[MCOL-679] Crash on prepared statement when no parameters bound Created: 2017-04-24  Updated: 2017-05-04  Resolved: 2017-05-04

Status: Closed
Project: MariaDB ColumnStore
Component/s: None
Affects Version/s: 1.0.8, 1.1.0
Fix Version/s: 1.0.9, 1.1.0

Type: Bug Priority: Major
Reporter: Andrew Hutchings (Inactive) Assignee: Daniel Lee (Inactive)
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Blocks
is blocked by MCOL-597 Merge with MariaDB 10.2 Closed
Relates
relates to MCOL-676 Internal error: Lost connection to DM... Closed
Sprint: 2017-9

 Description   

Found from logs in MCOL-676

When executing a prepared statement that contains question marks but no params we crash in sql_parse.cc:9825:

Item_param *param= *begin;

Because "begin" is NULL.

Example query:

create table vstats_country (did INT, country CHAR(2), reqs INT, tx INT, tpr BIGINT, updatetime BIGINT) engine=columnstore;
 
 
 
INSERT INTO vstats_country (did,country,reqs,tx,tpr,updatetime) VALUES (26818, '??', 2, 1713996, 1062, 1492917900)



 Comments   
Comment by rambo [ 2017-04-24 ]

This is a batch insert like this:

INSERT INTO vstats_country (did,country,req
s,tx,tpr,updatetime) VALUES (26818, 'AR', 4, 31027278, 48698, 1492801800),(26818, 'CA', 10, 75247034, 46403, 1492801800),(26818, 'CN', 33, 73451751, 1053, 149280
1800),(26818, 'ES', 3, 1579697, 2381, 1492801800),(26818, 'GB', 1, 1487084, 1600, 1492801800);

Comment by Andrew Hutchings (Inactive) [ 2017-04-24 ]

This is to do with the crashes in your mysqld logs which are insert batches using prepared statements with two question marks (??) in the country field in quote marks. This is valid syntax and unfortunately causes the MariaDB server modifications for ColumnStore to crash. For the example I've used a single insert for simplification because it can be triggered with this.

Comment by Andrew Hutchings (Inactive) [ 2017-04-24 ]

sorry, I meant double question marks in quotes which is valid. But still causes the same problem. Updated ticket accordingly

Comment by rambo [ 2017-04-24 ]

Get it.

Comment by Andrew Hutchings (Inactive) [ 2017-05-04 ]

Branches for develop and develop-1.0 for review

Test case:

use test;
 
create table t3 (a int, b varchar(50)) engine=columnstore;

PHP code:

<?php
 
$data = 1;
 
$conn = new mysqli("127.0.0.1", "root", "", "test");
 
 
 
$stmt = $conn->prepare("INSERT INTO t3 (a,b) VALUES (?, '??')");
 
 
 
$data = 12345;
 
 
 
if (!$stmt)
 
{
 
	var_dump($conn->error);
 
}
 
 
 
$stmt->bind_param("i", $data);
 
 
 
printf("Params: %d\n", $stmt->param_count);
 
 
 
if ($stmt->execute())
 
{
 
	printf("Success\n");
 
}
 
else
 
{
 
	printf("Error: %s.\n", $stmt->error);
 
}

Before the patch mysqld would crash executing this.

Comment by Daniel Lee (Inactive) [ 2017-05-04 ]

Build tested: 1.0.9-1 and 1.1.0-1 GitHub source
1.0.9-1
[root@localhost mariadb-columnstore-server]# git show
commit 675a7de1d5d793900b92549e1da3d82a49caa381
Merge: 6e3afaa 76bfb2b
Author: dhall-InfiniDB <david.hall@mariadb.com>
Date: Thu May 4 11:02:43 2017 -0500
Merge pull request #47 from mariadb-corporation/MCOL-693-1.0
MCOL-693 Fix non-string SP parameters
[root@localhost mariadb-columnstore-server]# cd mariadb-columnstore-engine/
[root@localhost mariadb-columnstore-engine]# git show
commit 85c7be75625b7b3f515b83956ee2b0acb6c550a3
Merge: b6efffb f5881ce
Author: dhall-InfiniDB <david.hall@mariadb.com>
Date: Wed Apr 26 09:42:51 2017 -0500
Merge pull request #159 from mariadb-corporation/MCOL-683-1.0
MCOL-683 Fix nested ADDDATE and DATE_FORMAT
1.1.0-1
[root@localhost mariadb-columnstore-server]# git show
commit bd13090ea83f35f125c1d103204c0070ae0f721b
Merge: abc4c52 f63ee30
Author: dhall-InfiniDB <david.hall@mariadb.com>
Date: Thu May 4 11:01:51 2017 -0500
Merge pull request #46 from mariadb-corporation/MCOL-693
MCOL-693 Fix non-string SP parameters
[root@localhost mariadb-columnstore-server]# cd mariadb-columnstore-engine/
[root@localhost mariadb-columnstore-engine]# git show
commit a6dfc3c366c861d5777a9931e18f594405e4aab6
Merge: 1c2a8fc 00cd7f4
Author: dhall-InfiniDB <david.hall@mariadb.com>
Date: Thu May 4 10:33:30 2017 -0500
Merge pull request #168 from mariadb-corporation/MCOL-698
MCOL-698 Fix joiner for LONGTEXT

Reproduced the crash in 1.0.8-1 and verified the fix in 1.0.9-1 and 1.1.0-1 using the included php script.

Generated at Thu Feb 08 02:22:59 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.