Home - Waterfall Grid T-Grid Console Builders Recent Builds Buildslaves Changesources - JSON API - About

Console View


Categories: connectors experimental galera main
Legend:   Passed Failed Warnings Failed Again Running Exception Offline No data

connectors experimental galera main
Daniel Black
MDEV-39813 ST_GeomFromGeoJSON does not control recursion depth

Geometry::create_from_json reset the killedptr and the stack
depth (stack_p) every time json_scan_start was called. We save/
restore these values so that the ST_GeomFrom_GeoJSON can be killed
and incur timeout, and also so that its depth measurement is kept.

Test case an bug report thanks to byteoverride.
Vladislav Vaintroub
MDEV-37556 Memory leak in proxy protocol with name resolution enabled

When proxy protocol is used and --skip-name-resolve is not set,
thd_set_peer_addr() is called twice per connection: once for the real TCP peer (in check_connection),
and again for the proxied address (in handle_proxy_header).
Each call invokes ip_to_hostname(), which allocates a hostname string
(unless loopback connection is used) and stores it as
thd->main_security_ctx.host. That code missed to free previously
allocated hostname, which results into memory leak.

This is now fixed. Also added debug-only test to mysql_client_test, which
fakes DNS and IP resolution the same way some perfschema tests do, to
emulate remote TCP connection in MTR.
Daniel Black
Merge 10.6 into 10.11
bsrikanth-mariadb
MDEV-39942: use actual_rec_per_key in loose scan sj optimization

While performing loose scan semi-join optimization in
Loose_scan_opt::check_ref_access_part1() [opt_subselect.h],
the filtered value in the explain plan was in-consistent for a table
with index when same data was inserted using "insert into t1 values()...",
and "insert into t1 select * from t2". This is noticed when
rec_per_key[] was used to get the number of records during optimization.

However, when actual_rec_per_key() is used to get the number of records,
we don't notice this discrepancy.

This PR changes the rec_per_key[] usage to actual_rec_per_key() in the
method Loose_scan_opt::check_ref_access_part1() [opt_subselect.h]
Jan Lindström
MDEV-40027 : Galera Cluster-peer > Donor command execution

An appropriately privileged user (with SUPER privileges) could
execute shell commands as the uid of the mariadbd process
because the values of the system variable wsrep_sst_auth,
which can be modified at runtime, were not properly
sanitized when used to construct a shell command.

Combined rsync and mariabackup test cases and added
test case for incorrect values for wsrep_sst_auth.
Daniel Black
MDEV-39276: Assertion `0` failed in json_find_path

This was resolved with MDEV-35548, however we add
two additional test cases.
Daniel Black
MDEV-39691 wsrep.cnf contains deprecated wsrep_causal_reads

wsrep_causal_reads was deprecated in 10.1.3 and removed in 11.3.1.
Put in place the equivalent (and default) wsrep_sync_wait=0.

Amend a few early comments to show MariaDB as our product.
Jan Lindström
MDEV-38870 : Galera test failure on galera.MDEV-38201

Test changes only. Moved wait condition where node should
disconnect from cluster because it has become inconsistent.
After that next FLUSH HOST based on timing could return
not supported or timeout.
Oleg Smirnov
MDEV-32326 Recursive CTE reference in a scalar subquery must be rejected

A recursive reference to a WITH RECURSIVE table that is reachable only
through a scalar subquery (in particular through a WITH clause nested
inside such a subquery) was not recognized as a subquery reference. As a
result the recursive CTE was wrongly accepted as standard-compliant instead
of being rejected with ER_NOT_STANDARD_COMPLIANT_RECURSIVE, and execution
later dereferenced an uninitialized join_tab for that reference in
st_select_lex_unit::exec_recursive(), crashing the server.

The cause was in With_element::check_dependencies_in_unit(). The flag
marking that we are inside a subquery (in_subq) was updated only after the
unit's own WITH clause had already been analyzed. Hence dependencies
discovered while descending into a WITH clause attached to a scalar
subquery were recorded in top_level_dep_map instead of sq_dep_map, so
contains_sq_with_recursive_reference() failed to report the violation.

The fix: set in_subq from unit->item before processing the unit's WITH
clause, so that dependencies found in nested WITH clauses of a scalar
subquery are correctly attributed to the subquery context.

The expected error for the MDEV-32299 cases in cte_recursive.test changes
accordingly from ER_BAD_FIELD_ERROR to ER_NOT_STANDARD_COMPLIANT_RECURSIVE:
the query is now rejected at dependency analysis for its non-compliant
recursive reference rather than failing later during name resolution. The
test still verifies that no crash occurs.
Daniel Black
MDEV-39541 mem_pressure::~mem_pressure() causes a crash on bootstrap

Fill in the anomaly shutdown paths of InnoDB to include call to
buf_mem_pressure_shutdown now that MDEV-39585 provides some
proper calls shutdown InnoDB and other plugins during the shutdown
under --bootstrap.

Alternate: destructor attribute on buf_mem_pressure_shutdown would
acheive the same thing and given Linux compilers are capabile of
this. This is possible as mem_pressure is currently implemented
in Linux only.
Pekka Lampio
MDEV-38386 Fix incomplete cleanup in Galera MTR tests failing under --repeat

A number of Galera MTR tests pass on the first run but fail on a second
--repeat iteration, because server, cluster or filesystem state leaks
across runs and the test does not restore a clean starting state.

Fix the cleanup (or force a fresh cluster) in the affected tests. Each
fix was verified with --repeat=2 --force.

1. Stale async-slave GTID position (11 tests)

  RESET SLAVE [ALL] does not clear gtid_slave_pos. As the master does
  RESET MASTER in cleanup, on the next run the slave considers the
  events already applied and skips them, so the replicated tables never
  appear. Clear the position with SET GLOBAL gtid_slave_pos = "".

2. Leftover binlog GTID state from trailing cleanup (1 test)

  Trailing DROP TABLE / mtr.add_suppression statements ran after the
  .inc's reset master and re-populated node_2's binlog. gtid_binlog_state
  keeps the latest seqno per (domain, server_id) pair, so a stray
  0-2-<n> survived into the next run and broke the state comparison.
  Reorder the cleanup and reset node_2's binlog last.

3. Cluster-global, one-time or time-window state (11 tests)

  The wsrep GTID domain seqno is cluster-global and is not reset by
  reset master (nor by a mid-test SST rejoin); error-log contents,
  warning-flood suppression timers and one-time bootstrap behaviour are
  likewise not restored by in-test cleanup. Force a fresh cluster with
  include/force_restart.inc.

4. Leftover filesystem artifacts (1 test)

  mariabackup refuses to back up into a non-empty target directory, so
  the leftover target dirs from the previous run made the backup fail
  silently and the expected log messages never appeared. Remove the
  target directories in cleanup.
Dave Gosselin
MDEV-39207:  mark test as not_embedded

Test fails on embedded CI because original not_embedded flag was not preserved
Daniel Black
MDEV-31209 Queries with window functions do not obey KILL / max_statement_time

Window functions run in a loop in
Frame_cursor::compute_values_for_current_row which can include a large
number of rows.

Adjust this function to check for the current thd being killed by only
every 256 rows, so as not to destroy any CPU pipelining or similar.
Raghunandan Bhat
MDEV-38971: ASAN/UBSAN errors, assertion `is_valid_value_slow()` failure upon combination temporal functions and `ZERO_DATE_TIME_CAST`

Problem:
  The following functions-
  - `Item_func_last_day::get_date`
  - `Item_date_typecast::get_date`
  - `Item_datetime_typecast::get_date` forwarded the TIME_INTERVAL_DAY /
  TIME_INTERVAL_hhmmssff flags, set by an enclosing EXTRACT, into the
  DATE/DATETIME conversion of their argument.This made, for ex:
  LAST_DAY(200012010000) and CAST(200012010000 AS DATETIME) parse number
  as TIME interval instead of a DATETIME. Under ZERO_DATE_TIME_CAST
  that hour became an out-of-range month, overflowing days_in_month in
  `check_date` and invalidating the Datetime.

Fix:
  A DATE / DATETIME can never be an interval, so suppress the
  TIME_INTERVAL_hhmmssff / TIME_INTERVAL_DAY flags when `LAST_DAY` and
  `CAST` converts its argument. Also add a debug assert in `check_date`
  to catch any future caller that violates its "month is assumed valid"
  contract.
Thirunarayanan Balathandayuthapani
MDEV-39707 Assertion `lsn != 0' failed in log_write_up_to

Problem:
========
innodb_make_page_dirty(): Unconditionally calls log_write_up_to()
with mtr.commit_lsn() after committing the mini-transaction.
When the mtr produced no redo records when the targeted page
is full of zeroes.

Solution:
========
innodb_make_page_dirty(): Skip log_write_up_to() when
commit_lsn() is zero.
Fariha Shaikh
MDEV-39928 Fix GitLab CI centos9 job failure

The centos9 job uses yum-builddep -y mariadb-server to install build
dependencies, but the mariadb-server source package has been removed
from CentOS Stream 9 repositories. Replace with explicit installation of
the required build dependencies.

All new code of the whole pull request, including one or several files
that are either new files or modified ones, are contributed under the
BSD-new license. I am contributing on behalf of my employer Amazon Web
Services, Inc.
Dave Gosselin
MDEV-39952:  Skip tests that need mariabackup

Skips tests that require mariabackup if mariabackup was not
built (WITH_MARIABACKUP=OFF).

Backport of the same MTR change from 12.3 but applied to
additional tests.
Daniel Black
MDEV-39585: Support SHUTDOWN command on Windows in bootstrap

Don't perform mysqld_win_initiate_shutdown under --bootstrap when
triggered by SHUTDOWN. With this we don't perform any service
interactions.

Then the shutdown can proceeded without then hard process termination
in mysqld_win_initiate_shutdown. This previously occurred because the
handle_connections_win() was never called in --bootstrap and therefore
startup_complete() was false.

Thanks Vladislav Vaintroub for investigation and providing
implementation guidance.
Dave Gosselin
MDEV-38158:  Incorrect query result

When setup_copy_fields() needs to copy a non-aggregate function value,
it doesn't construct an Item_copy directly.  Instead, it calls
Type_handler::create_item_copy, which is a kind of factory.  The base
Type_handler::create_item_copy returns Item_copy_string.  Some type
handlers override it, like timestamp and fixed binary.  However, the
numeric type handlers (e.g., float, double, int, decimal) did not, so
they fell through to that base and got Item_copy_string.

A SELECT that aggregates will copy each non aggregate function value
into a temporary table through an Item_copy object, whose concrete
type is chosen by the create_item_copy method on the value's type
handler.  For numeric types that method returned Item_copy_string,
which stores the value as text.  A FLOAT keeps only FLT_DIG
significant digits as text, too few to reproduce its 24 bit mantissa,
so the copied value differed from the original.  With one row per
group, CAST(c1 AS FLOAT) - MIN(CAST(c1 AS FLOAT)) returned a large
number instead of zero.

Add Item_copy_real with Item_copy_float and Item_copy_double variants
that keep the value as a double, the same way Item_cache_real does, and
let the float and double type handlers create them.  This mirrors the
existing copy items for timestamp and fixed binary types.
Fariha Shaikh
MDEV-39931 Fix main.socket_conflict failure when running as root

The test directly executes $MYSQLD via --exec, bypassing MTR's automatic
--user=root injection. In GitLab CI containers where tests run as root,
mariadbd refuses to start and the test fails.

Skip the test when running as root, matching the existing approach used
by the related main.bad_startup_options test.

All new code of the whole pull request, including one or several files
that are either new files or modified ones, are contributed under the
BSD-new license. I am contributing on behalf of my employer Amazon Web
Services, Inc.
Raghunandan Bhat
MDEV-39450: Memory corruption: overlapping memory ranges in `Field_longstr::compress` on UPDATE of compressed column

Problem:
  Values shorter than `column_compression_threshold` (default 100) are
  stored uncompressed. Reading such a column returns a pointer into that
  buffer rather than a copy.

  When the new value is a substring of the column that aliases this
  buffer at a non-zero offset, e.g. `RIGHT(c,n)` or `SUBSTRING(c,n)`,
  the source and destination overlap, and the `memcpy()` in the "store
  uncompressed" path copies overlapping regions, which is undefined
  behaviour.

Fix:
  Replace `memcpy` with `memmove` to avoid copying between overlapping
  memory regions.
Daniel Black
MDEV-39585 mariadb bootstrap fails to perform plugin deinitalization

mariadbd under --bootstrap failed to preform plugin deinitialization.

The sleep(2);exit is removed and replaced to a goto termination label
to perform the same shutdown procedure of the server after all the
connection closing.

To prevent a compile error about char *user being uninitialized
this sql_print_information(ER_DEFAULT(ER_NORMAL_SHUTDOWN)) is moved to
its own block. The memory free did need to occur in the bootstrap mode
too to avoid memory leak errors.

wait_for_signal_thread_to_end(), was previously in close_connections()
however its required too for --bootstrap.
Jan Lindström
MDEV-40056 : Analyze Galera Dynamic Variables Susceptible to RCEs

Fix potential issue with wsrep_node_address by allowing
only correctly constructed address.
Vladislav Vaintroub
MDEV-38369 improve heap allocation performance on Windows with segmentHeap

Use modern segmentHeap heap manager on Windows.

The problem it is solving is severily reduced scalability on concurrent
OLTP benchmarks, due to inherent scalability problems in default NT Heap
implementation.

The benchmarks (see the corresponding ticket) show improvements across
the board, with about 5-10% on low concurrency up to several orders of
magnitude on high concurrency.

Also addressed Gemini and Copilot concerns about correct namespace in
the app manifest XML file - make it the same as in Microsoft examples.
Vladislav Vaintroub
MDEV-40001 my_sync() does not use NtFlushBuffersFileEx()

Copy the logic from Innodb. Use a fallback to FlushFileBuffers(), if
NtFlushBuffersFileEx() fails.

my_winfile.c is renamed to my_winfile.cc, since it is using a C++ feature,
initialization of global variable using non-constant expression.
Exported functions remain extern "C"
PranavKTiwari
MDEV-38988: Assertion failure in Protocol::end_statement or lack of warning upon query with INTERSECT and LIMIT ROWS EXAMINED

Problem:
LIMIT ROWS EXAMINED sets ABORT_QUERY, but in set operations (EXCEPT ALL / INTERSECT) this was incorrectly treated as a fatal saved_error, causing early exit from exec_inner(). This skipped fake_select and left Diagnostics_area uninitialized, leading to Protocol::end_statement() assertion failure.

Cause:
saved_error triggered goto err without considering that ABORT_QUERY is a recoverable stop condition intended to return partial results with a warning.

Fix:
Treat ABORT_QUERY as non-fatal in set-operation execution, allowing normal completion path (fake_select, DA finalization, protocol end) to run and return partial results correctly.
Abdelrahman Hedia
MDEV-24931: Fix Bitmap<64>::is_prefix assertion with >64-column NATURAL JOIN on derived table

When a NATURAL JOIN operates on a derived table (or view with
derived_merge=off) having more than 64 columns, the optimizer's
generate_derived_keys_for_table() would:

1) Overflow a 32-bit shift: (key_part_map)(1 << parts) when parts >= 32
2) Create a derived key with more parts than Bitmap<64>/key_part_map can hold
3) Crash on DBUG_ASSERT(prefix_size <= width) in Bitmap<64>::is_prefix(65)

Fix: cap the number of hash-join KEYUSE entries for a materialized derived
table at the handler's max_key_parts(). Excess columns are excluded from the
key, so generate_derived_keys_for_table() never builds a key with more parts
than key_part_map (64 bits) or Bitmap<64> can represent. Also fix the shift
to cast before shifting: (key_part_map) 1 << parts.
Daniel Black
MDEV-39829/MDEV-33532 s3.debug test failure

MDEV-39516 corrected the interface with curl particularly around
passing options.

After this the s3.debug actually enabled curl debugging like is
was meant to. With this enabled, there are addition s3_test_ pattens
in the result file, from the error log where curl correctly provide
debug message.

ps-protocol test also failed under MDEV-33532 where a differnet
number of entries was recored.

Correct variations by using the $database/$table rather than just the
s3_test_ pattern.

As the purpose of this test is to check if s3_debug is dynamic, the
second part of the test searches for a previously, under s3_debug=1,
table t2 interaction, where the results should be NOT_FOUND.

Remove count from the result file to allow for different curl versions
and the possibiliy of being run under ps-protocol.
Rucha Deodhar
MDEV-36764: Unexpected collation when using json_table

Analysis:
The collation is hard coded.

Fix:
The table initially had system character set hardcoded. However,
a table field should derive character set and collation from
table and table should derive it from database. Hence made
necessary change to reflect that.
Kristian Nielsen
Fix inconsistent terminology

Signed-off-by: Kristian Nielsen <[email protected]>
forkfun
MDEV-35630 Wrong ER_FK_COLUMN_CANNOT_CHANGE with a STORED column before the FK column

prepare_inplace_alter_table() maps a field position to an InnoDB
cols[] position by skipping columns absent from that array. It used
Field::vcol_info, which is also set for STORED generated columns, so
such a column shifted the mapping by one and the FK-membership check
examined the wrong column, raising a false ER_FK_COLUMN_CANNOT_CHANGE.

Skip only truly virtual columns: use !stored_in_db() instead of
vcol_info.
Oleg Smirnov
MDEV-36344: UBSAN Lifo_buffer::have_space_for change

Adjust Lifo_buffer::have_space_for to not lead itself to UBSAN
overflows.
Thirunarayanan Balathandayuthapani
MDEV-39706  Assertion `!thd || !coordinator_thd' failed

Problem:
========
  - This assert was introduced in commit
0152c617e80ccf3f33d3ea4b50c17d5f588613b1 (MDEV-39261), which sets
coordinator_thd in clone_oldest_view() and resets it to nullptr in
batch_cleanup() at the end of the batch.
When innodb_trx_purge_view_update_only_debug is enabled, InnoDB fail
to reset coordinator_thd. As a result, InnoDB fails with assert in
next batch

Solution:
========
trx_purge(): Reset coordinator_thd to nullptr when
innodb_trx_purge_view_update_only_debug is enabled.
Daniel Black
MDEV-37615: Clang based static analysis false postive reports on UNINIT_VAR

Clang upstream bug https://github.com/llvm/llvm-project/issues/173210
shows that a "int x=x" construct will in the intermediate representation
have code to read from x. With this generated sanitizer=undefined and
static analyzers will all see the uninitialized read and write.

Because clang has a stronger implementation of following paths to
uninitialized variables, "#define UNINIT_VAR(x) x" is the which
is what our release binaries use is the ideal path for this compiler.

Clang based compilers with error during compilation if any
uninitialized behaviour is detected at compile time because of
0c80ddb519bd06efbd7ccf2a2487b2503cd16db5.

Corrects MDEV-36542 - 6fd57f478f585249bdca242b1576ac0a7bd7aacf.
Daniel Black
spelling correction: support-files/wsrep.cnf.sh

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
Rucha Deodhar
MDEV-32726: Fix failing test for freebsd for json

(10.6 backport)

Json test about max statement time fails with freebsd because on some
architectures the test might execute faster and the statement may not fail.

To simulate failure regardless of architecture, introduce a wait of seconds
longer than the max_statement_time.
Daniel Black
MDEV-28404 JSON functions don't respect KILL QUERY

Or max_statement_time limit or MAX_DEPTH.

Correct interuptability and depth checking of:
* JSON_CONTAINS
* JSON_CONTAINS_PATH
* JSON_EXISTS
* JSON_EXTRACT
* JSON_KEYS
* ST_GeomFromGeoJSON

Populate in the json library the killed as a specific
error message. As the json library has a killed_ptr
is approprate it handles it.

As json_report_error now processes the killed there's
no need of thd->check_killed().

Verified that the path after every json_scan_next, the
location of checking the killed_ptr, reports errors
correctly.
Daniel Black
MDEV-30518: JSON functions cannot be killed on big-endian (backport)

Backport to 10.6 without JSON_OVERLAPS

The json_engine killed_ptr was of type uchar however the enum
in the server is dependant on the architecture. On big-endian
architectures like IBM Z, retreiving a uchar* retreived the
unmodifed part of the THD->kill enum location and was always 0.

As C++11 allows enums to inherit a type, used uint32_t as the base
class of killed_state type in the server and used uint32_t in the
json library.

reload_acl_and_cache required an expression change to avoid
the compile error:
sql/sql_reload.cc:472:24: error: enumerated and non-enumerated
type in conditional expression [-Werror=enum-conversion]
  472 |  return result || (thd ? thd->killed : 0);

Added the kill_ptr assignment the following functions can be
killed:
* Item_func_json_depth::val_int
* Item_func_json_type::val_str
* Item_func_json_length::val_int

Item_func_json_array_append::val_str, check_killed() only applied
to json_error: label and not return_null.

Item_func_json_format::val_str(), corresponding to the SQL,
json_compact, json_detailed, json_loose - add debug instrumentation
for the func_json_notembedded test.

MDEV-26726 (fcd345de485f) added a json_pause_execution sync point
however the test case used debug_max_statement_time, which doesn't
exist. Fix the sync point name in the test.
Oleksandr Byelkin
Merge branch '10.6' into 10.11
Daniel Black
MDEV-36344: UBSAN DsMrr_impl::dsmrr_init on null ptr

Under SQL_SELECT::test_quick_select there isn't
a mrr buffer. The TRP_RANGE.mrr_buf_size is explictly
sets its size to 0 in get_best_index_intersect.

Rather than hit undefined behaviour in what
eventually results in full_buf being nullptr,
jump the case and go directly to use_default_impl.