[#MDEV-32136] SIGSEGV in maria_rtree_get

When executed in a standard master/slave setup will, sporadically, crash with this stack on the slave only:

11.3.0 7ba9c7fb84b5f28e4736656b57d9508b70ca6369 (Debug)
Core was generated by `/test/MD020923-mariadb-11.3.0-linux-x86_64-dbg/bin/mariadbd --no-defaults --gti'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x000055c1d099f084 in maria_rtree_get_next (
info=info@entry=0x152614022f38, keynr=keynr@entry=0,
key_length=<optimized out>)
at /test/git-bisect/11.3_dbg/storage/maria/ma_rt_index.c:492
[Current thread is 1 (Thread 0x15276537d640 (LWP 1273835))]
(gdb) bt
#0 0x000055c1d099f084 in maria_rtree_get_next (info=info@entry=0x152614022f38, keynr=keynr@entry=0, key_length=<optimized out>) at /test/git-bisect/11.3_dbg/storage/maria/ma_rt_index.c:492
#1 0x000055c1d0964309 in maria_rnext (info=0x152614022f38, buf=0x15261401a5f8 "\376", inx=0) at /test/git-bisect/11.3_dbg/storage/maria/ma_rnext.c:91
#2 0x000055c1d09319a6 in ha_maria::index_next (this=0x15261401aa10, buf=0x15261401a5f8 "\376") at /test/git-bisect/11.3_dbg/storage/maria/ha_maria.cc:2566
#3 0x000055c1d0733139 in handler::ha_index_next (this=0x15261401aa10, buf=0x15261401a5f8 "\376") at /test/git-bisect/11.3_dbg/sql/handler.cc:3716
#4 0x000055c1d08ac756 in Rows_log_event::find_row (this=this@entry=0x152718066438, rgi=rgi@entry=0x152718064ca0) at /test/git-bisect/11.3_dbg/sql/log_event_server.cc:7629
#5 0x000055c1d08ad060 in Update_rows_log_event::do_exec_row (this=0x152718066438, rgi=0x152718064ca0) at /test/git-bisect/11.3_dbg/sql/log_event_server.cc:7936
#6 0x000055c1d08a022b in Rows_log_event::do_apply_event (this=0x152718066438, rgi=0x152718064ca0) at /test/git-bisect/11.3_dbg/sql/log_event_server.cc:5129
#7 0x000055c1d089793e in Log_event::apply_event (this=this@entry=0x152718066438, rgi=rgi@entry=0x152718064ca0) at /test/git-bisect/11.3_dbg/sql/log_event.cc:3875
#8 0x000055c1d03707fa in apply_event_and_update_pos_apply (ev=ev@entry=0x152718066438, thd=thd@entry=0x15261c000f98, rgi=rgi@entry=0x152718064ca0, reason=reason@entry=0) at /test/git-bisect/11.3_dbg/sql/slave.cc:3877
#9 0x000055c1d037ac37 in apply_event_and_update_pos_for_parallel (ev=ev@entry=0x152718066438, thd=thd@entry=0x15261c000f98, rgi=rgi@entry=0x152718064ca0) at /test/git-bisect/11.3_dbg/sql/slave.cc:4074
#10 0x000055c1d06343e4 in rpt_handle_event (qev=qev@entry=0x1527180665a8, rpt=rpt@entry=0x152718026ac0) at /test/git-bisect/11.3_dbg/sql/rpl_parallel.cc:61
#11 0x000055c1d0638dd7 in handle_rpl_parallel_thread (arg=<optimized out>) at /test/git-bisect/11.3_dbg/sql/rpl_parallel.cc:1429
#12 0x00001527b0e94b43 in start_thread (arg=<optimized out>) at ./nptl/pthread_create.c:442
#13 0x00001527b0f26a00 in clone3 () at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

11.3.0 7ba9c7fb84b5f28e4736656b57d9508b70ca6369 (Debug)

11.2.0 e81fa345020ec6a067583db6a7019d6404b26f93 (Optimized)

10.10.6 b1b47264d2ef1fa80b90f308e81c49d9a1011d56 (Optimized)

10.9.8 941af1fa581a799e59ddc3afcae965852aeceb00 (Debug)

10.6.15 d794d3484b2cbd069d68dc8d017a6f18e9a3090e (Debug)

10.5.22 4235c133ae7dfe57c627699b3e4ea2513ff48979 (Optimized)

10.4.31 ab10a675acb8198d4c772b807b81b50f97480d28 (Optimized)

It is unclear if the main issue is Replication, Aria, or GIS. However as the first frame is maria_rtree_get_next it seems to be most likely Aria. Assigning as such. Feel free to reassign as needed.

[MDEV-32136] SIGSEGV in maria_rtree_get_next on UPDATE Created: 2023-09-09 Updated: 2023-11-28
Status:	Open
Project:	MariaDB Server
Component/s:	GIS, libmariadb, Replication, Storage Engine - Aria
Affects Version/s:	10.4, 10.5, 10.6, 10.9, 10.10, 10.11, 11.0, 11.1, 11.2, 11.3
Fix Version/s:	10.4, 10.5, 10.6, 10.11, 11.0, 11.1, 11.2

[MDEV-32136] SIGSEGV in maria_rtree_get_next on UPDATE Created: 2023-09-09 Updated: 2023-11-28