[MDEV-27769] Assertion `l_offset >= 0 && table->s->rec_buff_length - l_offset > 0' failed in Field::ptr_in_record Created: 2022-02-08  Updated: 2023-04-27

Status: Open
Project: MariaDB Server
Component/s: Full-text Search, GIS, Storage Engine - InnoDB
Affects Version/s: 10.3, 10.4, 10.5, 10.6, 10.7, 10.8
Fix Version/s: 10.4, 10.5, 10.6

Type: Bug Priority: Major
Reporter: Roel Van de Paar Assignee: Nikita Malyavin
Resolution: Unresolved Votes: 0
Labels: not-10.2, regression

Issue Links:
Relates
relates to MDEV-24511 null field is created with CREATE..SE... Closed

 Description   

Further to MDEV-24511:

SET SESSION sql_mode='ORACLE';
 
CREATE TABLE t (a CHAR,b GEOMETRY) ENGINE InnoDB;
 
INSERT INTO t (a) VALUES (uuid_short());
 
UPDATE t SET a=a+12,b=3 LIMIT 3;
 
CREATE FULLTEXT INDEX i ON t (s2);

Leads to:

10.8.1 0c5d1342ae6b5ab3256848be7a83e5c3b1f21566 (Debug)

 
mysqld: /test/10.8_dbg/sql/field.h:1159: const uchar* Field::ptr_in_record(const uchar*) const: Assertion `l_offset >= 0 && table->s->rec_buff_length - l_offset > 0' failed.

10.8.1 0c5d1342ae6b5ab3256848be7a83e5c3b1f21566 (Debug)

 
Core was generated by `/test/MD290122-mariadb-10.8.1-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'.
 
Program terminated with signal SIGABRT, Aborted.
 
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
 
[Current thread is 1 (Thread 0x154b801ea700 (LWP 3094038))]
 
(gdb) bt
 
#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
 
#1  0x0000154ba087d859 in __GI_abort () at abort.c:79
 
#2  0x0000154ba087d729 in __assert_fail_base (fmt=0x154ba0a13588 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x562c1958b1d8 "l_offset >= 0 && table->s->rec_buff_length - l_offset > 0", file=0x562c19541190 "/test/10.8_dbg/sql/field.h", line=1159, function=<optimized out>) at assert.c:92
 
#3  0x0000154ba088ef36 in __GI___assert_fail (assertion=assertion@entry=0x562c1958b1d8 "l_offset >= 0 && table->s->rec_buff_length - l_offset > 0", file=file@entry=0x562c19541190 "/test/10.8_dbg/sql/field.h", line=line@entry=1159, function=function@entry=0x562c1958b1a0 "const uchar* Field::ptr_in_record(const uchar*) const") at assert.c:101
 
#4  0x0000562c18b76b93 in Field::ptr_in_record (record=<optimized out>, this=0x154b280285d0) at /test/10.8_dbg/sql/field.h:1159
 
#5  Column_definition::Column_definition (this=0x154b28014930, thd=0x154b28000db8, old_field=<optimized out>, orig_field=0x154b280285d0) at /test/10.8_dbg/sql/field.cc:10872
 
#6  0x0000562c189754d1 in Create_field::Create_field (orig_field=0x154b280285d0, old_field=0x154b280285d0, thd=0x154b28000db8, this=0x154b28014930) at /test/10.8_dbg/sql/field.h:5686
 
#7  mysql_prepare_alter_table (thd=thd@entry=0x154b28000db8, table=table@entry=0x154b28028148, create_info=create_info@entry=0x154b801e8fc0, alter_info=alter_info@entry=0x154b801e8ed0, alter_ctx=alter_ctx@entry=0x154b801e8190) at /test/10.8_dbg/sql/sql_table.cc:8166
 
#8  0x0000562c189855ad in mysql_alter_table (thd=thd@entry=0x154b28000db8, new_db=new_db@entry=0x154b28013ee8, new_name=new_name@entry=0x154b28013ef8, create_info=create_info@entry=0x154b801e8fc0, table_list=<optimized out>, table_list@entry=0x154b28013ed0, alter_info=alter_info@entry=0x154b801e8ed0, order_num=<optimized out>, order=<optimized out>, ignore=<optimized out>, if_exists=<optimized out>) at /test/10.8_dbg/sql/sql_table.cc:10308
 
#9  0x0000562c18895631 in mysql_execute_command (thd=thd@entry=0x154b28000db8, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false) at /test/10.8_dbg/sql/structs.h:568
 
#10 0x0000562c18880db7 in mysql_parse (thd=thd@entry=0x154b28000db8, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x154b801e9400) at /test/10.8_dbg/sql/sql_parse.cc:8027
 
#11 0x0000562c1888fa53 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x154b28000db8, packet=packet@entry=0x154b2800b889 "CREATE FULLTEXT INDEX i ON t (s2)", packet_length=packet_length@entry=33, blocking=blocking@entry=true) at /test/10.8_dbg/sql/sql_class.h:1362
 
#12 0x0000562c18892e9a in do_command (thd=0x154b28000db8, blocking=blocking@entry=true) at /test/10.8_dbg/sql/sql_parse.cc:1402
 
#13 0x0000562c18a0e110 in do_handle_one_connection (connect=<optimized out>, connect@entry=0x562c1ca0d208, put_in_cache=put_in_cache@entry=true) at /test/10.8_dbg/sql/sql_connect.cc:1418
 
#14 0x0000562c18a0e715 in handle_one_connection (arg=arg@entry=0x562c1ca0d208) at /test/10.8_dbg/sql/sql_connect.cc:1312
 
#15 0x0000562c18e97c8e in pfs_spawn_thread (arg=0x562c1c920348) at /test/10.8_dbg/storage/perfschema/pfs.cc:2201
 
#16 0x0000154ba0d8c609 in start_thread (arg=<optimized out>) at pthread_create.c:477
 
#17 0x0000154ba097a293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Bug confirmed present in:
MariaDB: 10.3.33 (dbg), 10.4.23 (dbg), 10.5.14 (dbg), 10.6.6 (dbg), 10.7.2 (dbg), 10.8.1 (dbg)

Bug (or feature/syntax) confirmed not present in:
MariaDB: 10.2.42 (dbg), 10.2.42 (opt), 10.3.33 (opt), 10.4.23 (opt), 10.5.14 (opt), 10.6.6 (opt), 10.7.2 (opt), 10.8.1 (opt)
MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.51 (dbg), 5.6.51 (opt), 5.7.36 (dbg), 5.7.36 (opt), 8.0.27 (dbg), 8.0.27 (opt)
Generated at Thu Feb 08 09:55:26 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.