[MDEV-3557] LP:614265 - Crash in _ma_unpin_all_pages / _ma_search on DELETE with Aria search engine - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
- Launchpad

Description

The following sequence of queries causes a crash in Maria 5.2. MyISAM is not affected

CREATE TABLE X ( f1 DOUBLE , f2 DOUBLE , f3 DOUBLE , f4 DOUBLE , v3 DOUBLE , v4 DOUBLE , KEY ( v3 ) , KEY ( v4 ) ) engine=maria;
REPLACE X ( f2 , f1 ) VALUES ( f2 , 56 ) ;
INSERT X ( f1 , f2 , f3 , f4 ) VALUES ( 0 , f2 , 8 , f3 ) ;
INSERT X ( f4 , f2 ) VALUES ( 4 , 92 ) ;
DELETE FROM X WHERE v3 = 173 OR v4 = 9 ;

backtrace:

#3 0x0826e718 in handle_segfault (sig=11) at mysqld.cc:2727
#4 <signal handler called>
#5 _ma_unpin_all_pages (info=0xb601f800, undo_lsn=0) at ma_key_recover.c:70
#6 0x0853d60d in _ma_search (info=0xb601f800, key=0xb6e4bec8, nextflag=33, pos=8192) at ma_search.c:87
#7 0x0853c6a5 in maria_rkey (info=0xb601f800, buf=0xb5f0c340 "\213", inx=0, key_data=0xb5f54da8 "", keypart_map=1, search_flag=HA_READ_KEY_EXACT)
at ma_rkey.c:102
#8 0x0852e01d in ha_maria::index_read_map (this=0xb5f46090, buf=0xb5f0c340 "\213", key=0xb5f54da8 "", keypart_map=1, find_flag=HA_READ_KEY_EXACT)
at ha_maria.cc:2113
#9 0x081a2885 in handler::ha_index_read_map (this=0xb5f46090, buf=0xb5f0c340 "\213", key=0xb5f54da8 "", keypart_map=1, find_flag=HA_READ_KEY_EXACT)
at sql_class.h:3190
#10 0x083aa651 in handler::read_range_first (this=0xb5f46090, start_key=0xb5f46728, end_key=0xb5f46738, eq_range_arg=true, sorted=false) at handler.cc:4422
#11 0x083aa1f8 in handler::read_multi_range_first (this=0xb5f46090, found_range_p=0xb6e4c07c, ranges=0xb5f46728, range_count=1, sorted=false, buffer=0x0)
at handler.cc:4296
#12 0x0839256f in QUICK_RANGE_SELECT::get_next (this=0xb5f54c60) at opt_range.cc:8562
#13 0x08382908 in QUICK_ROR_UNION_SELECT::reset (this=0xb5f46688) at opt_range.cc:1596
#14 0x083346c7 in mysql_delete (thd=0x99758e0, table_list=0xb5f44a30, conds=0xb5f45c80, order=0x9977330, limit=18446744073709551615, options=0,
reset_auto_increment=false) at sql_delete.cc:263
#15 0x0828449f in mysql_execute_command (thd=0x99758e0) at sql_parse.cc:3365
#16 0x0828c81b in mysql_parse (thd=0x99758e0, inBuf=0xb5f3f908 "DELETE FROM X WHERE v3 = 173 OR v4 = 9", length=45, found_semicolon=0xb6e4d22c)
at sql_parse.cc:6055
#17 0x0827ea17 in dispatch_command (command=COM_QUERY, thd=0x99758e0, packet=0x99778e1 "DELETE FROM X WHERE v3 = 173 OR v4 = 9 ", packet_length=48)
at sql_parse.cc:1204
#18 0x0827debb in do_command (thd=0x99758e0) at sql_parse.cc:898
#19 0x0827ae7c in handle_one_connection (arg=0x99758e0) at sql_connect.cc:1154
#20 0x00a08919 in start_thread () from /lib/libpthread.so.0
#21 0x001ede5e in clone () from /lib/libc.so.6

bzr version-info:

revision-id: <email address hidden>
date: 2010-08-05 22:56:11 +0300
build-date: 2010-08-06 12:13:51 +0300
revno: 2837
branch-nick: maria-5.2

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

LPexportBug614265.xml
11 kB
2012-10-03 11:32

Activity

People

Assignee:: Michael Widenius

Reporter:: Philip Stoev (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 2010-08-06 09:14

Updated:: 2015-02-02 21:50

Resolved:: 2012-10-04 12:54

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.