Commit graph

178529 commits

Author SHA1 Message Date
Vladislav Vaintroub
b1b9803cb8 Disable dtrace probes on Windows.
Apparently, in Win10, dtrace is avaialable, but it does not work with
MariaDB user probes
2020-06-20 01:02:05 +02:00
Vladislav Vaintroub
727252ff1b MDEV-22950 : fix race condition in dbug
FreeState() zeros init_settings.out_file, which another thread can be using
2020-06-20 01:00:36 +02:00
Alexander Barkov
26907e7ef1 MDEV-22941 Assertion `idx < array.elements' failed in Dynamic_array<st_mysql_const_lex_string*>::at
The code in fill_schema_schemata() did not take into account that
make_db_list() can leave empty db_names if the requested database
name was too long, so the call for db_names.at(0) crashed on assert.

- Moving the code testing if the database directory exists
  into a separate function verify_database_directory_exists()
- Modifying the test to check if db_names is not empty
2020-06-19 16:04:45 +04:00
Sujatha
bf74f7f9ff MDEV-20428: "Start binlog_dump" message doesn't indicate GTID position
Problem:
=======
The "Start binlog_dump" message hasn't been updated to include the slave's
requested GTID position:

20:05:05 139836760311552 [Note] Start binlog_dump to slave_server(2), pos(, 4)

For diagnostic purposes, it would be helpful if the GTID position were
included.

Fix:
===
Imporve "Start binlog_dump" print message to include "using_gtid" and
"GTID position" requested by slave.

Ex:
[Note] Start binlog_dump to slave_server(2), pos(, 4), using_gtid(1),
  gtid('1-1-201,2-2-100')

[Note] Start binlog_dump to slave_server(3), pos('mariadb-bin.004142',
  507988273), using_gtid(0), gtid('')
2020-06-16 11:08:24 +05:30
Vicențiu Ciorbaru
93cee30309 Check for krb5_xfree instead of krb5_free_unparsed_name
Use krb5_xfree if available, otherwise default to
krb5_free_unparsed_name.
2020-06-15 16:01:41 +03:00
Alexander Barkov
de20091f5c MDEV-22755 CREATE USER leads to indirect SIGABRT in __stack_chk_fail () from fill_schema_user_privileges + *** stack smashing detected *** (on optimized builds)
The code erroneously used buff[100] in a fiew places to make
a GRANTEE value in the form:
  'user'@'host'

Fix:
- Fixing the code to use (USER_HOST_BUFF_SIZE + 6) instead of 100.
- Adding a DBUG_ASSERT to make sure the buffer is enough
- Wrapping the code into a class Grantee_str, to reuse it easier in 4 places.
2020-06-11 09:57:05 +04:00
Vicențiu Ciorbaru
ae3a7d5e43 MDEV-22834: Disks plugin - change datatype to bigint
On large hard disks (> 2TB), the plugin won't function correctly, always
showing 2 TB of available space due to integer overflow. Upgrade table
fields to bigint to resolve this problem.
2020-06-10 19:29:25 +03:00
Oleksandr Byelkin
59717bbce4 MDEV-5924: MariaDB could crash after changing the query_cache size
The real problem was that attempt to roll back cahnes after end of memory in QC was made incorrectly and lead to using uninitialized memory.
(bug has nothing to do with resize operation, it is just lack of resources erro processed incorrectly)
2020-06-10 09:35:38 +02:00
Oleksandr Byelkin
61862d711d Revert "MDEV-22830: SQL_CALC_FOUND_ROWS not working properly for single SELECT for DUAL"
This reverts commit 443391236d.
2020-06-10 09:34:56 +02:00
rucha174
443391236d MDEV-22830: SQL_CALC_FOUND_ROWS not working properly for single SELECT for DUAL
In case of SELECT without tables which returns either 0 or 1 rows,
JOIN::exec_inner() did not check if the flag representing SQL_CALC_FOUND_ROWS
is set or not and send_records was direclty assigned 0. So SELECT FOUND_ROWS()
was giving 0 in the output. Now it checks if the flag is set, if it is set
send_record=1 else 0. 1 is the number of rows that could have been sent
to the client if the SELECT query had SQL_CALC_FOUND_ROWS.
It is 0 when no rows were sent because the SELECT query did not have
SQL_CALC_FOUND_ROWS.
2020-06-09 14:43:15 +05:30
Sujatha
e1045a768b MDEV-22717: Conditional jump or move depends on uninitialised value(s) in find_uniq_filename(char*, unsigned long)
Fix:
===
Initialize 'number' variable to '0'.
2020-06-08 21:55:12 +05:30
Ian Gilfillan
4f48856906 Client spelling mistakes 2020-06-08 11:58:44 +02:00
Varun Gupta
d218d1aa49 MDEV-22728: SIGFPE in Unique::get_cost_calc_buff_size from prepare_search_best_index_intersect on optimized builds
For low sort_buffer_size, in the cost calculation of using the Unique object the elements in the tree were evaluated to 0, make sure to have atleast 1 element in the Unique tree.

Also for the function Unique::get allocate memory for atleast MERGEBUFF2+1 keys.
2020-06-07 04:19:58 +05:30
Varun Gupta
f30ff10c8d MDEV-22715: SIGSEGV in radixsort_for_str_ptr and in native_compare/my_qsort2 (optimized builds)
For DECIMAL[(M[,D])] datatype max_sort_length was not being honoured which was leading to buffer
overflow while making the sort key. The fix to this problem would be to create sort keys for decimals
with atmost max_sort_key bytes

Important:
The minimum value of max_sort_length has been raised to 8 (previously was 4),
so fixed size datatypes like DOUBLE and BIGINIT are not truncated for
lower values of max_sort_length.
2020-06-05 01:11:03 +05:30
Julius Goryavsky
3f019d1771 Added missing include files to check for debug_sync 2020-06-03 15:34:44 +02:00
sjaakola
8ec0e9111a MDEV-22763 backporting MDEV-20225 fix into 10.1
Backported the support for aborting and replaying stored procedure and fix for trigger
key assigments from 10.4 version.
Backported also two mtr tests: wsrep_sp_bf_abort and MDEV-20225
2020-06-03 15:34:44 +02:00
Bernard Spil
40dbf0ea0e Fix duplicate word
both both -> both
Closes #1560
2020-06-02 12:57:31 +02:00
Sergey Vojtovich
49854811fa Attempt fixing mroonga gcc 8 build failure
Part of MDEV-19061 - table_share used for reading statistical tables is
                     not protected
2020-05-29 22:51:45 +04:00
Sergey Vojtovich
c279878493 Thread safe histograms loading
Previously multiple threads were allowed to load histograms concurrently.
There were no known problems caused by this. But given amount of data
races in this code, it'd happen sooner or later.

To avoid scalability bottleneck, histograms loading is protected by
per-TABLE_SHARE atomic variable.

Whenever histograms were loaded by preceding statement (hot-path), a
scalable load-acquire check is performed.

Whenever histograms have to be loaded anew, mutual exclusion for loaders
is established by atomic variable. If histograms are being loaded
concurrently, statement waits until load is completed.

- Table_statistics::total_hist_size moved to TABLE_STATISTICS_CB: only
  meaningful within TABLE_SHARE (not used for collected stats).
- TABLE_STATISTICS_CB::histograms_can_be_read and
  TABLE_STATISTICS_CB::histograms_are_read are replaced with a tri state
  atomic variable.
- Simplified away alloc_histograms_for_table_share().

Note: there's still likely a data race if a thread attempts accessing
histograms data after it failed to load it (because of concurrent load).
It was there previously and goes out of the scope of this effort. One way
of fixing it could be reviving TABLE::histograms_are_read and adding
appropriate checks whenever it is needed.

Part of MDEV-19061 - table_share used for reading statistical tables is
                     not protected
2020-05-29 21:53:54 +04:00
Sergey Vojtovich
609a0d3db3 Thread safe statistics loading
Previously multiple threads were allowed to load statistics concurrently.
There were no known problems caused by this. But given amount of data
races in this code, it'd happen sooner or later.

To avoid scalability bottleneck, statistics loading is protected by
per-TABLE_SHARE atomic variable.

Whenever statistics were loaded by preceding statement (hot-path), a
scalable load-acquire check is performed.

Whenever statistics have to be loaded anew, mutual exclusion for loaders
is established by atomic variable. If statistics are being loaded
concurrently, statement waits until load is completed.

TABLE_STATISTICS_CB::stats_can_be_read and
TABLE_STATISTICS_CB::stats_is_read are replaced with a tri state atomic
variable.

Part of MDEV-19061 - table_share used for reading statistical tables is
                     not protected
2020-05-29 21:53:54 +04:00
Sergey Vojtovich
1055a7f4fc Simplified away statistics_for_tables_is_needed()
Removed redundant loops, integrated logics into the caller instead.
Unified condition in read_statistics_for_tables(), less
"table_share != NULL" checks, no more potential "table_share == NULL"
dereferencing.

Part of MDEV-19061 - table_share used for reading statistical tables is
                     not protected
2020-05-29 21:53:54 +04:00
Alexander Barkov
a2932e86b5 MDEV-22744 *SAN: sql/item_xmlfunc.cc:791:43: runtime error: downcast of address ... which does not point to an object of type 'Item_func' note: object is of type 'Item_bool' (on optimized builds)
In Item_nodeset_func_predicate::val_nodeset, args[1] is not necessarily
an Item_func descendant. It can be Item_bool.

Removing a wrong cast. It was not really needed anyway.
2020-05-29 15:31:24 +04:00
Anel Husakovic
a1b3bebe1f fix pre-definition for embedded server for find_user_or_anon()
Pre-definitions are allowed for non-embedded.
Failur catched with:
```
cmake ../../10.1 -DCMAKE_BUILD_TYPE=Debug -DCMAKE_CXX_COMPILER=g++-9
-DCMAKE_C_COMPILER=gcc-9 -DWITH_EMBEDDED_SERVER=ON -DCMAKE_BUILD_TYPE=Debug
-DPLUGIN_{ARCHIVE,TOKUDB,MROONGA,OQGRAPH,ROCKSDB,PERFSCHEMA,SPIDER,SPHINX}=N
-DMYSQL_MAINTAINER_MODE=ON -DNOT_FOR_DISTRIBUTION=ON
```
Alternative fix would be
```
--- a/sql/sql_acl.cc
+++ b/sql/sql_acl.cc
@@ -201,8 +201,10 @@ LEX_STRING current_user= { C_STRING_WITH_LEN("*current_user") };
 LEX_STRING current_role= { C_STRING_WITH_LEN("*current_role") };
 LEX_STRING current_user_and_current_role= { C_STRING_WITH_LEN("*current_user_and_current_role") };

+#ifndef EMBEDDED_LIBRARY
 class ACL_USER;
 static ACL_USER *find_user_or_anon(const char *host, const char *user, const char *ip);
+#endif
```
2020-05-28 20:18:25 +02:00
Anel Husakovic
957cb7b7ba MDEV-22312: Bad error message for SET DEFAULT ROLE when user account is not granted the role
- `SET DEFAULT ROLE xxx [FOR yyy]` should say:
  "User yyy has not been granted a role xxx" if:
    - The current user (not the user `yyy` in the FOR clause) can see the
    role xxx. It can see the role if:
      * role exists in `mysql.roles_mappings` (traverse the graph),
      * If the current user has read access on `mysql.user` table - in
    that case, it can see all roles, granted or not.
    - Otherwise it should be "Invalid role specification".

In other words, it should not be possible to use `SET DEFAULT ROLE` to discover whether a specific role exist or not.
2020-05-28 17:08:40 +02:00
Andrei Elkin
dbe447a789 MDEV-15152 Optimistic parallel slave doesnt cope well with START SLAVE UNTIL
The immediate bug was caused by a failure to recognize a correct
position to stop the slave applier run in optimistic parallel mode.
There were the following set of issues that the analysis unveil.
1 incorrect estimate for the event binlog position passed to
  is_until_satisfied
2 wait for workers to complete by the driver thread did not account non-group events
  that could be left unprocessed and thus to mix up the last executed
  binlog group's file and position:
  the file remained old and the position related to the new rotated file
3 incorrect 'slave reached file:pos' by the parallel slave report in the error log
4 relay log UNTIL missed out the parallel slave branch in
  is_until_satisfied.

The patch addresses all of them to simplify logics of log change
notification in either the master and relay-log until case.
P.1 is addressed with passing the event into is_until_satisfied()
for proper analisis by the function.
P.2 is fixed by changes in handle_queued_pos_update().
P.4 required removing relay-log change notification by workers.
Instead the driver thread updates the notion of the current relay-log
fully itself with aid of introduced
bool Relay_log_info::until_relay_log_names_defer.

An extra print out of the requested until file:pos is arranged
with --log-warning=3.
2020-05-26 18:26:50 +03:00
Marko Mäkelä
adbf85fc89 Merge 5.5 into 10.1 2020-05-26 12:44:05 +03:00
Marko Mäkelä
9bbd685e8d MDEV-22513 main.processlist_notembedded Timeout in wait_until_count_sessions
Do not blindly disconnect the connection that is in WAIT_FOR
because it could happen that neither the disconnect nor the
SIGNAL would be processed before RESET would discard the signal.
2020-05-26 12:27:51 +03:00
Varun Gupta
76f4ae8295 MDEV-21495: Conditional jump or move depends on uninitialised value in sel_arg_range_seq_next
Initialize the parameter PARAM::max_key_part when we iterate over the ranges to get estimates
from EITS.
2020-05-26 01:57:00 +05:30
Alexander Barkov
cb9c49a9b2 MDEV-22111 ERROR 1064 & 1033 and SIGSEGV on CREATE TABLE w/ various charsets on 10.4/5 optimized builds | Assertion `(uint) (table_check_constraints - share->check_constraints) == (uint) (share->table_check_constraints - share->field_check_constraints)' failed
The code incorrectly assumed in multiple places that TYPELIB
values cannot have 0x00 bytes inside. In fact they can:

  CREATE TABLE t1 (a ENUM(0x61, 0x0062) CHARACTER SET BINARY);

Note, the TYPELIB value encoding used in FRM is ambiguous about 0x00.

So this fix is partial.

It fixes 0x00 bytes in many (but not all) places:

- In the middle or in the end of a value:
    CREATE TABLE t1 (a ENUM(0x6100) ...);
    CREATE TABLE t1 (a ENUM(0x610062) ...);

- In the beginning of the first value:
    CREATE TABLE t1 (a ENUM(0x0061));
    CREATE TABLE t1 (a ENUM(0x0061), b ENUM('b'));

- In the beginning of the second (and following) value of the *last* ENUM/SET
  in the table:

    CREATE TABLE t1 (a ENUM('a',0x0061));
    CREATE TABLE t1 (a ENUM('a'), b ENUM('b',0x0061));

However, it does not fix 0x00 when:

- 0x00 byte is in the beginning of a value of a non-last ENUM/SET
  causes an error:

   CREATE TABLE t1 (a ENUM('a',0x0061), b ENUM('b'));
   ERROR 1033 (HY000): Incorrect information in file: './test/t1.frm'

  This is an ambuguous case and will be fixed separately.
  We need a new TYPELIB encoding to fix this.

Details:

- unireg.cc

  The function pack_header() incorrectly used strlen() to detect
  a TYPELIB value length. Adding a new function typelib_values_packed_length()
  which uses TYPELIB::type_lengths[n] to detect the n-th value length,
  and reusing the new function in pack_header() and packed_fields_length()

- table.cc
  fix_type_pointers() assumed in multiple places that values cannot have
  0x00 inside and used strlen(TYPELIB::type_names[n]) to set
  the corresponding TYPELIB::type_lengths[n].

  Also, fix_type_pointers() did not check the encoded data for consistency.

  Rewriting fix_type_pointers() code to populate TYPELIB::type_names[n] and
  TYPELIB::type_lengths[n] at the same time, so no additional loop
  with strlen() is needed any more.

  Adding many data consistency tests.

  Fixing the main loop in fix_type_pointers() to use memchr() instead of
  strchr() to handle 0x00 properly.

  Fixing create_key_infos() to return the result in a LEX_STRING rather
  that in a char*.
2020-05-22 07:47:49 +04:00
Sujatha
836d708997 MDEV-22451: SIGSEGV in __memmove_avx_unaligned_erms/memcpy from _my_b_write on CREATE after RESET MASTER
Analysis:
========
RESET MASTER TO # command deletes all binary log files listed in the index
file, resets the binary log index file to be empty, and creates a new binary
log with number #. When the user provided binary log number is greater than
the max allowed value '2147483647' server fails to generate a new binary log.
The RESET MASTER statement marks the binlog closure status as
'LOG_CLOSE_TO_BE_OPENED' and exits. Statements which follow RESET MASTER
try to write to binary log they find the log_state != LOG_CLOSED and
proceed to write to binary log cache and it results in crash.

Fix:
===
During MYSQL_BIN_LOG open, if generation of new binary log name fails then the
"log_state" needs to be marked as "LOG_CLOSED". With this further statements
will find binary log as closed and they will skip writing to the binary log.
2020-05-20 17:42:28 +05:30
Rasmus Johansson
a6b4d4beff MDEV-22631 fix 2020-05-20 09:59:49 +00:00
Marko Mäkelä
6b2c8cac1b MDEV-22258 Limit innodb_encryption_threads to 255
For no good reason, innodb_encryption_threads was limited to
4,294,967,295. Expectedly, the server would crash if such an
insane value was specified. Let us limit the maximum to 255.

The encryption threads are not doing much useful work.
They are basically only dirtying pages by performing
dummy writes via the redo log. The encryption key rotation
or the in-place addition or removal of encryption
will take place in the page cleaner.

In a quick test on a 20-core CPU (40 threads in total),
the sweet spot on an otherwise idle server seemed to be
innodb_encryption_threads=16 for the test
encryption.encrypt_and_grep. The new limit 255 should be
more than enough for even bigger servers.
2020-05-20 10:33:53 +03:00
Andrei Elkin
7a5ba59e5f MDEV-22472 rpl.rpl_fail_register failed in buildbot with wrong result
This is a new test from upstream that did not expect the correct value
of the command slot of the Dump thread when the latter gets killed.

The test is made to expect "Killed" string as the command
in show-processlist as it is supposed to when a thread gets killed.
2020-05-19 21:57:01 +03:00
Rasmus Johansson
395ed66b3b MDEV-22636 XML output for mtr doesn't work with valgrind option 2020-05-19 15:23:29 +00:00
Rasmus Johansson
e9a33a5392 MDEV-22631 some test causes MTR interruption without generating summary and XML 2020-05-19 10:51:28 +00:00
Andrei Elkin
44c8d84908 MDEV-22520 Assertion gathered_length == thd->lex->comment.length failed in binlog_defragment
The assert was caused by early cleanup of a user variable participant
in BINLOG @var,@var where it plays twice. That was unexpected by the base
code to clear its value prematurely.

Fixed with relocating the user var destruction after operations with
its value is over.
2020-05-18 15:14:16 +03:00
Daniel Black
7baa40dffa
MDEV-21976: mtr main.udf - broaden localhost (#1543)
Localhost, depending on the platform can return any
127.0.0.1/8 address.
2020-05-18 09:37:51 +03:00
Alexander Barkov
3df297271a MDEV-22579 No error when inserting DEFAULT(non_virtual_column) into a virtual column
The code erroneously allowed both:
INSERT INTO t1 (vcol) VALUES (DEFAULT);
INSERT INTO t1 (vcol) VALUES (DEFAULT(non_virtual_column));

The former is OK, but the latter is not.
Adding a new virtual method in Item:

virtual bool vcol_assignment_allowed_value() const { return false; }

Item_null, Item_param and Item_default_value override it.

Item_default_value overrides it in the way to:
- allow DEFAULT
- disallow DEFAULT(col)
2020-05-15 20:21:54 +04:00
Varun Gupta
efd68f5e31 MDEV-22498: SIGSEGV in Bitmap<64u>::merge on SELECT
For the case when the optimizer does the IN-EXISTS transformation,
the equality condition is injected in the WHERE OR HAVING clause of
the subquery. If the select list of the subquery has a reference to
the parent select make sure to use the reference and not the original
item.
2020-05-14 23:24:10 +05:30
Marko Mäkelä
ee5152fc4b MDEV-22070 MSAN use-of-uninitialized-value in encryption.innodb-redo-badkey
On a checksum failure of a ROW_FORMAT=COMPRESSED page,
buf_LRU_free_one_page() would invoke buf_LRU_block_remove_hashed()
which will read the uncompressed page frame, although it would not
be initialized. With bad enough luck, fil_page_get_type(page)
could return an unrecognized value and cause the server to abort.

buf_page_io_complete(): On the corruption of a ROW_FORMAT=COMPRESSED
page, zerofill the uncompressed page frame.
2020-05-14 17:41:37 +03:00
Alexander Barkov
31f34b20f3 MDEV-22502 MDB crashes in CREATE TABLE AS SELECT when the precision of returning type = 0.
TRUNCATE(decimal_5_5) erroneously tried to create a DECIMAL(0,0) column.
Creating a DECIMAL(1,0) column instead.
2020-05-14 11:41:27 +04:00
Alexander Barkov
910c31928e MDEV-22503 MDB limits DECIMAL column precision to 16 doing CTAS with floor/ceil over DECIMAL(X,Y) where X > 16
The DECIMAL data type branch in Item_func_int_val::fix_length_and_dec()
incorrectly used DOUBLE-style length calculation, which resulted in
a smaller data type than the actual result of FLOOR()/CEIL() needs.
2020-05-14 08:40:46 +04:00
Oleksandr Byelkin
23d3d180ca Merge branch '10.1-release' into 10.1 2020-05-11 19:09:46 +02:00
Daniel Bartholomew
a0778860af
bump the VERSION 2020-05-11 12:52:53 -04:00
Daniel Bartholomew
de13fccfc6
bump the VERSION 2020-05-11 12:50:03 -04:00
Marko Mäkelä
1887b5ae87 MDEV-22501 Various issues when using --innodb-data-file-size-debug=-1
Let us limit the maximum value of the debug parameter
innodb_data_file_size to 256 MiB. It is only being used
in the test innodb.log_data_file_size, and the size
of the system tablespace should never exceed some 70 MiB
in ./mtr. Thus, 256 MiB should be a reasonable limit.

The fact that negative values that are passed to unsigned parameters
wrap around to the maximum value appears to be a regression due to
commit 18ef02b04d
and has been filed as bug MDEV-22219.
2020-05-08 13:27:57 +03:00
Sergei Golubchik
530da97c65 cleanup: foreign-keys.test vs foreign_key.test 2020-05-08 09:19:44 +02:00
Sergei Golubchik
6b521ac003 MDEV-22180 Planner opens unnecessary tables when updated table is referenced by foreign keys
under LOCK TABLES we still have to open everything, otherwise DML
prelocking will try to take an MDL on a table that wasn't in the
LOCK TABLES list.
2020-05-08 09:19:44 +02:00
Marko Mäkelä
26aab96ecf MDEV-22497 [ERROR] InnoDB: Unable to purge a record
The InnoDB insert buffer was upgraded in MySQL 5.5 into a change
buffer that also covers delete-mark and delete (purge) operations.

There is an important constraint for delete operations: a B-tree
leaf page must not become empty unless the entire tree becomes empty,
consisting of an empty root page. Because change buffer merges only
occur on a single leaf page at a time, delete operations must not be
buffered if it is possible that the last record of the page could be
deleted. (In that case, we would refuse to use the change buffer, and
if we really delete the last record, we would shrink the index tree.)

The function ibuf_get_volume_buffered_hash() is part of our insurance
that the page would not become empty. It is supposed to map each
buffered INSERT or DELETE_MARK record payload into a hash value.
We will only count each such record as a distinct key if there is no
hash collision. DELETE operations will always decrement the predicted
number fo records in the page.

Due to a bug in the function, we would actually compute the hash value
not only on the record payload, but also on some following bytes,
in case the record contains NULL values. In MySQL Bug #61104, we had
some examples of this dating back to 2012. But back then, we failed to
reproduce the bug, and in commit d84c95579b
we simply demoted the hard assertion to a message printout and a debug
assertion failure.

ibuf_get_volume_buffered_hash(): Correctly compute the hash value
of the payload bytes only. Note: we will consider
('foo','bar'),(NULL,'foobar'),('foob','ar') to be equal, but this
is not a problem, because in case of a hash collision, we could
also consider ('boo','far') to be equal, and underestimate the number
of records in the page, leading to refusing to buffer a DELETE.
2020-05-07 20:44:33 +03:00
Vladislav Vaintroub
8c4b526121 Windows, mtr : Fix "Subroutine HAVE_WIN32_CONSOLE redefined at (eval 25) line 1." 2020-05-07 00:40:48 +02:00