#At file:///export/home/x/mysql-trunk-bugfixing-bug50619/ based on revid:sergey.glukhov@stripped
3424 Jon Olav Hauglid 2010-12-13
Bug #50619 assert in handler::update_auto_increment
This assert could be triggered if -1 was inserted into
an auto increment column by a statement writing more than
one row.
Unless explicitly given, an interval of auto increment values
is generated when a statement first needs an auto increment
value. The triggered assert checks that the auto increment
counter is equal to or higher than the lower bound of this
interval.
Generally, the auto increment counter starts at 1 and is
incremented by 1 each time it is used. However, inserting an
explicit value into the auto increment column, sets the auto
increment counter to this value + 1 if this value is higher
than the current value of the auto increment counter.
This bug was triggered if the explicit value was -1. Since the
value was converted to unsigned before any comparisons were made,
it was found to be higher than the current vale of the auto
increment counter and the counter was set to -1 + 1. This value
was below the reserved interval and caused the assert to be
triggered the next time the statement tried to write a row.
This patch fixes the problem by only allowing the auto increment
counter to be set if the given explicit value is positive.
Test case added to auto_increment.test.
modified:
mysql-test/r/auto_increment.result
mysql-test/t/auto_increment.test
sql/handler.cc
=== modified file 'mysql-test/r/auto_increment.result'
--- a/mysql-test/r/auto_increment.result 2010-12-13 12:11:16 +0000
+++ b/mysql-test/r/auto_increment.result 2010-12-13 14:45:43 +0000
@@ -497,3 +497,22 @@ SET @@SESSION.AUTO_INCREMENT_INCREMENT=d
SET @@SESSION.AUTO_INCREMENT_OFFSET=default;
DROP TABLE t1;
End of 5.1 tests
+#
+# Bug#50619 assert in handler::update_auto_increment
+#
+CREATE TABLE t1 (pk INT AUTO_INCREMENT, PRIMARY KEY (pk));
+INSERT INTO t1 VALUES (NULL), (-1), (NULL);
+SELECT * FROM t1;
+pk
+-1
+1
+2
+DROP TABLE t1;
+CREATE TABLE t1 (pk BIGINT UNSIGNED AUTO_INCREMENT, PRIMARY KEY (pk));
+INSERT INTO t1 VALUES (NULL), (18446744073709551615-1), (NULL);
+ERROR HY000: Failed to read auto-increment value from storage engine
+SELECT * FROM t1;
+pk
+1
+18446744073709551614
+DROP TABLE t1;
=== modified file 'mysql-test/t/auto_increment.test'
--- a/mysql-test/t/auto_increment.test 2010-12-13 12:11:16 +0000
+++ b/mysql-test/t/auto_increment.test 2010-12-13 14:45:43 +0000
@@ -363,3 +363,20 @@ SET @@SESSION.AUTO_INCREMENT_OFFSET=defa
DROP TABLE t1;
--echo End of 5.1 tests
+
+--echo #
+--echo # Bug#50619 assert in handler::update_auto_increment
+--echo #
+
+CREATE TABLE t1 (pk INT AUTO_INCREMENT, PRIMARY KEY (pk));
+# This triggered the assert
+INSERT INTO t1 VALUES (NULL), (-1), (NULL);
+SELECT * FROM t1;
+DROP TABLE t1;
+
+# Check that that true overflow still gives error
+CREATE TABLE t1 (pk BIGINT UNSIGNED AUTO_INCREMENT, PRIMARY KEY (pk));
+--error ER_AUTOINC_READ_FAILED
+INSERT INTO t1 VALUES (NULL), (18446744073709551615-1), (NULL);
+SELECT * FROM t1;
+DROP TABLE t1;
=== modified file 'sql/handler.cc'
--- a/sql/handler.cc 2010-12-13 12:32:16 +0000
+++ b/sql/handler.cc 2010-12-13 14:45:43 +0000
@@ -2571,8 +2571,12 @@ int handler::update_auto_increment()
statement (case of INSERT VALUES(null),(3763),(null):
the last NULL needs to insert 3764, not the value of the first NULL plus
1).
+
+ Only update next_insert_id if the explicit value is positive,
+ as negative auto increment values are not supported.
*/
- adjust_next_insert_id_after_explicit_value(nr);
+ if (table->next_number_field->flags & UNSIGNED_FLAG || (longlong)nr > 0)
+ adjust_next_insert_id_after_explicit_value(nr);
insert_id_for_cur_row= 0; // didn't generate anything
DBUG_RETURN(0);
}
Attachment: [text/bzr-bundle] bzr/jon.hauglid@oracle.com-20101213144543-avxpbow7tpq8xja8.bundle
| Thread |
|---|
| • bzr commit into mysql-trunk-bugfixing branch (jon.hauglid:3424) Bug#50619 | Jon Olav Hauglid | 13 Dec |
