Bug #53594 | crash/valgrind errors/debug assertion when inserting into compressed table | ||
---|---|---|---|
Submitted: | 12 May 2010 9:47 | Modified: | 24 May 2010 10:40 |
Reporter: | Shane Bester (Platinum Quality Contributor) | Email Updates: | |
Status: | Can't repeat | Impact on me: | |
Category: | MySQL Server: InnoDB Plugin storage engine | Severity: | S1 (Critical) |
Version: | 1.0.7 plugin, 5.1.46, 5.5.x | OS: | Any |
Assigned to: | Marko Mäkelä | CPU Architecture: | Any |
Tags: | compressed, valgrind |
[12 May 2010 9:47]
Shane Bester
[12 May 2010 9:49]
MySQL Verification Team
testcase
Attachment: bug53594_reduced_testcase.sql (application/octet-stream, text), 3.57 KiB.
[12 May 2010 9:53]
MySQL Verification Team
the problem is seen in valgrind here, using 1.0.7/5.1.46 build: Invalid read of size 1 at : memcpy (mc_replace_strmem.c:482) by : page_cur_insert_rec_low (ut0mem.ic:39) by : page_cur_insert_rec_zip (page0cur.c:1274) by : btr_cur_optimistic_insert (page0cur.ic:264) by : row_ins_index_entry_low (row0ins.c:2082) by : row_ins_step (row0ins.c:2162) by : row_insert_for_mysql (row0mysql.c:1137) by : ha_innodb::write_row(unsigned char*) (ha_innodb.cc:4703) by : handler::ha_write_row(unsigned char*) (handler.cc:4650) by : write_record(THD*, st_table*, st_copy_info*) (sql_insert.cc:1606)
[12 May 2010 10:00]
MySQL Verification Team
another presentation of this bug is the assertion: 100512 12:00:31 InnoDB: Assertion failure in thread 4728 in file .\btr\btr0cur.c line 3878 InnoDB: Failing assertion: local_len >= BTR_EXTERN_FIELD_REF_SIZE
[12 May 2010 10:30]
Valeriy Kravchuk
Verified just as described. With 5.5.x stack trace is: > mysqld.exe!memcpy(unsigned char * dst=0x02440078, unsigned char * src=0x051bcdc1, unsigned long count=6513) Line 188 mysqld.exe!rec_copy(void * buf=0x02440078, const unsigned char * rec=0x051bcde4, const unsigned long * offsets=0x051bd408) Line 1514 + 0x14 bytes mysqld.exe!page_cur_insert_rec_low(unsigned char * current_rec=0x02440063, dict_index_struct * index=0x051b5560, const unsigned char * rec=0x051bcde4, unsigned long * offsets=0x051bd408, mtr_struct * mtr=0x00000000) Line 1056 mysqld.exe!page_cur_insert_rec_zip(unsigned char * * current_rec=0x05a0dbd0, buf_block_struct * block=0x02381290, dict_index_struct * index=0x051b5560, const unsigned char * rec=0x051bcde4, unsigned long * offsets=0x051bd408, mtr_struct * mtr=0x05a0dc08) Line 1276 + 0x22 bytes mysqld.exe!page_cur_tuple_insert(page_cur_struct * cursor=0x05a0dbd0, const dtuple_struct * tuple=0x051a79c0, dict_index_struct * index=0x051b5560, unsigned long n_ext=1, mtr_struct * mtr=0x05a0dc08) Line 265 + 0xf bytes mysqld.exe!btr_cur_optimistic_insert(unsigned long flags=0, btr_cur_struct * cursor=0x05a0dbcc, dtuple_struct * entry=0x051a79c0, unsigned char * * rec=0x05a0dbc4, big_rec_struct * * big_rec=0x05a0dbb4, unsigned long n_ext=1, que_thr_struct * thr=0x051a14a8, mtr_struct * mtr=0x05a0dc08) Line 1198 + 0x18 bytes mysqld.exe!row_ins_index_entry_low(unsigned long mode=2, dict_index_struct * index=0x00000000, dtuple_struct * entry=0x051a79c0, unsigned long n_ext=0, que_thr_struct * thr=0x00000000) Line 2084 mysqld.exe!row_ins_index_entry(dict_index_struct * index=0x051b5560, dtuple_struct * entry=0x051a79c0, unsigned long n_ext=0, unsigned long foreign=1, que_thr_struct * thr=0x051a14a8) Line 2161 + 0x11 bytes mysqld.exe!row_ins_index_entry_step(ins_node_struct * node=0x00000000, que_thr_struct * thr=0x051a14a8) Line 2245 + 0x16 bytes mysqld.exe!row_ins(ins_node_struct * node=0x00000000, que_thr_struct * thr=0x00000000) Line 2377 + 0x6 bytes mysqld.exe!row_ins_step(que_thr_struct * thr=0x00000000) Line 2490 mysqld.exe!row_insert_for_mysql(unsigned char * mysql_rec=0x051a8de8, row_prebuilt_struct * prebuilt=0x051a0048) Line 1139 mysqld.exe!ha_innobase::write_row(unsigned char * record=0x051a8de8) Line 4423 + 0xd bytes mysqld.exe!handler::ha_write_row(unsigned char * buf=0x051a8de8) Line 4672 mysqld.exe!write_record(THD * thd=0x0237e2e0, TABLE * table=0x0519f138, st_copy_info * info=0x05a0e1c4) Line 1658 + 0xc bytes mysqld.exe!mysql_insert(THD * thd=0x0237e2e0, TABLE_LIST * table_list=0x0519b470, List<Item> & fields={...}, List<List<Item> > & values_list={...}, List<Item> & update_fields={...}, List<Item> & update_values={...}, enum_duplicates duplic=DUP_ERROR, bool ignore=true) Line 864 + 0xc bytes mysqld.exe!mysql_execute_command(THD * thd=0x0237e2e0) Line 3110 + 0x36 bytes mysqld.exe!mysql_parse(THD * thd=0x0237e2e0, const char * inBuf=0x0519b130, unsigned int length=354, const char * * found_semicolon=0x05a0f63c) Line 5735 + 0x6 bytes mysqld.exe!dispatch_command(enum_server_command command=COM_QUERY, THD * thd=0x0237e2e0, char * packet=0x05192e59, unsigned int packet_length=354) Line 1026 mysqld.exe!do_command(THD * thd=0x00000003) Line 710 + 0xf bytes mysqld.exe!do_handle_one_connection(THD * thd_arg=0x0237e2e0) Line 1174 + 0xa bytes mysqld.exe!handle_one_connection(void * arg=0x0237e2e0) Line 1113 + 0x6 bytes mysqld.exe!pthread_start(void * p=0x05187fc0) Line 61 + 0x3 bytes mysqld.exe!_callthreadstartex() Line 348 + 0x6 bytes mysqld.exe!_threadstartex(void * ptd=0x05196e68) Line 326 + 0x5 bytes
[24 May 2010 10:40]
MySQL Verification Team
i just confirmed this is fixed in 1.0.8 plugin that comes with 5.1.47.