[MDEV-28848] Server crash with particular SQL sequence Created: 2022-06-15  Updated: 2022-06-15  Resolved: 2022-06-15

Status: Closed
Project: MariaDB Server
Component/s: Virtual Columns
Affects Version/s: 10.4.22, 10.6.5, 10.3.34, 10.4.24
Fix Version/s: N/A

Type: Bug Priority: Critical
Reporter: Risato Stefano Assignee: Unassigned
Resolution: Duplicate Votes: 0
Labels: None
Environment:

Linux 64, Linux ARM, Windows server

Issue Links:
Duplicate
duplicates MDEV-26407 Server crashes in Item_func_in::clean... Closed

 Description   

Both of these sql sequences cause server crashes:

first:
DROP TABLE IF EXISTS t1;

CREATE TABLE t1 (
`ID` VARCHAR(1) NOT NULL,
`f1` VARCHAR(1),
`f2` VARCHAR(1),
`f3` DATE,
`f4` VARCHAR(1) AS (`f1` IN ('1','2') AND `f3`<CURDATE()) VIRTUAL,
PRIMARY KEY (`ID`)
)
ENGINE=Aria;

SELECT ID, f4 FROM t1;

ALTER TABLE t1 CHANGE COLUMN `ID` `ID` VARCHAR(2);

second:
DROP TABLE IF EXISTS t1;

CREATE TABLE t1 (
`ID` VARCHAR(1) NOT NULL,
`f1` VARCHAR(1),
`f2` VARCHAR(1),
`f3` DATE,
`f4` VARCHAR(1) AS (`f1` IN ('1','2') AND `f3`<CURDATE()) VIRTUAL
)
ENGINE=Aria;

SELECT ID, f4 FROM t1;

INSERT INTO t1 (ID,f1,f2,f3) VALUES (1,'','',CURDATE());

SELECT ID, f4 FROM t1;

In both cases the problem occurs if I make a select before modifying the data or the structure. Both with Aria and InnoDB engines.

 Comments   
Comment by Alice Sherepa [ 2022-06-15 ]

Thank you for the report!
This is the same bug as MDEV-26407(MDEV-24176), please upgrade to the recent version of MariaDB (bug is fixed in 10.4.25, 10.6.8,..)

Version: '10.6.7-MariaDB'  
220615 17:47:09 [ERROR] mysqld got signal 11 ;
 
 
 
Server version: 10.6.7-MariaDB
 
 
 
sigaction.c:0(__restore_rt)[0x7f7de1008420]
 
sql/item_cmpfunc.h:2566(Item_func_in::cleanup())[0x55a595d2c197]
 
sql/item.h:2522(Item::delete_self())[0x55a5959729f0]
 
sql/table.cc:4443(closefrm(TABLE*))[0x55a595a88eb4]
 
sql/table_cache.cc:221(tc_remove_table(TABLE*))[0x55a595b5fdc6]
 
sql/sql_base.cc:727(close_all_tables_for_name(THD*, TABLE_SHARE*, ha_extra_function, TABLE*))[0x55a595959c88]
 
sql/sql_alter.h:261(mysql_alter_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, TABLE_LIST*, Alter_info*, unsigned int, st_order*, bool, bool))[0x55a595a629ac]
 
sql/sql_alter.cc:548(Sql_cmd_alter_table::execute(THD*))[0x55a595ac7b6e]
 
sql/sql_parse.cc:5996(mysql_execute_command(THD*, bool))[0x55a5959c4d75]
 
sql/sql_parse.cc:8030(mysql_parse(THD*, char*, unsigned int, Parser_state*))[0x55a5959c959b]
 
sql/sql_parse.cc:1955(dispatch_command(enum_server_command, THD*, char*, unsigned int, bool))[0x55a5959cb7e7]
 
sql/sql_parse.cc:1406(do_command(THD*, bool))[0x55a5959cce83]
 
sql/sql_connect.cc:1418(do_handle_one_connection(CONNECT*, bool))[0x55a595ac2be7]
 
sql/sql_connect.cc:1318(handle_one_connection)[0x55a595ac2e84]
 
perfschema/pfs.cc:2204(pfs_spawn_thread)[0x55a595e560cc]
 
nptl/pthread_create.c:478(start_thread)[0x7f7de0ffc609]
 
??:0(clone)[0x7f7de0be8133]
 
 
 
Query (0x7f7d78012210): ALTER TABLE t1 CHANGE COLUMN `ID` `ID` VARCHAR(2)

Generated at Thu Feb 08 10:03:56 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.