[MDEV-27388] SIGSEGV in spider_set_direct_limit_offset on SELECT - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Critical
Resolution: Duplicate
Affects Version/s: 10.5, 10.6, 10.7(EOL), 10.8(EOL)
Fix Version/s: N/A
Component/s: Storage Engine - Spider
Labels:
- not-10.2
- not-10.3
- not-10.4
- regression
- spider

Description

INSTALL PLUGIN spider SONAME 'ha_spider.so';

CREATE TABLE t0 (a INT,KEY(a)) ENGINE=SPIDER;

CREATE TABLE t1 (a INT,KEY(a)) ENGINE=SPIDER;

INSERT INTO t1 SELECT * FROM t1 ;

ALTER TABLE t1 CHANGE COLUMN n o CHAR(10);

INSERT INTO t0 VALUES (0);

SELECT MIN(a) FROM t1;

Leads to:

10.8.0 ccdf5711a8fff0cd610a91fdcf37c8ff1182878c (Optimized)
Core was generated by `/test/MD121221-mariadb-10.8.0-linux-x86_64-opt/bin/mysqld --no-defaults --core-'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00001518ac4db28b in spider_set_direct_limit_offset (
spider=spider@entry=0x1517f007d870)
at /test/10.8_opt/storage/spider/spd_table.cc:9535
9535 if (spider->partition_handler_share->owner->
[Current thread is 1 (Thread 0x1518ac5c1700 (LWP 2638237))]
(gdb) bt
#0 0x00001518ac4db28b in spider_set_direct_limit_offset (spider=spider@entry=0x1517f007d870) at /test/10.8_opt/storage/spider/spd_table.cc:9535
#1 0x00001518ac4f8ecf in ha_spider::check_direct_order_limit (this=0x1517f007d870) at /test/10.8_opt/storage/spider/ha_spider.cc:13105
#2 ha_spider::check_direct_order_limit (this=0x1517f007d870) at /test/10.8_opt/storage/spider/ha_spider.cc:13089
#3 0x00001518ac4fe74b in ha_spider::index_read_map_internal (find_flag=HA_READ_AFTER_KEY, keypart_map=1, key=0x1518ac5be930 "\001", buf=0x1517f006ff38 "\377", this=0x1517f007d870) at /test/10.8_opt/storage/spider/ha_spider.cc:1918
#4 ha_spider::index_read_map_internal (this=0x1517f007d870, buf=0x1517f006ff38 "\377", key=0x1518ac5be930 "\001", keypart_map=1, find_flag=HA_READ_AFTER_KEY) at /test/10.8_opt/storage/spider/ha_spider.cc:1882
#5 0x0000557bad24ead8 in handler::ha_index_read_map (this=0x1517f007d870, buf=0x1517f006ff38 "\377", key=0x1518ac5be930 "\001", keypart_map=1, find_flag=find_flag@entry=HA_READ_AFTER_KEY) at /test/10.8_opt/sql/handler.cc:3450
#6 0x0000557bacf303d4 in get_index_min_value (item_field=0x1517f0010db8, prefix_len=<optimized out>, range_fl=<optimized out>, ref=0x1518ac5be8c0, table=0x1517f006fb58) at /test/10.8_opt/sql/opt_sum.cc:154
#7 opt_sum_query (thd=0x1517f0000c58, tables=@0x1517f0010b50: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x1517f0012618, last = 0x1517f0012618, elements = 1}, <No data fields>}, all_fields=@0x1517f00123c8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x1517f0011010, last = 0x1517f0011010, elements = 1}, <No data fields>}, conds=0x0) at /test/10.8_opt/sql/opt_sum.cc:411
#8 0x0000557bad0796bd in JOIN::optimize_inner (this=0x1517f0012060) at /test/10.8_opt/sql/sql_select.cc:2364
#9 0x0000557bad07b803 in JOIN::optimize (this=this@entry=0x1517f0012060) at /test/10.8_opt/sql/sql_select.cc:1809
#10 0x0000557bad07b8ee in mysql_select (thd=0x1517f0000c58, tables=0x1517f0011070, fields=@0x1517f0010bd8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x1517f0011010, last = 0x1517f0011010, elements = 1}, <No data fields>}, conds=0x0, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=<optimized out>, result=0x1517f0012038, unit=0x1517f0004ea0, select_lex=0x1517f0010938) at /test/10.8_opt/sql/sql_select.cc:4979
#11 0x0000557bad07c0f7 in handle_select (thd=thd@entry=0x1517f0000c58, lex=lex@entry=0x1517f0004dc8, result=result@entry=0x1517f0012038, setup_tables_done_option=setup_tables_done_option@entry=0) at /test/10.8_opt/sql/sql_select.cc:545
#12 0x0000557bacffcc01 in execute_sqlcom_select (thd=0x1517f0000c58, all_tables=0x1517f0011070) at /test/10.8_opt/sql/sql_parse.cc:6253
#13 0x0000557bad00aef2 in mysql_execute_command (thd=0x1517f0000c58, is_called_from_prepared_stmt=<optimized out>) at /test/10.8_opt/sql/sql_parse.cc:3944
#14 0x0000557bacff7986 in mysql_parse (thd=0x1517f0000c58, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at /test/10.8_opt/sql/sql_parse.cc:8028
#15 0x0000557bad003b35 in dispatch_command (command=COM_QUERY, thd=0x1517f0000c58, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /test/10.8_opt/sql/sql_class.h:1360
#16 0x0000557bad005d27 in do_command (thd=0x1517f0000c58, blocking=blocking@entry=true) at /test/10.8_opt/sql/sql_parse.cc:1402
#17 0x0000557bad1242e7 in do_handle_one_connection (connect=<optimized out>, put_in_cache=true) at /test/10.8_opt/sql/sql_connect.cc:1418
#18 0x0000557bad12462d in handle_one_connection (arg=arg@entry=0x557bafb61be8) at /test/10.8_opt/sql/sql_connect.cc:1312
#19 0x0000557bad4925d8 in pfs_spawn_thread (arg=0x557bafb19218) at /test/10.8_opt/storage/perfschema/pfs.cc:2201
#20 0x00001518cb751609 in start_thread (arg=<optimized out>) at pthread_create.c:477
#21 0x00001518cb33f293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Bug confirmed present in:
MariaDB: 10.5.14 (opt), 10.6.6 (opt), 10.7.2 (opt), 10.8.0 (opt)

Bug (or feature/syntax) confirmed not present in:
MariaDB: 10.2.42 (dbg), 10.2.42 (opt), 10.3.33 (dbg), 10.3.33 (opt), 10.4.23 (dbg), 10.4.23 (opt), 10.5.14 (dbg), 10.6.6 (dbg), 10.7.2 (dbg), 10.8.0 (dbg)
MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.51 (dbg), 5.6.51 (opt), 5.7.36 (dbg), 5.7.36 (opt), 8.0.27 (dbg), 8.0.27 (opt)

Attachments

Issue Links

duplicates

MDEV-27240 SIGSEGV in ha_spider::store_lock on LOCK TABLE

Closed

relates to

MDEV-24769 Spider crash when selecting all rows from the partitioned table

Closed

Activity

People

Assignee:: Nayuta Yanagisawa (Inactive)

Reporter:: Roel Van de Paar

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2021-12-30 10:23

Updated:: 2024-08-05 05:04

Resolved:: 2022-01-07 02:41

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.