[MDEV-22675] Assertion `offset < table->s->reclength' failed in dump_leaf_key Created: 2020-05-22  Updated: 2023-12-05

Status: Stalled
Project: MariaDB Server
Component/s: Server
Affects Version/s: 10.1, 10.2, 10.3, 10.4, 10.5, 10.6
Fix Version/s: 10.4, 10.5

Type: Bug Priority: Major
Reporter: Elena Stepanova Assignee: Rucha Deodhar
Resolution: Unresolved Votes: 0
Labels: None


 Description    

CREATE TABLE t1 (id INT PRIMARY KEY, a VARCHAR(1024) NOT NULL);
 
INSERT INTO t1 VALUES (1,'foo'),(2,'bar');
 
SET SQL_MODE= '';
 
SELECT GROUP_CONCAT( IF( id, '', a ), MID( a, 10, 0 ) ) AS f FROM t1;
 
 
 
# Cleanup
 
DROP TABLE t1;

10.2 450a5b33

 
mysqld: /data/src/10.2/sql/item_sum.cc:3207: int dump_leaf_key(void*, element_count, void*): Assertion `offset < table->s->reclength' failed.
 
200522 21:03:03 [ERROR] mysqld got signal 6 ;
 
 
 
#7  0x00007ff8c1d18f12 in __GI___assert_fail (assertion=0x5599e1fb3c5b "offset < table->s->reclength", file=0x5599e1fb3808 "/data/src/10.2/sql/item_sum.cc", line=3207, function=0x5599e1fb4c80 <dump_leaf_key::__PRETTY_FUNCTION__> "int dump_leaf_key(void*, element_count, void*)") at assert.c:101
 
#8  0x00005599e179203f in dump_leaf_key (key_arg=0x7ff8ac175038, count=1, item_arg=0x7ff8ac012c58) at /data/src/10.2/sql/item_sum.cc:3207
 
#9  0x00005599e1793617 in Item_func_group_concat::add (this=0x7ff8ac012c58) at /data/src/10.2/sql/item_sum.cc:3584
 
#10 0x00005599e1794d43 in Aggregator_simple::add (this=0x7ff8ac015658) at /data/src/10.2/sql/item_sum.h:708
 
#11 0x00005599e14c2a95 in Item_sum::aggregator_add (this=0x7ff8ac012c58) at /data/src/10.2/sql/item_sum.h:553
 
#12 0x00005599e14c2980 in Item_sum::reset_and_add (this=0x7ff8ac012c58) at /data/src/10.2/sql/item_sum.h:440
 
#13 0x00005599e14b74fd in init_sum_functions (func_ptr=0x7ff8ac013fb8, end_ptr=0x7ff8ac013fc0) at /data/src/10.2/sql/sql_select.cc:23850
 
#14 0x00005599e14ae3aa in end_send_group (join=0x7ff8ac013820, join_tab=0x7ff8ac014ed8, end_of_records=false) at /data/src/10.2/sql/sql_select.cc:20244
 
#15 0x00005599e14ab4c7 in evaluate_join_record (join=0x7ff8ac013820, join_tab=0x7ff8ac014b28, error=0) at /data/src/10.2/sql/sql_select.cc:19087
 
#16 0x00005599e14aadb3 in sub_select (join=0x7ff8ac013820, join_tab=0x7ff8ac014b28, end_of_records=false) at /data/src/10.2/sql/sql_select.cc:18867
 
#17 0x00005599e14aa33a in do_select (join=0x7ff8ac013820, procedure=0x0) at /data/src/10.2/sql/sql_select.cc:18411
 
#18 0x00005599e1483e21 in JOIN::exec_inner (this=0x7ff8ac013820) at /data/src/10.2/sql/sql_select.cc:3633
 
#19 0x00005599e14832dc in JOIN::exec (this=0x7ff8ac013820) at /data/src/10.2/sql/sql_select.cc:3428
 
#20 0x00005599e1484492 in mysql_select (thd=0x7ff8ac000af0, tables=0x7ff8ac013108, wild_num=0, fields=..., conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x7ff8ac013800, unit=0x7ff8ac0046e8, select_lex=0x7ff8ac004e28) at /data/src/10.2/sql/sql_select.cc:3828
 
#21 0x00005599e1478644 in handle_select (thd=0x7ff8ac000af0, lex=0x7ff8ac004628, result=0x7ff8ac013800, setup_tables_done_option=0) at /data/src/10.2/sql/sql_select.cc:361
 
#22 0x00005599e1444139 in execute_sqlcom_select (thd=0x7ff8ac000af0, all_tables=0x7ff8ac013108) at /data/src/10.2/sql/sql_parse.cc:6225
 
#23 0x00005599e143a9e0 in mysql_execute_command (thd=0x7ff8ac000af0) at /data/src/10.2/sql/sql_parse.cc:3532
 
#24 0x00005599e1447e6f in mysql_parse (thd=0x7ff8ac000af0, rawbuf=0x7ff8ac012448 "SELECT GROUP_CONCAT( IF( id, '', a ), MID( a, 10, 0 ) ) AS f FROM t1", length=68, parser_state=0x7ff8bc04c610, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:7740
 
#25 0x00005599e14361c2 in dispatch_command (command=COM_QUERY, thd=0x7ff8ac000af0, packet=0x7ff8ac08bff1 "", packet_length=68, is_com_multi=false, is_next_command=false) at /data/src/10.2/sql/sql_parse.cc:1832
 
#26 0x00005599e1434c3d in do_command (thd=0x7ff8ac000af0) at /data/src/10.2/sql/sql_parse.cc:1385
 
#27 0x00005599e1589ac9 in do_handle_one_connection (connect=0x5599e528efa0) at /data/src/10.2/sql/sql_connect.cc:1336
 
#28 0x00005599e1589834 in handle_one_connection (arg=0x5599e528efa0) at /data/src/10.2/sql/sql_connect.cc:1241
 
#29 0x00005599e1d9efd6 in pfs_spawn_thread (arg=0x5599e5232eb0) at /data/src/10.2/storage/perfschema/pfs.cc:1869
 
#30 0x00007ff8c3ca14a4 in start_thread (arg=0x7ff8bc04d700) at pthread_create.c:456
 
#31 0x00007ff8c1dd5d0f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97

Reproducible with at least InnoDB, MyISAM, Aria.
No obvious problem on a non-debug build.

 Comments   
Comment by Roel Van de Paar [ 2021-06-07 ]

Also affects 10.6

10.6.2 06dd151bb86ad5b87d4d46011f36da1289c01074 (Debug)

 
mysqld: /test/10.6_dbg/sql/item_sum.cc:3846: int dump_leaf_key(void*, element_count, void*): Assertion `offset < table->s->reclength' failed.

10.6.2 06dd151bb86ad5b87d4d46011f36da1289c01074 (Debug)

 
Core was generated by `/test/MD050621-mariadb-10.6.2-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'.
 
Program terminated with signal SIGABRT, Aborted.
 
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
 
[Current thread is 1 (Thread 0x150fd811e700 (LWP 3839114))]
 
(gdb) bt
 
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
 
#1  0x0000150fd9783859 in __GI_abort () at abort.c:79
 
#2  0x0000150fd9783729 in __assert_fail_base (fmt=0x150fd9919588 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x562e9ca85e06 "offset < table->s->reclength", file=0x562e9ca84990 "/test/10.6_dbg/sql/item_sum.cc", line=3846, function=<optimized out>) at assert.c:92
 
#3  0x0000150fd9794f36 in __GI___assert_fail (assertion=assertion@entry=0x562e9ca85e06 "offset < table->s->reclength", file=file@entry=0x562e9ca84990 "/test/10.6_dbg/sql/item_sum.cc", line=line@entry=3846, function=function@entry=0x562e9ca857f8 "int dump_leaf_key(void*, element_count, void*)") at assert.c:101
 
#4  0x0000562e9c02db97 in dump_leaf_key (key_arg=0x150f88072270, count=count@entry=1, item_arg=item_arg@entry=0x150f88014be8) at /test/10.6_dbg/sql/item_sum.cc:3846
 
#5  0x0000562e9c02e2bd in Item_func_group_concat::add (this=this@entry=0x150f88014be8, exclude_nulls=true) at /test/10.6_dbg/sql/item_sum.cc:4220
 
#6  0x0000562e9c0358b6 in Item_func_group_concat::add (this=0x150f88014be8) at /test/10.6_dbg/sql/item_sum.h:2043
 
#7  0x0000562e9c02ef9f in Aggregator_simple::add (this=<optimized out>) at /test/10.6_dbg/sql/item_sum.h:720
 
#8  0x0000562e9bc6707d in Item_sum::aggregator_add (this=0x150f88014be8) at /test/10.6_dbg/sql/item_sum.h:564
 
#9  Item_sum::reset_and_add (this=0x150f88014be8) at /test/10.6_dbg/sql/item_sum.h:445
 
#10 init_sum_functions (func_ptr=0x150f880168f8, end_ptr=0x150f88016900) at /test/10.6_dbg/sql/sql_select.cc:26128
 
#11 0x0000562e9bca5e72 in end_send_group (join=0x150f88016090, join_tab=<optimized out>, end_of_records=<optimized out>) at /test/10.6_dbg/sql/sql_select.cc:22433
 
#12 0x0000562e9bc6c3e0 in evaluate_join_record (join=join@entry=0x150f88016090, join_tab=join_tab@entry=0x150f88017518, error=error@entry=0) at /test/10.6_dbg/sql/sql_select.cc:21219
 
#13 0x0000562e9bc829f9 in sub_select (join=0x150f88016090, join_tab=0x150f88017518, end_of_records=<optimized out>) at /test/10.6_dbg/sql/sql_select.cc:20996
 
#14 0x0000562e9bcba616 in do_select (procedure=0x0, join=0x150f88016090) at /test/10.6_dbg/sql/sql_select.cc:20543
 
#15 JOIN::exec_inner (this=this@entry=0x150f88016090) at /test/10.6_dbg/sql/sql_select.cc:4726
 
#16 0x0000562e9bcbab04 in JOIN::exec (this=this@entry=0x150f88016090) at /test/10.6_dbg/sql/sql_select.cc:4504
 
#17 0x0000562e9bcb8a7a in mysql_select (thd=thd@entry=0x150f88000db8, tables=0x150f880150b0, fields=@0x150f88014338: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x150f88015060, last = 0x150f88015060, elements = 1}, <No data fields>}, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2147748608, result=0x150f88016068, unit=0x150f88005130, select_lex=0x150f88014098) at /test/10.6_dbg/sql/sql_select.cc:4982
 
#18 0x0000562e9bcb8d2f in handle_select (thd=thd@entry=0x150f88000db8, lex=lex@entry=0x150f88005068, result=result@entry=0x150f88016068, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/10.6_dbg/sql/sql_select.cc:544
 
#19 0x0000562e9bc2c6ac in execute_sqlcom_select (thd=thd@entry=0x150f88000db8, all_tables=0x150f880150b0) at /test/10.6_dbg/sql/sql_parse.cc:6242
 
#20 0x0000562e9bc3958c in mysql_execute_command (thd=thd@entry=0x150f88000db8) at /test/10.6_dbg/sql/sql_parse.cc:3937
 
#21 0x0000562e9bc25adc in mysql_parse (thd=thd@entry=0x150f88000db8, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x150fd811d400) at /test/10.6_dbg/sql/sql_parse.cc:8016
 
#22 0x0000562e9bc34646 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x150f88000db8, packet=packet@entry=0x150f8800b769 "", packet_length=packet_length@entry=68, blocking=blocking@entry=true) at /test/10.6_dbg/sql/sql_class.h:1340
 
#23 0x0000562e9bc37a26 in do_command (thd=0x150f88000db8, blocking=blocking@entry=true) at /test/10.6_dbg/sql/sql_parse.cc:1406
 
#24 0x0000562e9bd9bec2 in do_handle_one_connection (connect=<optimized out>, connect@entry=0x562e9e9d0b98, put_in_cache=put_in_cache@entry=true) at /test/10.6_dbg/sql/sql_connect.cc:1410
 
#25 0x0000562e9bd9c4c7 in handle_one_connection (arg=arg@entry=0x562e9e9d0b98) at /test/10.6_dbg/sql/sql_connect.cc:1312
 
#26 0x0000562e9c24803a in pfs_spawn_thread (arg=0x562e9e8b9128) at /test/10.6_dbg/storage/perfschema/pfs.cc:2201
 
#27 0x0000150fd9c91609 in start_thread (arg=<optimized out>) at pthread_create.c:477
 
#28 0x0000150fd9880293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Comment by Julien Fritsch [ 2023-12-05 ]

Automated message:
----------------------------
Since this issue has not been updated since 6 weeks, it's time to move it back to Stalled.

Comment by JiraAutomate [ 2023-12-05 ]

Automated message:
----------------------------
Since this issue has not been updated since 6 weeks, it's time to move it back to Stalled.

Generated at Thu Feb 08 09:16:35 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.