[debian-mysql] Bug#931801: mariadb-server-core-10.3: mysqld segfaults when database `information_schema` is accessed
Roman Haefeli
roman.haefeli at zhdk.ch
Wed Jul 10 16:07:04 BST 2019
Package: mariadb-server-core-10.3
Version: 1:10.3.15-1
Severity: critical
Justification: causes serious data loss
-- System Information:
Debian Release: 10.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.19.0-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages mariadb-server-core-10.3 depends on:
ii libaio1 0.3.112-3
ii libc6 2.28-10
ii libgnutls30 3.6.7-4
ii liblz4-1 1.8.3-1
ii libpcre3 2:8.39-12
ii libsnappy1v5 1.1.7-1
ii libstdc++6 8.3.0-6
ii libsystemd0 241-5
ii mariadb-common 1:10.3.15-1
ii zlib1g 1:1.2.11.dfsg-1
mariadb-server-core-10.3 recommends no packages.
mariadb-server-core-10.3 suggests no packages.
-- no debconf information
How to trigger the issue:
* install mariadb-server
* start 'mysql' in a terminal
* enter 'user information_schema'
The process mysqld will segfault, thus terminating all existing processes within the server.
It writes the following to the error log (e.g. /var/lib/mysql/error.log:
---------------
190710 16:45:48 [ERROR] mysqld got signal 11 ;
This could be because you hit a bug. It is also possible that this binary
or one of the libraries it was linked against is corrupt, improperly built,
or misconfigured. This error can also be caused by malfunctioning hardware.
To report this bug, see https://mariadb.com/kb/en/reporting-bugs
We will try our best to scrape up some info that will hopefully help
diagnose the problem, but since we have already crashed,
something is definitely wrong and this may fail.
Server version: 10.3.15-MariaDB-1
key_buffer_size=134217728
read_buffer_size=131072
max_used_connections=1
max_threads=153
thread_count=7
It is possible that mysqld could use up to
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 467420 K bytes of memory
Hope that's ok; if not, decrease some variables in the equation.
Thread pointer: 0x55b4ef5ef738
Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
stack_bottom = 0x7f2beceeadd8 thread_stack 0x49000
/usr/sbin/mysqld(my_print_stacktrace+0x2e)[0x55b4eda6ea5e]
/usr/sbin/mysqld(handle_fatal_signal+0x54d)[0x55b4ed5d8fcd]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x12730)[0x7f2bf1f27730]
/usr/sbin/mysqld(+0xc6b67a)[0x55b4edad167a]
/usr/sbin/mysqld(_Z17find_schema_tableP3THDPK25st_mysql_const_lex_stringPb+0x55)[0x55b4ed475eb5]
/usr/sbin/mysqld(_Z11open_tablesP3THDRK14DDL_options_stPP10TABLE_LISTPjPP19Sroutine_hash_entryjP19Prelocking_strategy+0x8cf)[0x55b4ed3b59af]
/usr/sbin/mysqld(_Z30open_normal_and_derived_tablesP3THDP10TABLE_LISTjj+0x64)[0x55b4ed3b6684]
/usr/sbin/mysqld(_Z18mysqld_list_fieldsP3THDP10TABLE_LISTPKc+0x35)[0x55b4ed466655]
/usr/sbin/mysqld(_Z16dispatch_command19enum_server_commandP3THDPcjbb+0x24c8)[0x55b4ed413b68]
/usr/sbin/mysqld(_Z10do_commandP3THD+0x170)[0x55b4ed4140b0]
/usr/sbin/mysqld(_Z24do_handle_one_connectionP7CONNECT+0x20a)[0x55b4ed4e25da]
/usr/sbin/mysqld(handle_one_connection+0x3d)[0x55b4ed4e277d]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x7fa3)[0x7f2bf1f1cfa3]
/lib/x86_64-linux-gnu/libc.so.6(clone+0x3f)[0x7f2bf15a64cf]
Trying to get some variables.
Some pointers may be invalid and cause the dump to abort.
Query (0x55b4ef5fd1f0):
Connection ID (thread ID): 36
Status: NOT_KILLED
Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,engine_condition_pushdown=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=off,table_elimination=on,extended_keys=on,exists_to_in=on,orderby_uses_equalities=on,condition_pushdown_for_derived=on,split_materialized=on
The manual page at http://dev.mysql.com/doc/mysql/en/crashing.html contains
information that should help you find out what is causing the crash.
Writing a core file...
Working directory at /var/lib/mysql
Resource Limits:
Limit Soft Limit Hard Limit Units
Max cpu time unlimited unlimited seconds
Max file size unlimited unlimited bytes
Max data size unlimited unlimited bytes
Max stack size 8388608 unlimited bytes
Max core file size 0 unlimited bytes
Max resident set unlimited unlimited bytes
Max processes 15580 15580 processes
Max open files 16364 16364 files
Max locked memory 65536 65536 bytes
Max address space unlimited unlimited bytes
Max file locks unlimited unlimited locks
Max pending signals 15580 15580 signals
Max msgqueue size 819200 819200 bytes
Max nice priority 0 0
Max realtime priority 0 0
Max realtime timeout unlimited unlimited us
Core pattern: core
----------------
Systemd then automatically restarts mysqld so that operation continues, but at this
point data loss might have occurred already.
More information about the pkg-mysql-maint
mailing list