Incompatible Change: To load a keyring plugin, the --early-plugin-load option is used. Previously, the default --early-plugin-load option value was the name of the keyring_file plugin library file. Now the default value is empty.

[mysqld]
early-plugin-load=keyring_file.so

(Bug #80413, Bug #22748738)

MySQL Enterprise Edition now includes a keyring_okv plugin that uses Oracle Key Vault as a back end for keyring storage. For more information, see The MySQL Keyring. (WL #8041)

The obsolete support-files/MySQL-shared-compat.spec.sh file was removed from MySQL distributions. (Bug #22525609)

InnoDB: The InnoDB data-at-rest encryption feature now supports Oracle Key Vault for encryption key management. Oracle Key Vault support relies on the keyring_okv plugin which is available in MySQL Enterprise Edition. A secure and robust encryption key management solution such as OKV is critical for security and for compliance with various security standards. For more information, see InnoDB Data-at-Rest Encryption. (WL #8041)

The linked OpenSSL library for the MySQL Commercial Server has been updated to version 1.0.1s. For a description of issues fixed in this version, see http://www.openssl.org/news/vulnerabilities.html.

This change does not affect the Oracle-produced MySQL Community build of MySQL Server, which uses the yaSSL library instead. (Bug #22685885, Bug #22923458)

For queries with many OR conditions, the optimizer now is more memory-efficient and less likely to exceed the memory limit imposed by the range_optimizer_max_mem_size system variable. In addition, the default value for that variable has been raised from 1536000 to 8388608. (Bug #79450, Bug #22283790)

InnoDB; Partitioning: INSERT and SELECT statements against a partitioned InnoDB table having generated columns were not always handled correctly. (Bug #22444530)

References: See also: Bug #21776494, Bug #21824564, Bug #21864838.

InnoDB: An error was returned on startup when a replication slave attempted to access an encrypted table. The server UUID used to compose the master key name was not persisted to the tablespace data file, resulting in the use of an incorrect master key. (Bug #22912582)

InnoDB: In debug builds, an unnecessary buf_block_align() call could cause a latching order violation. A DML operation resulted in a page mismatch assertion due to the same buf_block_align() call. (Bug #22709463, Bug #21321238)

InnoDB: An ALTER TABLE ... ADD COLUMN operation on a table with virtual columns raised an assertion. (Bug #22650296)

InnoDB: An unnecessary comparison in tablespace encryption code caused compiler warnings. (Bug #22645816)

InnoDB: INNODB_SYS_TABLESPACES could report incorrect ALLOCATED_SIZE and FILE_SIZE values for a general tablespace created outside of the data directory. The i_s_dict_fill_sys_tablespaces() function generated an incorrect remote file path. (Bug #22590095, Bug #80070)

InnoDB: In debug builds, an update operation on a table with virtual columns raised an assertion. (Bug #22572997)

InnoDB: Modifications were made to InnoDB code to handle warnings when compiling with Microsoft Visual Studio 2015. (Bug #22542547, Bug #79964)

InnoDB: Running REPLACE operations on multiple connections resulted in a hang. (Bug #22530768, Bug #79185)

InnoDB: Operations relating to tablespace encryption resulted in a hang on FreeBSD. (Bug #22520464, Bug #79901)

InnoDB: MySQL stalled when synchronizing the InnoDB full-text index cache. (Bug #22516559, Bug #16510576, Bug #73816)

InnoDB: A CREATE TABLE ... DATA DIRECTORY operation failed to create a table while innodb_flush_method was set to O_DIRECT. (Bug #22180006, Bug #79200)

References: This issue is a regression of: Bug #21113036.

InnoDB: In debug builds, a buffer pool resizing operation resulted in a segmentation violation. The buf_pool_resizing variable was not protected. (Bug #22179317)

InnoDB: The innodb_open_files setting could exceed the open files limit. (Bug #22111472)

InnoDB: InnoDB attempted crc32 checksum validation instead of innodb after a crc32 checksum validation failure, causing repeated crc32 checksum validation attempts. Checksum validation order is now optimized dynamically. Thanks to Daniel Black for the patch. (Bug #79725, Bug #22452597)

Replication: Setting relay_log_recovery=1 generated an error during recovery, due to repositories not being initialized. (Bug #22523554)

Replication: Issuing STOP SLAVE caused a spurious Error reading packet from server: Lost connection to MySQL server during query message to be written to the error log. With this fix, when connection to the master is lost, the abort_slave flag is checked and the error message is printed only if the flag is not set. (Bug #22305605, Bug #79504)

References: See also: Bug #12977988, Bug #22290309.

Replication: When the binary log was disabled, the GTID specified by gtid_next when committing an empty transaction caused by a BEGIN statement was saved in gtid_executed when it should not have been. This did not occur when the binary log was enabled.

Now, when gtid_next is set for the current session, BEGIN raises an ER_CANT_DO_IMPLICIT_COMMIT_IN_TRX_WHEN_GTID_NEXT_IS_SET error inside any transaction regardless of whether binary logging is enabled, since this statement causes an implicit commit. In this case, the GTID specified by gtid_next is not saved in gtid_executed. (Bug #22130929)

Replication: When replication was configured but not started on a slave, the variable currently_executing_gtid was not properly initialized, but it would be used if the Performance Schema replication_applier_status_by_worker table was queried, causing assertion failures and pointer issues. With this fix, the variable is now properly initialized at the construction of the Relay_log_info object. (Bug #21953132, Bug #78722)

Replication: RESET SLAVE ALL could delete a channel even when master_pos_wait and wait_until_sql_thread_after_gtid were still waiting for transactions to be applied. This could cause a MySQL server exit when the functions tried to access the channel that was deleted. Now, a channel reference counter was added that is increased if the channel should not be deleted when the functions are running. RESET SLAVE ALL will wait for no reference, and then it will delete the channel. (Bug #21842399, Bug #78445)

Replication: When relay_log_recovery=1, a slave server, at its initialization, still tried to scan the relay log files in order to update Retrieved_Gtid_Set and the transaction parser state, which was an unnecessary waste of resources because the slave I/O thread would just be initialized to the SQL thread position in the new relay log file. With this fix, the slave server skips scanning the relay log files when relay_log_recovery=1. (Bug #21798355, Bug #78352)

Replication: XA transactions were not handled correctly when --gtid-mode=ON and the binary log was disabled. It was because on both master and slave servers, the GTID state was sometimes not saved and the GTID ownership was sometimes not cleaned up. This fix makes sure those steps are now properly performed. (Bug #21618727)

References: See also: Bug #22165138, Bug #77740, Bug #21452916.

Replication: When a multithreaded slave stopped with an error, the same error message was printed three times. Now, the SQL thread's kill acceptance status is saved, and only printed once. (Bug #21198611, Bug #77237)

Replication: When using a multithreaded slave with relay_log_info_repository set to TABLE, the slave applier thread failed to write XA transactions to the worker configuration. (Bug #20988291)

Replication: mysqlbinlog --verbose displayed BINARY and VARBINARY data as ordinary strings, causing any single quote (“'”) or backslash (“\”) among the data to be printed as such, which was confusing to the users and, in the case of a backslash, caused the next character to be skipped. This fix makes mysqlbinlog print the characters' hexadecimal values (“\x27” for single quote and “\x5c” for backslash) instead. (Bug #20836250)

Replication: The test case main.merge failed when the variables binlog_format was set to “ROW,” as the server tried to get information for table creation for a child table before it was opened. With this fix, the server skips getting information for the table in the situation. (Bug #20574550, Bug #75976)

Replication: When a server was run with relay_log_info_repository=TABLE and the --super-read-only option enabled, a statement which caused an update to the slave info tables, such as STOP SLAVE or CHANGE MASTER TO, resulted in a 'STOP SLAVE' failed: 1290: The MySQL server is running error, preventing the statement being executed. The fix ensures that replication operations are permitted regardless of the setting of read_only and super_read_only. (Bug #78963, Bug #22097534)

Replication: Valgrind tests of mysqlbinlog revealed some memory leaks. (Bug #78223, Bug #21697461, Bug #78966)

Replication: If a query on a master generated an error and partial results were written to the binary log, for example due to a DROP TABLE IF EXISTS statement applying to multiple tables that would break foreign key constraints, when a slave configured with replication filters encountered the query it could be incorrectly binary logged. This caused errors such as:

Last_SQL_Error: Query caused different errors on master and slave. Error on master: message (format)='Cannot delete or update a parent row: a foreign key constraint fails' error code=1217 ; Error on slave: actual message='no error', error code=0. Default database: 'db1'. Query: 'DROP TABLE IF EXISTS `table1` /* generated by server */'

There were two fixes required for this bug.

(Bug #77684, Bug #21435502)

References: See also: Bug #20797764, Bug #76493.

Group Replication: When a slave with no binary log connected to a Group Replication master, it failed with Error running query, but no information about the failure was available from either the output of SHOW SLAVE STATUS or the replication_applier_status_by_worker table. (Bug #22699395)

JSON: Error messages raised by JSON_KEYS() and JSON_EXTRACT() contained the wrong data. (Bug #78699, Bug #22026278)

RTRIM() on large strings could be very slow. (Bug #22884187)

References: This issue is a regression of: Bug #18315770, Bug #12368495.

Integer overflow could occur during client handshake processing, leading to a server exit. (Bug #22722946)

Missing initializers in the query plan constructor resulted in Valgrind warnings. (Bug #22573117)

mysqlpump failed (syntax error) when a view name contained a space character. View names are now quoted. (Bug #22505474)

UNHEX() with an invalid argument could result in garbage characters in the warning message. (Bug #22358933)

Improper host name checking in X509 certificates could permit man-in-the-middle attacks. (Bug #22295186, Bug #22738607)

For debug builds, when an indexed nonnullable generated column with an empty string generated expression was updated during an insert for a duplicated key, there was an optimization that resulted in the server failing to find the duplicated index, causing an assertion to be raised. (Bug #22195364)

A boolean mode full-text search caused a segmentation fault. (Bug #22176795)

Queries on generated columns that used WITH ROLLUP could raise an assertion. (Bug #22131343)

For a prepared statement that used a derived table, an assertion could be raised at execute time when checking statement privileges. (Bug #22108567)

Concurrent selecting and flushing of a FEDERATED table while killing connections accessing it could result in a server exit. (Bug #21918190)

For debug builds, when a query using join buffering and one of the tables inserted into the join buffer was accessed using a dynamic range scan on an index containing a virtual column, a Valgrind error occurred when writing columns to the join buffer. (Bug #21872184)

After iterations of uninstalling and installing the audit_log plugin, the server could hang. (Bug #21796658)

With a LOCK TABLES statement in effect, access to Performance Schema tables could fail, as could SHOW STATUS with show_compatibility_56=OFF. (Bug #21789221)

Executing GRANT PROXY statements after altering the definition of the mysql.user system table could result in a server exit. (Bug #21699037)

Certain error messages included part of the SQL statement that produced them, possibly exposing data. (Bug #21682356)

Although it is possible to create nontemporary tables using the prefix #sql, Performance Schema assumed that tables named using this prefix were temporary and could be ignored. Performance Schema now uses table attributes other than the name to identify temporary tables. (Bug #21105475, Bug #22532368, Bug #79934)

Account filtering performed by the audit_log plugin incorrectly used the account named by the USER() function rather than the CURRENT_USER() function (the latter being the account used for authentication). (Bug #19509471, Bug #22454245, Bug #77553)

NAME_CONST() can return null if incorrect arguments are given. In some cases, this was not handled and could cause a server exit. (Bug #19143243, Bug #26361149)

Character set conversion operations on NULL parameters to prepared statements could cause a server exit. (Bug #18823979)

Loose Index Scan was not chosen for queries that had an equality condition. (Bug #18109609)

Long or complex SQL statements could cause the parser to run out of memory. The new parser_max_mem_size system variable now enables control over the maximum amount of memory available to the parser. The default value places no limit on memory available, but the value can be reduced to protect against out-of-memory situations. (Bug #14744160)

A Valgrind warning for memory_free_noop() was silenced. (Bug #80457, Bug #22782197)

The MySQL server failed to start if built with the -m32 option on Solaris/Sparc, due to improper static data alignment in init_delegates(). (Bug #80445, Bug #22763880)

The plugin_keyring.h header file misspelled st_mysql_keyring as st_mysql_keyring_file. (Bug #80414, Bug #22748867)

For shared-memory connections on Windows, the client library opened a handle on a mutex but did not close it. Subsequent attempts to restart the server on the other end of the connection failed if the client still had the mutex handle open. (Bug #80234, Bug #22646779)

mysqld attempted to initialize plugins specified using the --early-plugin-load option when the --help option was specified. (Bug #80077, Bug #22573767)

ALTER USER IDENTIFIED WITH ... expired the account password, even if the authentication plugin did not support password expiration. (Bug #79999, Bug #22551523)

Some Performance Schema global instruments, if not enabled at server startup, could be in a state where it was not possible to enable them at runtime. This restriction has been lifted. Affected instruments include mutex, rwlock, cond, and socket instances. Thanks to Zhang Yingqiang for the patch. (Bug #79784, Bug #22517278, Bug #66515, Bug #14532176)

Setting the super_read_only system variable at server startup had no effect. (Bug #79328, Bug #22233503)

These audit_log plugin issues were corrected:

(Bug #79079, Bug #22136709, Bug #79091, Bug #22142166, Bug #79092, Bug #22142209, Bug #21783798)

For INSERT and UPDATE operations that caused FOREIGN KEY constraint violations, errors were reported rather than warnings when the IGNORE keyword was used. (Bug #78853, Bug #22037930)

References: See also: Bug #23135731.

Using the server session service, executing an SQL statement from a thread with no VIO context could raise an assertion. (Bug #78734, Bug #21959409)

CREATE VIEW statements that used the TIMESTAMPDIFF() function with MICROSECOND as the unit resulted in incorrect view definitions. (Bug #78506, Bug #21877062)

For an existing user, CREATE USER IF NOT EXISTS produced an error rather than a warning. Similarly, for an nonexisting user, ALTER USER IF EXISTS produced an error rather than a warning. (Bug #78374, Bug #21807286)

For some queries, an Index Merge access plan was chosen over a range scan when the cost for the range scan was the same or less. (Bug #77209, Bug #21178196)

UNHEX() could attempt a left shift of a negative number. (Bug #73964, Bug #19642015)

EXPLAIN for SELECT ... FOR UPDATE statements acquired locks. (Bug #72858, Bug #18899860)

Processlist state information was not updated correctly for LOAD DATA and could show a state different from executing. (Bug #69375, Bug #16912362)