[#MDEV-32797] Server crashes when using bad stat tables

10.4.32 e52777f1a4df20ffd3ae743b7b64f5e645090cd8 (Debug)

mariadbd: /test/10.4_dbg/sql/sql_base.cc:2490: void Locked_tables_list::unlock_locked_tables(THD*): Assertion `thd->transaction.stmt.is_empty()' failed.

10.4.32 e52777f1a4df20ffd3ae743b7b64f5e645090cd8 (Debug)

Core was generated by `/test/MD311023-mariadb-10.4.32-linux-x86_64-dbg/bin/mariadbd --no-defaults --co'.

Program terminated with signal SIGABRT, Aborted.

#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50

[Current thread is 1 (Thread 0x1524300b1700 (LWP 3768381))]

(gdb) bt

#0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50

#1  0x0000152445d4e859 in __GI_abort () at abort.c:79

#2  0x0000152445d4e729 in __assert_fail_base (fmt=0x152445ee4588 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x55d2c6a70350 "thd->transaction.stmt.is_empty()", file=0x55d2c6a6f858 "/test/10.4_dbg/sql/sql_base.cc", line=2490, function=<optimized out>) at assert.c:92

#3  0x0000152445d5ffd6 in __GI___assert_fail (assertion=assertion@entry=0x55d2c6a70350 "thd->transaction.stmt.is_empty()", file=file@entry=0x55d2c6a6f858 "/test/10.4_dbg/sql/sql_base.cc", line=line@entry=2490, function=function@entry=0x55d2c6a70318 "void Locked_tables_list::unlock_locked_tables(THD*)") at assert.c:101

#4  0x000055d2c5d6ff00 in Locked_tables_list::unlock_locked_tables (this=this@entry=0x1523dc004aa8, thd=thd@entry=0x1523dc000d28) at /test/10.4_dbg/sql/handler.h:1712

#5  0x000055d2c5ea2916 in mysql_rm_table_no_locks (thd=thd@entry=0x1523dc000d28, tables=tables@entry=0x1523dc012730, if_exists=if_exists@entry=true, drop_temporary=drop_temporary@entry=false, drop_view=drop_view@entry=false, drop_sequence=drop_sequence@entry=false, dont_log_query=false, dont_free_locks=false) at /test/10.4_dbg/sql/sql_table.cc:2727

#6  0x000055d2c5ea2d81 in mysql_rm_table (thd=thd@entry=0x1523dc000d28, tables=tables@entry=0x1523dc012730, if_exists=<optimized out>, drop_temporary=<optimized out>, drop_sequence=<optimized out>) at /test/10.4_dbg/sql/sql_table.cc:2152

#7  0x000055d2c5dee740 in mysql_execute_command (thd=thd@entry=0x1523dc000d28) at /test/10.4_dbg/sql/structs.h:558

#8  0x000055d2c5df4e3a in mysql_parse (thd=thd@entry=0x1523dc000d28, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x1524300b0360, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /test/10.4_dbg/sql/sql_parse.cc:8013

#9  0x000055d2c5df7e00 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x1523dc000d28, packet=packet@entry=0x1523dc0196b9 "DROP TABLE IF EXISTS t", packet_length=packet_length@entry=22, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /test/10.4_dbg/sql/sql_class.h:1241

#10 0x000055d2c5dfaa5f in do_command (thd=0x1523dc000d28) at /test/10.4_dbg/sql/sql_parse.cc:1378

#11 0x000055d2c5f25244 in do_handle_one_connection (connect=connect@entry=0x55d2c9c6e8b8) at /test/10.4_dbg/sql/sql_connect.cc:1420

#12 0x000055d2c5f25363 in handle_one_connection (arg=0x55d2c9c6e8b8) at /test/10.4_dbg/sql/sql_connect.cc:1324

#13 0x000015244625f609 in start_thread (arg=<optimized out>) at pthread_create.c:477

#14 0x0000152445e4b133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

--source include/have_innodb.inc

CREATE OR REPLACE TABLE mysql.column_stats (db_name CHAR(1) COLLATE utf8mb3_bin,t_name CHAR(1) COLLATE utf8mb3_bin,column_name CHAR(1) COLLATE utf8mb3_bin,min_value BINARY (1),max_value BINARY (1),nulls_ratio DECIMAL(0,0),avg_length DECIMAL(0,0),avg_frequency DECIMAL(0,0),hiST_SIZE INT(1) UNSIGNED,hiST_TYPE ENUM ('') COLLATE utf8mb3_bin,histogram BINARY (1),KEY(db_name,t_name,column_name)) ENGINE=InnoDB DEFAULT CHARSET=utf8mb3 COLLATE=utf8mb3_bin page_checksum=1 TRANSACTIONAL=0 COMMENT='';

CREATE DATABASE d3;

CREATE  TABLE d3.t3 (c INT KEY,c2 INT,KEY(c2));

DROP DATABASE d3;

10.4.32 e52777f1a4df20ffd3ae743b7b64f5e645090cd8 (Debug)

mariadbd: /test/10.4_dbg/sql/sql_base.cc:897: void close_thread_tables(THD*): Assertion `thd->transaction.stmt.is_empty() || thd->in_sub_stmt || (thd->state_flags & Open_tables_state::BACKUPS_AVAIL)' failed.

10.4.32 e52777f1a4df20ffd3ae743b7b64f5e645090cd8 (Debug)
Core was generated by `/test/MD311023-mariadb-10.4.32-linux-x86_64-dbg/bin/mariadbd --no-defaults --co'.
Program terminated with signal SIGABRT, Aborted.
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
[Current thread is 1 (Thread 0x14cd84137700 (LWP 1021405))]
(gdb) bt
#0 __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
#1 0x000014cd991d9859 in __GI_abort () at abort.c:79
#2 0x000014cd991d9729 in __assert_fail_base (fmt=0x14cd9936f588 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x55f7d9565f08 "thd->transaction.stmt.is_empty() \|\| thd->in_sub_stmt \|\| (thd->state_flags & Open_tables_state::BACKUPS_AVAIL)", file=0x55f7d9565858 "/test/10.4_dbg/sql/sql_base.cc", line=897, function=<optimized out>) at assert.c:92
#3 0x000014cd991eafd6 in __GI___assert_fail (assertion=assertion@entry=0x55f7d9565f08 "thd->transaction.stmt.is_empty() \|\| thd->in_sub_stmt \|\| (thd->state_flags & Open_tables_state::BACKUPS_AVAIL)", file=file@entry=0x55f7d9565858 "/test/10.4_dbg/sql/sql_base.cc", line=line@entry=897, function=function@entry=0x55f7d9565ee8 "void close_thread_tables(THD*)") at assert.c:101
#4 0x000055f7d8864cac in close_thread_tables (thd=thd@entry=0x14cd34000d28) at /test/10.4_dbg/sql/handler.h:1712
#5 0x000055f7d8d3b7b8 in sp_drop_db_routines (thd=thd@entry=0x14cd34000d28, db=<optimized out>, db@entry=0x14cd340126f0 "d3") at /test/10.4_dbg/sql/sp.cc:1864
#6 0x000055f7d8895cb7 in mysql_rm_db_internal (thd=0x14cd34000d28, db=0x14cd340059a0, if_exists=<optimized out>, silent=silent@entry=false) at /test/10.4_dbg/sql/sql_db.cc:930
#7 0x000055f7d889636b in mysql_rm_db (thd=thd@entry=0x14cd34000d28, db=db@entry=0x14cd340059a0, if_exists=<optimized out>) at /test/10.4_dbg/sql/sql_db.cc:1058
#8 0x000055f7d88e5340 in mysql_execute_command (thd=thd@entry=0x14cd34000d28) at /test/10.4_dbg/sql/structs.h:558
#9 0x000055f7d88eae3a in mysql_parse (thd=thd@entry=0x14cd34000d28, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x14cd84136360, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /test/10.4_dbg/sql/sql_parse.cc:8013
#10 0x000055f7d88ede00 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x14cd34000d28, packet=packet@entry=0x14cd340196b9 "DROP DATABASE d3", packet_length=packet_length@entry=16, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /test/10.4_dbg/sql/sql_class.h:1241
#11 0x000055f7d88f0a5f in do_command (thd=0x14cd34000d28) at /test/10.4_dbg/sql/sql_parse.cc:1378
#12 0x000055f7d8a1b244 in do_handle_one_connection (connect=connect@entry=0x55f7dbb088b8) at /test/10.4_dbg/sql/sql_connect.cc:1420
#13 0x000055f7d8a1b363 in handle_one_connection (arg=0x55f7dbb088b8) at /test/10.4_dbg/sql/sql_connect.cc:1324
#14 0x000014cd996ea609 in start_thread (arg=<optimized out>) at pthread_create.c:477
#15 0x000014cd992d6133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

[MDEV-32797] Server crashes when using bad stat tables Created: 2023-11-14 Updated: 2023-11-14
Status:	Open
Project:	MariaDB Server
Component/s:	None
Affects Version/s:	10.4
Fix Version/s:	10.4

[MDEV-32797] Server crashes when using bad stat tables Created: 2023-11-14 Updated: 2023-11-14