Skip to content
Snippets Groups Projects
  1. Dec 29, 2018
    • Nikita Pettik's avatar
      sql: fix decoding data of type BOOLEAN · 5f18717d
      Nikita Pettik authored
      Closes #3906
    • Kirill Shcherbatov's avatar
      sql: support HAVING without GROUP BY clause · b40f2443
      Kirill Shcherbatov authored
      Allowed to make SELECT requests that have HAVING clause without
      GROUP BY. It is possible when both - left and right parts of
      request have aggregate function or constant value.
      Closes #2364.
      @TarantoolBot document
      Title: HAVING without GROUP BY clause
      A query with a having clause should also have a group by clause.
      If you omit group by, all the rows not excluded by the where
      clause return as a single group.
      Because no grouping is performed between the where and having
      clauses, they cannot act independently of each other. Having
      acts like where because it affects the rows in a single group
      rather than groups, except the having clause can still use
      Having without group by is not supported for select from
      multiple tables.
      2011 SQL standard "Part 2: Foundation" 7.10 <having clause> p.381
      SELECT MIN(s1) FROM te40 HAVING SUM(s1) > 0; -- is valid
      SELECT 1 FROM te40 HAVING SUM(s1) > 0;       -- is valid
      SELECT NULL FROM te40 HAVING SUM(s1) > 0;    -- is valid
      SELECT date() FROM te40 HAVING SUM(s1) > 0;  -- is valid
    • Vladimir Davydov's avatar
      xlog: assure xlog is opened and closed in the same thread · 847aab99
      Vladimir Davydov authored
      xlog and xlog_cursor must be opened and closed in the same thread,
      because they use cord's slab allocator.
      Follow-up #3910
    • Vladimir Davydov's avatar
      relay: close xlog cursor in relay thread · 21726f69
      Vladimir Davydov authored
      An xlog_cursor created and used by a relay via recovery context is
      destroyed by the main thread once the relay thread has exited. This is
      incorrect, because xlog_cursor uses cord's slab allocator and therefore
      must be destroyed in the same thread it was created by, otherwise we
      risk getting a use-after-free bug. So this patch moves recovery_delete()
      invocation to the end of the relay thread routine.
      No test is added, because our existing tests already cover this case -
      crashes don't usually happen, because we are lucky. The next patch will
      add some assertions to make the bug 100% reproducible.
      Closes #3910
    • Vladimir Davydov's avatar
      relay: cleanup error handling · d2537d9d
      Vladimir Davydov authored
      A few changes intended to make error messages more clear, remove
      duplicates, etc:
       - Don't log an error when xstream_write() fails in recover_xlog() -
         it's a responsibility of the caller. Logging it there results in
         the same error occuring twice in the log.
       - If recover_xlog() fails to apply a row and continues due to
         force_recovery flag, log the row's LSN - it might be useful for
         problem analysis.
       - Don't override relay error in relay_process_wal_event(), otherwise
         we can get 'fiber is cancelled' error in the status, which is
       - Break replication if we fail to send an ack as it's pointless to
         continue then.
       - Log a relay error only once - when the relay thread is exiting.
         Don't log subsequent errors - they don't make much sense.
       - Set the relay cord name before setting WAL watcher: the WAL watcher
         sends an event as soon as it's installed, which starts xlog recovery,
         which is logged by the relay so we want the relay name to be valid.
         Note, there's a catch here: we used the original cord name as cbus
         endpoint name so now we have to pass endpoint name explicitly - this
         looks better anyway.
      While we are at it, let's also add some comments to relay_subscribe_f()
      and remove diag_is_empty() check as diag is always set when relay exits.
      Part of #3910
    • Vladimir Davydov's avatar
      relay: do not try to scan xlog if exiting · f6a2ab9a
      Vladimir Davydov authored
      relay_process_wal_event() may be called if the relay fiber is already
      exiting, e.g. by wal_clear_watcher(). We must not try to scan xlogs in
      this case, because we could have written an incomplete packet fragment
      to the replication socket, as described in the previous commit message,
      so that writing another row would lead to corrupted replication stream
      and, as a result, permanent replication breakdown.
      Actually, there was a check for this case in relay_process_wal_event(),
      but it was broken by commit adc28591 ("replication: do not delete
      relay on applier disconnect"), which replaced it with a relay->status
      check, which is completely wrong, because relay->status is reset only
      after the relay thread exits.
      Part of #3910
    • Vladimir Davydov's avatar
      recovery: ignore box.cfg.force_recovery in relay threads · b641dd89
      Vladimir Davydov authored
      In case force_recovery flag is set, recover_xlog() ignores any errors
      returned by xstream_write(), even SocketError or FiberIsCancelled. This
      may result in permanent replication breakdown as described in the next
      Suppose there's a master and a replica and the master has force_recovery
      flag set. The replica gets stalled on WAL while applying a row fetched
      from the master. As a result, it stops sending ACKs. In the meantime,
      the master writes a lot of new rows to its WAL so that the relay thread
      sending changes to the replica fills up all the space available in the
      network buffer and blocks on the replication socket. Note, at this
      moment it may occur that a packet fragment has been written to the
      socket. The WAL delay on the replica takes long enough for replication
      to break on timeout: the relay reader fiber on the master doesn't
      receive an ACK from the replica in time and cancels the relay writer
      fiber. The relay writer fiber wakes up and returns to recover_xlog(),
      which happily continues to scan the xlog attempting to send more rows
      (force_recovery is set), failing, and complaining to the log. While the
      relay thread is still scanning the log, the replica finishes the long
      WAL write and reads more data from the socket, freeing up some space in
      the network buffer for the relay to write more rows. The relay thread,
      which happens to be still in recover_xlog(), writes a new row to the
      socket after the packet fragment it had written when it was cancelled,
      effectively corrupting the stream and breaking a replication with an
      unrecoverable error, e.g.
        xrow.c:99 E> ER_INVALID_MSGPACK: Invalid MsgPack - packet header
      Actually, taking into account force_recovery in relay threads looks
      dubious - after all this option was implemented to allow start of a
      tarantool instance when local data are corrupted, not to force
      replication from a corrupted data set. The latter is dangerous anyway -
      it's better to rebootstrap replicas in case of master data corruption.
      That being said, let's ignore force_recovery option in relay threads.
      It's difficult to write a test for this case, since too many conditions
      have to be satisfied simultaneously for the issue to occur. Injecting
      errors doesn't really help here and would look artificial, because it'd
      rely too much on the implementation. So I'm committing this one without
      a test case.
      Part of #3910
    • Vladimir Davydov's avatar
      travis: drop Fedora 26, 27 and Ubuntu Artful · 0f0c0968
      Vladimir Davydov authored
      These distributions are past EOL.
  2. Dec 27, 2018
  3. Dec 25, 2018
    • Nikita Pettik's avatar
      Remove SQL string from index opts · 911139e3
      Nikita Pettik authored
      Closes #2647
    • Nikita Pettik's avatar
      sql: don't add string of 'CREATE INDEX ...' to index opts · 1babc99a
      Nikita Pettik authored
      Part of #2647
    • Nikita Pettik's avatar
      sql: don't add string of 'CREATE TABLE...' to space opts · 111495cc
      Nikita Pettik authored
      We don't rely on this string anymore and it can be removed for ordinary
      tables. However, it is still used to hold SELECT body for view.
      Part of #2647
    • Nikita Pettik's avatar
      test: fix sqltester methods to drop all tables/views · 01c214eb
      Nikita Pettik authored
      Since we are going to remove string of SQL "CREATE TABLE ..." statement
      from space's opts, lets rework methods in sqltester to drop all tables
      and views in order to avoid relying on this parameter.
      Part of #2647
    • Nikita Pettik's avatar
      sql: don't update SQL string during renaming · ce19dcbc
      Nikita Pettik authored
      Since SQL string containing "CREATE TABLE ..." statement is not used
      anymore for ordinary tables/space, it makes no sense to modify it during
      renaming. Hence, now rename routine needs only to update name in _space,
      so it can be done using simple update operation.
      Moreover, now we are able to rename spaces created from Lua-land.
      Part of #2647
    • Nikita Pettik's avatar
      sql: avoid calling sql_encode_table_opts() during trigger creation · 3fcf32d6
      Nikita Pettik authored
      At the last stage of trigger creation, trigger's create statement
      ("CREATE TRIGGER ...") is encoded to msgpack. Since only this string is
      only member of a map to be encoded, is makes no sense to call whole
      sql_encode_table_opts() function, which in turn processes table's
      checks, opts for VIEW etc.
      Needed for #2647
    • Nikita Pettik's avatar
      sql: decrease max depth of expression AST · 0b57f06f
      Nikita Pettik authored
      Currently, all routines connected with expression AST processing rely on
      recursive approaches. On the other hand, SQL is executed in a standard
      fiber, which features only 64kb of stack memory. Hence, deep recursion
      can result in stack overflow. To avoid obvious overflows lets
      significantly restrict allowed depth of expression AST. Note that it is
      not radical solution to this problem but rather temporary fix.
      Workaround for #3861
    • Nikita Pettik's avatar
      sql: disallow to rename space if it is referenced by view · cc2c920b
      Nikita Pettik authored
      Before this patch it was allowed to rename space which is referenced by
      a view. In turn, view contains SELECT statement in a raw form (i.e. as a
      string) and it is not modified during renaming routine. Hence, after
      renaming space still has referencing counter > 0, but no usage of view
      is allowed (since execution of SELECT results in "Space does not
      exist"). To avoid such situations, lets ban renaming space if its view
      reference counter > 0.
      Note that RENAME is ANSI extension, so different DBs behave in this case
      in different ways - some of them allow to rename tables referenced by a
      view (PostgreSQL), others - don't (Oracle).
      Closes #3746
    • Kirill Shcherbatov's avatar
      sql: Fix DEFAULTs AST memory leak on alter · 7c6c572c
      Kirill Shcherbatov authored
      The space_def_destroy_fields routine is used in make_scoped_guard
      on alter:space_def_new_from_tuple always pass extern_alloc=true
      for sql_expr_delete routine. It shouldn't as the first-time
      allocated AST object (field_def_decode) is not external-allocated.
      Introduced a new flag 'extern_alloc' for space_def_destroy_fields
      Also fixed def_guard declaration in space_def_new_from_tuple:
      it should be right after space_def_new_xc call, otherwise
      subsequent tnt_raise/diag_raise call wouldn't fire it.
      Closes #3908
    • Kirill Shcherbatov's avatar
      box: pass string to ER_FIELD_TYPE, ER_ACTION_MISMATCH · 64344873
      Kirill Shcherbatov authored
      Reworked ER_FIELD_TYPE and ER_ACTION_MISMATCH error to pass path
      string to field instead of field number.
      This patch is required for further JSON patches, to give detailed
      information about field on error.
      Needed for #1012
  4. Dec 24, 2018
    • Vladimir Davydov's avatar
      Move field_mp_type_is_compatible to field_def.h · 3ccbba33
      Vladimir Davydov authored
      This function and the associated table don't depend on key definition,
      only on field type. So let's move it from key_def.h to field_def.h.
    • Kirill Shcherbatov's avatar
      box: refactor field type and nullability checks · 454964df
      Kirill Shcherbatov authored
       - Reworked field types and nullability checks to set error message in
         tuple_init_field_map manually. We will specify full JSON path to the
         field further patches.
       - Introduced field_mp_type_is_compatible routine making field_type and
         mp_type compatibility test taking into account field nullability.
       - Refactored key_part_validate to pass const char *key argument and to
         reuse field_mp_type_is_compatible code.
      Needed for #1012
    • Kirill Shcherbatov's avatar
      box: implement tuple_validate_raw using tuple_init_field_map · 8d1b54b0
      Kirill Shcherbatov authored
      Since the tuple_validate_raw and tuple_init_field_map functions
      make the same data checks, we implemented tuple_validate_raw via
      tuple_init_field_map called with region memory chunk is passed
      as field map. This is required because in subsequent patches
      the tuple_init_field_map routine logic will be complicated,
      and we want to avoid writing the same checks twice.
      Needed for #1012
    • Vladimir Davydov's avatar
      vinyl: fix index build not working after recovery · 6351d916
      Vladimir Davydov authored
      While building a secondary index for a Vinyl space, we use xm->lsn to
      skip statements inserted after build began (as those statements are
      propagated by the on_replace trigger callback anyway). The xm->lsn is
      advanced every time we insert something into a Vinyl space. The problem
      is during recovery we skip statements that have been dumped to disk so
      xm->lsn may lag behind the instance vclock once recovery is complete.
      In this case if we try to create a new Vinyl index right after recovery
      completion, before any DML operation is executed on a Vinyl space, we
      will skip statements that would otherwise get into the new index.
      Fix this issue by resetting xm->lsn to the instance vclock upon recovery
      Closes #3903
    • Alexander Turenko's avatar
      Forbid -DENABLE_ASAN=ON with GCC explicitly · d79a1bce
      Alexander Turenko authored
      The build time error is confusing for users. The patch makes the error
      explicit and moves it to the cmake stage.
      Follow up of #3070.
    • Vladislav Shpilevoy's avatar
      session: outdate a session of a closed connection · 43af2de2
      Vladislav Shpilevoy authored
      Once a connection is closed, a long-running user
      request can not learn about this occasion. Even
      box.sesion.push() still works.
      This patch makes such disconnected session 'rotten'.
      So a user can determine if a connection is closed by
      looking at session.fd() == -1, or checking for
      errors from box.session.push().
      Closes #3859
    • Vladislav Shpilevoy's avatar
      session: store vtab both in struct and registry · 69d36781
      Vladislav Shpilevoy authored
      Before the patch vtabs were stored in a global array
      only, called registry and accessed by session.type to
      call a virtual method. But it does not allow to change
      session vtab without affecting session type. This
      feature is necessary to be able to outdate binary
      sessions whose socket is closed.
      Outdated, closed, sessions will return errors from all
      its methods.
      Needed for #3859
  5. Dec 22, 2018
    • Vladimir Davydov's avatar
      Revert "lua: fix tuple cdata collecting" · 2c351664
      Vladimir Davydov authored
      This reverts commit 022a3c50.
      According to FFI documentation [1], ffi.cast() creates a new object for
      the given type and initializes it with the given value. So setting a
      finalizer for a tuple before casting it to const_tuple_ref_t is totally
      wrong as it allows the Lua interpreter to invoke the finalizer as soon
      as the cast is complete. That said, we must revert the commit that
      swapped ffi.cast and ffi.gc order in tuple_bless() and reopen the issue
      it intended to fix - see #3751 - no wonder it improved the garbage
      collector performance as it basically made all tuples collectable right
      from the moment they are blessed.
      To make sure we won't step on the same issue again in future, let's also
      add a relevant test case.
      Closes #3902
  6. Dec 21, 2018
  7. Dec 20, 2018
  8. Dec 19, 2018