Bug #10400 Improperly-defined MERGE table crashes with INSERT ... ON DUPLICATE KEY UPDATE
Submitted: 6 May 2005 2:39 Modified: 23 May 2005 2:10
Reporter: Dean Ellis Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: MyISAM storage engine Severity:S1 (Critical)
Version:4.1.12 forward OS:
Assigned to: Ingo Strüwing CPU Architecture:Any

[6 May 2005 2:39] Dean Ellis
Description:
An improperly-defined MERGE table crashes with INSERT ... ON DUPLICATE KEY UPDATE.

How to repeat:
DROP TABLE IF EXISTS t1, t2;
CREATE TABLE t1 ( a INT AUTO_INCREMENT PRIMARY KEY, b VARCHAR(10), UNIQUE (b) ) ENGINE=MyISAM;
CREATE TABLE t2 ( a INT AUTO_INCREMENT, b VARCHAR(10), INDEX (a), INDEX (b) ) ENGINE=MERGE UNION (t1) INSERT_METHOD=FIRST;
INSERT INTO t2 (b) VALUES (1) ON DUPLICATE KEY UPDATE b=2;
INSERT INTO t2 (b) VALUES (1) ON DUPLICATE KEY UPDATE b=3;
SELECT b FROM t2;

Suggested fix:
n/a
[9 May 2005 9:48] Ingo Strüwing
An intermediate result: I canot repeat the crash. On the current 4.1.12 the test case runs just fine. On the current 5.0.6, the second INSERT throws a weird error message, but there is no crash. Neither a server crash, nor a table crash. I will take a further look into the weird behaviour in 5.0.6.
[9 May 2005 13:57] Dean Ellis
Current 4.1.12 build still crashes in an optimized, non-debug binary.
[9 May 2005 14:30] Ingo Strüwing
The problem in 5.0.6 turned out to be a memory allocation problem, which could also affect 4.1. Such problems often depend on compilation options and system dependencies. The patch, I will propose soon, will fix this for 4.1 and 5.0. When the ON DUPLICATE option was introduced in 4.1, it probably was assumed that all tables allow for unique indexes and it will be used on these only. But MERGE does not have unique indexes. Hence, the maximum length of all unique keys of this table is zero, which is a bit too small to allocate a buffer for the key values.
[12 May 2005 19:42] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/internals/24818
[18 May 2005 17:40] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/internals/25062
[19 May 2005 10:32] Ingo Strüwing
Pushed to 4.1.13 and 5.0.6.
[23 May 2005 2:10] Paul Dubois
Noted in 4.1.13, 5.0.6 changelogs.