Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-16507

SIGSEGV when use_stat_tables = preferably and optimizer_use_condition_selectivity = 4

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 10.0, 10.1, 10.2, 10.3, 10.1.33, 10.2.15, 10.3.7
    • Fix Version/s: 10.0.36, 10.1.35, 10.2.17, 10.3.8
    • Component/s: Server
    • Labels:
      None
    • Environment:
      Debian 9

      Description

      When upgrading to 10.2.15, mysqld got SIGSEGV during mysql_upgrade.
      Used commands extracted from mysql_upgrade and it is reproducible in default MariaDB 10.2.15 on Debian 9 with use_stat_tables = preferably and optimizer_use_condition_selectivity = 4
      Also observed on 10.3.7 and 10.1.33.
      10.2.14 is not affected.

      Please see the output:
      root@debian9:~# cat /etc/debian_version
      9.4

      root@debian9:~# cat /etc/apt/sources.list.d/mariadb.10.2.list
      deb http://ftp.hosteurope.de/mirror/mariadb.org/repo/10.2/debian stretch main

      root@debian9:~# cat /etc/mysql/mariadb.conf.d/bad.cnf
      [mysqld]
      use_stat_tables = preferably
      optimizer_use_condition_selectivity = 4

      root@debian9:~# mysql
      Welcome to the MariaDB monitor. Commands end with ; or \g.
      Your MariaDB connection id is 10
      Server version: 10.2.15-MariaDB-10.2.15+maria~stretch-log mariadb.org binary distribution

      Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.

      Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

      MariaDB [(none)]> create database test;
      Query OK, 1 row affected (0.00 sec)

      MariaDB [(none)]> use test;
      Database changed
      MariaDB [test]> CREATE TABLE IF NOT EXISTS proxies_priv (Host char(60) binary DEFAULT '' NOT NULL, User char(80) binary DEFAULT '' NOT NULL, Proxied_host char(60) binary DEFAULT '' NOT NULL, Proxied_user char(80) binary DEFAULT '' NOT NULL, With_grant BOOL DEFAULT 0 NOT NULL, Grantor char(141) DEFAULT '' NOT NULL, Timestamp timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, PRIMARY KEY Host (Host,User,Proxied_host,Proxied_user), KEY Grantor (Grantor) ) engine=MyISAM CHARACTER SET utf8 COLLATE utf8_bin comment='User proxy privileges';
      Query OK, 0 rows affected (0.00 sec)

      MariaDB [test]> set @had_proxies_priv_table= @@warning_count != 0;
      Query OK, 0 rows affected (0.00 sec)

      MariaDB [test]> CREATE TEMPORARY TABLE tmp_proxies_priv LIKE proxies_priv;
      Query OK, 0 rows affected (0.00 sec)

      MariaDB [test]> INSERT INTO tmp_proxies_priv VALUES ('localhost', 'root', '', '', TRUE, '', now());
      Query OK, 1 row affected (0.00 sec)

      MariaDB [test]> INSERT INTO proxies_priv SELECT * FROM tmp_proxies_priv WHERE @had_proxies_priv_table=0;
      ERROR 2013 (HY000): Lost connection to MySQL server during query

      Excerpt from syslog:
      Jun 18 09:42:13 debian9 mysqld[6596]: 180618 9:42:13 [ERROR] mysqld got signal 11 ;
      Jun 18 09:42:13 debian9 mysqld[6596]: This could be because you hit a bug. It is also possible that this binary
      Jun 18 09:42:13 debian9 mysqld[6596]: or one of the libraries it was linked against is corrupt, improperly built,
      Jun 18 09:42:13 debian9 mysqld[6596]: or misconfigured. This error can also be caused by malfunctioning hardware.
      Jun 18 09:42:13 debian9 mysqld[6596]: To report this bug, see https://mariadb.com/kb/en/reporting-bugs
      Jun 18 09:42:13 debian9 mysqld[6596]: We will try our best to scrape up some info that will hopefully help
      Jun 18 09:42:13 debian9 mysqld[6596]: diagnose the problem, but since we have already crashed,
      Jun 18 09:42:13 debian9 mysqld[6596]: something is definitely wrong and this may fail.
      Jun 18 09:42:13 debian9 mysqld[6596]: Server version: 10.2.15-MariaDB-10.2.15+maria~stretch-log
      Jun 18 09:42:13 debian9 mysqld[6596]: key_buffer_size=134217728
      Jun 18 09:42:13 debian9 mysqld[6596]: read_buffer_size=2097152
      Jun 18 09:42:13 debian9 mysqld[6596]: max_used_connections=1
      Jun 18 09:42:13 debian9 mysqld[6596]: max_threads=102
      Jun 18 09:42:13 debian9 mysqld[6596]: thread_count=8
      Jun 18 09:42:13 debian9 mysqld[6596]: It is possible that mysqld could use up to
      Jun 18 09:42:13 debian9 mysqld[6596]: key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 759911 K bytes of memory
      Jun 18 09:42:13 debian9 mysqld[6596]: Hope that's ok; if not, decrease some variables in the equation.
      Jun 18 09:42:13 debian9 mysqld[6596]: Thread pointer: 0x55a128ab66f8
      Jun 18 09:42:13 debian9 mysqld[6596]: Attempting backtrace. You can use the following information to find out
      Jun 18 09:42:13 debian9 mysqld[6596]: where mysqld died. If you see no messages after this, something went
      Jun 18 09:42:13 debian9 mysqld[6596]: terribly wrong...
      Jun 18 09:42:13 debian9 mysqld[6596]: stack_bottom = 0x7f76802e6cf8 thread_stack 0x49000
      Jun 18 09:42:13 debian9 mysqld[6596]: /usr/sbin/mysqld(my_print_stacktrace+0x2e)[0x55a1251c7dfe]
      Jun 18 09:42:13 debian9 mysqld[6596]: /usr/sbin/mysqld(handle_fatal_signal+0x41d)[0x55a124c6adad]
      Jun 18 09:42:13 debian9 mysqld[6596]: /lib/x86_64-linux-gnu/libpthread.so.0(+0x110c0)[0x7f768aba10c0]
      Jun 18 09:42:13 debian9 mysqld[6596]: /usr/sbin/mysqld(_Z36read_statistics_for_tables_if_neededP3THDP10TABLE_LIST+0x969)[0x55a124b47d99]
      Jun 18 09:42:13 debian9 mysqld[6596]: /usr/sbin/mysqld(_Z20open_and_lock_tablesP3THDRK14DDL_options_stP10TABLE_LISTbjP19Prelocking_strategy+0x9d)[0x55a124a8dafd]
      Jun 18 09:42:13 debian9 mysqld[6596]: /usr/sbin/mysqld(_Z21mysql_execute_commandP3THD+0x3702)[0x55a124ad3fe2]
      Jun 18 09:42:13 debian9 mysqld[6596]: /usr/sbin/mysqld(_Z11mysql_parseP3THDPcjP12Parser_statebb+0x28a)[0x55a124ad98ca]
      Jun 18 09:42:13 debian9 mysqld[6596]: /usr/sbin/mysqld(_Z16dispatch_command19enum_server_commandP3THDPcjbb+0x215f)[0x55a124adc8bf]
      Jun 18 09:42:13 debian9 mysqld[6596]: /usr/sbin/mysqld(_Z10do_commandP3THD+0x176)[0x55a124add226]
      Jun 18 09:42:13 debian9 mysqld[6596]: /usr/sbin/mysqld(_Z24do_handle_one_connectionP7CONNECT+0x25a)[0x55a124ba26ba]
      Jun 18 09:42:13 debian9 mysqld[6596]: /usr/sbin/mysqld(handle_one_connection+0x3d)[0x55a124ba282d]
      Jun 18 09:42:13 debian9 mysqld[6596]: /lib/x86_64-linux-gnu/libpthread.so.0(+0x7494)[0x7f768ab97494]
      Jun 18 09:42:13 debian9 mysqld[6596]: /lib/x86_64-linux-gnu/libc.so.6(clone+0x3f)[0x7f76890f1acf]
      Jun 18 09:42:13 debian9 mysqld[6596]: Trying to get some variables.
      Jun 18 09:42:13 debian9 mysqld[6596]: Some pointers may be invalid and cause the dump to abort.
      Jun 18 09:42:13 debian9 mysqld[6596]: Query (0x55a128b43d70): INSERT INTO proxies_priv SELECT * FROM tmp_proxies_priv WHERE @had_proxies_priv_table=0
      Jun 18 09:42:13 debian9 mysqld[6596]: Connection ID (thread ID): 10
      Jun 18 09:42:13 debian9 mysqld[6596]: Status: NOT_KILLED
      Jun 18 09:42:13 debian9 mysqld[6596]: Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,engine_condition_pushdown=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=off,table_elimination=on,extended_keys=on,exists_to_in=on,orderby_uses_equalities=on,condition_pushdown_for_derived=on
      Jun 18 09:42:13 debian9 mysqld[6596]: The manual page at http://dev.mysql.com/doc/mysql/en/crashing.html contains
      Jun 18 09:42:13 debian9 mysqld[6596]: information that should help you find out what is causing the crash.
      Jun 18 09:42:13 debian9 systemd[1]: mariadb.service: Main process exited, code=killed, status=11/SEGV

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                igor Igor Babaev
                Reporter:
                kk Karel Krečmer
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: