[MDEV-19188] Server Crash When Using a Trigger With A Number of Virtual Columns on INSERT/UPDATE - Jira

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Critical
Resolution: Fixed
Affects Version/s: 10.3.14, 10.3.15, 10.2(EOL), 10.3(EOL), 10.4(EOL)
Fix Version/s: 10.2.24, 10.3.15, 10.4.5
Component/s: Triggers, Virtual Columns
Labels:
- triggers
- virtual_columns
Environment:
Production: Ubuntu 16.04 LTS
Development: Centos 7, using 10.3.15-MariaDB-debug

Description

When you have a table that has 9 (or more) virtual columns, with any type (tested VARCHAR and INT) or expression (initially found the bug where JSON_VALID was used, then tested with referring to another column or just a constant expression) and a BEFORE INSERT or BEFORE UPDATE trigger (with any content or where the trigger is empty); then any INSERT or UPDATE will crash the server; even if the trigger is a BEFORE INSERT trigger and an UPDATE is run, or the other way round, or an INSERT is run with the trigger being a BEFORE INSERT trigger, etc.

In the event that the INSERT is done via an INSERT INTO ... SELECT statement, no crash occurs.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

setup.sql
2 kB
2019-04-05 13:42
setup.txt
3 kB
2019-04-05 13:42
test1.txt
6 kB
2019-04-05 13:42
test2.txt
6 kB
2019-04-05 13:42
test3.txt
6 kB
2019-04-05 13:42
test4.txt
6 kB
2019-04-05 13:42
tests.sql
0.3 kB
2019-04-05 13:42

Activity

Ascending order - Click to sort in descending order

Robert Humphries created issue - 2019-04-05 13:42

Elena Stepanova made changes - 2019-04-06 15:07

Field	Original Value	New Value
Status	Open [ 1 ]	Confirmed [ 10101 ]

Elena Stepanova added a comment - 2019-04-06 15:10

Thanks for the report and test case. Reproducible as described.

Test case - same as in attachments, only wrapped up for MTR.

--source include/have_innodb.inc

CREATE TABLE `testBeforeInsert` (

  `str` VARCHAR(16) NOT NULL,

  `virt1` INT(11) GENERATED ALWAYS AS (0) VIRTUAL,

  `virt2` VARCHAR(128) GENERATED ALWAYS AS ('a') VIRTUAL,

  `virt3` VARCHAR(128) GENERATED ALWAYS AS ('a') VIRTUAL,

  `virt4` VARCHAR(128) GENERATED ALWAYS AS ('a') VIRTUAL,

  `virt5` VARCHAR(128) GENERATED ALWAYS AS ('a') VIRTUAL,

  `virt6` VARCHAR(128) GENERATED ALWAYS AS ('a') VIRTUAL,

  `virt7` VARCHAR(128) GENERATED ALWAYS AS ('a') VIRTUAL,

  `virt8` VARCHAR(128) GENERATED ALWAYS AS ('a') VIRTUAL,

  `virt9` VARCHAR(128) GENERATED ALWAYS AS ('a') VIRTUAL,

  PRIMARY KEY (`str`)

) ENGINE=INNODB DEFAULT CHARSET=utf8;

INSERT INTO `testBeforeInsert` (`str`) VALUES ('test');

CREATE

    TRIGGER `testBeforeInsertTrigger` BEFORE INSERT ON `testBeforeInsert`

    FOR EACH ROW BEGIN

    END;

INSERT INTO `testBeforeInsert` (`str`) VALUES ("testcrash");

10.2 b4a7bde7
#3 <signal handler called>
#4 0x00007f4fcd30504d in __memset_avx2_erms () from /lib/x86_64-linux-gnu/libc.so.6
#5 0x000055ce4b2dde47 in Table_triggers_list::reset_extra_null_bitmap (this=0x7f4f70092d98) at /data/src/10.2/sql/sql_trigger.h:279
#6 0x000055ce4b2db3b6 in switch_to_nullable_trigger_fields (items=..., table=0x7f4f70009960) at /data/src/10.2/sql/sql_base.cc:8092
#7 0x000055ce4b31ab1e in mysql_insert (thd=0x7f4f70000b00, table_list=0x7f4f700125d8, fields=..., values_list=..., update_fields=..., update_values=..., duplic=DUP_ERROR, ignore=false) at /data/src/10.2/sql/sql_insert.cc:798
#8 0x000055ce4b342fba in mysql_execute_command (thd=0x7f4f70000b00) at /data/src/10.2/sql/sql_parse.cc:4438
#9 0x000055ce4b34e475 in mysql_parse (thd=0x7f4f70000b00, rawbuf=0x7f4f70012458 "INSERT INTO `testBeforeInsert` (`str`) VALUES (\"testcrash\")", length=59, parser_state=0x7f4fb85f2200, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:8013
#10 0x000055ce4b33bf72 in dispatch_command (command=COM_QUERY, thd=0x7f4f70000b00, packet=0x7f4f700968b1 "", packet_length=59, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:1832
#11 0x000055ce4b33a88f in do_command (thd=0x7f4f70000b00) at /data/src/10.2/sql/sql_parse.cc:1386
#12 0x000055ce4b48df79 in do_handle_one_connection (connect=0x55ce4daa9df0) at /data/src/10.2/sql/sql_connect.cc:1335
#13 0x000055ce4b48dd06 in handle_one_connection (arg=0x55ce4daa9df0) at /data/src/10.2/sql/sql_connect.cc:1241
#14 0x000055ce4b8b600a in pfs_spawn_thread (arg=0x55ce4daafc00) at /data/src/10.2/storage/perfschema/pfs.cc:1862
#15 0x00007f4fcf0f6494 in start_thread (arg=0x7f4fb85f3700) at pthread_create.c:333
#16 0x00007f4fcd2c493f in clone () from /lib/x86_64-linux-gnu/libc.so.6

Elena Stepanova added a comment - 2019-04-06 15:10 Thanks for the report and test case. Reproducible as described. Test case - same as in attachments, only wrapped up for MTR. --source include/have_innodb.inc CREATE TABLE `testBeforeInsert` ( `str` VARCHAR (16) NOT NULL , `virt1` INT (11) GENERATED ALWAYS AS (0) VIRTUAL, `virt2` VARCHAR (128) GENERATED ALWAYS AS ( 'a' ) VIRTUAL, `virt3` VARCHAR (128) GENERATED ALWAYS AS ( 'a' ) VIRTUAL, `virt4` VARCHAR (128) GENERATED ALWAYS AS ( 'a' ) VIRTUAL, `virt5` VARCHAR (128) GENERATED ALWAYS AS ( 'a' ) VIRTUAL, `virt6` VARCHAR (128) GENERATED ALWAYS AS ( 'a' ) VIRTUAL, `virt7` VARCHAR (128) GENERATED ALWAYS AS ( 'a' ) VIRTUAL, `virt8` VARCHAR (128) GENERATED ALWAYS AS ( 'a' ) VIRTUAL, `virt9` VARCHAR (128) GENERATED ALWAYS AS ( 'a' ) VIRTUAL, PRIMARY KEY (`str`) ) ENGINE=INNODB DEFAULT CHARSET=utf8; INSERT INTO `testBeforeInsert` (`str`) VALUES ( 'test' ); CREATE TRIGGER `testBeforeInsertTrigger` BEFORE INSERT ON `testBeforeInsert` FOR EACH ROW BEGIN END ; INSERT INTO `testBeforeInsert` (`str`) VALUES ( "testcrash" ); 10.2 b4a7bde7 #3 <signal handler called> #4 0x00007f4fcd30504d in __memset_avx2_erms () from /lib/x86_64-linux-gnu/libc.so.6 #5 0x000055ce4b2dde47 in Table_triggers_list::reset_extra_null_bitmap (this=0x7f4f70092d98) at /data/src/10.2/sql/sql_trigger.h:279 #6 0x000055ce4b2db3b6 in switch_to_nullable_trigger_fields (items=..., table=0x7f4f70009960) at /data/src/10.2/sql/sql_base.cc:8092 #7 0x000055ce4b31ab1e in mysql_insert (thd=0x7f4f70000b00, table_list=0x7f4f700125d8, fields=..., values_list=..., update_fields=..., update_values=..., duplic=DUP_ERROR, ignore=false) at /data/src/10.2/sql/sql_insert.cc:798 #8 0x000055ce4b342fba in mysql_execute_command (thd=0x7f4f70000b00) at /data/src/10.2/sql/sql_parse.cc:4438 #9 0x000055ce4b34e475 in mysql_parse (thd=0x7f4f70000b00, rawbuf=0x7f4f70012458 "INSERT INTO `testBeforeInsert` (`str`) VALUES (\"testcrash\")", length=59, parser_state=0x7f4fb85f2200, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:8013 #10 0x000055ce4b33bf72 in dispatch_command (command=COM_QUERY, thd=0x7f4f70000b00, packet=0x7f4f700968b1 "", packet_length=59, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:1832 #11 0x000055ce4b33a88f in do_command (thd=0x7f4f70000b00) at /data/src/10.2/sql/sql_parse.cc:1386 #12 0x000055ce4b48df79 in do_handle_one_connection (connect=0x55ce4daa9df0) at /data/src/10.2/sql/sql_connect.cc:1335 #13 0x000055ce4b48dd06 in handle_one_connection (arg=0x55ce4daa9df0) at /data/src/10.2/sql/sql_connect.cc:1241 #14 0x000055ce4b8b600a in pfs_spawn_thread (arg=0x55ce4daafc00) at /data/src/10.2/storage/perfschema/pfs.cc:1862 #15 0x00007f4fcf0f6494 in start_thread (arg=0x7f4fb85f3700) at pthread_create.c:333 #16 0x00007f4fcd2c493f in clone () from /lib/x86_64-linux-gnu/libc.so.6

Elena Stepanova made changes - 2019-04-06 15:10

Component/s		Virtual Columns [ 10803 ]
Fix Version/s		10.2 [ 14601 ]
Fix Version/s		10.3 [ 22126 ]
Fix Version/s		10.4 [ 22408 ]
Affects Version/s		10.2 [ 14601 ]
Affects Version/s		10.3 [ 22126 ]
Affects Version/s		10.4 [ 22408 ]

Elena Stepanova made changes - 2019-04-06 15:11

Assignee

Nikita Malyavin [ nikitamalyavin ]

Nikita Malyavin made changes - 2019-04-18 13:35

Status

Confirmed [ 10101 ]

In Progress [ 3 ]

Nikita Malyavin made changes - 2019-04-30 14:06

Assignee	Nikita Malyavin [ nikitamalyavin ]	Sergei Golubchik [ serg ]
Status	In Progress [ 3 ]	In Review [ 10002 ]

Sergei Golubchik made changes - 2019-04-30 16:26

Status

In Review [ 10002 ]

Stalled [ 10000 ]

Sergei Golubchik made changes - 2019-05-01 16:43

Fix Version/s		10.2.24 [ 23308 ]
Fix Version/s		10.3.15 [ 23309 ]
Fix Version/s		10.4.5 [ 23311 ]
Fix Version/s	10.2 [ 14601 ]
Fix Version/s	10.3 [ 22126 ]
Fix Version/s	10.4 [ 22408 ]
Resolution		Fixed [ 1 ]
Status	Stalled [ 10000 ]	Closed [ 6 ]

Sergei Golubchik made changes - 2019-05-01 16:43

Assignee

Sergei Golubchik [ serg ]

Nikita Malyavin [ nikitamalyavin ]

Sergei Golubchik made changes - 2021-12-06 21:49

Workflow

MariaDB v3 [ 95238 ]

MariaDB v4 [ 156041 ]

People

Assignee:: Nikita Malyavin

Reporter:: Robert Humphries

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2019-04-05 13:42

Updated:: 2019-05-01 16:43

Resolved:: 2019-05-01 16:43

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.

MariaDB Server

Details

Description

Attachments

Attachments

Activity

People

Dates

Git Integration