Issue Details (XML | Word | Printable)

Key: CORE-5849
Type: Bug Bug
Status: Open Open
Priority: Critical Critical
Assignee: Unassigned
Reporter: Karol Bieniaszewski
Votes: 0
Watchers: 4
Operations

If you were logged in you would be able to see more operations.
Firebird Core

Alter function result type and run query can cause server to crash (utf8 only)

Created: 20/Jun/18 08:30 AM   Updated: 24/Sep/19 11:35 AM
Component/s: Engine
Affects Version/s: 3.0.4, 3.0.5
Fix Version/s: None

Environment:
WI-V3.0.4.32954 Firebird 3.0
WI-V3.0.5.33161 Firebird 3.0

QA Status: No test


 Description  « Hide
SET TERM ^ ;
CREATE FUNCTION FUN2(A CHAR(8), B CHAR(4), C CHAR(12)) RETURNS CHAR(2)
AS
DECLARE VARIABLE VAR_RESULT VARCHAR(50);
BEGIN
  VAR_RESULT = A || B || C;
  IF (char_length(VAR_RESULT)=20) then
    VAR_RESULT = '21312321';
    
  RETURN VAR_RESULT;
END^
SET TERM ; ^


SET TERM ^ ;
CREATE FUNCTION FUN1(A CHAR(8), B CHAR(4), C CHAR(12)) RETURNS CHAR(26)
AS
BEGIN
  RETURN FUN2(A, B, C) || A;
END^
SET TERM ; ^


------------------------------------------------------------------------------------------
run the query:
SELECT FUN1('1020', '2080', '000625180347'), FUN2('1020', '2080', '000625180347') FROM RDB$DATABASE
commit;

------------------------------------------------------------------------------------------
alter result type

SET TERM ^ ;
ALTER FUNCTION FUN2(A CHAR(8), B CHAR(4), C CHAR(12)) RETURNS CHAR(50)
AS
DECLARE VARIABLE VAR_RESULT VARCHAR(50);
BEGIN

  VAR_RESULT = '1020208000062518034721312321';
    
  RETURN VAR_RESULT;
END^
SET TERM ; ^
commit;
------------------------------------------------------------------------------------------
run the query:
SELECT FUN1('1020', '2080', '000625180347') FROM RDB$DATABASE

 All   Comments   Change History   Subversion Commits      Sort Order: Descending order - Click to sort in ascending order
Karol Bieniaszewski added a comment - 24/Sep/19 11:35 AM
I found an error cause.
It is because "ALTER FUNCTION FUN2" remove ony FUN2 from the MET cache but dependent function FUN1 is not removed from the cache.

But i do not know how to get dependencies inside CreateAlterFunctionNode::execute?

When i just added a clean whole cache by MET_clear_cache(tdbb);
all is working without the crash. But to fix it i need to remove only dependent function.

Karol Bieniaszewski added a comment - 23/Sep/19 12:08 PM
shorter testcase tested under Firebird4 from isql under Windows 7


S:\GITHUB\firebirdLivius2\temp\x64\debug\firebird>isql
Use CONNECT or CREATE DATABASE to specify a database
SQL> connect "127.0.0.1:T:\FB4\FB4utf8.fdb"
CON> user 'SYSDBA' password 'xxxx';
Database: "127.0.0.1:T:\FB4\FB4utf8.fdb", User: SYSDBA
SQL> SET TERM ^ ;
SQL> CREATE FUNCTION FUN2(A CHAR(8), B CHAR(4), C CHAR(12)) RETURNS CHAR(2)
CON> AS
CON> DECLARE VARIABLE VAR_RESULT VARCHAR(50);
CON> BEGIN
CON> VAR_RESULT = A || B || C;
CON> IF (char_length(VAR_RESULT)=20) then
CON> VAR_RESULT = '21312321';
CON>
CON> RETURN VAR_RESULT;
CON> END^
SQL> SET TERM ; ^
SQL>
SQL>
SQL> SET TERM ^ ;
SQL> CREATE FUNCTION FUN1(A CHAR(8), B CHAR(4), C CHAR(12)) RETURNS CHAR(26)
CON> AS
CON> BEGIN
CON> RETURN FUN2(A, B, C) || A;
CON> END^
SQL> SET TERM ; ^
SQL> commit;
SQL> SELECT FUN1('1020', '2080', '000625180347'), FUN2('1020', '2080', '00062518
0347') FROM RDB$DATABASE;

FUN1 FUN2
========================== ======
Statement failed, SQLSTATE = 22001
arithmetic exception, numeric overflow, or string truncation
-string right truncation
-expected length 2, actual 4
-At function 'FUN2' line: 5, col: 3
SQL> commit;
SQL> SET TERM ^ ;
SQL> ALTER FUNCTION FUN2(A CHAR(8), B CHAR(4), C CHAR(12)) RETURNS CHAR(50)
CON> AS
CON> DECLARE VARIABLE VAR_RESULT VARCHAR(50);
CON> BEGIN
CON>
CON> VAR_RESULT = '1020208000062518034721312321';
CON>
CON> RETURN VAR_RESULT;
CON> END^
SQL> SET TERM ; ^
SQL> commit;
SQL> SELECT FUN1('1020', '2080', '000625180347') FROM RDB$DATABASE;

FUN1
==========================
Statement failed, SQLSTATE = 08006
Error reading data from the connection.
SQL>

Karol Bieniaszewski added a comment - 12/Aug/19 11:55 AM - edited
problem still exists in
WI-V3.0.5.33161 Firebird 3.0
used FlameRobin 0.9.0.1748

Karol Bieniaszewski added a comment - 17/Jul/18 07:38 PM
Hi Adriano,

Did you manage to reproduce the problem?
Did you tried this with flamerobin on Windows?

Adriano dos Santos Fernandes added a comment - 27/Jun/18 12:55 AM
Cannot reproduce with ISQL wit no-autocommit in latest v3 branch:

asfernandes@cheetah:~/fb/dev/firebird-3.0.git$ isql
Use CONNECT or CREATE DATABASE to specify a database
SQL> create database 'z.fdb' page_size 16384 default character set utf8;

asfernandes@cheetah:~/fb/dev/firebird-3.0.git$ isql -n -term ! z.fdb
Database: z.fdb, User: SYSDBA
SQL> CREATE FUNCTION FUN2(A CHAR(8), B CHAR(4), C CHAR(12)) RETURNS CHAR(2)
CON> AS
CON> DECLARE VARIABLE VAR_RESULT VARCHAR(50);
CON> BEGIN
CON> VAR_RESULT = A || B || C;
CON> IF (char_length(VAR_RESULT)=20) then
CON> VAR_RESULT = '21312321';
CON>
CON> RETURN VAR_RESULT;
CON> END!
SQL> CREATE FUNCTION FUN1(A CHAR(8), B CHAR(4), C CHAR(12)) RETURNS CHAR(26)
CON> AS
CON> BEGIN
CON> RETURN FUN2(A, B, C) || A || B || C;
CON> END!
SQL> SELECT FUN1('1020', '2080', '000625180347'), FUN2('1020', '2080', '000625180347') FROM RDB$DATABASE!

FUN1 FUN2
========================== ======
Statement failed, SQLSTATE = 22001
arithmetic exception, numeric overflow, or string truncation
-string right truncation
-expected length 2, actual 4
-At function 'FUN2' line: 5, col: 3
SQL> commit!
SQL> ALTER FUNCTION FUN2(A CHAR(8), B CHAR(4), C CHAR(12)) RETURNS CHAR(50)
CON> AS
CON> DECLARE VARIABLE VAR_RESULT VARCHAR(50);
CON> BEGIN
CON> VAR_RESULT = A || B || C;
CON> IF (char_length(VAR_RESULT)=20) then
CON> VAR_RESULT = '21312321';
CON>
CON> RETURN VAR_RESULT;
CON> END!
SQL> SELECT FUN1('1020', '2080', '000625180347'), FUN2('1020', '2080', '000625180347') FROM RDB$DATABASE !

FUN1 FUN2
========================== ==================================================
Statement failed, SQLSTATE = 22001
arithmetic exception, numeric overflow, or string truncation
-string right truncation
-expected length 2, actual 4
-At function 'FUN2' line: 5, col: 3
SQL>

Karol Bieniaszewski added a comment - 20/Jun/18 04:41 PM
If this matter i use flamerobin for this (maybe transaction setting matter)
tested on Windows with current snapshot

WI-V3.0.4.32989 Firebird 3.0

Karol Bieniaszewski added a comment - 20/Jun/18 03:53 PM
Create database with UTF8 charset and 16K page

Adriano dos Santos Fernandes added a comment - 20/Jun/18 03:18 PM
Cannot reproduce the crash in Linux.