Seems to be because ha_oqgraph::position() --> oqgraph::row_ref() --> cursor->current() --> ...
ends up at ref= last; where struct open_query::reference assignment operator ends up at oqgraph3::cursor_ptr::operator= (which is implicit) --> intrusive_ptr operator= which for some reason is designed to swap the input argument with itself. Which means if your try and assign _to_ garbage memory, you end up with garbage in the thing being assigned from. Hence crash. Question is, why does intrusive_ptr use swap (i.e, its more than an 'usual' assignment operator) - the 'why' is not described in the doco. This ends up clobbering last which then crashes in intrusive_ptr_release. Looking at graphcore.cc, AFAICS member last is actually only ever used in a local fashion... I can only assume done this way to save stack space or initalisation or something? More important question: should ha_oqgraph::position(record) be being called with 'ref' set to point to junk (uninitialised?) memory? -- You received this bug notification because you are a member of OQgraph developers, which is a bug assignee. https://bugs.launchpad.net/bugs/1133093 Title: Crash on ORDER BY in OQGRAPH v3 Status in OQGraph Engine for MariaDB: Triaged Bug description: SELECT * FROM graph WHERE latch=1 AND origid=1 AND destid=6; works SELECT * FROM graph WHERE latch=1 AND origid=1 AND destid=6 ORDER BY seq; segfaults. To manage notifications about this bug go to: https://bugs.launchpad.net/oqgraph/+bug/1133093/+subscriptions -- Mailing list: https://launchpad.net/~oqgraph-dev Post to : oqgraph-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~oqgraph-dev More help : https://help.launchpad.net/ListHelp
