Description:
An improperly-defined MERGE table crashes with INSERT ... ON DUPLICATE KEY UPDATE.

How to repeat:
DROP TABLE IF EXISTS t1, t2;
CREATE TABLE t1 ( a INT AUTO_INCREMENT PRIMARY KEY, b VARCHAR(10), UNIQUE (b) )
ENGINE=MyISAM;
CREATE TABLE t2 ( a INT AUTO_INCREMENT, b VARCHAR(10), INDEX (a), INDEX (b) ) ENGINE=MERGE
UNION (t1) INSERT_METHOD=FIRST;
INSERT INTO t2 (b) VALUES (1) ON DUPLICATE KEY UPDATE b=2;
INSERT INTO t2 (b) VALUES (1) ON DUPLICATE KEY UPDATE b=3;
SELECT b FROM t2;

Suggested fix:
n/a

An intermediate result: I canot repeat the crash. On the current 4.1.12 the test case runs
just fine. On the current 5.0.6, the second INSERT throws a weird error message, but there
is no crash. Neither a server crash, nor a table crash. I will take a further look into
the weird behaviour in 5.0.6.

Current 4.1.12 build still crashes in an optimized, non-debug binary.

The problem in 5.0.6 turned out to be a memory allocation problem, which could also affect
4.1. Such problems often depend on compilation options and system dependencies. The patch,
I will propose soon, will fix this for 4.1 and 5.0. When the ON DUPLICATE option was
introduced in 4.1, it probably was assumed that all tables allow for unique indexes and it
will be used on these only. But MERGE does not have unique indexes. Hence, the maximum
length of all unique keys of this table is zero, which is a bit too small to allocate a
buffer for the key values.

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/internals/24818

A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/internals/25062

Pushed to 4.1.13 and 5.0.6.

Noted in 4.1.13, 5.0.6 changelogs.