[MDEV-19038] Server crashes in calc_row_difference upon updating ROW END column under SIMULTANEOUS_ASSIGNMENT - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Cannot Reproduce
Affects Version/s: 10.3, 10.4
Fix Version/s: N/A
Component/s: Data Manipulation - Update, Storage Engine - InnoDB, Versioned Tables
Labels:
None
Environment:
gcc (Debian 4.9.2-10) 4.9.2

Description

--source include/have_innodb.inc

CREATE OR REPLACE TABLE t1 (a INT, s TIMESTAMP(6) AS ROW START, e TIMESTAMP(6) AS ROW END, PERIOD FOR SYSTEM_TIME(s,e)) ENGINE=InnoDB WITH SYSTEM VERSIONING;

INSERT INTO t1 (a) VALUES (1);

SET SQL_MODE= 'SIMULTANEOUS_ASSIGNMENT';

UPDATE IGNORE t1 SET e = 100;

# Cleanup

DROP TABLE t1;

10.3 dcdeb394
#3 <signal handler called>
#4 0x00007f617dca2a20 in __memcmp_sse4_1 () from /lib/x86_64-linux-gnu/libc.so.6
#5 0x0000559c841d5092 in calc_row_difference (uvect=0x7f612406e7f0, old_row=0x7f612400ed18 "\375\001", new_row=0x7f612400ed00 "\375\001", table=0x7f612400cb70, upd_buff=0x7f6124070b50 '\245' <repeats 120 times>, "h4z\025", '\217' <repeats 12 times>, "\025\001", buff_len=115, prebuilt=0x7f612406db98, auto_inc=@0x7f617812eea8: 0) at /data/src/10.3/storage/innobase/handler/ha_innodb.cc:8501
#6 0x0000559c841d6035 in ha_innobase::update_row (this=0x7f612400d7b8, old_row=0x7f612400ed18 "\375\001", new_row=0x7f612400ed00 "\375\001") at /data/src/10.3/storage/innobase/handler/ha_innodb.cc:8848
#7 0x0000559c83ebe68d in handler::ha_update_row (this=0x7f612400d7b8, old_data=0x7f612400ed18 "\375\001", new_data=0x7f612400ed00 "\375\001") at /data/src/10.3/sql/handler.cc:6351
#8 0x0000559c83cafe14 in mysql_update (thd=0x7f6124000b00, table_list=0x7f6124014dd0, fields=..., values=..., conds=0x0, order_num=0, order=0x0, limit=18446744073709551615, ignore=true, found_return=0x7f617812f700, updated_return=0x7f617812f7c0) at /data/src/10.3/sql/sql_update.cc:946
#9 0x0000559c83bb71be in mysql_execute_command (thd=0x7f6124000b00) at /data/src/10.3/sql/sql_parse.cc:4582
#10 0x0000559c83bc2589 in mysql_parse (thd=0x7f6124000b00, rawbuf=0x7f6124014ce8 "UPDATE IGNORE t1 SET e = 100", length=28, parser_state=0x7f61781305f0, is_com_multi=false, is_next_command=false) at /data/src/10.3/sql/sql_parse.cc:8089
#11 0x0000559c83baf858 in dispatch_command (command=COM_QUERY, thd=0x7f6124000b00, packet=0x7f61241622c1 "UPDATE IGNORE t1 SET e = 100", packet_length=28, is_com_multi=false, is_next_command=false) at /data/src/10.3/sql/sql_parse.cc:1857
#12 0x0000559c83bae242 in do_command (thd=0x7f6124000b00) at /data/src/10.3/sql/sql_parse.cc:1403
#13 0x0000559c83d16ce3 in do_handle_one_connection (connect=0x559c87549400) at /data/src/10.3/sql/sql_connect.cc:1402
#14 0x0000559c83d16a67 in handle_one_connection (arg=0x559c87549400) at /data/src/10.3/sql/sql_connect.cc:1308
#15 0x0000559c841b35cb in pfs_spawn_thread (arg=0x559c87551f80) at /data/src/10.3/storage/perfschema/pfs.cc:1862
#16 0x00007f617fa78494 in start_thread (arg=0x7f6178131700) at pthread_create.c:333
#17 0x00007f617dc4693f in clone () from /lib/x86_64-linux-gnu/libc.so.6

All of debug, non-debug and ASAN builds fail with SEGV.

Attachments

Issue Links

relates to

MDEV-22600 Various ASAN use-after-poison errors or Assertion `prebuilt->mysql_prefix_len <= prebuilt->mysql_row_len' failed in row_sel_dequeue_cached_row_for_mysql upon SIMULTANEOUS_ASSIGNMENT and geometry

Confirmed

Activity

People

Assignee:: Nikita Malyavin

Reporter:: Elena Stepanova

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2019-03-25 13:35

Updated:: 2023-08-07 16:42

Resolved:: 2023-08-07 16:42

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.