Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-28780

SIGSEGV in Stat_table::common_init_stat_table on ALTER

Details

    Description

      CREATE TABLE tab (c INT KEY,c2 POINT,c3 LINESTRING,c4 POLYGON,c5 GEOMETRY);
      		 
      ALTER TABLE mysql.column_stats RENAME TO mysql.column_stats1;
      		 
      CREATE TABLE t (a INT,b CHAR(1),c FLOAT);
      		 
      ALTER TABLE t RENAME mysql.column_stats;
      		 
      ALTER TABLE tab CHANGE COLUMN c3 c33 LINESTRING;

      Leads to:

      10.4.25 8d12dd8f503282179a078f2f883b88f6ccee5ebd (Optimized)

      		 
      Core was generated by `/test/MD160522-mariadb-10.4.25-linux-x86_64-opt/bin/mysqld --no-defaults --core'.
      		 
      Program terminated with signal SIGSEGV, Segmentation fault.
      		 
      #0  0x0000564e3b4ddf70 in Stat_table::common_init_stat_table (
      		 
          this=<optimized out>) at /test/10.4_opt/sql/sql_statistics.cc:3597
      		 
      [Current thread is 1 (Thread 0x154d24348700 (LWP 2514650))]
      		 
      (gdb) bt
      		 
      #0  0x0000564e3b4ddf70 in Stat_table::common_init_stat_table (this=<optimized out>) at /test/10.4_opt/sql/sql_statistics.cc:3597
      		 
      #1  Stat_table::Stat_table (tab=0x154cc003f828, stat=0x154cc002b7f8, this=<synthetic pointer>) at /test/10.4_opt/sql/sql_statistics.cc:493
      		 
      #2  Column_stat::Column_stat (tab=0x154cc003f828, stat=0x154cc002b7f8, this=<synthetic pointer>) at /test/10.4_opt/sql/sql_statistics.cc:910
      		 
      #3  rename_column_in_stat_tables (thd=thd@entry=0x154cc0000c48, tab=tab@entry=0x154cc003f828, col=col@entry=0x154cc0040dd0, new_name=0x154cc0010638 "c33") at /test/10.4_opt/sql/sql_statistics.cc:3597
      		 
      #4  0x0000564e3b4eecce in fill_alter_inplace_info (thd=thd@entry=0x154cc0000c48, table=table@entry=0x154cc003f828, varchar=varchar@entry=false, ha_alter_info=ha_alter_info@entry=0x154d24342cc0) at /test/10.4_opt/sql/sql_table.cc:7039
      		 
      #5  0x0000564e3b4f8b6c in mysql_alter_table (thd=thd@entry=0x154cc0000c48, new_db=new_db@entry=0x154cc00050c8, new_name=new_name@entry=0x154cc00054f0, create_info=create_info@entry=0x154d24345300, table_list=<optimized out>, table_list@entry=0x154cc000ff60, alter_info=alter_info@entry=0x154d24345240, order_num=0, order=0x0, ignore=false) at /test/10.4_opt/sql/sql_table.cc:10215
      		 
      #6  0x0000564e3b54ecfa in Sql_cmd_alter_table::execute (this=<optimized out>, thd=0x154cc0000c48) at /test/10.4_opt/sql/sql_alter.cc:520
      		 
      #7  0x0000564e3b454558 in mysql_execute_command (thd=0x154cc0000c48) at /test/10.4_opt/sql/sql_parse.cc:6208
      		 
      #8  0x0000564e3b45b4a2 in mysql_parse (thd=0x154cc0000c48, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>, is_com_multi=<optimized out>, is_next_command=<optimized out>) at /test/10.4_opt/sql/sql_parse.cc:8011
      		 
      #9  0x0000564e3b45dec5 in dispatch_command (command=COM_QUERY, thd=0x154cc0000c48, packet=<optimized out>, packet_length=<optimized out>, is_com_multi=<optimized out>, is_next_command=<optimized out>) at /test/10.4_opt/sql/sql_class.h:1201
      		 
      #10 0x0000564e3b45fadf in do_command (thd=0x154cc0000c48) at /test/10.4_opt/sql/sql_parse.cc:1378
      		 
      #11 0x0000564e3b54a8ee in do_handle_one_connection (connect=<optimized out>) at /test/10.4_opt/sql/sql_connect.cc:1420
      		 
      #12 0x0000564e3b54a97d in handle_one_connection (arg=<optimized out>) at /test/10.4_opt/sql/sql_connect.cc:1316
      		 
      #13 0x0000154d26d20609 in start_thread (arg=<optimized out>) at pthread_create.c:477
      		 
      #14 0x0000154d2690e293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

      Bug confirmed present in:
      MariaDB: 10.4.25 (opt), 10.4.26 (dbg), 10.5.16 (opt), 10.5.17 (dbg), 10.6.8 (opt), 10.6.9 (dbg), 10.7.4 (opt), 10.7.5 (dbg), 10.8.3 (opt), 10.8.4 (dbg), 10.9.2 (dbg)

      Bug (or feature/syntax) confirmed not present in:
      MariaDB: 10.2.44 (dbg), 10.2.44 (opt), 10.3.35 (opt), 10.3.36 (dbg)

      Attachments

        Activity

          Ascending order - Click to sort in descending order
          ramesh Ramesh Sivaraman added a comment - - edited

          holyfoot Altering mysql.column_stats and mysql.db tables gives a different crash. Please let me know if we need to create a new ticket for this crash

          CREATE TABLE t1 (f1 VARCHAR(1)) ENGINE=InnoDB;
          		 
          ALTER TABLE t1 ADD KEY2 INT, ADD KEY(KEY2);
          		 
          ALTER TABLE t1 RENAME t3;
          		 
          ALTER TABLE mysql.column_stats RENAME TO mysql.column_stats1;
          		 
          ALTER TABLE t3 RENAME mysql.column_stats;
          		 
          ALTER TABLE mysql.db DROP COLUMN delete_history_priv;

          Leads to:

          10.6.9 05d049bdbe6814aee8f011fbd0d915f9d82a30ee (Debug)

          		 
          Core was generated by `/test/MD280522-mariadb-10.6.9-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'.
          		 
          Program terminated with signal SIGSEGV, Segmentation fault.
          		 
          #0  0x000055a49458ac8d in Column_stat::set_key_fields (col=0x55a4971c1118, 
              this=<synthetic pointer>) at /test/10.6_dbg/sql/sql_statistics.cc:967
          		 
          [Current thread is 1 (Thread 0x14b3b9651700 (LWP 3564720))]
          		 
          (gdb) bt
          		 
          #0  0x000055a49458ac8d in Column_stat::set_key_fields (col=0x55a4971c1118, this=<synthetic pointer>) at /test/10.6_dbg/sql/sql_statistics.cc:967
          		 
          #1  delete_statistics_for_column (thd=thd@entry=0x14b38c000db8, tab=tab@entry=0x55a4971be128, col=col@entry=0x55a4971c1118) at /test/10.6_dbg/sql/sql_statistics.cc:3359
          		 
          #2  0x000055a49459e8da in mysql_prepare_alter_table (thd=thd@entry=0x14b38c000db8, table=table@entry=0x55a4971be128, create_info=create_info@entry=0x14b3b964f5c0, alter_info=alter_info@entry=0x14b3b964f4d0, alter_ctx=alter_ctx@entry=0x14b3b964e7b0) at /test/10.6_dbg/sql/sql_table.cc:7818
          		 
          #3  0x000055a4945ad888 in mysql_alter_table (thd=thd@entry=0x14b38c000db8, new_db=new_db@entry=0x14b38c0057b8, new_name=new_name@entry=0x14b38c005bd0, create_info=create_info@entry=0x14b3b964f5c0, table_list=<optimized out>, table_list@entry=0x14b38c013ec8, alter_info=alter_info@entry=0x14b3b964f4d0, order_num=<optimized out>, order=<optimized out>, ignore=<optimized out>, if_exists=<optimized out>) at /test/10.6_dbg/sql/sql_table.cc:9923
          		 
          #4  0x000055a494631996 in Sql_cmd_alter_table::execute (this=<optimized out>, thd=0x14b38c000db8) at /test/10.6_dbg/sql/structs.h:568
          		 
          #5  0x000055a4944e995b in mysql_execute_command (thd=thd@entry=0x14b38c000db8, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false) at /test/10.6_dbg/sql/sql_parse.cc:5996
          		 
          #6  0x000055a4944d20da in mysql_parse (thd=thd@entry=0x14b38c000db8, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x14b3b9650470) at /test/10.6_dbg/sql/sql_parse.cc:8029
          		 
          #7  0x000055a4944df793 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x14b38c000db8, packet=packet@entry=0x14b38c00b569 "alter table mysql.db drop column Delete_history_priv", packet_length=packet_length@entry=52, blocking=blocking@entry=true) at /test/10.6_dbg/sql/sql_class.h:1358
          		 
          #8  0x000055a4944e1e9e in do_command (thd=0x14b38c000db8, blocking=blocking@entry=true) at /test/10.6_dbg/sql/sql_parse.cc:1409
          		 
          #9  0x000055a49462a82c in do_handle_one_connection (connect=<optimized out>, connect@entry=0x55a497280748, put_in_cache=put_in_cache@entry=true) at /test/10.6_dbg/sql/sql_connect.cc:1418
          		 
          #10 0x000055a49462ad35 in handle_one_connection (arg=0x55a497280748) at /test/10.6_dbg/sql/sql_connect.cc:1312
          		 
          #11 0x000014b3d2100609 in start_thread (arg=<optimized out>) at pthread_create.c:477
          		 
          #12 0x000014b3d1cee293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

          Bug confirmed present in:
          MariaDB: 10.4.25 (opt), 10.4.26 (dbg), 10.5.16 (opt), 10.5.17 (dbg), 10.6.8 (opt), 10.6.9 (dbg), 10.7.4 (opt), 10.7.5 (dbg), 10.8.3 (opt), 10.8.4 (dbg), 10.9.2 (dbg)

          Bug (or feature/syntax) confirmed not present in:
          MariaDB: 10.2.44 (dbg), 10.2.44 (opt), 10.3.35 (opt), 10.3.36 (dbg)

          ramesh Ramesh Sivaraman added a comment - - edited holyfoot Altering mysql.column_stats and mysql.db tables gives a different crash. Please let me know if we need to create a new ticket for this crash CREATE TABLE t1 (f1 VARCHAR (1)) ENGINE=InnoDB; ALTER TABLE t1 ADD KEY2 INT , ADD KEY (KEY2); ALTER TABLE t1 RENAME t3; ALTER TABLE mysql.column_stats RENAME TO mysql.column_stats1; ALTER TABLE t3 RENAME mysql.column_stats; ALTER TABLE mysql.db DROP COLUMN delete_history_priv; Leads to: 10.6.9 05d049bdbe6814aee8f011fbd0d915f9d82a30ee (Debug) Core was generated by `/test/MD280522-mariadb-10.6.9-linux-x86_64-dbg/bin/mysqld --no-defaults --core-'. Program terminated with signal SIGSEGV, Segmentation fault. #0 0x000055a49458ac8d in Column_stat::set_key_fields (col=0x55a4971c1118, this=<synthetic pointer>) at /test/10.6_dbg/sql/sql_statistics.cc:967 [Current thread is 1 (Thread 0x14b3b9651700 (LWP 3564720))] (gdb) bt #0 0x000055a49458ac8d in Column_stat::set_key_fields (col=0x55a4971c1118, this=<synthetic pointer>) at /test/10.6_dbg/sql/sql_statistics.cc:967 #1 delete_statistics_for_column (thd=thd@entry=0x14b38c000db8, tab=tab@entry=0x55a4971be128, col=col@entry=0x55a4971c1118) at /test/10.6_dbg/sql/sql_statistics.cc:3359 #2 0x000055a49459e8da in mysql_prepare_alter_table (thd=thd@entry=0x14b38c000db8, table=table@entry=0x55a4971be128, create_info=create_info@entry=0x14b3b964f5c0, alter_info=alter_info@entry=0x14b3b964f4d0, alter_ctx=alter_ctx@entry=0x14b3b964e7b0) at /test/10.6_dbg/sql/sql_table.cc:7818 #3 0x000055a4945ad888 in mysql_alter_table (thd=thd@entry=0x14b38c000db8, new_db=new_db@entry=0x14b38c0057b8, new_name=new_name@entry=0x14b38c005bd0, create_info=create_info@entry=0x14b3b964f5c0, table_list=<optimized out>, table_list@entry=0x14b38c013ec8, alter_info=alter_info@entry=0x14b3b964f4d0, order_num=<optimized out>, order=<optimized out>, ignore=<optimized out>, if_exists=<optimized out>) at /test/10.6_dbg/sql/sql_table.cc:9923 #4 0x000055a494631996 in Sql_cmd_alter_table::execute (this=<optimized out>, thd=0x14b38c000db8) at /test/10.6_dbg/sql/structs.h:568 #5 0x000055a4944e995b in mysql_execute_command (thd=thd@entry=0x14b38c000db8, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false) at /test/10.6_dbg/sql/sql_parse.cc:5996 #6 0x000055a4944d20da in mysql_parse (thd=thd@entry=0x14b38c000db8, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x14b3b9650470) at /test/10.6_dbg/sql/sql_parse.cc:8029 #7 0x000055a4944df793 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x14b38c000db8, packet=packet@entry=0x14b38c00b569 "alter table mysql.db drop column Delete_history_priv", packet_length=packet_length@entry=52, blocking=blocking@entry=true) at /test/10.6_dbg/sql/sql_class.h:1358 #8 0x000055a4944e1e9e in do_command (thd=0x14b38c000db8, blocking=blocking@entry=true) at /test/10.6_dbg/sql/sql_parse.cc:1409 #9 0x000055a49462a82c in do_handle_one_connection (connect=<optimized out>, connect@entry=0x55a497280748, put_in_cache=put_in_cache@entry=true) at /test/10.6_dbg/sql/sql_connect.cc:1418 #10 0x000055a49462ad35 in handle_one_connection (arg=0x55a497280748) at /test/10.6_dbg/sql/sql_connect.cc:1312 #11 0x000014b3d2100609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #12 0x000014b3d1cee293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Bug confirmed present in: MariaDB: 10.4.25 (opt), 10.4.26 (dbg), 10.5.16 (opt), 10.5.17 (dbg), 10.6.8 (opt), 10.6.9 (dbg), 10.7.4 (opt), 10.7.5 (dbg), 10.8.3 (opt), 10.8.4 (dbg), 10.9.2 (dbg) Bug (or feature/syntax) confirmed not present in: MariaDB: 10.2.44 (dbg), 10.2.44 (opt), 10.3.35 (opt), 10.3.36 (dbg)
          ramesh Ramesh Sivaraman added a comment - - edited

          Another test case

          ALTER TABLE mysql.column_stats RENAME TO mysql.column_stats0;
          		 
          CREATE TABLE t0 (a INT KEY);
          		 
          ALTER TABLE t0 RENAME mysql.column_stats;
          		 
          CREATE TABLE t (c INT,d INT);
          		 
          ALTER TABLE t DROP b,DROP c,DROP d,ADD COLUMN (b INT,c CHAR,d INT);

          UniqueID:

          SIGSEGV|Column_stat::set_full_table_name|Column_stat::set_key_fields|delete_statistics_for_column|mysql_prepare_alter_table

          ramesh Ramesh Sivaraman added a comment - - edited Another test case ALTER TABLE mysql.column_stats RENAME TO mysql.column_stats0; CREATE TABLE t0 (a INT KEY ); ALTER TABLE t0 RENAME mysql.column_stats; CREATE TABLE t (c INT ,d INT ); ALTER TABLE t DROP b, DROP c, DROP d, ADD COLUMN (b INT ,c CHAR ,d INT ); UniqueID: SIGSEGV|Column_stat::set_full_table_name|Column_stat::set_key_fields|delete_statistics_for_column|mysql_prepare_alter_table
          Roel Roel Van de Paar added a comment - - edited

          Adding another stack, with this testcase:

          CREATE TABLE t (c FLOAT);
          		 
          ALTER TABLE mysql.column_stats RENAME TO mysql.column_stats1;
          		 
          CREATE TABLE t2 (a CHAR(20) BINARY);
          		 
          ALTER TABLE t RENAME mysql.column_stats;
          		 
          ALTER TABLE t2 CHANGE COLUMN a a CHAR(43);

          Leads to:

          10.11.0 bc563f1a4b0b38de3b41fd0f0d3d8b7f1aacbd8b (Optimized)

          		 
          Core was generated by `/test/MD190822-mariadb-10.11.0-linux-x86_64-opt/bin/mysqld --no-defaults --core'.
          		 
          Program terminated with signal SIGSEGV, Segmentation fault.
          		 
          #0  0x000055852b3c8d81 in Stat_table::common_init_stat_table (
          		 
              this=<optimized out>) at /test/10.11_opt/sql/sql_statistics.cc:3470
          		 
          [Current thread is 1 (Thread 0x15115c054700 (LWP 2309094))]
          		 
          (gdb) bt
          		 
          #0  0x000055852b3c8d81 in Stat_table::common_init_stat_table (this=<optimized out>) at /test/10.11_opt/sql/sql_statistics.cc:3470
          		 
          #1  Stat_table::Stat_table (tab=<optimized out>, stat=<optimized out>, this=<optimized out>) at /test/10.11_opt/sql/sql_statistics.cc:499
          		 
          #2  Column_stat::Column_stat (tab=<optimized out>, stat=0x1510a0028b78, this=<synthetic pointer>) at /test/10.11_opt/sql/sql_statistics.cc:916
          		 
          #3  delete_statistics_for_column (thd=thd@entry=0x1510a0000c58, tab=tab@entry=0x1510a003e2a8, col=col@entry=0x1510a003e6e8) at /test/10.11_opt/sql/sql_statistics.cc:3470
          		 
          #4  0x000055852b3db4d6 in fill_alter_inplace_info (thd=thd@entry=0x1510a0000c58, table=table@entry=0x1510a003e2a8, varchar=varchar@entry=false, ha_alter_info=ha_alter_info@entry=0x15115c04fca0) at /test/10.11_opt/sql/sql_table.cc:6590
          		 
          #5  0x000055852b3e53ce in mysql_alter_table (thd=thd@entry=0x1510a0000c58, new_db=new_db@entry=0x1510a0005570, new_name=new_name@entry=0x1510a0005980, create_info=create_info@entry=0x15115c052560, table_list=<optimized out>, table_list@entry=0x1510a0010818, alter_info=alter_info@entry=0x15115c052470, order_num=0, order=0x0, ignore=false, if_exists=false) at /test/10.11_opt/sql/sql_table.cc:10576
          		 
          #6  0x000055852b44c41d in Sql_cmd_alter_table::execute (this=<optimized out>, thd=0x1510a0000c58) at /test/10.11_opt/sql/structs.h:569
          		 
          #7  0x000055852b330d96 in mysql_execute_command (thd=0x1510a0000c58, is_called_from_prepared_stmt=<optimized out>) at /test/10.11_opt/sql/sql_parse.cc:5997
          		 
          #8  0x000055852b3217b5 in mysql_parse (rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>, thd=0x1510a0000c58) at /test/10.11_opt/sql/sql_parse.cc:8035
          		 
          #9  mysql_parse (thd=0x1510a0000c58, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at /test/10.11_opt/sql/sql_parse.cc:7957
          		 
          #10 0x000055852b32d2ca in dispatch_command (command=COM_QUERY, thd=0x1510a0000c58, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /test/10.11_opt/sql/sql_class.h:1339
          		 
          #11 0x000055852b32f1f2 in do_command (thd=0x1510a0000c58, blocking=blocking@entry=true) at /test/10.11_opt/sql/sql_parse.cc:1407
          		 
          #12 0x000055852b44746f in do_handle_one_connection (connect=<optimized out>, connect@entry=0x55852d9523d8, put_in_cache=put_in_cache@entry=true) at /test/10.11_opt/sql/sql_connect.cc:1418
          		 
          #13 0x000055852b44774d in handle_one_connection (arg=0x55852d9523d8) at /test/10.11_opt/sql/sql_connect.cc:1312
          		 
          #14 0x00001511738d5609 in start_thread (arg=<optimized out>) at pthread_create.c:477
          		 
          #15 0x00001511734c1133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

          Bug confirmed present in:
          MariaDB: 10.4.27 (dbg), 10.4.27 (opt), 10.5.18 (dbg), 10.5.18 (opt), 10.6.10 (dbg), 10.6.10 (opt), 10.7.6 (dbg), 10.7.6 (opt), 10.8.5 (dbg), 10.8.5 (opt), 10.9.2 (dbg), 10.9.2 (opt), 10.10.2 (dbg), 10.10.2 (opt), 10.11.0 (dbg), 10.11.0 (opt)

          Bug (or feature/syntax) confirmed not present in:
          MariaDB: 10.3.37 (dbg), 10.3.37 (opt)
          MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.51 (dbg), 5.6.51 (opt), 5.7.38 (dbg), 5.7.38 (opt), 8.0.29 (dbg), 8.0.29 (opt)

          UniqueID for this one:

          SIGSEGV|Stat_table::common_init_stat_table|Stat_table::Stat_table|Column_stat::Column_stat|delete_statistics_for_column

          Roel Roel Van de Paar added a comment - - edited Adding another stack, with this testcase: CREATE TABLE t (c FLOAT ); ALTER TABLE mysql.column_stats RENAME TO mysql.column_stats1; CREATE TABLE t2 (a CHAR (20) BINARY ); ALTER TABLE t RENAME mysql.column_stats; ALTER TABLE t2 CHANGE COLUMN a a CHAR (43); Leads to: 10.11.0 bc563f1a4b0b38de3b41fd0f0d3d8b7f1aacbd8b (Optimized) Core was generated by `/test/MD190822-mariadb-10.11.0-linux-x86_64-opt/bin/mysqld --no-defaults --core'. Program terminated with signal SIGSEGV, Segmentation fault. #0 0x000055852b3c8d81 in Stat_table::common_init_stat_table ( this=<optimized out>) at /test/10.11_opt/sql/sql_statistics.cc:3470 [Current thread is 1 (Thread 0x15115c054700 (LWP 2309094))] (gdb) bt #0 0x000055852b3c8d81 in Stat_table::common_init_stat_table (this=<optimized out>) at /test/10.11_opt/sql/sql_statistics.cc:3470 #1 Stat_table::Stat_table (tab=<optimized out>, stat=<optimized out>, this=<optimized out>) at /test/10.11_opt/sql/sql_statistics.cc:499 #2 Column_stat::Column_stat (tab=<optimized out>, stat=0x1510a0028b78, this=<synthetic pointer>) at /test/10.11_opt/sql/sql_statistics.cc:916 #3 delete_statistics_for_column (thd=thd@entry=0x1510a0000c58, tab=tab@entry=0x1510a003e2a8, col=col@entry=0x1510a003e6e8) at /test/10.11_opt/sql/sql_statistics.cc:3470 #4 0x000055852b3db4d6 in fill_alter_inplace_info (thd=thd@entry=0x1510a0000c58, table=table@entry=0x1510a003e2a8, varchar=varchar@entry=false, ha_alter_info=ha_alter_info@entry=0x15115c04fca0) at /test/10.11_opt/sql/sql_table.cc:6590 #5 0x000055852b3e53ce in mysql_alter_table (thd=thd@entry=0x1510a0000c58, new_db=new_db@entry=0x1510a0005570, new_name=new_name@entry=0x1510a0005980, create_info=create_info@entry=0x15115c052560, table_list=<optimized out>, table_list@entry=0x1510a0010818, alter_info=alter_info@entry=0x15115c052470, order_num=0, order=0x0, ignore=false, if_exists=false) at /test/10.11_opt/sql/sql_table.cc:10576 #6 0x000055852b44c41d in Sql_cmd_alter_table::execute (this=<optimized out>, thd=0x1510a0000c58) at /test/10.11_opt/sql/structs.h:569 #7 0x000055852b330d96 in mysql_execute_command (thd=0x1510a0000c58, is_called_from_prepared_stmt=<optimized out>) at /test/10.11_opt/sql/sql_parse.cc:5997 #8 0x000055852b3217b5 in mysql_parse (rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>, thd=0x1510a0000c58) at /test/10.11_opt/sql/sql_parse.cc:8035 #9 mysql_parse (thd=0x1510a0000c58, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at /test/10.11_opt/sql/sql_parse.cc:7957 #10 0x000055852b32d2ca in dispatch_command (command=COM_QUERY, thd=0x1510a0000c58, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /test/10.11_opt/sql/sql_class.h:1339 #11 0x000055852b32f1f2 in do_command (thd=0x1510a0000c58, blocking=blocking@entry=true) at /test/10.11_opt/sql/sql_parse.cc:1407 #12 0x000055852b44746f in do_handle_one_connection (connect=<optimized out>, connect@entry=0x55852d9523d8, put_in_cache=put_in_cache@entry=true) at /test/10.11_opt/sql/sql_connect.cc:1418 #13 0x000055852b44774d in handle_one_connection (arg=0x55852d9523d8) at /test/10.11_opt/sql/sql_connect.cc:1312 #14 0x00001511738d5609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #15 0x00001511734c1133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Bug confirmed present in: MariaDB: 10.4.27 (dbg), 10.4.27 (opt), 10.5.18 (dbg), 10.5.18 (opt), 10.6.10 (dbg), 10.6.10 (opt), 10.7.6 (dbg), 10.7.6 (opt), 10.8.5 (dbg), 10.8.5 (opt), 10.9.2 (dbg), 10.9.2 (opt), 10.10.2 (dbg), 10.10.2 (opt), 10.11.0 (dbg), 10.11.0 (opt) Bug (or feature/syntax) confirmed not present in: MariaDB: 10.3.37 (dbg), 10.3.37 (opt) MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.51 (dbg), 5.6.51 (opt), 5.7.38 (dbg), 5.7.38 (opt), 8.0.29 (dbg), 8.0.29 (opt) UniqueID for this one: SIGSEGV|Stat_table::common_init_stat_table|Stat_table::Stat_table|Column_stat::Column_stat|delete_statistics_for_column
          ramesh Ramesh Sivaraman added a comment -

          Another testcase with different stack

          DROP TABLE IF EXISTS mysql.column_stats;
          		 
          CREATE TABLE t (a INT,b INT,KEY(a));
          		 
          ALTER TABLE t RENAME mysql.column_stats;
          		 
          ALTER TABLE mysql.slow_log DROP COLUMN thread_id;

          Leads to:

          11.3.2 e71aecfd308d6093fd693044253518a872994394 (Optimized)

          		 
          Core was generated by `/test/MD010224-mariadb-11.3.2-linux-x86_64-opt/bin/mariadbd --no-defaults --max'.
          		 
          Program terminated with signal SIGSEGV, Segmentation fault.
          		 
          #0  0x0000555f178b1d9d in Field::store (ls=0x14ae9c048d50, ls=0x14ae9c048d50, 
              cs=0x555f18b1be00 <my_charset_utf8mb3_general_ci>, this=0x0)
          		 
              at /test/11.3_opt/sql/field.h:987
          		 
          [Current thread is 1 (Thread 0x14aecc084700 (LWP 1637403))]
          		 
          (gdb) bt
          		 
          #0  0x0000555f178b1d9d in Field::store (ls=0x14ae9c048d50, ls=0x14ae9c048d50, cs=0x555f18b1be00 <my_charset_utf8mb3_general_ci>, this=0x0) at /test/11.3_opt/sql/field.h:987
          		 
          #1  Column_stat::set_key_fields (col=0x14ae9c048d20, this=0x14aecc07d870) at /test/11.3_opt/sql/sql_statistics.cc:1026
          		 
          #2  delete_statistics_for_column (thd=thd@entry=0x14ae9c000c58, tab=tab@entry=0x14ae9c02ef78, col=0x14ae9c048d20) at /test/11.3_opt/sql/sql_statistics.cc:3511
          		 
          #3  0x0000555f1794425b in Alter_info::apply_statistics_deletes_renames (this=this@entry=0x14aecc082180, thd=thd@entry=0x14ae9c000c58, table=table@entry=0x14ae9c02ef78) at /test/11.3_opt/sql/sql_alter.cc:377
          		 
          #4  0x0000555f178d48ac in mysql_alter_table (thd=thd@entry=0x14ae9c000c58, new_db=new_db@entry=0x14ae9c0057e8, new_name=new_name@entry=0x14ae9c005c48, create_info=create_info@entry=0x14aecc0822f0, table_list=<optimized out>, table_list@entry=0x14ae9c010c50, recreate_info=recreate_info@entry=0x14aecc082160, alter_info=<optimized out>, order_num=<optimized out>, order=<optimized out>, ignore=<optimized out>, if_exists=<optimized out>) at /test/11.3_opt/sql/sql_table.cc:11511
          		 
          #5  0x0000555f1794351f in Sql_cmd_alter_table::execute (this=<optimized out>, thd=0x14ae9c000c58) at /test/11.3_opt/sql/structs.h:569
          		 
          #6  0x0000555f1781057e in mysql_execute_command (thd=0x14ae9c000c58, is_called_from_prepared_stmt=<optimized out>) at /test/11.3_opt/sql/sql_parse.cc:5786
          		 
          #7  0x0000555f177ffef6 in mysql_parse (thd=0x14ae9c000c58, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at /test/11.3_opt/sql/sql_parse.cc:7798
          		 
          #8  0x0000555f1780c475 in dispatch_command (command=COM_QUERY, thd=0x14ae9c000c58, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /test/11.3_opt/sql/sql_class.h:1550
          		 
          #9  0x0000555f1780e6be in do_command (thd=0x14ae9c000c58, blocking=blocking@entry=true) at /test/11.3_opt/sql/sql_parse.cc:1406
          		 
          #10 0x0000555f1793e197 in do_handle_one_connection (connect=<optimized out>, put_in_cache=true) at /test/11.3_opt/sql/sql_connect.cc:1417
          		 
          #11 0x0000555f1793e4dd in handle_one_connection (arg=arg@entry=0x555f1bad5348) at /test/11.3_opt/sql/sql_connect.cc:1319
          		 
          #12 0x0000555f17ce70bc in pfs_spawn_thread (arg=0x555f1bab5998) at /test/11.3_opt/storage/perfschema/pfs.cc:2201
          		 
          #13 0x000014aee40c7609 in start_thread (arg=<optimized out>) at pthread_create.c:477
          		 
          #14 0x000014aee3cb3133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

          Bug confirmed present in:
          MariaDB: 10.4.33 (dbg), 10.4.33 (opt), 10.5.24 (dbg), 10.5.24 (opt), 10.6.17 (dbg), 10.6.17 (opt), 10.11.7 (dbg), 10.11.7 (opt), 11.0.5 (dbg), 11.0.5 (opt), 11.1.4 (dbg), 11.1.4 (opt), 11.2.3 (dbg), 11.2.3 (opt), 11.3.2 (dbg), 11.3.2 (opt), 11.4.0 (dbg), 11.4.0 (opt)

          Unique ID

          SIGSEGV|Field::store|Column_stat::set_key_fields|delete_statistics_for_column|Alter_info::apply_statistics_deletes_renames

          ramesh Ramesh Sivaraman added a comment - Another testcase with different stack DROP TABLE IF EXISTS mysql.column_stats; CREATE TABLE t (a INT ,b INT , KEY (a)); ALTER TABLE t RENAME mysql.column_stats; ALTER TABLE mysql.slow_log DROP COLUMN thread_id; Leads to: 11.3.2 e71aecfd308d6093fd693044253518a872994394 (Optimized) Core was generated by `/test/MD010224-mariadb-11.3.2-linux-x86_64-opt/bin/mariadbd --no-defaults --max'. Program terminated with signal SIGSEGV, Segmentation fault. #0 0x0000555f178b1d9d in Field::store (ls=0x14ae9c048d50, ls=0x14ae9c048d50, cs=0x555f18b1be00 <my_charset_utf8mb3_general_ci>, this=0x0) at /test/11.3_opt/sql/field.h:987 [Current thread is 1 (Thread 0x14aecc084700 (LWP 1637403))] (gdb) bt #0 0x0000555f178b1d9d in Field::store (ls=0x14ae9c048d50, ls=0x14ae9c048d50, cs=0x555f18b1be00 <my_charset_utf8mb3_general_ci>, this=0x0) at /test/11.3_opt/sql/field.h:987 #1 Column_stat::set_key_fields (col=0x14ae9c048d20, this=0x14aecc07d870) at /test/11.3_opt/sql/sql_statistics.cc:1026 #2 delete_statistics_for_column (thd=thd@entry=0x14ae9c000c58, tab=tab@entry=0x14ae9c02ef78, col=0x14ae9c048d20) at /test/11.3_opt/sql/sql_statistics.cc:3511 #3 0x0000555f1794425b in Alter_info::apply_statistics_deletes_renames (this=this@entry=0x14aecc082180, thd=thd@entry=0x14ae9c000c58, table=table@entry=0x14ae9c02ef78) at /test/11.3_opt/sql/sql_alter.cc:377 #4 0x0000555f178d48ac in mysql_alter_table (thd=thd@entry=0x14ae9c000c58, new_db=new_db@entry=0x14ae9c0057e8, new_name=new_name@entry=0x14ae9c005c48, create_info=create_info@entry=0x14aecc0822f0, table_list=<optimized out>, table_list@entry=0x14ae9c010c50, recreate_info=recreate_info@entry=0x14aecc082160, alter_info=<optimized out>, order_num=<optimized out>, order=<optimized out>, ignore=<optimized out>, if_exists=<optimized out>) at /test/11.3_opt/sql/sql_table.cc:11511 #5 0x0000555f1794351f in Sql_cmd_alter_table::execute (this=<optimized out>, thd=0x14ae9c000c58) at /test/11.3_opt/sql/structs.h:569 #6 0x0000555f1781057e in mysql_execute_command (thd=0x14ae9c000c58, is_called_from_prepared_stmt=<optimized out>) at /test/11.3_opt/sql/sql_parse.cc:5786 #7 0x0000555f177ffef6 in mysql_parse (thd=0x14ae9c000c58, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at /test/11.3_opt/sql/sql_parse.cc:7798 #8 0x0000555f1780c475 in dispatch_command (command=COM_QUERY, thd=0x14ae9c000c58, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /test/11.3_opt/sql/sql_class.h:1550 #9 0x0000555f1780e6be in do_command (thd=0x14ae9c000c58, blocking=blocking@entry=true) at /test/11.3_opt/sql/sql_parse.cc:1406 #10 0x0000555f1793e197 in do_handle_one_connection (connect=<optimized out>, put_in_cache=true) at /test/11.3_opt/sql/sql_connect.cc:1417 #11 0x0000555f1793e4dd in handle_one_connection (arg=arg@entry=0x555f1bad5348) at /test/11.3_opt/sql/sql_connect.cc:1319 #12 0x0000555f17ce70bc in pfs_spawn_thread (arg=0x555f1bab5998) at /test/11.3_opt/storage/perfschema/pfs.cc:2201 #13 0x000014aee40c7609 in start_thread (arg=<optimized out>) at pthread_create.c:477 #14 0x000014aee3cb3133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 Bug confirmed present in: MariaDB: 10.4.33 (dbg), 10.4.33 (opt), 10.5.24 (dbg), 10.5.24 (opt), 10.6.17 (dbg), 10.6.17 (opt), 10.11.7 (dbg), 10.11.7 (opt), 11.0.5 (dbg), 11.0.5 (opt), 11.1.4 (dbg), 11.1.4 (opt), 11.2.3 (dbg), 11.2.3 (opt), 11.3.2 (dbg), 11.3.2 (opt), 11.4.0 (dbg), 11.4.0 (opt) Unique ID SIGSEGV|Field::store|Column_stat::set_key_fields|delete_statistics_for_column|Alter_info::apply_statistics_deletes_renames

          People

            holyfoot Alexey Botchkov
            ramesh Ramesh Sivaraman
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.