[MDEV-31911] Server crash in ha_connect::records_in_range upon DELETE from empty table with multi-part key Created: 2023-08-13  Updated: 2023-11-28

Status: Open
Project: MariaDB Server
Component/s: Storage Engine - Connect
Affects Version/s: 10.4, 10.5, 10.6, 10.9, 10.10, 10.11, 11.0, 11.1
Fix Version/s: 10.4, 10.5, 10.6, 10.11, 11.0, 11.1

Type: Bug Priority: Major
Reporter: Elena Stepanova Assignee: Andrew Hutchings
Resolution: Unresolved Votes: 0
Labels: None


 Description    

INSTALL SONAME 'ha_connect';
 
 
 
CREATE TABLE t (a INT NOT NULL, b INT NOT NULL, KEY(a,b)) ENGINE=Connect TABLE_TYPE=DOS;
 
DELETE FROM t WHERE a = 1;
 
 
 
# Cleanup
 
DROP TABLE t;
 
UNINSTALL SONAME 'ha_connect';

10.4 b2e312b0

 
#3  <signal handler called>
 
#4  0x00007f4c298d0bc9 in XINDEX::FastFind (this=0x7f4c1f3feae0) at /data/src/10.4/storage/connect/xindex.cpp:1918
 
#5  0x00007f4c298ce6e9 in XINDEX::Range (this=0x7f4c1f3feae0, g=0x6250000fa100, limit=1, incl=true) at /data/src/10.4/storage/connect/xindex.cpp:1610
 
#6  0x00007f4c2973daa5 in CntIndexRange (g=0x6250000fa100, ptdb=0x7f4c1f3fdca8, key=0x7f4c29d653b0, len=0x7f4c29d65390, incl=0x7f4c29d65380, kmap=0x7f4c29d653d0) at /data/src/10.4/storage/connect/connect.cc:963
 
#7  0x00007f4c29722747 in ha_connect::records_in_range (this=0x61d0002012a8, inx=0, min_key=0x7f4c29d65580, max_key=0x7f4c29d655a0) at /data/src/10.4/storage/connect/ha_connect.cc:5346
 
#8  0x000055d11091f3c8 in handler::multi_range_read_info_const (this=0x61d0002012a8, keyno=0, seq=0x7f4c29d65850, seq_init_param=0x7f4c29d658a0, n_ranges_arg=0, bufsz=0x7f4c29d656c0, flags=0x7f4c29d656b0, cost=0x7f4c29d66090) at /data/src/10.4/sql/multi_range_read.cc:126
 
#9  0x000055d11092b228 in DsMrr_impl::dsmrr_info_const (this=0x61d0002017b8, keyno=0, seq=0x7f4c29d65850, seq_init_param=0x7f4c29d658a0, n_ranges=0, bufsz=0x7f4c29d65f80, flags=0x7f4c29d65f70, cost=0x7f4c29d66090) at /data/src/10.4/sql/multi_range_read.cc:1546
 
#10 0x00007f4c2972e807 in ha_connect::multi_range_read_info_const (this=0x61d0002012a8, keyno=0, seq=0x7f4c29d65850, seq_init_param=0x7f4c29d658a0, n_ranges=0, bufsz=0x7f4c29d65f80, flags=0x7f4c29d65f70, cost=0x7f4c29d66090) at /data/src/10.4/storage/connect/ha_connect.cc:7388
 
#11 0x000055d111005824 in check_quick_select (param=0x7f4c29d668c0, idx=0, index_only=false, tree=0x621000092650, update_tbl_stats=true, mrr_flags=0x7f4c29d65f70, bufsize=0x7f4c29d65f80, cost=0x7f4c29d66090, is_ror_scan=0x7f4c29d65f60) at /data/src/10.4/sql/opt_range.cc:11258
 
#12 0x000055d110fec0c3 in get_key_scans_params (param=0x7f4c29d668c0, tree=0x6210000925b0, index_read_must_be_used=false, for_range_access=true, read_time=12.299999999999999) at /data/src/10.4/sql/opt_range.cc:7467
 
#13 0x000055d110fcf1d1 in SQL_SELECT::test_quick_select (this=0x62b0000630e8, thd=0x62b00005b208, keys_to_use=..., prev_tables=0, limit=18446744073709551615, force_quick_range=false, ordered_output=false, remove_false_parts_of_where=false, only_single_index_range_scan=false) at /data/src/10.4/sql/opt_range.cc:2943
 
#14 0x000055d110752810 in SQL_SELECT::check_quick (this=0x62b0000630e8, thd=0x62b00005b208, force_quick_range=false, limit=18446744073709551615) at /data/src/10.4/sql/opt_range.h:1654
 
#15 0x000055d11108f492 in mysql_delete (thd=0x62b00005b208, table_list=0x62b000062330, conds=0x62b000062c08, order_list=0x62b00005fc20, limit=18446744073709551615, options=0, result=0x0) at /data/src/10.4/sql/sql_delete.cc:530
 
#16 0x000055d110472626 in mysql_execute_command (thd=0x62b00005b208) at /data/src/10.4/sql/sql_parse.cc:4815
 
#17 0x000055d110488727 in mysql_parse (thd=0x62b00005b208, rawbuf=0x62b000062228 "DELETE FROM t WHERE a = 1", length=25, parser_state=0x7f4c29d69860, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:8010
 
#18 0x000055d11045e9f2 in dispatch_command (command=COM_QUERY, thd=0x62b00005b208, packet=0x629000230209 "DELETE FROM t WHERE a = 1", packet_length=25, is_com_multi=false, is_next_command=false) at /data/src/10.4/sql/sql_parse.cc:1857
 
#19 0x000055d11045b561 in do_command (thd=0x62b00005b208) at /data/src/10.4/sql/sql_parse.cc:1378
 
#20 0x000055d11085aac0 in do_handle_one_connection (connect=0x6080000009a8) at /data/src/10.4/sql/sql_connect.cc:1420
 
#21 0x000055d11085a3d7 in handle_one_connection (arg=0x6080000009a8) at /data/src/10.4/sql/sql_connect.cc:1324
 
#22 0x000055d1114ca3ce in pfs_spawn_thread (arg=0x615000003508) at /data/src/10.4/storage/perfschema/pfs.cc:1869
 
#23 0x00007f4c31aa7fd4 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442
 
#24 0x00007f4c31b285bc in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

Also reproducible with other table types – FIX, CSV, ...
Generated at Thu Feb 08 10:27:23 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.