Assertion `pageno < ((1ULL) << 40)' failed at ma_pagecache.c:3438: pagecache_read or table corruption on INSERT into a ucs2 table

Bug #905782 reported by Elena Stepanova on 2011-12-17
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
MariaDB
Fix Released
Undecided
Michael Widenius

Bug Description

#8 0x4023f014 in __assert_fail () from /lib/libc.so.6
#9 0x085fc17a in pagecache_read (pagecache=0x933f540, file=0x946c4fc,
    pageno=2251799813685247, level=3, buff=0x4894ae80 "",
    type=PAGECACHE_LSN_PAGE, lock=PAGECACHE_LOCK_WRITE, page_link=0x4894ae10)
    at ma_pagecache.c:3438
#10 0x0863a3b6 in _ma_fetch_keypage (page=0x4894d854, info=0x9471b18,
    keyinfo=0x946c8c8, pos=18446744073709551360, lock=PAGECACHE_LOCK_WRITE,
    level=3, buff=0x4894ae80 "", return_buffer=0 '\000') at ma_page.c:109
#11 0x08601ab0 in w_search (info=0x9471b18, comp_flag=131076, key=0x4894e3dc,
    page_pos=18446744073709551360, father_page=0x0, father_keypos=0x0,
    insert_last=1 '\001') at ma_write.c:632
#12 0x086015ea in _ma_ck_real_write_btree (info=0x9471b18, key=0x4894e3dc,
    root=0x4894e2e8, comp_flag=131076) at ma_write.c:524
#13 0x0860147b in _ma_ck_write_btree_with_log (info=0x9471b18, key=0x4894e3dc,
    root=0x946ca30, comp_flag=131076) at ma_write.c:491
#14 0x086012eb in _ma_ck_write_btree (info=0x9471b18, key=0x4894e3dc)
    at ma_write.c:451
#15 0x0860125a in _ma_ck_write (info=0x9471b18, key=0x4894e3dc)
    at ma_write.c:436
#16 0x08600b85 in maria_write (info=0x9471b18, record=0x946afc0 "\376@\006")
    at ma_write.c:189
#17 0x08595998 in ha_maria::write_row (this=0x946aac0,
    buf=0x946afc0 "\376@\006") at ha_maria.cc:1135
#18 0x08438821 in handler::ha_write_row (this=0x946aac0,
    buf=0x946afc0 "\376@\006") at handler.cc:4918
#19 0x0838b2b5 in write_record (thd=0x93eaa98, table=0x9495148,
    info=0x4894e658) at sql_insert.cc:1683
#20 0x08389320 in mysql_insert (thd=0x93eaa98, table_list=0x9459ce8,
    fields=..., values_list=..., update_fields=..., update_values=...,
    duplic=DUP_ERROR, ignore=false) at sql_insert.cc:878
#21 0x082e5b87 in mysql_execute_command (thd=0x93eaa98) at sql_parse.cc:3229
#22 0x082ee463 in mysql_parse (thd=0x93eaa98,
    rawbuf=0x9459b98 "INSERT INTO t1 VALUES\n(REPEAT('abc ',200)),(REPEAT('def ',200)), \n(REPEAT('ghi ',200)),(REPEAT('jkl ',200))", length=107,
    found_semicolon=0x4894f234) at sql_parse.cc:6149
#23 0x082e0e66 in dispatch_command (command=COM_QUERY, thd=0x93eaa98,
    packet=0x94441b9 "INSERT INTO t1 VALUES\n(REPEAT('abc ',200)),(REPEAT('def ',200)), \n(REPEAT('ghi ',200)),(REPEAT('jkl ',200))", packet_length=107)
    at sql_parse.cc:1227
#24 0x082e0310 in do_command (thd=0x93eaa98) at sql_parse.cc:922
#25 0x082dd2d5 in handle_one_connection (arg=0x93eaa98) at sql_connect.cc:1193
#26 0x400c2b25 in start_thread () from /lib/libpthread.so.0

bzr version-info
revision-id: <email address hidden>
date: 2011-12-16 08:05:14 -0800
build-date: 2011-12-17 23:21:13 +0400
revno: 3358
branch-nick: maria-5.3

Also crashes on 5.1.60, 5.2.10, 5.3.2 releases.

Possibly related to bug#905716, as again I could only reproduce it so far on a table with charset ucs2.

Unlike the other bug, this one only crashed on my 32-bit machine, but not on a 64-bit box (both SUSE 11.3). However, on the 64-bit it reaches the CHECK TABLE, which shows that the table got corrupted. Same behavior on Windows 32-bit.

CHECK TABLE t1;
Table Op Msg_type Msg_text
test.t1 check error Found key marked for transid on page that is not marked for transid at: 8192
test.t1 check error Corrupt

Test case:

CREATE TABLE t1 (a VARCHAR(800),KEY(a))
  ENGINE=Aria CHARACTER SET ucs2;

INSERT INTO t1 VALUES (REPEAT('abc ',200));
CHECK TABLE t1;

Related branches

Elena Stepanova (elenst) on 2011-12-17
description: updated
Elena Stepanova (elenst) on 2011-12-17
description: updated
Elena Stepanova (elenst) wrote :

Here is the last enter into pagecache_read from the debug output, which shows the very bad pageno value:

w_search: enter: page: 4294967295
_ma_fetch_keypage: enter: page: 4294967295
pagecache_read: enter: fd: 51 page: 2251799813685247 buffer: 0x4894ae80 level: 3 t:LSN (1)free -> write->write -> write unpinned -> pinned->pinned -> pinned

summary: Assertion `pageno < ((1ULL) << 40)' failed at ma_pagecache.c:3438:
- pagecache_read on INSERT into a ucs2 table
+ pagecache_read or table corruption on INSERT into a ucs2 table
Michael Widenius (monty) wrote :

This is already fixed in the current 5.2 & 5.3 trees.
I will add the new test case to 5.2 just in case.

Changed in maria:
status: New → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers