Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-5717

Server crash with insert statement containing DEFAULT into view

        Details

        • Type: Bug
        • Status: Closed
        • Priority: Blocker
        • Resolution: Fixed
        • Affects Version/s: 5.3.12, 5.5.36, 10.0.8
        • Fix Version/s: 5.5.37, 10.0.10, 5.3.13, 5.2.15, 5.1.73
        • Component/s: None
        • Labels:
          None

          Description

          When trying to insert a row into a view using the DEFAULT keyword, the server exits with signal 11:

          stack_bottom = 0x7ff658047e30 thread_stack 0x48000
/usr/sbin/mysqld(my_print_stacktrace+0x2b)[0x7ff658a8608b]
/usr/sbin/mysqld(handle_fatal_signal+0x422)[0x7ff658639902]
/lib/x86_64-linux-gnu/libpthread.so.0(+0xf880)[0x7ff657caa880]
/usr/sbin/mysqld(_ZN18Item_default_value4walkEM4ItemFbPhEbS1_+0x36)[0x7ff65865ca56]
/usr/sbin/mysqld(_Z24check_view_single_updateR4ListI4ItemEPS1_P10TABLE_LISTPyb+0x94)[0x7ff6584c6614]
/usr/sbin/mysqld(+0x3ecc6c)[0x7ff6584c6c6c]
/usr/sbin/mysqld(_Z20mysql_prepare_insertP3THDP10TABLE_LISTP5TABLER4ListI4ItemEPS7_S8_S8_15enum_duplicatesPPS6_bbb+0x2cb)[0x7ff6584c865b]
/usr/sbin/mysqld(_Z12mysql_insertP3THDP10TABLE_LISTR4ListI4ItemERS3_IS5_ES6_S6_15enum_duplicatesb+0x1c8)[0x7ff6584c9158]
/usr/sbin/mysqld(_Z21mysql_execute_commandP3THD+0x3281)[0x7ff6584e0961]
/usr/sbin/mysqld(+0x409cba)[0x7ff6584e3cba]
/usr/sbin/mysqld(_Z16dispatch_command19enum_server_commandP3THDPcj+0x14f8)[0x7ff6584e5298]
/usr/sbin/mysqld(_Z24do_handle_one_connectionP3THD+0x47b)[0x7ff6585a76fb]
/usr/sbin/mysqld(handle_one_connection+0x47)[0x7ff6585a77d7]
/usr/sbin/mysqld(+0x6d2ab0)[0x7ff6587acab0]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x8062)[0x7ff657ca3062]
/lib/x86_64-linux-gnu/libc.so.6(clone+0x6d)[0x7ff656322a3d]

          # Table:
CREATE TABLE `temp` (
  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
  `test` tinyint(3) unsigned NOT NULL DEFAULT '0',
  PRIMARY KEY (`id`)
);

# View:
CREATE VIEW `temp_view` AS (
select  `temp`.`id` AS `id`,  `temp`.`test` AS `test` from `temp`);

# Insert stmt:
INSERT INTO `temp_view` SET `test` = DEFAULT;

            Gliffy Diagrams

              Attachments

                Activity

                Ascending order - Click to sort in descending order
                Hide
                Permalink
                elenst Elena Stepanova added a comment -

                Thank you for the report and test case.

                Debug stack trace from 5.3 (to make it more searchable):

                #3  <signal handler called>
#4  0x00000000005bfd68 in Item_default_value::walk (this=0x3525f38, processor=&virtual Item::view_used_tables_processor(unsigned char*), walk_subquery=false, args=0x35259f8 "") at item.h:3554
#5  0x0000000000770e2d in Item::view_used_tables (this=0x3525f38, view=0x35259f8) at item.h:1335
#6  0x0000000000765d96 in check_view_single_update (fields=..., values=0x3525df8, view=0x35259f8, map=0x7ff19b5ada28, insert=true) at sql_insert.cc:122
#7  0x00000000007662e0 in check_insert_fields (thd=0x34a1b88, table_list=0x35259f8, fields=..., values=..., check_unique=false, fields_and_values_from_different_maps=false, map=0x7ff19b5ada28) at sql_insert.cc:269
#8  0x0000000000768923 in mysql_prepare_insert (thd=0x34a1b88, table_list=0x35259f8, table=0x0, fields=..., values=0x3525df8, update_fields=..., update_values=..., duplic=DUP_ERROR, where=0x7ff19b5adc90, select_insert=false, check_fields=true, abort_on_warning=false) at sql_insert.cc:1340
#9  0x0000000000766e42 in mysql_insert (thd=0x34a1b88, table_list=0x35259f8, fields=..., values_list=..., update_fields=..., update_values=..., duplic=DUP_ERROR, ignore=false) at sql_insert.cc:681
#10 0x00000000006ae0a7 in mysql_execute_command (thd=0x34a1b88) at sql_parse.cc:3253
#11 0x00000000006b6e93 in mysql_parse (thd=0x34a1b88, rawbuf=0x35258c0 "INSERT INTO `temp_view` SET `test` = DEFAULT", length=44, found_semicolon=0x7ff19b5aecb8) at sql_parse.cc:6173
#12 0x00000000006a8ea8 in dispatch_command (command=COM_QUERY, thd=0x34a1b88, packet=0x351c459 "INSERT INTO `temp_view` SET `test` = DEFAULT", packet_length=44) at sql_parse.cc:1243
#13 0x00000000006a8194 in do_command (thd=0x34a1b88) at sql_parse.cc:923
#14 0x00000000006a5025 in handle_one_connection (arg=0x34a1b88) at sql_connect.cc:1231
#15 0x00007ff1a4d9db50 in start_thread (arg=<optimized out>) at pthread_create.c:304
#16 0x00007ff1a4140a7d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
                Show
                elenst Elena Stepanova added a comment - Thank you for the report and test case. Debug stack trace from 5.3 (to make it more searchable): #3 <signal handler called> #4 0x00000000005bfd68 in Item_default_value::walk (this=0x3525f38, processor=&virtual Item::view_used_tables_processor(unsigned char*), walk_subquery=false, args=0x35259f8 "") at item.h:3554 #5 0x0000000000770e2d in Item::view_used_tables (this=0x3525f38, view=0x35259f8) at item.h:1335 #6 0x0000000000765d96 in check_view_single_update (fields=..., values=0x3525df8, view=0x35259f8, map=0x7ff19b5ada28, insert=true) at sql_insert.cc:122 #7 0x00000000007662e0 in check_insert_fields (thd=0x34a1b88, table_list=0x35259f8, fields=..., values=..., check_unique=false, fields_and_values_from_different_maps=false, map=0x7ff19b5ada28) at sql_insert.cc:269 #8 0x0000000000768923 in mysql_prepare_insert (thd=0x34a1b88, table_list=0x35259f8, table=0x0, fields=..., values=0x3525df8, update_fields=..., update_values=..., duplic=DUP_ERROR, where=0x7ff19b5adc90, select_insert=false, check_fields=true, abort_on_warning=false) at sql_insert.cc:1340 #9 0x0000000000766e42 in mysql_insert (thd=0x34a1b88, table_list=0x35259f8, fields=..., values_list=..., update_fields=..., update_values=..., duplic=DUP_ERROR, ignore=false) at sql_insert.cc:681 #10 0x00000000006ae0a7 in mysql_execute_command (thd=0x34a1b88) at sql_parse.cc:3253 #11 0x00000000006b6e93 in mysql_parse (thd=0x34a1b88, rawbuf=0x35258c0 "INSERT INTO `temp_view` SET `test` = DEFAULT", length=44, found_semicolon=0x7ff19b5aecb8) at sql_parse.cc:6173 #12 0x00000000006a8ea8 in dispatch_command (command=COM_QUERY, thd=0x34a1b88, packet=0x351c459 "INSERT INTO `temp_view` SET `test` = DEFAULT", packet_length=44) at sql_parse.cc:1243 #13 0x00000000006a8194 in do_command (thd=0x34a1b88) at sql_parse.cc:923 #14 0x00000000006a5025 in handle_one_connection (arg=0x34a1b88) at sql_connect.cc:1231 #15 0x00007ff1a4d9db50 in start_thread (arg=<optimized out>) at pthread_create.c:304 #16 0x00007ff1a4140a7d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
                Hide
                Permalink
                falcon Joshua Gardynik added a comment -

                If this is already fixed, will it be available in 10.0.9, since 10.0.8 is the most recent release, or am I going to have to wait months for it to make it into the 10.0 releases?

                Show
                falcon Joshua Gardynik added a comment - If this is already fixed, will it be available in 10.0.9, since 10.0.8 is the most recent release, or am I going to have to wait months for it to make it into the 10.0 releases?
                Hide
                Permalink
                sanja Oleksandr Byelkin added a comment -

                It was closed by accident

                Show
                sanja Oleksandr Byelkin added a comment - It was closed by accident
                Hide
                Permalink
                serg Sergei Golubchik added a comment -

                Joshua Gardynik, so it seems that it was closed by mistake, a different bug was fixed instead. And then it avoided our radars because it was marked as fixed. Sorry for this. It'll be fixed in 10.0.10

                Show
                serg Sergei Golubchik added a comment - Joshua Gardynik , so it seems that it was closed by mistake, a different bug was fixed instead. And then it avoided our radars because it was marked as fixed. Sorry for this. It'll be fixed in 10.0.10
                Hide
                Permalink
                sanja Oleksandr Byelkin added a comment -

                Item_default_value has argument equal to NULL which cause the crash whan view tries to detect used tables.

                Show
                sanja Oleksandr Byelkin added a comment - Item_default_value has argument equal to NULL which cause the crash whan view tries to detect used tables.
                Hide
                Permalink
                sanja Oleksandr Byelkin added a comment -

                It is legal to gave empty arg, so the walk method should be fixed.

                Show
                sanja Oleksandr Byelkin added a comment - It is legal to gave empty arg, so the walk method should be fixed.

                  People

                  • Assignee:
                    sanja Oleksandr Byelkin
                    Reporter:
                    falcon Joshua Gardynik
                  • Votes:
                    0 Vote for this issue
                    Watchers:
                    4 Start watching this issue

                    Dates

                    • Created:
                      Updated:
                      Resolved: