[#MDEV-22389] SPATIAL INDEX corruption on INSERT

[MDEV-22389] SPATIAL INDEX corruption on INSERT Created: 2020-04-28 Updated: 2020-04-28 Resolved: 2020-04-28
Status:	Closed
Project:	MariaDB Server
Component/s:	Storage Engine - InnoDB
Affects Version/s:	10.2.2, 10.3.0, 10.4.0, 10.5.0
Fix Version/s:	10.2.24, 10.3.15, 10.4.5

Type:

Bug

Priority:

Blocker

Reporter:

Marko Mäkelä

Assignee:

Marko Mäkelä

Resolution:

Duplicate

Votes:

Labels:

upstream

Issue Links:

Blocks
blocks	~~MDEV-22394~~	Merge new release of InnoDB 5.7.30 to...	Closed
Duplicate
duplicates	~~MDEV-13942~~	Potential InnoDB SPATIAL INDEX corrup...	Closed

Description

There is a bug in the InnoDB SPATIAL INDEX code, in the function rtr_adjust_upper_level(). The mem_heap_t object where node_ptr_upper was created is being passed to btr_cur_pessimistic_insert(). The function mem_heap_empty() may be invoked if the upper-level page needs to be split. That could cause the node_ptr_upper to be corrupted.

This was brought to our attentio by the MySQL 5.7.30 fix of
Bug #29465567 INNODB: RTREE SPLIT ASSERTION FAILURE.
The fix includes a test case and some additional debug instrumentation. I would rely on the mem_heap_t instrumentation that we have in MariaDB, and try to avoid additional debug code.

Comments

Comment by Marko Mäkelä [ 2020-04-28 ]

It turns out that this exact bug had been fixed in ~~MDEV-13942~~. The extra debug instrumentation is not needed, because the bug is already flagged by AddressSanitizer thanks to ~~MDEV-17797~~.

Generated at Thu Feb 08 09:14:22 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.

[MDEV-22389] SPATIAL INDEX corruption on INSERT Created: 2020-04-28 Updated: 2020-04-28 Resolved: 2020-04-28