Home - Waterfall Grid T-Grid Console Builders Recent Builds Buildslaves Changesources - JSON API - About

Console View


Categories: connectors experimental galera main
Legend:   Passed Failed Warnings Failed Again Running Exception Offline No data

connectors experimental galera main
forkfun
MDEV-40308-followup mariadb-dump --system emits invalid SQL

Escape single quotes in SONAME (plugins, UDFs) and in
CREATE SERVER option values via unescape(). Also emit the
DATABASE/USER option keywords instead of the Db/Username
column names, and dump aggregate UDFs as CREATE AGGREGATE
FUNCTION (type column was tested wrong). Add check_io().
bsrikanth-mariadb
MDEV-40006: prepared stmt execution crash when names is set to utf8m4

Param Item objects return nullptr when cloned.
However this cloned object was accessed inside
Item_func_in::varchar_upper_cmp_transformer() causing a crash.

Solution is to add a null check, before accessing the cloned object.
Rucha Deodhar
MDEV-40125: OLD_VALUE crashes on a view with an expression

Analysis:

When OLD_VALUE() is used on a view, field resolution creates an
Item_direct_view_ref instead of an Item_ref where real_item() points to the
expression. But Item_old_field::fix_fields() continues assuming that a Field
object was available, but view references do not have a field pointer,
which resulted in a crash.

Fix:
Store the real referenced item in Item_old_field::expr and use it when
the OLD_VALUE() reference does not have a Field object. This allows
OLD_VALUE() to work with view fields and avoids dereferencing a NULL
field pointer. Fix relevant methods accordingly.
bsrikanth-mariadb
MDEV-39916: Crash with having filter when being pushed down

When Item_func_not::fix_fields() is invoked, there are several instances where
ref argument being passed is NULL. One such instance is from the method
st_select_lex::pushdown_from_having_into_where().

Since a null ref is being accessed, a crash occurs.

This PR fixes the problem by not passing null to
Item_func_not::fix_fields() when caling it from
st_select_lex::pushdown_from_having_into_where()
bsrikanth-mariadb
MDEV-39916: Crash with having filter when being pushed down

When Item_func_not::fix_fields() is invoked, there are several instances where
ref argument being passed is NULL. One such instance is from the method
st_select_lex::pushdown_from_having_into_where().

Since a null ref is being accessed, a crash occurs.

This PR fixes the problem by not passing null to
Item_func_not::fix_fields() when caling it from
st_select_lex::pushdown_from_having_into_where()
Kristian Nielsen
MDEV-34135: Parallel replication hangs on corrupt binlog with partial event group

If relay log corruption caused an incomplete event group to appear (ie. a
new GTID before the prior event group is complete), this could cause
parallel replication to hang hard. The problem was that the worker thread
handling the incomplete event group would never get a COMMIT event, and thus
never signal the following GCO to start.

Fix by detecting in the SQL driver thread an incomplete event group, and
stopping the slave with an error in this case. The user can then investigate
the problem and recover the corruption as appropriate (eg.
--relay-log-recovery for example).

Giving an error here, rather than rolling back the incomplete transaction,
seems appropriate and safest here, to avoid silent data loss. If the relay
log is corrupted somehow (eg. lost events due to crash for example), we
cannot know that merely rolling back will be a correct fix, it might easily
cause lost transactions for example.

Fix a few bugs/inconsistencies in the rli->is_in_group() so that it can be
used to detect an incomplete event group: Make sure a standalone GTID is
also recognised as an event group, and terminate an incomplete event group
due to master crash or INCIDENT event.

Remove an incorrect assertion in write_ignored_events_info_to_relay_log().
This assertion in the slave IO thread was checking the is_in_group() state,
but that is completely invalid as is_in_group() is the state of the SQL
thread, not the IO thread.

Fix a few incorrect my_error(..., MYF(MY_WME), ...) calls.

Add a test case that simulates the original bug report where this occurred
in a production environment.

Adjust the test case rpl.rpl_parallel_deadlock_corrupt_binlog since
incomplete event group in the relay log now causes an error, not silent
rollback.

Signed-off-by: Kristian Nielsen <[email protected]>
Yuchen Pei
MDEV-31182 [wip] Make Field_geom::set_key_image do nothing
Vladislav Vaintroub
MDEV-39343 Restoring from a mysqldump from older version makes mysql_upgrade version test fail

Do not skip the whole upgrade when mysql_upgrade_info is up to date.
System tables can still be from an older version, e.g when a dump from
an older server was restored. Only checks of user tables are skipped.
Sergei Petrunia
Fix comment: remove mention of non-existent UNCACHEABLE_PREPARE
forkfun
MDEV-40308-followup mariadb-dump --system emits invalid SQL

Escape single quotes in SONAME (plugins, UDFs) and in
CREATE SERVER option values via unescape(). Also emit the
DATABASE/USER option keywords instead of the Db/Username
column names, and dump aggregate UDFs as CREATE AGGREGATE
FUNCTION (type column was tested wrong). Add check_io().
forkfun
MDEV-40311 -followup mariadb-dump doesn't always quote identifiers

Escape quotes in dumped values and quote object names; fix the
DATABASE/USER option keywords, aggregate-UDF dumping, the per-server
option separator, write-error checking and exit-code propagation.
Vladislav Vaintroub
MDEV-40323 CONNECT engine - add file access checks for JSON UDFs

Check FILE_ACL and secure_file_priv for the current user inside CONNECT
file UDFs (json_file, jfile_make, jbin_file, bson_file, bfile_make,
bbin_file).

Fix NULL filename: guard GetFileLength in jbin_file_init and check for
NULL fn in UDF bodies before the access check, so NULL arguments report
"Missing file name" instead of "Access denied".
Rucha Deodhar
MDEV-40125: OLD_VALUE crashes on a view with an expression

Analysis:

When OLD_VALUE() is used on a view, field resolution creates an
Item_direct_view_ref instead of an Item_field. Item_old_field::fix_fields()
continued assuming that a Field object was available, but view references
do not have a field pointer, which resulted in a crash.

Fix:
Store the real referenced item in Item_old_field::expr and use it when
the OLD_VALUE() reference does not have a Field object. This allows
OLD_VALUE() to work with view fields and avoids dereferencing a NULL
field pointer. Fix relevant methods accordingly.
Vladislav Vaintroub
MDEV-39343 Restoring from a mysqldump from older version makes mysql_upgrade version test fail

Do not skip the whole upgrade when mysql_upgrade_info is up to date.
System tables can still be from an older version, e.g when a dump from
an older server was restored. Only checks of user tables are skipped.
Rucha Deodhar
MDEV-40125: OLD_VALUE crashes on a view with an expression

Analysis:

When OLD_VALUE() is used on a view, field resolution creates an
Item_direct_view_ref instead of an Item_ref where real_item() points to the
expression. But Item_old_field::fix_fields() continues assuming that a Field
object was available, but view references do not have a field pointer,
which resulted in a crash.

Fix:
Store the real referenced item in Item_old_field::expr and use it when
the OLD_VALUE() reference does not have a Field object. This allows
OLD_VALUE() to work with view fields and avoids dereferencing a NULL
field pointer. Fix relevant methods accordingly.
Mohammad Tafzeel Shams
MDEV-39848 : MSAN use-of-uninitialized-value in
btr_sea::hash_table::lock_get()

Issue:

Race condition in adaptive hash index:
btr_sea::partition::insert() allocates a new ahi_node,
increments free_offset, and then releases blocks_mutex before
initializing the node's fields (fold, rec, next).
Meanwhile, cleanup_after_erase_start() could acquire the
mutex and retrieve the uninitialized "top" node via
last->frame + last->free_offset - sizeof(ahi_node), then
access top->fold, triggering an MSAN error.

Fix:

- btr_sea::partition::insert() :
Initialize ahi_node fields (fold, rec, next, and debug
block) while still holding blocks_mutex, before the
wr_unlock() call. This ensures the node is fully
initialized before any other thread can observe it via
cleanup_after_erase_start().
Vladislav Vaintroub
MDEV-39343 Restoring from a mysqldump from older version makes mysql_upgrade version test fail

Do not skip the whole upgrade when mysql_upgrade_info is up to date.
System tables can still be from an older version, e.g when a dump from
an older server was restored. Only checks of user tables are skipped.
Vladislav Vaintroub
MDEV-40323 CONNECT engine - add file access checks for JSON UDFs

Check FILE_ACL and secure_file_priv for the current user inside json UDFs
Sergei Golubchik
MDEV-40329 Binary_string::qs_append(char): Assertion `str_length + (uint32) (1) <= Alloced_length' failed in AsText

Geometry::as_wkt() didn't take into account bytes written into the
result string in the recusrive call of get_data_as_wkt().
Gis_geometry_collection::get_data_as_wkt() didn't reserve space at all.
Thus nested geometry collections could overflow the buffer.
Vladislav Vaintroub
MDEV-40323 CONNECT engine - add file access checks for JSON UDFs

Check FILE_ACL and secure_file_priv for the current user inside CONNECT
file UDFs (json_file, jfile_make, jbin_file, bson_file, bfile_make,
bbin_file).

Fix NULL filename: guard GetFileLength in jbin_file_init and check for
NULL fn in UDF bodies before the access check, so NULL arguments report
"Missing file name" instead of "Access denied".
Sergei Golubchik
MDEV-40328 ASAN error on malformed WKB multipolygon

before `data+= WKB_HEADER_SIZE` verify that there's enough data.

rewrite this line in Gis_multi_line_string::get_mbr to make clear
that it does not need this check.
bsrikanth-mariadb
MDEV-39916: Crash with having filter when being pushed down

When Item_func_not::fix_fields() is invoked, there are several instances where
ref argument being passed is NULL. One such instance is from the method
st_select_lex::pushdown_from_having_into_where().

Since a null ref is being accessed, a crash occurs.

This PR fixes the problem by not passing null to
Item_func_not::fix_fields() when caling it from
st_select_lex::pushdown_from_having_into_where()
Raghunandan Bhat
MDEV-40316: Infer: PULSE_RESOURCE_LEAK in connect

Problem:
  Infer found file descriptors left open on some error code paths in
  connect storage engine.

Fix:
  Close file descriptors on error before returning.
Georgi (Joro) Kodinov
Updated README.md to contain a more friendly version.
Thirunarayanan Balathandayuthapani
MDEV-39468 Mariabackup: redo log copier stalls and fails with misleading error message

Problem:
========
During backup process, log copier thread stalls at lsn and fails with
the misleading "Was only able to copy log from X to Y, not Z; try increasing
innodb_log_file_size", even when the redo was intact and the log far
from full.

Problem is that copier advances recv_sys.lsn only on CRC-validated mtr,
but it parses the redo at the server is concurrently writing. InnoDB
rewrites the current partial write block repeatedly as mini-transaction
fills it, so an mmap read (or) pread of a page being written can observe
a torn/intermediate image of the tail block. If that tail block happens
to parse as a longer, still valid crc valid mtr then recv_sys.lsn,
recv_sys.offset gets advanced wrongly and points to middle of the
mini-transaction. In that case, later parse return GOT_EOF always
and copier thread never reaches target and fails

Solution:
=========
Poll the server's durably-flushed LSN (status var Innodb_lsn_flushed) and
limit the redo log copier based on it.

backup_log_parse(): parses one mtr and if it exceeds the limit
rolls back recv_sys.lsn/offset and reports GOT_EOF; the copier
re-parses those bytes on a later pass once the fence has
advanced past them. Used on both the mmap and buffered paths.

log_copying_thread(): opens its own connection (it runs
concurrently with the main thread, which owns mysql_connection) and refreshes
the max_limit for parsing of redo log in each pass.

In the final backup phase (BACKUP STAGE BLOCK_COMMIT) it gates
on the exact target max(metadata_last_lsn, metadata_to_lsn).
so the last partial block is copied in full up to the target.

The stall diagnostic / retry spin is suppressed on a reached_parse_limit wait
so a normal "caught up, wait" is not misreported as drift.

get_log_flushed_lsn(): Added to get log_flushed_lsn from SHOW STATUS outout;
Vladislav Vaintroub
MDEV-40323 CONNECT engine - add file access checks for JSON UDFs

Check FILE_ACL and secure_file_priv for the current user inside json UDFs
Sergei Golubchik
win
Thirunarayanan Balathandayuthapani
MDEV-39648 Mariabackup: redo log copier stalls and fails with misleading error message

Problem:
========
During backup process, log copier thread stalls at lsn and fails with
the misleading "Was only able to copy log from X to Y, not Z; try increasing
innodb_log_file_size", even when the redo was intact and the log far
from full.

Problem is that copier advances recv_sys.lsn only on CRC-validated mtr,
but it parses the redo at the server is concurrently writing. InnoDB
rewrites the current partial write block repeatedly as mini-transaction
fills it, so an mmap read (or) pread of a page being written can observe
a torn/intermediate image of the tail block. If that tail block happens
to parse as a longer, still valid crc valid mtr then recv_sys.lsn,
recv_sys.offset gets advanced wrongly and points to middle of the
mini-transaction. In that case, later parse return GOT_EOF always
and copier thread never reaches target and fails

Solution:
=========
Poll the server's durably-flushed LSN (status var Innodb_lsn_flushed) and
limit the redo log copier based on it.

backup_log_parse(): parses one mtr and if it exceeds the limit
rolls back recv_sys.lsn/offset and reports GOT_EOF; the copier
re-parses those bytes on a later pass once the fence has
advanced past them. Used on both the mmap and buffered paths.

parse_limit_from_flushed(): Rounds the flushed LSN down to a write-block
boundary, excluding the tail block InnoDB may still be rewriting

log_copying_thread(): opens its own connection (it runs
concurrently with the main thread, which owns mysql_connection) and refreshes
the max_limit for parsing of redo log in each pass.

In the final backup phase (BACKUP STAGE BLOCK_COMMIT) it gates
on the exact target max(metadata_last_lsn, metadata_to_lsn) with no
block-align, so the last partial block is copied in full up to the target.

The stall diagnostic / retry spin is suppressed on a reached_parse_limit wait
so a normal "caught up, wait" is not misreported as drift.

get_log_flushed_lsn(): Added to get log_flushed_lsn from SHOW STATUS outout;
bsrikanth-mariadb
MDEV-40006: Prepared Statement Crash in varchar_upper_cmp_transformer() for '?'

Item_func_in::varchar_upper_cmp_transformer() clones Item_func_in
and its arguments and doesn't check if cloning has succeed.

Item_param (PS parameter, '?') doesn't implement cloning so will return
NULL from clone(). This will cause a crash.

Fixed by making varchar_upper_cmp_transformer() check clone results for NULL.
(Adding cloning support to Item_param is out of scope of this patch).
Vladislav Vaintroub
MDEV-40323 CONNECT engine - add file access checks for JSON UDFs

Check FILE_ACL and secure_file_priv for the current user inside CONNECT
file UDFs (json_file, jfile_make, jbin_file, bson_file, bfile_make,
bbin_file).

Fix NULL filename: guard GetFileLength in jbin_file_init and check for
NULL fn in UDF bodies before the access check, so NULL arguments report
"Missing file name" instead of "Access denied".
Thirunarayanan Balathandayuthapani
MDEV-39648 Mariabackup: redo log copier stalls and fails with misleading error message

Problem:
========
During backup process, log copier thread stalls at lsn and fails with
the misleading "Was only able to copy log from X to Y, not Z; try increasing
innodb_log_file_size", even when the redo was intact and the log far
from full.

Problem is that copier advances recv_sys.lsn only on CRC-validated mtr,
but it parses the redo at the server is concurrently writing. InnoDB
rewrites the current partial write block repeatedly as mini-transaction
fills it, so an mmap read (or) pread of a page being written can observe
a torn/intermediate image of the tail block. If that tail block happens
to parse as a longer, still valid crc valid mtr then recv_sys.lsn,
recv_sys.offset gets advanced wrongly and points to middle of the
mini-transaction. In that case, later parse return GOT_EOF always
and copier thread never reaches target and fails

Solution:
=========
Poll the server's durably-flushed LSN (status var Innodb_lsn_flushed) and
limit the redo log copier based on it.

backup_log_parse(): parses one mtr and if it exceeds the limit
rolls back recv_sys.lsn/offset and reports GOT_EOF; the copier
re-parses those bytes on a later pass once the fence has
advanced past them. Used on both the mmap and buffered paths.

parse_limit_from_flushed(): Rounds the flushed LSN down to a write-block
boundary, excluding the tail block InnoDB may still be rewriting

log_copying_thread(): opens its own connection (it runs
concurrently with the main thread, which owns mysql_connection) and refreshes
the max_limit for parsing of redo log in each pass.

In the final backup phase (BACKUP STAGE BLOCK_COMMIT) it gates
on the exact target max(metadata_last_lsn, metadata_to_lsn) with no
block-align, so the last partial block is copied in full up to the target.

The stall diagnostic / retry spin is suppressed on a reached_parse_limit wait
so a normal "caught up, wait" is not misreported as drift.

get_log_flushed_lsn(): Added to get log_flushed_lsn from SHOW STATUS outout;
Daniel Black
MDEV-39763 main.innodb_mrr_cpk fails under view protocol

The rows returned by this under view protocol where inconsistent.

Under view protocol the CREATE VIEW in a different connection
was providing statistics that ended up in the result.

To normalize the output:
* include/innodb_stable_estimates.inc for the test
* Use analyze with persistent stats on the tables.

Despite the CREATE VIEW being executed under view protocol, it
always failed as most cases in the test had t1 and t2 with the same
columns names and a SELECT * FROM t1,t2 form of query. Creating a
view from this query resulting in duplicate result field names
which can't happen in a view. To make the view protocol useful
the SELECT queries where modified to return columns from both
tables with different result field names.

Thanks Rex Johnston for guidance.
Rex Johnston
MDEV-17846 Wrong result with grouping select from merged derived table

When a grouping select referring to a derived table has an outer
reference within it's select list, that outer reference isn't
properly fixed.  It isn't added to
outer_context->select_lex->inner_refs_list for later resolution during
JOIN::prepare.  As it is not fixed, the Item pointer arrays associated
with the temporary table filled during the join process are now incorrect
and we end up with an incorrect join->outer_ref_cond evaluation and
potentially a wrong result.
Rex Johnston
MDEV-17846 Wrong result with grouping select from merged derived table

When a grouping select referring to a derived table has an outer
reference within it's select list, that outer reference isn't
properly fixed.  It isn't added to
outer_context->select_lex->inner_refs_list for later resolution during
JOIN::prepare.  As it is not fixed, the Item pointer arrays associated
with the temporary table filled during the join process are now incorrect
and we end up with an incorrect join->outer_ref_cond evaluation and
potentially a wrong result.
bsrikanth-mariadb
MDEV-16462: explain format=json produces illegal json text

The attached_condition field of the produced json text had
"String with illegal unicode symbol" instead of the proper unicode
value.

The reason is that, the item field when being written to the json
writer in write_item(), used a String with charset my_charset_bin,
and that prevented the string from being escaped.

Solution is to change the charset to utf8mb4, and also use
writer->add_escaped_str(...), instead of writer->add_str(...);
forkfun
MDEV-40308-followup mariadb-dump --system emits invalid SQL

Escape single quotes in SONAME (plugins, UDFs) and in
CREATE SERVER option values via unescape(). Also emit the
DATABASE/USER option keywords instead of the Db/Username
column names, and dump aggregate UDFs as CREATE AGGREGATE
FUNCTION (type column was tested wrong). Add check_io().
Sergei Golubchik
MDEV-30041 don't set utf8_is_utf8mb3 by default in the old-mode
bsrikanth-mariadb
MDEV-16462: explain format=json produces illegal json text

The attached_condition field of the produced json text had
"String with illegal unicode symbol" instead of the proper unicode
value.

The reason is that, the item field when being written to the json
writer in write_item(), used a String with charset my_charset_bin,
and that prevented the string from being escaped.

Solution is to change: -
1. charset to my_charset_utf8mb4_bin in sql_explain.cc.
2. in Item::print_value(), handle string type specially if
  the charset is my_charset_bin by appending hex value.