decimal_precision() == 0: my_decimal_length_to_precision() subtracted a
digit for the sign with no lower bound. Turning such a value into a DECIMAL
(division, AVG(), a UNION column) produced precision 0, which tripped the
`precision > 0' assertion in decimal_bin_size() on store, GROUP BY or filesort.

Clamp my_decimal_length_to_precision() to a minimum of 1 so precision is never 0.

Side effect: a signed 1-digit integer now reports display width 2 (digit + sign),
updating the (SELECT a) column type in the subselect tests.
Dearsh Oberoi
MDEV-35254 Make iterations count configurable in PARSEC plugin

This patch adds a global and session level plugin variable
parsec_iterations to define the number of iterations to be
used when generating the key corresponding to the password.
It has a default value, lower and upper bounds.
Vladislav Vaintroub
MDEV-33480 Windows MSI installer, convert from WIX v3 to supported versions

Custom actions : get rid of wcautil and dutil library dependencies
They are not an official part of WiX distribution anymore.

Replace the functionality with native MSI api, the Wix helpers
we used were thin wrappers anyway.

Also replace the VBScript FakeFailure custom action with a native
one, VBScript is deprecated in Windows and scheduled for removal.
Alexey Yurchenko
MDEV-38147 error 1950 after mariabackup SST with gtid_strict_mode=ON

After a mariabackup SST the joiner could fail with

  ER_GTID_STRICT_OUT_OF_ORDER (error 1950)

while re-binlogging transactions received over IST.

The cause is that the binary log copied from the donor carries a
Gtid_list whose position can be ahead of the storage-engine snapshot:
BACKUP STAGE BLOCK_COMMIT blocks the engine commit (2PC step 3) but not
the binary log write (step 2), so transactions can be present in the
copied binlog that are not committed in the copied engine snapshot.
After the SST the joiner reports the (committed) engine position to the
cluster, IST resends those transactions, and re-binlogging them under
gtid_strict_mode=ON collides with the ahead Gtid_list -> error 1950.
(MDEV-34483 made the engine snapshot stop short of the binlog, which is
what exposed this.)

The copied binary log carries no transactions the joiner needs - only a
Gtid_list - so instead of shipping and then having to truncate/reconcile
it, the joiner now starts a fresh binary log and seeds its GTID position
from the storage-engine checkpoint during recovery. That checkpoint is
the committed cluster position, i.e. exactly where IST resumes, so the
joiner's binary log stays in lockstep with the rest of the cluster and
no out-of-order GTID can occur.

This works for both wsrep_gtid_mode settings; only the binlog domain of
the cluster stream differs:

  - wsrep_gtid_mode=ON : wsrep_gtid_domain_id (cluster writes are
    re-tagged to it), which is the domain stored in the checkpoint;
  - wsrep_gtid_mode=OFF: gtid_domain_id (cluster writes keep the node's
    configured domain).

Async-replica positions (mysql.gtid_slave_pos) are part of the engine
snapshot and survive the SST unchanged, so a Galera node can still serve
as an async master or replica across the SST.

This commit:
- sql/log.cc: adds wsrep_seed_binlog_gtid_state(), called from
  do_binlog_recovery() when the joiner has no binary log, seeding the
  binlog GTID state for the cluster domain to the SE checkpoint position.
- scripts/wsrep_sst_mariabackup.sh: no longer moves the donor's binary
  log into place on the joiner.
- extra/mariabackup: backward compatibility: keep shipping binlog file
  in SST but
  - on donor fix the race between rotation and shipping so that the file
    shipped is the one that had been rotated;
  - on joiner discard shipped binlog in favour of one generated by
    wsrep_seed_binlog_gtid_state().
- sql/wsrep_sst.cc: logs the position actually adopted from storage
  (the authoritative post-SST position) rather than the script-reported
  one.
- sql/handler.cc: downgrades the "Discovered discontinuity in recovered
  wsrep transaction XIDs" message in wsrep_order_and_check_continuity()
  from warning to debug level. With parallel appliers a snapshot
  routinely captures prepared XIDs that are not contiguous with the
  engine checkpoint, so this is normal during SST recovery and of no
  value in regular operation; the transactions past the checkpoint are
  re-delivered by the cluster (IST/SST) regardless.
- Adds an MDEV-38147 MTR test reproducing the issue.

Co-Authored-By: Claude Opus 4.8 <[email protected]>
Daniel Bartholomew
bump the VERSION
Alexey Botchkov
MDEV-39750 ExtractValue does not control recursion depth.

Stack control added.
Aleksey Midenkov
MDEV-38839 table_list->updating flag comment
Aleksey Midenkov
MDEV-39384 Wrong result when selecting from precise-versioned table

SELECT ... FOR SYSTEM_TIME AS OF <timestamp> on a trx-precise table
scans transaction_registry via TR_table::query(MYSQL_TIME&, bool) to
translate the timestamp into a trx_id, comparing each row:

    Item_func_le/ge(Item_field(commit_timestamp), Item_datetime_literal)

transaction_registry is opened directly, bypassing setup_tables(), so
TABLE::map stays 0. Item_field::used_tables() then returns 0, and
Item::const_item() (used_tables() == 0) wrongly reports the field as
const. That makes Arg_comparator::cache_converted_constant() wrap the
field in an Item_cache (its handler timestamp differs from the
aggregated datetime handler), snapshotting record[0] once. The scan then
compares every row against the first row's commit_timestamp -> wrong
result.

Fix: in TR_table::query(MYSQL_TIME&, bool) temporarily set table->map to
a nonzero value for the duration of the scan so used_tables() != 0 and
const_item() is false, disabling the caching. A
DBUG_ASSERT(!field->const_item()) guards the invariant.
Dave Gosselin
MDEV-39911:  Crash in ST_SIMPLIFY of a collection geometry

ST_SIMPLIFY of a multilinestring, polygon, multipolygon, or geometry
collection reserved space for the result header but omitted the four
byte element count that it then appends.  This resulted in a buffer
overrun.

Reserve the full header size, including the count, in each of the four
collection simplify functions, the same fix applied for MDEV-35062 and
MDEV-36042.
Vladislav Vaintroub
Add Windows x64 CI: build with ninja, test MSI install/uninstall, run MTR
forkfun
MDEV-39380 Assertion `arg2_int >= 0' failed in Item_func_additive_op::result_precision

A 0xHHHH / b'..' literal keeps its hex_hybrid type through COALESCE/IF/CASE/...,
but was evaluated, sized and stored as a string, so it behaved differently from
a bare literal (10+COALESCE(0x31) gave 11, not 59).

Type_handler_hex_hybrid now implements the numeric side to match the bare
literal: val_int/val_real/val_decimal read bytes as a hybrid, Item_decimal_precision
returns the integer precision, Item_save_in_field stores like the bare literal.
The traditional type merge keeps the hybrid through a typeless NULL (as for BIT),
and Item_hybrid_func_fix_attributes attributes it binary/unsigned.
Vladislav Vaintroub
MDEV-40141 PAM authentication fails when started with --default-auth=dialog

The pam plugin reused the client's initial reply as the password when its
first byte was non-zero, but with --default-auth=dialog that reply is empty
and the byte is stale buffer data. Check the reply length too.
Dave Gosselin
MDEV-39911:  Crash in ST_SIMPLIFY of a collection geometry

ST_SIMPLIFY of a multilinestring, polygon, multipolygon, or geometry
collection reserved space for the result header but omitted the four
byte element count that it then appends.  This resulted in a buffer
overrun.

Reserve the full header size, including the count, in each of the four
collection simplify functions, the same fix applied for MDEV-35062 and
MDEV-36042.
Vladislav Vaintroub
MDEV-40141 PAM authentication fails when started with --default-auth=dialog

The pam plugin reused the client's initial reply as the password when its
first byte was non-zero, but with --default-auth=dialog that reply is empty
and the byte is stale buffer data. Check the reply length too.
Dave Gosselin
MDEV-39914:  Crash in ST_SIMPLIFY used in an IN list

A geometry function writes its binary result into a buffer given by
the caller.  ST_SIMPLIFY did not set the charset of that buffer.  A
constant value in an IN list, though, is stored into the array that IN
builds for its comparisons, and that array has no charset.  Appending
the geometry then read an invalid charset and crashed the server.

Set the result buffer to the binary charset before writing the
geometry, matching what the other geometry functions already do.
Aleksey Midenkov
MDEV-39384 Use index in TR_table::query

TR_table::query() used table scan. Now utilize the index if possible,
with minimum validity detection. Getting trx_id by commit_ts is still
suboptimal is it does two index accesses (as limited by fields in
commit_ts index).

When the index detection fails TR_table::query() falls back to
original table scanning method.
Dearsh Oberoi
MDEV-35254 refactor: Make my_bit.h an independent header

Removed type aliases and macros defined in my_global.h from my_bit.h,
making it possible to include it in plugins or external code without
pulling in my_global.h
Dearsh Oberoi
MDEV-35254 Add get_current_thd() service function
Vladislav Vaintroub
Merge branch '10.11' into MDEV-34074
Vladislav Vaintroub
MDEV-34074 server_audit crashes in get_loc_info() with NULL loc_info

THDVAR(thd, loc_info) can return NULL if the plugin was previously
uninstalled. get_loc_info() and its callers dereferenced it.

Guard against a NULL loc_info in get_loc_info(), auditing() and
log_current_query(). Such a session is not audited.