Details
Description
Version: '5.3.13-MariaDB-debug-log' mysqld: ma_dyncol.c:918: type_and_offset_store: Assertion `offset < 0x1f' failed. 130723 21:35:53 [ERROR] mysqld got signal 6 ;
#7 0x00007f56a7122192 in __GI___assert_fail (assertion=0xdd594e "offset < 0x1f", file=0xdd5830 "ma_dyncol.c", line=918, function=0xdd5bf0 "type_and_offset_store") at assert.c:103
#8 0x0000000000b6a8c3 in type_and_offset_store (place=0x7f568c033b13 "\217\b", 'x' <repeats 80 times>, offset_size=1, type=DYN_COL_STRING, offset=81) at ma_dyncol.c:918
#9 0x0000000000b6ca5b in dynamic_column_update_many (str=0x7f56a5fa3f60, add_column_count=2, column_numbers=0x7f568c01a678, values=0x7f568c01a5e8) at ma_dyncol.c:2033
#10 0x00000000005ec964 in Item_func_dyncol_add::val_str (this=0x7f568c019818, str=0x7f56a5fa40c0) at item_strfunc.cc:3769
#11 0x000000000058b2dc in Item::send (this=0x7f568c019818, protocol=0x2df2cd0, buffer=0x7f56a5fa40c0) at item.cc:5970
#12 0x0000000000659dbc in select_send::send_data (this=0x7f568c019ee0, items=...) at sql_class.cc:2012
#13 0x0000000000730e1d in end_send (join=0x7f568c019f00, join_tab=0x0, end_of_records=false) at sql_select.cc:16974
#14 0x000000000072dbe9 in do_select (join=0x7f568c019f00, fields=0x2df5470, table=0x0, procedure=0x0) at sql_select.cc:15548
#15 0x000000000070e1c2 in JOIN::exec (this=0x7f568c019f00) at sql_select.cc:2769
#16 0x000000000070ea4d in mysql_select (thd=0x2df28c8, rref_pointer_array=0x2df55b8, tables=0x7f568c019a38, wild_num=0, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147764736, result=0x7f568c019ee0, unit=0x2df4e58, select_lex=0x2df5360) at sql_select.cc:2990
#17 0x00000000007054c1 in handle_select (thd=0x2df28c8, lex=0x2df4db8, result=0x7f568c019ee0, setup_tables_done_option=0) at sql_select.cc:288
#18 0x00000000006917d2 in execute_sqlcom_select (thd=0x2df28c8, all_tables=0x7f568c019a38) at sql_parse.cc:5172
#19 0x000000000068859a in mysql_execute_command (thd=0x2df28c8) at sql_parse.cc:2305
#20 0x000000000069425c in mysql_parse (thd=0x2df28c8, rawbuf=0x7f568c018f40 "SELECT COLUMN_ADD( dyn, 6, REPEAT('x',80), 4, REPEAT('y',215) AS INTEGER ) FROM t1", length=82, found_semicolon=0x7f56a5fa57e0) at sql_parse.cc:6173
#21 0x0000000000685cb7 in dispatch_command (command=COM_QUERY, thd=0x2df28c8, packet=0x2e6cb29 "", packet_length=82) at sql_parse.cc:1243
#22 0x0000000000684f28 in do_command (thd=0x2df28c8) at sql_parse.cc:923
#23 0x0000000000681dc2 in handle_one_connection (arg=0x2df28c8) at sql_connect.cc:1231
#24 0x00007f56a7cbde9a in start_thread (arg=0x7f56a5fa6700) at pthread_create.c:308
#25 0x00007f56a71e6cbd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
bzr version-info
revision-id: sergii@pisem.net-20130715163225-6ch6x34lsufode3d revno: 3670 branch-nick: 5.3
Test case:
CREATE TABLE t1 (dyn TINYBLOB) ENGINE=MyISAM;
INSERT INTO t1 SET dyn = COLUMN_CREATE( 40, REPEAT('a', 233), 4, REPEAT('b', 322) );
SELECT COLUMN_ADD( dyn, 6, REPEAT('x',80), 4, REPEAT('y',215) AS INTEGER ) FROM t1;
Gliffy Diagrams
Attachments
Issue Links
- duplicates
-
MDEV-4812 Valgrind warnings (Invalid write) in dynamic_column_update_many on COLUMN_ADD
-
- Closed
-
Activity
- All
- Comments
- Work Log
- History
- Activity
- Transitions
Fix committed for review.
Require special merge to 10.0 and additional tests with symbolic column names.
Pushed to 5.3. waiting for buildbot...
Continue with merge 5.5->10.0-base
merged and pushed to 10.0-base
above is wrong
now merged and pushed
Problem is in calculating data size by string size which was truncated.
We do not need correct result in this case but it should not lead to crash.