Home - Waterfall Grid T-Grid Console Builders Recent Builds Buildslaves Changesources - JSON API - About

Console View


Categories: connectors experimental galera main
Legend:   Passed Failed Warnings Failed Again Running Exception Offline No data

connectors experimental galera main
Rucha Deodhar
MDEV-39213: json range syntax crash

Analysis:
When json is being parsed, the step decreases without a out-of-bound check
resulting in failure.
Fix:
Before decreasing the step, check if it will result into out of bound.
bsrikanth-mariadb
MDEV-39405: store all the plugin-engines optimizer costs

store all the plugin-engines optimizer costs into the context, so that
the replay server uses the same engine costs while computing the query cost
Georgi (Joro) Kodinov
MDEV-39456: Describe the external contributions process in more details

Added a new .md document describing the community contribution process.
Added a reference to it from the CONTRIBUTING.md.
Rucha Deodhar
MDEV-39127: UBSAN : downcast of address X which does not point to an object
of type 'multi_update' in sql/sql_update.cc
| Sql_cmd_update::update_single_table

Analysis:
the 'result' object was being incorrectly used which maybe of the type
multi_update.This caused UBSAN error due to an invalid downcast in
Sql_cmd_update::update_single_table().

Fix:
Introduce a dedicated returning_result object for handling RETURNING output
instead of reusing result. This ensures the correct result handler is used
and avoids unsafe casts.
Sergei Golubchik
MDEV-39478 COM_STMT_EXECUTE incorrectly checks for parameter value length

* remove redundant checks for `len` in `get_param_length()`
* validate return value `length` in `get_param_length()`
* fix all `Item_param::set_param_XXX()` methods to never read past `len`

note that all `Item_param::set_param_XXX()` methods correctly handle
zero-length values.
Aquila Macedo
MDEV-39479 Mroonga: avoid hang on invalid index flags

Stop parsing index flags after reporting an invalid flag in
mrn_parse_grn_index_column_flags().

Otherwise, an invalid index comment such as flags "COMPRESS_ZSTD" can
make CREATE TABLE loop forever while emitting warnings. Add a regression
test for this case and check that the invalid flag is reported once and
the default index flags are used.
Sergei Golubchik
MDEV-39292 set architecture before it's used

followup for 29453945ba22
Sergei Golubchik
MDEV-34570 mariabackup prepare fails with data-at-rest encryption and "-u root" option

rewrite mariadb-backup "early" option parsing to use my_getopt

+ proper handling of values separated from the option by a space (not =)
+ case insensitive and -/_ insensitive comparison
- multiple --defaults-group don't work
- multiple --login-path don't work
- --incremental-dir overwrites --target-dir, not "whatever comes first"
Rucha Deodhar
MDEV-39449: Memory corruption (heap-buffer-overflow) in uint4korr and
Gcalc_function::count_internal, apparent partial stack looping in
Gcalc_function::count_internal and Assertion `(0)' failed in
Item_func_spatial_precise_rel::val_bool

Analysis:
ST_COVEREDBY() was linked with Item_func_spatial_precise_rel with
SP_COVEREDBY_FUNC, but the case was missing in val_bool() method.
This resulted in fall through switch leading to an assert/ASAN failure during

Fix:
Added the missing case and implemented it similar to WITHIN
(with MBR precheck + buffer). This fixes the crash and makes
ST_COVEREDBY() behave correctly.
bsrikanth-mariadb
MDEV-39430: Store non-default system variables

Store non-default system variables into the context.
Additionally, store user variables too.
Oleksandr Byelkin
Merge branch '10.6' into 10.11
Yuchen Pei
MDEV-39361 Assign Name resolution context in subst_vcol_if_compatible to the new vcol Item_field

The pushdown from HAVING into WHERE optimization cleans up and refixes
every condition to be pushed.

The virtual column (vcol) index substitution optimization replaces
vcol expressions in GROUP BY (and WHERE and ORDER BY) with vcol
fields.

The refixing requires the correct name resolution context to find the
vcol fields.

The commit 0316c6e4f21dee02f5adfbe5c62471ee75ca20bb assigns context
from the select_lex that the GROUP BY belongs to, but that may not
work when there are derived table subqueries.

In this commit we assign the correct context during substitution for
the newly constructed vcol Item_field in the substitution.

Alternative considered:

1. Assign the context when constructing vcol_info, in
unpack_vcol_info_from_frm. This does not work because the
current_context() in parsing is not the correct context, not to
mention that unpack_vcol_info_from_frm is not always called from a
SELECT statement.

2. Get the correct context for vcol_info after its construction and
before the substitution. Debugger with watch -a vcol_info shows that
there are no common functions accessing vcol_info before the
substitution.

3. Cache the name resolution context value to a new vcol_info->context
field and assign value to it in an Item_field constructor as well as
during substitution. The problem with this is that
vcol_info->context->select_lex may be cleared at the end of the one
SELECT statement, which can cause crash in the next SELECT. It looks
like vcol_info is meant for "static"/ddl information, not
statement-specific info, so it is the wrong place to cache the
context.
Raghunandan Bhat
MDEV-36964: Infinite loop in `cmp_row_type`, SIGABRT in `Type_handler_composite::Item_update_null_value`

Problem:
  When hybrid function `COALESCE` is used with- a `ROW` type or a stored
  routine returning a `ROW` type, server fails to report error generated
  during `Item_hybrid_func::fix_attributes`. This leads to-
  - Infinite loop in `cmp_row_type` in the later stage, when aggregating
    type handler for hybrid field type.
  - SIGABRT in `Type_handler_composite::Item_update_null_value`, when
    fixing `Item_row`.

Fix:
  Propogate error generated by `Item_hybrid_func::fix_attributes` during
  hybrid function's fix fields time and report error early.
Sergei Golubchik
MDEV-39481 ASAN error on malformed WKB polygon
Daniel Black
MDEV-30953: Add MariaDB-server-galera (RPM) fix

In the build directory the galera sst scripts where
without executable permissions.

This is as a result of [1]. In this patch removing
WSREP_SST_SCRIPTS out of SERVER_SCRIPTS resulting
in the missing from BIN_SCRIPTS which all had an
explicit chmod executed on the script.

Corrected by explictly changing the permission on
the script as would have been done previously.

Thanks Marko Mäkelä for reporting.

[1] efb70285b908be57cc50934a6c8f994773d7583
Mohammad Tafzeel Shams
MDEV-37467: InnoDB Instant ALTER TABLE is not crash safe

Instant ALTER TABLE metadata record includes externally stored
BLOB metadata. The existing BLOB storage path in
btr_store_big_rec_extern_fields() does notperform record insertion,
BLOB write, and field reference update atomically. A crash in between
these steps can leave metadata records in an inconsistent state.

Make metadata BLOB storage atomic by writing all BLOB pages using
the same mini-transaction as the metadata record.

The BLOBs are fully written before the mtr commits, ensuring
that either the complete metadata record, including BLOBs is visible,
or none.

- btr_store_big_rec_extern_metadata_record():
  New helper to store metadata BLOBs using the caller’s mtr. It
  allocates and links BLOB pages and updates field references
  without committing the mtr.

- btr_store_big_rec_extern_fields():
  Detect metadata records via rec_is_metadata() and dispatch to
  the new metadata-specific storage path.

- row_ins_index_entry_big_rec_regular():
  Renamed from row_ins_index_entry_big_rec() to clarify it handles
  non-metadata (regular) records.

- row_ins_index_entry_big_rec_metadata():
  New function to write metadata BLOBs immediately after inserting
  the clustered record, using the same active mtr.

- row_ins_clust_index_entry_low():
  For metadata records, store BLOBs before mtr.commit(). Regular
  records retain the existing post-commit BLOB handling.
Rucha Deodhar
MDEV-39179: Incorrect NULL handling in UPDATE ... RETURNING result

Analysis:
OLD_VALUE() swapped only field->ptr, leaving null_ptr pointing to the
current record. This caused incorrect NULL results.

Fix:
Store null_ptr_old for record[1] and swap it together with ptr to
preserve correct NULL semantics.
Rucha Deodhar
MDEV-5092: Implement UPDATE with result set (UPDATE ... RETURNING)

The patch introduces the OLD_VALUE() expression to reference the value
of a column before it was updated. The parser is extended to support
RETURNING and OLD_VALUE(), and RETURNING expressions are stored in a
separate returning_list in SELECT_LEX with independent wildcard tracking.
RETURNING is rejected for multi-table UPDATE.

During setup of RETURNING fields, THD::is_setting_returning is used
when resolving fields, particularly for updates through views.
When resolving view fields, Item_direct_view_ref may point to the
view's item_list, losing the information about whether the value
should be old or new. The original item in returning_list still
contains the correct is_old_value_reference flag, which is copied
back to the resolved item.

OLD_VALUE() is implemented by extending Item_field with a new
Item_old_field class. Item_field::set_field() initializes
Field::ptr_old to the corresponding location in record[1],
which stores the old row during UPDATE execution.

When sending result rows, Item_old_field::send() temporarily switches
the field pointer from record[0] (current row) to ptr_old so
OLD_VALUE() returns the value before the update.

The UPDATE execution path is modified to send a result set when
RETURNING is present instead of an OK packet.
Sergei Golubchik
MDEV-39478 COM_STMT_EXECUTE incorrectly checks for parameter value length

* remove redundant checks for `len` in `get_param_length()`
* validate return value `length` in `get_param_length()`
* fix all `Item_param::set_param_XXX()` methods to never read past `len`

note that all `Item_param::set_param_XXX()` methods correctly handle
zero-length values.
Sergei Golubchik
MDEV-39481 ASAN error on malformed WKB polygon
Vladislav Vaintroub
MDEV-39466 fix off-by-one stack buffer overflow in PROXY v1 header parsing

Make sure null terminator byte that is added at the end of header
is within boundaries of 'hdr' array.

This patch is based on https://github.com/MariaDB/server/pull/4881
by Uwez Khan
Georgi (Joro) Kodinov
MDEV-39456: Describe the external contributions process in more details

Added a new .md document describing the community contribution process.
Added a reference to it from the CONTRIBUTING.md.
Rucha Deodhar
MDEV-39212: JSON_MERGE_PATCH depth crash

Analysis:
The crash happens because we run out of stack space

Fix:
Add a stack overflow check.
Hemant Dangi
MDEV-39006: Galera test failure on galera_3nodes.galera_garbd_backup

Issue:
sst_disable_innodb_writes() promises no writes to persistent files
between Galera donor state and SST release, and most engine subsystems
already honour that (purge, dict_stats, encryption thread count, FTS
optimizer in fts0opt.cc:2844). The page cleaner did not:
buf_flush_page_cleaner()'s set_almost_idle: block ran
buf_dblwr.flush_buffered_writes() and log_checkpoint() unconditionally
on every wake-up. With LSN advanced past last_checkpoint_lsn (via any
prior background mtr - the most common one being a wsrep applier
writeset), log_checkpoint_low() then appended a fresh FILE_CHECKPOINT
record to ib_logfile0 mid-SST, breaking
galera_3nodes.galera_garbd_backup with a --diff_files mismatch.

Solution:
Add a wsrep_sst_disable_writes gate around those two writes, mirroring
the FTS pattern. In non-WSREP builds the flag is a constexpr false and
the check compiles away. This closes the page-cleaner leak; other
writers (wsrep apply paths, in-flight encryption rotation, ib_buffer_pool
dump) are separate concerns and out of scope.

Also assert !recv_no_log_write after log_write_up_to() in
log_checkpoint_low() so debug builds catch any future write path that
slips through.
Vladislav Vaintroub
MDEV-39466 fix off-by-one stack buffer overflow in PROXY v1 header parsing

Make sure null terminator byte that is added at the end of header
is within boundaries of 'hdr' array.

This patch is based on https://github.com/MariaDB/server/pull/4881
by Uwez Khan
Sergei Golubchik
MDEV-34570 mariabackup prepare fails with data-at-rest encryption and "-u root" option

rewrite mariadb-backup "early" option parsing to use my_getopt

+ proper handling of values separated from the option by a space (not =)
+ case insensitive and -/_ insensitive comparison
- multiple --defaults-group don't work
- multiple --login-path don't work
- --incremental-dir overwrites --target-dir, not "whatever comes first"
Sergei Golubchik
MDEV-39481 ASAN error on malformed WKB polygon
Hemant Dangi
MDEV-39006 Gate InnoDB page cleaner writes during Galera SST donor state

Issue:
sst_disable_innodb_writes() promises no writes to persistent files
between Galera donor state and SST release, and most engine subsystems
already honour that (purge, dict_stats, encryption thread count, FTS
optimizer in fts0opt.cc:2844). The page cleaner did not:
buf_flush_page_cleaner()'s set_almost_idle: block ran
buf_dblwr.flush_buffered_writes() and log_checkpoint() unconditionally
on every wake-up. With LSN advanced past last_checkpoint_lsn (via any
prior background mtr - the most common one being a wsrep applier
writeset), log_checkpoint_low() then appended a fresh FILE_CHECKPOINT
record to ib_logfile0 mid-SST, breaking
galera_3nodes.galera_garbd_backup with a --diff_files mismatch.

Solution:
Add a wsrep_sst_disable_writes gate around those two writes, mirroring
the FTS pattern. In non-WSREP builds the flag is a constexpr false and
the check compiles away. This closes the page-cleaner leak; other
writers (wsrep apply paths, in-flight encryption rotation, ib_buffer_pool
dump) are separate concerns and out of scope.

Also assert !recv_no_log_write after log_write_up_to() in
log_checkpoint_low() so debug builds catch any future write path that
slips through.
Dave Gosselin
MDEV-23278: Incorrect Calculation with AVG() Function

Type_handler_int_result::Item_decimal_precision assumes that
max_length includes space for a sign, but Item_int literals don't
include such a space.  When aggregate_attributes_int propagates these
into functions via a Item_type_holder, the formula computes
precision-1 (or 0 for 1-digit cases), producing the incorrect
calculation with AVG.

This fix changes aggregate_attributes_int to follow the convention the
Type_handler expects, that max_length = max digit-count + (signed ? 1
: 0).  This matches the TODO comment that begins with "TODO: rewrite
aggregate_attributes_int()... " which suggested this idea.
Raghunandan Bhat
MDEV-38864: Use mmap for MEMORY engine allocations

MEMORY engine's data and indexes blocks are allocated using `my_malloc`.
This created internal fragmentation within the system allocator, causing
gradual memory growth and leading to OOM server crash.

This patch introduces memory mapping for MEMORY engine's allocations.
- Implements `my_vmalloc` and `my_vmrelease` functions.
- These functions wrap `my_virtual_mem_alloc` & `my_virtual_mem_release`
  to provide error handling, interface with Performance Schema(PSI) and
  global memory accounting.
Oleksandr Byelkin
new CC 3.3
Hemant Dangi
MDEV-39006: Galera test failure on galera_3nodes.galera_garbd_backup

Issue:
sst_disable_innodb_writes() promises no writes to persistent files
between Galera donor state and SST release, and most engine subsystems
already honour that (purge, dict_stats, encryption thread count, FTS
optimizer in fts0opt.cc:2844). The page cleaner did not:
buf_flush_page_cleaner()'s set_almost_idle: block ran
buf_dblwr.flush_buffered_writes() and log_checkpoint() unconditionally
on every wake-up. With LSN advanced past last_checkpoint_lsn (via any
prior background mtr - the most common one being a wsrep applier
writeset), log_checkpoint_low() then appended a fresh FILE_CHECKPOINT
record to ib_logfile0 mid-SST, breaking
galera_3nodes.galera_garbd_backup with a --diff_files mismatch.

Solution:
Add a wsrep_sst_disable_writes gate around those two writes, mirroring
the FTS pattern. In non-WSREP builds the flag is a constexpr false and
the check compiles away. This closes the page-cleaner leak; other
writers (wsrep apply paths, in-flight encryption rotation, ib_buffer_pool
dump) are separate concerns and out of scope.

Also assert !recv_no_log_write after log_write_up_to() in
log_checkpoint_low() so debug builds catch any future write path that
slips through.
Alexey Botchkov
MDEV-39124 XMLTYPE: allow only well-formed XML.

Necessary checks added to the XMLTYPE.
Lawrin Novitsky
Increased cmake min required version to enable build with newest cmake's

Also, fixed UBSAN issue caused by including mysql header inside the
namespace and using pointer to destroyer functions in the smart
pointers. Tha was in ConnectProtocol and TextRowProtocol classes with
MYSQL and MYSQL_RES handles, respectively. Removed unique_ptr use
completely as it's pretty safe and easy to destroy them in the the
respective class destructor.
Added check and exception throw if MYSQL handle could not be allocated -
taht was missing.
Aquila Macedo
MDEV-39290 mytop use invoking login as default user on Unix

On non-Windows systems, use the invoking user's login name as the
default MariaDB username instead of hardcoding root.

Resolve the username from getpwuid($<), falling back to LOGNAME, USER,
and finally root. Keep the existing root default on Windows.

This makes mytop behave more like the mysql and mariadb clients and
avoids confusing authentication failures on systems where local socket
access is configured for the OS user rather than root.

Also update the connection error text and POD to describe the actual
default behavior.
Sergei Golubchik
MDEV-39478 COM_STMT_EXECUTE incorrectly checks for parameter value length

* remove redundant checks for `len` in `get_param_length()`
* validate return value `length` in `get_param_length()`
* fix all `Item_param::set_param_XXX()` methods to never read past `len`

note that all `Item_param::set_param_XXX()` methods correctly handle
zero-length values.
Sergei Golubchik
MDEV-36345 Memleak on shutdown in acl_load_mutex test

disable main.show_all_plugins if ASAN and RocksDB.

RocksDB has STB_GNU_UNIQUE symbols, so won't be unloaded on dlclose().
Presumably some destructors aren't called, and LSAN doesn't like it.
Rucha Deodhar
MDEV-39119: Improve error handling when using OLD_VALUE as alias name

Analysis:
Since OLD_VALUE_SYM was part of reserved keywords, it did not allow
old_value in the alias.
Fix:
Change OLD_VALUE_SYM from reserved keyword to keyword_sp_var_and_label.