OQGRAPH

Assertion in mysqld when opening OQGRAPH table (Debug build)

Bug #1134297 reported by Andrew McDonnell
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
OQGRAPH
Fix Committed
Undecided
Andrew McDonnell

Bug Description

Appears to be caused by off-by-one error in length of string in ha_oqgraph::open(); specifically, the length of the string share->str.path is set to one less than the actual and allocated string .

Triggered by setting the DATA_TABLE attribute to a table which doesnt exist, if the table exists this doesnt occur:

CREATE TABLE example (
    latch SMALLINT UNSIGNED NULL,
    origid BIGINT UNSIGNED NULL,
    destid BIGINT UNSIGNED NULL,
    weight DOUBLE NULL,
    seq BIGINT UNSIGNED NULL,
    linkid BIGINT UNSIGNED NULL,
    KEY (latch, origid, destid) USING HASH,
    KEY (latch, destid, origid) USING HASH
  ) ENGINE=OQGRAPH data_table='doesnt_exist' origid='id' destid='id';

INSERT INTO example (origid,destid) SELECT parent,id FROM some_table WHERE parent IS NOT NULL;

Program received signal SIGABRT, Aborted.
[Switching to Thread 0x7ffff7f64700 (LWP 29879)]
0x00007ffff6fce1b5 in *__GI_raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
64 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
 in ../nptl/sysdeps/unix/sysv/linux/raise.c
Current language: auto
The current source language is "auto; currently c".
(gdb) bt
#0 0x00007ffff6fce1b5 in *__GI_raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1 0x00007ffff6fd0fc0 in *__GI_abort () at abort.c:92
#2 0x00007ffff6fc7301 in *__GI___assert_fail (assertion=0xe4c3f8 "length <= share->normalized_path.length", file=<value optimized out>, line=676, function=0xe4eb20 "int open_table_def(THD*, TABLE_SHARE*, uint)") at assert.c:81
#3 0x00000000006def1b in open_table_def (thd=0x2c12170, share=0x2c27578, db_flags=0) at /home/andrew/develop/maria/repo/andrew-dev/sql/table.cc:676
#4 0x00007fffd9ea2982 in ha_oqgraph::open (this=0x2c27168, name=0x1f9d548 "./test/tol_tree", mode=2, test_if_locked=18) at /home/andrew/develop/maria/repo/andrew-dev/storage/oqgraph/ha_oqgraph.cc:376
#5 0x00000000007e4f06 in handler::ha_open (this=0x2c27168, table_arg=0x2c26770, name=0x1f9d548 "./test/tol_tree", mode=2, test_if_locked=18) at /home/andrew/develop/maria/repo/andrew-dev/sql/handler.cc:2347
#6 0x00000000006e55fd in open_table_from_share (thd=0x2c12170, share=0x1f9d118, alias=0x2c21940 "tol_tree", db_stat=39, prgflag=44, ha_open_flags=16, outparam=0x2c26770, is_create_table=false) at /home/andrew/develop/maria/repo/andrew-dev/sql/table.cc:2652
#7 0x00000000005b4377 in open_table (thd=0x2c12170, table_list=0x2c21950, mem_root=0x7ffff7f628d0, ot_ctx=0x7ffff7f62910) at /home/andrew/develop/maria/repo/andrew-dev/sql/sql_base.cc:3207
#8 0x00000000005b68e8 in open_and_process_table (thd=0x2c12170, lex=0x2c14b40, tables=0x2c21950, counter=0x7ffff7f62a34, flags=0, prelocking_strategy=0x7ffff7f62a80, has_prelocking_list=false, ot_ctx=0x7ffff7f62910, new_frm_mem=0x7ffff7f628d0) at /home/andrew/develop/maria/repo/andrew-dev/sql/sql_base.cc:4564
#9 0x00000000005b7b35 in open_tables (thd=0x2c12170, start=0x7ffff7f629f0, counter=0x7ffff7f62a34, flags=0, prelocking_strategy=0x7ffff7f62a80) at /home/andrew/develop/maria/repo/andrew-dev/sql/sql_base.cc:5115
#10 0x00000000005b89f2 in open_and_lock_tables (thd=0x2c12170, tables=0x2c21950, derived=true, flags=0, prelocking_strategy=0x7ffff7f62a80) at /home/andrew/develop/maria/repo/andrew-dev/sql/sql_base.cc:5718
#11 0x00000000005ac2bb in open_and_lock_tables (thd=0x2c12170, tables=0x2c21950, derived=true, flags=0) at /home/andrew/develop/maria/repo/andrew-dev/sql/sql_base.h:503
#12 0x000000000061cf1f in execute_sqlcom_select (thd=0x2c12170, all_tables=0x2c21950) at /home/andrew/develop/maria/repo/andrew-dev/sql/sql_parse.cc:4962
#13 0x0000000000615788 in mysql_execute_command (thd=0x2c12170) at /home/andrew/develop/maria/repo/andrew-dev/sql/sql_parse.cc:2472
#14 0x000000000061f9ec in mysql_parse (thd=0x2c12170, rawbuf=0x2c21748 "select * from tol_tree limit 10", length=31, parser_state=0x7ffff7f63670) at /home/andrew/develop/maria/repo/andrew-dev/sql/sql_parse.cc:6124
#15 0x00000000006129ba in dispatch_command (command=COM_QUERY, thd=0x2c12170, packet=0x2c17411 "select * from tol_tree limit 10", packet_length=31) at /home/andrew/develop/maria/repo/andrew-dev/sql/sql_parse.cc:1266
#16 0x0000000000611b35 in do_command (thd=0x2c12170) at /home/andrew/develop/maria/repo/andrew-dev/sql/sql_parse.cc:982
#17 0x0000000000721b31 in do_handle_one_connection (thd_arg=0x2c12170) at /home/andrew/develop/maria/repo/andrew-dev/sql/sql_connect.cc:1267
#18 0x00000000007215d9 in handle_one_connection (arg=0x2c12170) at /home/andrew/develop/maria/repo/andrew-dev/sql/sql_connect.cc:1181
#19 0x00007ffff7bc98ca in start_thread (arg=<value optimized out>) at pthread_create.c:300
#20 0x00007ffff706b92d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
#21 0x0000000000000000 in ?? ()

Revision history for this message
Andrew McDonnell (andymc73) wrote :
Changed in oqgraph:
status: New → Fix Committed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.