[MDEV-36635] SIGSEGV in set_PF_fields_in_key | get_partition_set - Jira

Details

Type: Bug
Status: Open (View Workflow)
Priority: Major
Resolution: Unresolved
Affects Version/s: 10.6, 10.11, 11.4, 10.5(EOL), 12.0(EOL), 11.8
Fix Version/s: 10.6, 10.11, 11.4, 11.8
Component/s: Partitioning, Storage Engine - RocksDB
Labels:
None

Description

--source include/have_partition.inc

INSTALL SONAME 'ha_rocksdb';

CREATE TABLE t (a INT,b DATE,KEY(a,b),INDEX idxb (b)) ENGINE=RocksDB PARTITION BY RANGE (TO_DAYS(b)) (PARTITION p0 VALUES LESS THAN (2));

SET SESSION sql_buffer_result=1;

SELECT 1 FROM t ;

SET max_session_mem_used=8192;

--ERROR ER_OPTION_PREVENTS_STATEMENT

SELECT 1 FROM t;

SELECT 1 FROM t WHERE a=2;

Leads to:

CS 11.8.1 f9125dffc624809731e22fd64e4158fb3a76da69 (Debug) Build 16/04/2025
Core was generated by `/test/MD160425-mariadb-11.8.1-linux-x86_64-dbg/bin/mariadbd --no-defaults --max'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x0000562c4ca042a7 in set_PF_fields_in_key (key_info=0x153d7825a070, key_length=3185553839) at /test/11.8_dbg/sql/sql_partition.cc:3895

[Current thread is 1 (Thread 0x153dcffff6c0 (LWP 414302))]
(gdb) bt
#0 0x0000562c4ca042a7 in set_PF_fields_in_key (key_info=0x153d7825a070, key_length=3185553839) at /test/11.8_dbg/sql/sql_partition.cc:3895
#1 0x0000562c4ca03dbb in get_partition_set (table=0x153d7826a5e8, buf=0x153d78259cc8 "\375\002", index=1, key_spec=0x153d782b2d78, part_spec=0x153d78259210) at /test/11.8_dbg/sql/sql_partition.cc:4319
#2 0x0000562c4d17a465 in ha_partition::multi_range_key_create_key (this=0x153d78258b58, seq=0x153dcfff9c20, seq_it=0x153dcfff9c48)at /test/11.8_dbg/sql/ha_partition.cc:6517
#3 0x0000562c4d17a84e in ha_partition::multi_range_read_info_const (this=0x153d78258b58, keyno=0, seq=0x153dcfff9c20, seq_init_param=0x153dcfff9c48, n_ranges=0, bufsz=0x153dcfffa2a8, mrr_mode=0x153dcfffa2ac, limit=18446744073709551615, cost=0x153dcfffa2b8)at /test/11.8_dbg/sql/ha_partition.cc:6696
#4 0x0000562c4c87ad34 in check_quick_select (param=0x153dcfffa930, idx=0, limit=18446744073709551615, index_only=true, tree=0x153d782aa980, update_tbl_stats=true, mrr_flags=0x153dcfffa2ac, bufsize=0x153dcfffa2a8, cost=0x153dcfffa2b8, is_ror_scan=0x153dcfffa2a7)at /test/11.8_dbg/sql/opt_range.cc:12316
#5 0x0000562c4c85bc33 in get_key_scans_params (param=0x153dcfffa930, tree=0x153d782aa8f8, index_read_must_be_used=false, for_range_access=true, read_time=0.0064780200000000001, limit=18446744073709551615, using_table_scan=true) at /test/11.8_dbg/sql/opt_range.cc:7858
#6 0x0000562c4c85a6fe in SQL_SELECT::test_quick_select (this=0x153d7801d8b8, thd=0x153d78000d58, keys_to_use={static BITS_PER_ELEMENT = 64, static ARRAY_ELEMENTS = 1, static ALL_BITS_SET = 18446744073709551615, buffer = {1}}, prev_tables=0, limit=18446744073709551615, force_quick_range=false, ordered_output=false, remove_false_parts_of_where=true, only_single_index_range_scan=false, note_unusable_keys=Item_func::BITMAP_EXCEPT_ANY_EQUALITY)at /test/11.8_dbg/sql/opt_range.cc:3001
#7 0x0000562c4caa370b in get_quick_record_count (thd=0x153d78000d58, select=0x153d7801d8b8, table=0x153d7826a5e8, keys=0x153d7801c3a8, limit=18446744073709551615, quick_count=0x153dcfffb478)at /test/11.8_dbg/sql/sql_select.cc:5436
#8 0x0000562c4ca5bc97 in make_join_statistics (join=0x153d7801b7c0, tables_list=@0x153d78019fc8: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x153d7801bf88, last = 0x153d7801bf88, elements = 1}, <No data fields>}, keyuse_array=0x153d7801bb20) at /test/11.8_dbg/sql/sql_select.cc:6214
#9 0x0000562c4ca56287 in JOIN::optimize_inner (this=0x153d7801b7c0)at /test/11.8_dbg/sql/sql_select.cc:2711
#10 0x0000562c4ca515f8 in JOIN::optimize (this=0x153d7801b7c0)at /test/11.8_dbg/sql/sql_select.cc:1994
#11 0x0000562c4ca49589 in mysql_select (thd=0x153d78000d58, tables=0x153d7801a350, fields=@0x153d7801a068: {<base_list> = {<Sql_alloc> = {<No data fields>}, first = 0x153d7801a300, last = 0x153d7801a300, elements = 1}, <No data fields>}, conds=0x153d7801ac38, og_num=0, order=0x0, group=0x0, having=0x0, proc_param=0x0, select_options=2164656896, result=0x153d7801b798, unit=0x153d78005080, select_lex=0x153d78019db0)at /test/11.8_dbg/sql/sql_select.cc:5361
#12 0x0000562c4ca490c5 in handle_select (thd=0x153d78000d58, lex=0x153d78004fa0, result=0x153d7801b798, setup_tables_done_option=0)at /test/11.8_dbg/sql/sql_select.cc:633
#13 0x0000562c4c9f0ec1 in execute_sqlcom_select (thd=0x153d78000d58, all_tables=0x153d7801a350) at /test/11.8_dbg/sql/sql_parse.cc:6191
#14 0x0000562c4c9e5da0 in mysql_execute_command (thd=0x153d78000d58, is_called_from_prepared_stmt=false) at /test/11.8_dbg/sql/sql_parse.cc:3979
#15 0x0000562c4c9ddec4 in mysql_parse (thd=0x153d78000d58, rawbuf=0x153d78019d20 "SELECT 1 FROM t WHERE a=2", length=25, parser_state=0x153dcfffda20) at /test/11.8_dbg/sql/sql_parse.cc:7915
#16 0x0000562c4c9db294 in dispatch_command (command=COM_QUERY, thd=0x153d78000d58, packet=0x153d7800b099 "SELECT 1 FROM t WHERE a=2", packet_length=25, blocking=true) at /test/11.8_dbg/sql/sql_parse.cc:1902
#17 0x0000562c4c9dea73 in do_command (thd=0x153d78000d58, blocking=true)at /test/11.8_dbg/sql/sql_parse.cc:1415
#18 0x0000562c4cbc8289 in do_handle_one_connection (connect=0x562c5dd04118, put_in_cache=true) at /test/11.8_dbg/sql/sql_connect.cc:1415
#19 0x0000562c4cbc802e in handle_one_connection (arg=0x562c5dd1d328)at /test/11.8_dbg/sql/sql_connect.cc:1327
#20 0x0000153dd9e9caa4 in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:447
#21 0x0000153dd9f29c3c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

Initial stacks from 10.5 is similar to MDEV-27427, but the crash also occurs in non-ASAN builds.

Bug Detection Matrix
Rel o/d Build Commit UniqueID observed
CS 10.5 dbg 040425 25737dbab7fec6d05a50353baf5b15ad97dcbd0f SIGSEGV\|key_restore\|get_full_part_id_from_key\|get_partition_set\|ha_partition::multi_range_key_create_key
CS 10.5 opt 040425 25737dbab7fec6d05a50353baf5b15ad97dcbd0f SIGSEGV\|key_restore\|get_full_part_id_from_key\|get_partition_set\|ha_partition::multi_range_key_create_key
CS 10.6 dbg 150425 ee947fae80dc5f82d2c964cd0d8e897e9c244002 SIGSEGV\|set_PF_fields_in_key\|get_partition_set\|ha_partition::multi_range_key_create_key\|ha_partition::multi_range_read_info_const
CS 10.6 opt 150425 ee947fae80dc5f82d2c964cd0d8e897e9c244002 SIGSEGV\|set_PF_fields_in_key\|get_partition_set\|ha_partition::multi_range_key_create_key\|ha_partition::multi_range_read_info_const
CS 10.11 dbg 040425 c06c36218a59cf3ada01b096cb715a5e1cedfe2b SIGSEGV\|set_PF_fields_in_key\|get_partition_set\|ha_partition::multi_range_key_create_key\|ha_partition::multi_range_read_info_const
CS 10.11 opt 040425 c06c36218a59cf3ada01b096cb715a5e1cedfe2b SIGSEGV\|set_PF_fields_in_key\|get_partition_set\|ha_partition::multi_range_key_create_key\|ha_partition::multi_range_read_info_const
CS 11.4 dbg 010425 30140c066d50f7e4ac4f490a9e081d9d605aea07 SIGSEGV\|set_PF_fields_in_key\|get_partition_set\|ha_partition::multi_range_key_create_key\|ha_partition::multi_range_read_info_const
CS 11.4 opt 010425 30140c066d50f7e4ac4f490a9e081d9d605aea07 SIGSEGV\|set_PF_fields_in_key\|get_partition_set\|ha_partition::multi_range_key_create_key\|ha_partition::multi_range_read_info_const
CS 11.8 dbg 160425 f9125dffc624809731e22fd64e4158fb3a76da69 SIGSEGV\|set_PF_fields_in_key\|get_partition_set\|ha_partition::multi_range_key_create_key\|ha_partition::multi_range_read_info_const
CS 11.8 opt 160425 f9125dffc624809731e22fd64e4158fb3a76da69 SIGSEGV\|set_PF_fields_in_key\|get_partition_set\|ha_partition::multi_range_key_create_key\|ha_partition::multi_range_read_info_const
CS 12.0 dbg 010425 22efc2c784e1b7199fb5804e6330168277ea7dce SIGSEGV\|set_PF_fields_in_key\|get_partition_set\|ha_partition::multi_range_key_create_key\|ha_partition::multi_range_read_info_const
CS 12.0 opt 010425 22efc2c784e1b7199fb5804e6330168277ea7dce SIGSEGV\|set_PF_fields_in_key\|get_partition_set\|ha_partition::multi_range_key_create_key\|ha_partition::multi_range_read_info_const
ES 10.5 dbg 170325 e99e19fae843c6ab174d0793e82b76bf6d980147 SIGSEGV\|set_PF_fields_in_key\|get_partition_set\|ha_partition::multi_range_key_create_key\|ha_partition::multi_range_read_info_const
ES 10.5 opt 170325 e99e19fae843c6ab174d0793e82b76bf6d980147 SIGSEGV\|set_PF_fields_in_key\|get_partition_set\|ha_partition::multi_range_key_create_key\|ha_partition::multi_range_read_info_const
ES 10.6 dbg 170325 ee1d68c27bc578f7750b898d7c65acfec33dc30b SIGSEGV\|set_PF_fields_in_key\|get_partition_set\|ha_partition::multi_range_key_create_key\|ha_partition::multi_range_read_info_const
ES 10.6 opt 170325 ee1d68c27bc578f7750b898d7c65acfec33dc30b SIGSEGV\|set_PF_fields_in_key\|get_partition_set\|ha_partition::multi_range_key_create_key\|ha_partition::multi_range_read_info_const
ES 11.4 dbg 170325 c623275dc5fb705004d716e4c32386cf89649b9d SIGSEGV\|set_PF_fields_in_key\|get_partition_set\|ha_partition::multi_range_key_create_key\|ha_partition::multi_range_read_info_const
ES 11.4 opt 170325 c623275dc5fb705004d716e4c32386cf89649b9d SIGSEGV\|set_PF_fields_in_key\|get_partition_set\|ha_partition::multi_range_key_create_key\|ha_partition::multi_range_read_info_const

SIGSEGV in set_PF_fields_in_key | get_partition_set

Details

Description

Attachments

Activity

People

Dates

Git Integration