From 116d9126f59baa6bcee0352f75e3566e70d156c3 Mon Sep 17 00:00:00 2001
From: Gabriel <liwenqiang@selectdb.com>
Date: Wed, 26 Feb 2025 19:25:40 +0800
Subject: [PATCH] [fix](schema scan) Fix invalid pointer access (#48370)

==14365==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x613002873c70 at pc 0x5559a290ec05 bp 0x7f6c40385e90 sp 0x7f6c40385e88
READ of size 2 at 0x613002873c70 thread T4019 (FragmentMgrAsyn)
#0 0x5559a290ec04 in std::__atomic_base::load(std::memory_order) const
/var/local/ldb-toolchain/bin/../lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/bits/atomic_base.h:481:9
#1 0x5559a290ec04 in doris::AtomicStatus::update(doris::Status const&)
/home/zcp/repo_center/doris_master/doris/be/src/common/status.h:601:44
#2 0x5559d8f289c0 in
doris::SchemaScanner::get_next_block_async(doris::RuntimeState*)::$_0::operator()()
const
/home/zcp/repo_center/doris_master/doris/be/src/exec/schema_scanner.cpp:118:5
#3 0x5559d8f289c0 in void std::__invoke_impl(std::__invoke_other,
doris::SchemaScanner::get_next_block_async(doris::RuntimeState*)::$_0&)
/var/local/ldb-toolchain/bin/../lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/bits/invoke.h:61:14
#4 0x5559d8f289c0 in std::enable_if, void>::type
std::__invoke_r(doris::SchemaScanner::get_next_block_async(doris::RuntimeState*)::$_0&)
/var/local/ldb-toolchain/bin/../lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/bits/invoke.h:111:2
#5 0x5559d8f289c0 in std::_Function_handler::_M_invoke(std::_Any_data
const&)
/var/local/ldb-toolchain/bin/../lib/gcc/x86_64-linux-gnu/11/../../../../include/c++/11/bits/std_function.h:291:9
#6 0x5559a4140e4a in doris::ThreadPool::dispatch_thread()
/home/zcp/repo_center/doris_master/doris/be/src/util/threadpool.cpp:608:24
#7 0x5559a4117877 in doris::Thread::supervise_thread(void*)
/home/zcp/repo_center/doris_master/doris/be/src/util/thread.cpp:498:5
    #8 0x7f7912f84ac2 in start_thread nptl/pthread_create.c:442:8
#9 0x7f791301684f misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:81
---
 be/src/exec/schema_scanner.cpp | 1 -
 1 file changed, 1 deletion(-)

diff --git a/be/src/exec/schema_scanner.cpp b/be/src/exec/schema_scanner.cpp
index 6336abd7f0bd35..dde91ad6f88b3b 100644
--- a/be/src/exec/schema_scanner.cpp
+++ b/be/src/exec/schema_scanner.cpp
@@ -122,7 +122,6 @@ Status SchemaScanner::get_next_block_async(RuntimeState* state) {
                 DCHECK(_async_thread_running == false);
                 auto task_lock = task_ctx.lock();
                 if (task_lock == nullptr) {
-                    _scanner_status.update(Status::InternalError("Task context not exists!"));
                     return;
                 }
                 SCOPED_ATTACH_TASK(state);