MariaDB 10.6.16 发版
11 月 13 日, MariaDB 10.6.16 发版,MariaDB 10.6 是正在维护的长周期版本,维护时间到 2026 年 7 月。该版本修复了若干问题和漏洞。
10.6 系列已经来到了中期版本,对于 2024 年有升级计划的同学可以关注一下,已经在用 10.6 系列的可以考虑小版本更新。
该版本提供了 Docker 镜像,可以一键拉起。
[shawnyan@centos7 ~]$ docker exec -it m616 mysql -uroot -p123456
Welcome to the MariaDB monitor. Commands end with ; or g.
Your MariaDB connection id is 3
Server version: 10.6.16-MariaDB-1:10.6.16+maria~ubu2004 mariadb.org binary distribution
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement.
MariaDB [(none)]>
MariaDB [(none)]> s
--------------
mysql Ver 15.1 Distrib 10.6.16-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2
Connection id: 3
Current database:
Current user: root@localhost
SSL: Not in use
Current pager: stdout
Using outfile: ''
Using delimiter: ;
Server: MariaDB
Server version: 10.6.16-MariaDB-1:10.6.16+maria~ubu2004 mariadb.org binary distribution
Protocol version: 10
Connection: Localhost via UNIX socket
Server characterset: utf8mb4
Db characterset: utf8mb4
Client characterset: utf8mb3
Conn. characterset: utf8mb3
UNIX socket: /run/mysqld/mysqld.sock
Uptime: 10 sec
Threads: 1 Questions: 4 Slow queries: 0 Opens: 17 Open tables: 10 Queries per second avg: 0.400
--------------
MariaDB [(none)]>
MariaDB 10.6.16 中引入了 3 个新系统变量:
note_verbositylog_slow_max_warningsoptimizer_max_sel_args
MariaDB 发版模型
在 MariaDB 的版本生命周期中,MariaDB 10.3 及之前的版本均已 EOL。如果仍在使用不再维护的版本,建议进行升级。
MariaDB 10.4 ~ 10.6,是正在维护的主要稳定版本,一般建议在生产环境使用 MariaDB 10.6 的最新小版本,目前是 MariaDB 10.6.16。
从 MariaD 10.7 开始,发版模型发生的重大调整,不再是之前的一年发布一个主流版本,而改为“创新版本 Innovation” + “长期支持版本 LTS”,每年进行四次发布。
创新版本,也是短期维护版本,只在版本GA后维护一年,且主要用于引进新特性,并不建议用于生产环境。
到目前为止,短期维护版本已经发布了 8 个系列,分别是:
- MariaDB 10.7 (EOL) / 10.8 (EOL) / 10.9 (EOL) / 10.10
- MariaDB 11.0 / 11.1 / 11.2 / 11.3
对于长期维护 (LTS) 版本,目前正在维护的有且只有:MariaDB 10.11.x
现在看来,MariaDB 的发版模型和 MySQL 都选择了新的发布模型,只是 MariaDB 先行一步。
Ps. 让我们再来回顾一下 MySQL 8.1.0 开始启用的新发版模型
- 重磅!MySQL 8.1.0 已来!有彩蛋~
CVE 安全漏洞
MairaDB 10.6.16 中修复了一个 CVE 安全漏洞 CVE-2023-22084
该漏洞发现于 InnoDB 组件,利用该漏洞将允许高特权攻击者通过多种协议访问网络来破坏 MySQL 服务器。成功攻击此漏洞可能导致未经授权的能力,导致MySQL服务器挂起或经常重复的崩溃。
“含笑半步颠”
之前的文章 再遇 MySQL “一招必杀” Bug 介绍过 MySQL 8.0.29 里有个致命缺陷,导致安装包下架。
在 MariaDB 10.6.16 修复了一个隐藏很深的 Bug,这个 Bug 不像上面文章介绍的那么干脆,但也是影响了若干版本,至少从 MariaDB 10.4.12 开始就已经存在了。
来看下如何复现,先创建一个方法,再创建一个程式,然后调用一次正常,第二次调用会导致 DB Crash.
delimiter |
CREATE OR REPLACE FUNCTION cnt() RETURNS INTEGER NO SQL BEGIN RETURN 1; END;|
CREATE OR REPLACE PROCEDURE p1() NO SQL BEGIN DECLARE i INTEGER; FOR i IN 1..cnt() DO
SELECT i; END FOR; END;|
delimiter ;
CALL p1(); -- OK
CALL p1(); -- Crash
在 MariaDB 10.4.12 中验证,数据库崩溃日志如下:
2023-11-21 0:38:47 0 [Note] mysqld: ready for connections.
Version: '10.4.12-MariaDB-1:10.4.12+maria~bionic' socket: '/var/run/mysqld/mysqld.sock' port: 3306 mariadb.org binary distribution
2023-11-21 0:38:47 0 [Note] InnoDB: Buffer pool(s) load completed at 231121 0:38:47
231121 0:39:51 [ERROR] mysqld got signal 11 ;
This could be because you hit a bug. It is also possible that this binary
or one of the libraries it was linked against is corrupt, improperly built,
or misconfigured. This error can also be caused by malfunctioning hardware.
To report this bug, see https://mariadb.com/kb/en/reporting-bugs
We will try our best to scrape up some info that will hopefully help
diagnose the problem, but since we have already crashed,
something is definitely wrong and this may fail.
Server version: 10.4.12-MariaDB-1:10.4.12+maria~bionic
key_buffer_size=134217728
read_buffer_size=2097152
max_used_connections=1
max_threads=102
thread_count=7
It is possible that mysqld could use up to
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 760255 K bytes of memory
Hope that's ok; if not, decrease some variables in the equation.
Thread pointer: 0x55c6dce18858
Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
stack_bottom = 0x7efe28147dd8 thread_stack 0x49000
mysqld(my_print_stacktrace+0x2e)[0x55c6d9b09c3e]
mysqld(handle_fatal_signal+0x515)[0x55c6d957dcf5]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x12890)[0x7efe43934890]
mysqld(_ZN7Item_sp7cleanupEv+0x1b)[0x55c6d959b76b]
mysqld(_ZN12Item_func_sp7cleanupEv+0x18)[0x55c6d95e1598]
mysqld(_Z13cleanup_itemsP4Item+0x21)[0x55c6d9361b81]
mysqld(_ZN7sp_head7executeEP3THDb+0xa34)[0x55c6d92d37c4]
mysqld(_ZN7sp_head17execute_procedureEP3THDP4ListI4ItemE+0x808)[0x55c6d92d4e08]
mysqld(+0x657fe5)[0x55c6d9360fe5]
mysqld(_ZN12Sql_cmd_call7executeEP3THD+0x166)[0x55c6d9362e76]
mysqld(_Z21mysql_execute_commandP3THD+0x1f2b)[0x55c6d936a16b]
mysqld(_Z11mysql_parseP3THDPcjP12Parser_statebb+0x22a)[0x55c6d9370d7a]
mysqld(_Z16dispatch_command19enum_server_commandP3THDPcjbb+0x13a1)[0x55c6d9373311]
mysqld(_Z10do_commandP3THD+0x148)[0x55c6d9374be8]
mysqld(_Z24do_handle_one_connectionP7CONNECT+0x25e)[0x55c6d9450dae]
mysqld(handle_one_connection+0x3d)[0x55c6d9450e6d]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x76db)[0x7efe439296db]
/lib/x86_64-linux-gnu/libc.so.6(clone+0x3f)[0x7efe4234b88f]
Trying to get some variables.
Some pointers may be invalid and cause the dump to abort.
Query (0x55c6dce26ba0): CALL p1()
Connection ID (thread ID): 8
Status: NOT_KILLED
Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,engine_condition_pushdown=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=on,table_elimination=on,extended_keys=on,exists_to_in=on,orderby_uses_equalities=on,condition_pushdown_for_derived=on,split_materialized=on,condition_pushdown_for_subquery=on,rowid_filter=on,condition_pushdown_from_having=on
The manual page at http://dev.mysql.com/doc/mysql/en/crashing.html contains
information that should help you find out what is causing the crash.
Writing a core file...
Working directory at /var/lib/mysql
Resource Limits:
Limit Soft Limit Hard Limit Units
Max cpu time unlimited unlimited seconds
Max file size unlimited unlimited bytes
Max data size unlimited unlimited bytes
Max stack size 8388608 unlimited bytes
Max core file size unlimited unlimited bytes
Max resident set unlimited unlimited bytes
Max processes unlimited unlimited processes
Max open files 10485760 10485760 files
Max locked memory 65536 65536 bytes
Max address space unlimited unlimited bytes
Max file locks unlimited unlimited locks
Max pending signals 14938 14938 signals
Max msgqueue size 819200 819200 bytes
Max nice priority 0 0
Max realtime priority 0 0
Max realtime timeout unlimited unlimited us
Core pattern: |abrt-hook-ccpp %s %c %p %u %g %t %e %P %I %h
!!! 不要在生产环境“服用”该案例。
总结
只讨论技术就好,盯着股价意义不大,何况重心就不在那。技术无国界,但是产品有属国。水土不服也不是不可预估。
SQL 规范要搞好,存储过程该禁用的还是禁用了吧。
