What's New in v19.2.3

This version of CockroachDB is no longer supported. For more details, see the Release Support Policy.

February 05, 2020

This page lists additions and changes in v19.2.3 since v19.2.2.


A denial-of-service (DoS) vulnerability is present in CockroachDB v19.2.0 - v19.2.11 due to a bug in protobuf. This is resolved in CockroachDB v19.2.12 and later releases. When upgrading is not an option, users should audit their network configuration to verify that the CockroachDB HTTP port is not available to untrusted clients. We recommend blocking the HTTP port behind a firewall.

For more information, including other affected versions, see Technical Advisory 58932.


Cockroach Labs has discovered a bug relating to incremental backups, for CockroachDB v19.2.0 - v19.2.12. If a backup coincides with an in-progress index creation (backfill), RESTORE, or IMPORT, it is possible that a subsequent incremental backup will not include all of the indexed, restored or imported data.

Users are advised to upgrade to v20.1.15 or v20.2.8 or later, which includes resolutions.

For more information, including other affected versions, see Technical Advisory 63162.

Get future release notes emailed to you:


Docker image

$ docker pull cockroachdb/cockroach:v19.2.3

Security updates

  • SQL admins can now use the new command cockroach auth-session login to create authentication tokens with an arbitrary expiration date. Operators should be careful to monitor system.web_sessions and enforce policy-mandated expirations using either SQL queries or the new command cockroach auth-session logout. #44110

Enterprise edition changes

  • CockroachDB is now more resilient to connection/network errors when reading data from HTTP servers. CockroachDB now attempts to resume the download after such errors. #43687

SQL language changes

  • extract() now supports millennium, century, decade, isoyear, isodow, and julian for date, timestamp, and timestamptz. DATE_TRUNC now supports millennium, century, and decade for date, timestamp, and timestamptz. #42957
  • The output of EXPLAIN now shows joins where there are no equality columns as "cross" instead of "hash". Cross joins can be very expensive and should be avoided. #43239
  • Previously, we error-coded duplicate foreign key constraint names with 42830 or 23503. We changed this to be 42710 to be in line with PostgreSQL. #43425
  • Vectorized queries that execute only on supported types, even if those types form part of a table with unsupported types are now run through the vectorized engine. This would previously fall back to the row-by-row execution engine. #44014
  • SHOW RANGES now shows locality information consistent with the range descriptor when node ID and store ID do not match. #44312
  • Previously, CockroachDB would return an internal error when using SET TRACING with any type other than STRING. Now it will return a regular query error. Additionally, boolean arguments are now supported in SET TRACING, and true is mapped to on mode of tracing whereas false is mapped to off. #44347

Command-line changes

  • Telemetry is now recorded for whenever the command cockroach demo is used. #43819
  • Three new CLI commands, cockroach auth-session login, cockroach auth-session list, and cockroach auth-session logout, are now provided to facilitate the management of web sessions. The command auth-session login also produces a HTTP cookie which can be used by non-interactive HTTP-based database management tools. It also can generate such a cookie for the root user, who would not otherwise be able to do so using a web browser. #44110

Admin UI changes

  • We previously introduced a fix on the Admin UI to prevent non-admin users from executing queries. However, this inadvertently caused certain pages requiring table details not to display. This issue has now been resolved. #44191

Bug fixes

  • Fixed a bug during planning for some queries that could cause an infinite loop and prevent the query from being cancelled. #43082
  • Some incorrect issue links referenced by error hints have been corrected. #43233
  • EXPLAIN can now be used with statements that use AS OF SYSTEM TIME. #43303
  • This bug may cause jobs to be left indefinitely in PENDING state and never run. #43421
  • Fixed a bug that prevented error reporting while generating shell autocomplete scripts. #43507
  • Fixed a bug that prevented error reporting while reading from crdb_internal.gossip_nodes which could lead to lost writes or other undefined behavior. #43502
  • Fixed a bug that prevented error reporting while generating plan diagrams rather than silently reporting no result. #43506
  • Fixed a bug where an internal error could occur when CASE operator operating on distinct although compatible types was executed via the vectorized engine. For example, a query similar to SELECT CASE WHEN false THEN 0:::INT2 ELSE 1:::INT8 END previously would error out. #43566
  • Fixed a bug that prevented error reporting while looking up table descriptors during schema changes and other transactional interactions with schema which could cause lost writes or other undefined behavior. #43503
  • Fixed a bug in the parsing logic for server.host_based_authentication.configuration, where both single-character strings, and quoted strings containing spaces and separated by commas, were not properly parsed. #43714
  • Fixed a bug that prevented error reporting while failing to parse URIs for multi-locality backup. #43501
  • It is now possible to perform ALTER COLUMN SET/DROP NULL on multiple (different) columns of the same table inside a single transaction. #43645
  • CockroachDB now properly rejects ALTER COLUMN DROP NOT NULL on a column that is part of the primary key. #43645
  • Fixed a bug where errors from JSON containment operations were silently ignored rather than being returned. #43505
  • Previously, CockroachDB could incorrectly report that some values were NULL when, in fact, they weren't. This could occur only when vectorized execution engine was used with vectorize=experimental_on and now has been fixed. #43823
  • Fixed a bug where CockroachDB returned incorrect results for some aggregate functions when used as window functions with non-default window frame. Note that MIN, MAX, SUM, AVG, as well as "pure" window functions (i.e., non-aggregates) were not affected. #43854
  • Fixed a bug where CockroachDB could, in some cases, return an internal error when running a query with a CAST operation (:::) if vectorized execution engine is used. #43890
  • A SQL row write that is re-issued after already succeeding will no longer throw a duplicate key error when the previous write in its transaction deleted the row. #43937
  • On Linux machines, CockroachDB now respects the available memory limit set by the cgroup limits which apply to the cockroach process. #43860
  • Fixed a bug in which a query shutdown mechanism could fail to fully cleanup the infrastructure when the query was executed via the vectorized engine and the query plan contained wrapped row-by-row processors. #43944
  • Fixed a bug introduced in 19.2 that would allow foreign keys to use a unique index on the referenced columns that indexed more columns than were included in the columns used in the foreign key constraint, which allows potentially violating uniqueness in the referenced columns themselves. #43796
  • A benign error previously logged at the ERROR level is now logged at the INFO level behind a verbosity(2) flag. This error might have been observed as context canceled: readerCtx in Inbox stream handler. #44037
  • Fixed a bug where an internal error could occur when a query with an aggregate function MIN or MAX was executed via the vectorized engine when the input column was either INT2 or INT4 type. #44055
  • cockroach zip now emits the goroutine file in the proper sub-directory when the corresponding call fails with an error. #44065
  • cockroach debug zip is again able to operate correctly and continue to iterate over all nodes if one of the nodes does not deliver its goroutine dumps. It would previously prematurely and incorrectly stop with an incomplete dump; this was a regression introduced in 19.2. #44065
  • CDC is no longer susceptible to a bug where a resolved timestamp might be published before all events that precede it have been published in the presence of a range merge. #44077
  • Converted a panic in golang.org/x/text/language/tags.go when using collated strings to an error. #44117
  • CockroachDB now properly supports using --url with query options (e.g., application_name) but without specifying sslmode. The default of sslmode=disable is assumed in that case. #44115
  • Removed statistics information from backup jobs' payload information to avoid excessive memory utilization when issuing commands such as SHOW JOBS. #44190
  • Fixed a bug where CockroachDB could crash in special circumstances when vectorized execution engine is used (it was more likely to happen if vectorize=experimental_on setting was used). #44196
  • Fixed a planning bug related to FULL joins between single-row relations. #44228
  • Fixed CopyFrom requires empty destination internal error. #44245
  • Fixed a bug where multiple nodes attempted to populate the results for CREATE TABLE ... AS leading to duplicate rows. #44300
  • Fixed internal error when mixed types are used with BETWEEN. #44319
  • Fixed a bug where CockroachDB would return an internal error when a query with CASE operator that returns only NULL values was executed via the vectorized engine. #44353
  • Fixed an internal error in the planner when table statistics were collected manually using CREATE STATISTICS for different columns at different times. #44442
  • Fixed a bug that prevented admin users from using BACKUP, RESTORE, and IMPORT. #44456
  • Fixed incorrect plans in very rare cases involving filters that aren't constant folded in the optimizer but that can be evaluated statically when running a given query. #44419

Performance improvements

  • Adjusted the optimizer's cost of lookup join when the lookup columns aren't a key in the table. This will now cause some queries to switch to using a hash or merge join instead of a lookup join, improving performance in most cases. #43059
  • Improved the estimated row count for some lookup joins during planning, leading to better plans in some cases. #43364
  • A transaction running into multiple intents from an abandoned conflicting transaction now cleans them up more efficiently. #43588
  • Histograms are now collected automatically for all boolean columns, resulting in better query plans in some cases. For tables that aren't being modified frequently, it might be necessary to run CREATE STATISTICS manually to see the benefit. #44171


  • The kv.allocator.range_rebalance_threshold setting, which controls how far away from the mean a store's range count must be before it is considered for rebalance, is now subject to a 2-replica minimum. If, for example, the mean number of replicas per store is 5.6 and the setting is 5%, the store will not be considered for rebalance unless the number of replicas is lesser than 3 or greater than 8. Previously, the bounds would have been 5 and 6. #44359

Doc updates


This release includes 58 merged PRs by 18 authors. We would like to thank the following contributors from the CockroachDB community:

  • Roga Pria Sembada (first-time contributor)
YesYes NoNo