[MDEV-21799] Assertion `is_storage_available(tuple - packed_tuple, 0)' failed in myrocks::Rdb_key_def::pack_record upon INSERT into VARBINARY(0) or VARCHAR | heap-buffer-overflow on address from myrocks::Rdb_field_packing::fill_hidden_pk_val - Jira

XML

Word

Printable

Details

Type: Bug
Status: Confirmed (View Workflow)
Priority: Critical
Resolution: Unresolved
Affects Version/s: 10.2(EOL), 10.3(EOL), 10.4(EOL), 10.5, 10.6, 10.7(EOL), 10.8(EOL), 10.9(EOL)
Fix Version/s: 10.5, 10.6
Component/s: Storage Engine - RocksDB
Labels:

Description

INSTALL SONAME 'ha_rocksdb';

CREATE TABLE t1 (a VARBINARY(0), KEY(a)) ENGINE=RocksDB;

INSERT IGNORE INTO t1 VALUES (1);

10.2 3ce49a0a
mysqld: /data/src/10.2/storage/rocksdb/rdb_datadic.cc:1443: uint myrocks::Rdb_key_def::pack_record(const TABLE, uchar, const uchar, uchar, myrocks::Rdb_string_writer, bool, longlong, uint, uint, const char*) const: Assertion `is_storage_available(tuple - packed_tuple, 0)' failed.
200221 15:48:42 [ERROR] mysqld got signal 6 ;

#6 0x00007f0977f1fe67 in __assert_fail_base (fmt=<optimized out>, assertion=assertion@entry=0x7f0931ac9c70 "is_storage_available(tuple - packed_tuple, 0)", file=file@entry=0x7f0931ac9688 "/data/src/10.2/storage/rocksdb/rdb_datadic.cc", line=line@entry=1443, function=function@entry=0x7f0931acb860 <myrocks::Rdb_key_def::pack_record(TABLE const, unsigned char, unsigned char const, unsigned char, myrocks::Rdb_string_writer, bool, long long, unsigned int, unsigned int, char const) const::__PRETTY_FUNCTION__> "uint myrocks::Rdb_key_def::pack_record(const TABLE, uchar, const uchar, uchar, myrocks::Rdb_string_writer, bool, longlong, uint, uint, const char) const") at assert.c:92
#7 0x00007f0977f1ff12 in __GI___assert_fail (assertion=0x7f0931ac9c70 "is_storage_available(tuple - packed_tuple, 0)", file=0x7f0931ac9688 "/data/src/10.2/storage/rocksdb/rdb_datadic.cc", line=1443, function=0x7f0931acb860 <myrocks::Rdb_key_def::pack_record(TABLE const, unsigned char, unsigned char const, unsigned char, myrocks::Rdb_string_writer, bool, long long, unsigned int, unsigned int, char const) const::__PRETTY_FUNCTION__> "uint myrocks::Rdb_key_def::pack_record(const TABLE, uchar, const uchar, uchar, myrocks::Rdb_string_writer, bool, longlong, uint, uint, const char) const") at assert.c:101
#8 0x00007f09316c274f in myrocks::Rdb_key_def::pack_record (this=0x7f0914050c50, tbl=0x7f0914055a70, pack_buffer=0x7f09140576d0 '\245' <repeats 16 times>, "h4z\025\217\217\217\217\225", record=0x7f0914056680 "\376", packed_tuple=0x7f091405ec90 "", unpack_info=0x7f0914057018, should_store_row_debug_checksums=false, hidden_pk_id=1, n_key_parts=2, n_null_fields=0x0, ttl_bytes=0x7f0914057841 '\217' <repeats 15 times>, "\020y\005\024\t\177") at /data/src/10.2/storage/rocksdb/rdb_datadic.cc:1443
#9 0x00007f093163e57a in myrocks::ha_rocksdb::update_write_sk (this=0x7f0914056ad8, table_arg=0x7f0914055a70, kd=..., row_info=..., bulk_load_sk=false) at /data/src/10.2/storage/rocksdb/ha_rocksdb.cc:10141
#10 0x00007f093163ea6c in myrocks::ha_rocksdb::update_write_indexes (this=0x7f0914056ad8, row_info=..., pk_changed=false) at /data/src/10.2/storage/rocksdb/ha_rocksdb.cc:10241
#11 0x00007f093163ed28 in myrocks::ha_rocksdb::update_write_row (this=0x7f0914056ad8, old_data=0x0, new_data=0x7f0914056680 "\376", skip_unique_check=false) at /data/src/10.2/storage/rocksdb/ha_rocksdb.cc:10324
#12 0x00007f093163ca7c in myrocks::ha_rocksdb::write_row (this=0x7f0914056ad8, buf=0x7f0914056680 "\376") at /data/src/10.2/storage/rocksdb/ha_rocksdb.cc:9533
#13 0x0000561d839cf5a8 in handler::ha_write_row (this=0x7f0914056ad8, buf=0x7f0914056680 "\376") at /data/src/10.2/sql/handler.cc:6089
#14 0x0000561d8371ea0a in write_record (thd=0x7f0914000af0, table=0x7f0914055a70, info=0x7f097567a530) at /data/src/10.2/sql/sql_insert.cc:1941
#15 0x0000561d8371c4a2 in mysql_insert (thd=0x7f0914000af0, table_list=0x7f0914012328, fields=..., values_list=..., update_fields=..., update_values=..., duplic=DUP_ERROR, ignore=true) at /data/src/10.2/sql/sql_insert.cc:1066
#16 0x0000561d83743515 in mysql_execute_command (thd=0x7f0914000af0) at /data/src/10.2/sql/sql_parse.cc:4166
#17 0x0000561d8374ecba in mysql_parse (thd=0x7f0914000af0, rawbuf=0x7f0914012238 "INSERT IGNORE INTO t1 VALUES (1)", length=32, parser_state=0x7f097567b250, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:7739
#18 0x0000561d8373d013 in dispatch_command (command=COM_QUERY, thd=0x7f0914000af0, packet=0x7f0914066ca1 "INSERT IGNORE INTO t1 VALUES (1)", packet_length=32, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:1831
#19 0x0000561d8373b967 in do_command (thd=0x7f0914000af0) at /data/src/10.2/sql/sql_parse.cc:1384
#20 0x0000561d838909a3 in do_handle_one_connection (connect=0x561d871f0cf0) at /data/src/10.2/sql/sql_connect.cc:1336
#21 0x0000561d8389070e in handle_one_connection (arg=0x561d871f0cf0) at /data/src/10.2/sql/sql_connect.cc:1241
#22 0x00007f0979ea84a4 in start_thread (arg=0x7f097567c700) at pthread_create.c:456
#23 0x00007f0977fdcd0f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97

Reproducible on 10.2-10.5.
No obvious problem on a non-debug build.

Attachments

Issue Links

relates to

MDEV-23956 Server crash or ASAN errors in myrocks::ha_rocksdb::index_first / myrocks::ha_rocksdb::inplace_populate_sk / ha_rocksdb::can_use_bloom_filter / rocksdb::DBImpl::NewIterator

Confirmed

MDEV-29857 ASAN heap-buffer-overflow in myrocks::Rdb_key_def::pack_variable_format or further crash on shutdown

Open

MDEV-30610 Update RocksDB to the latest upstream version

Open

MDEV-35556 UBSAN: runtime error: applying non-zero offset 32 to null pointer

Open

Activity

People

Assignee:: Sergei Petrunia

Reporter:: Elena Stepanova

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 2020-02-21 13:49

Updated:: 2024-12-03 05:11

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.