Uploaded image for project: 'Percona Server for MySQL'
  1. Percona Server for MySQL
  2. PS-3487

LP #1604218: innodb-persistent-stats-root-page crashes on invalid values | handle_fatal_signal (sig=6) in btr_cur_search_to_nth_level

    Details

    • Type: Bug
    • Status: Done
    • Priority: Low
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: None

      Description

      **Reported in Launchpad by Roel Van de Paar last update 25-01-2017 21:13:25

      1. mysqld options required for replay: --innodb-persistent-stats-root-page=1125899906842624
        DROP DATABASE test;CREATE DATABASE test;USE test;
        CREATE TABLE t1(goods int(1),name CHAR (1),shop char(1));
        drop table t1,t2;
      1. mysqld options required for replay: --innodb-persistent-stats-root-page=1125899906842624
        DROP DATABASE test;CREATE DATABASE test;USE test;
        CREATE TABLE t1(c1 CHAR (1));
        DROP TABLE t1,t9;

      Backtrace:
      +bt
      #0 0x00007f709a867741 in __pthread_kill (threadid=<optimized out>, signo=signo@entry=6) at ../nptl/sysdeps/unix/sysv/linux/pthread_kill.c:61
      #1 0x00000000007f6128 in my_write_core (sig=6) at /bzr/5.5_dbg/mysys/stacktrace.c:433
      #2 0x00000000006b704a in handle_fatal_signal (sig=6) at /bzr/5.5_dbg/sql/signal_handler.cc:250
      #3 <signal handler called>
      #4 0x00007f70992345f7 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56
      #5 0x00007f7099235ce8 in __GI_abort () at abort.c:90
      #6 0x00000000009150ad in btr_cur_search_to_nth_level (index=index@entry=0x73009a8, level=level@entry=0, tuple=0x7f6ff401c320, mode=2, latch_mode=latch_mode@entry=1, cursor=cursor@entry=0x7f6ff401c090, has_search_latch=has_search_latch@entry=0, file=file@entry=0xb64a58 "/bzr/5.5_dbg/storage/innobase/row/row0sel.c", line=line@entry=1076, mtr=mtr@entry=0x7f709406a620) at /bzr/5.5_dbg/storage/innobase/btr/btr0cur.c:758
      #7 0x00000000008a44d2 in btr_pcur_open_with_no_init_func (mtr=0x7f709406a620, line=1076, file=0xb64a58 "/bzr/5.5_dbg/storage/innobase/row/row0sel.c", has_search_latch=0, cursor=0x7f6ff401c090, latch_mode=1, mode=<optimized out>, tuple=<optimized out>, index=0x73009a8) at /bzr/5.5_dbg/storage/innobase/include/btr0pcur.ic:482
      #8 row_sel_open_pcur (plan=plan@entry=0x7f6ff401c080, search_latch_locked=search_latch_locked@entry=0, mtr=mtr@entry=0x7f709406a620) at /bzr/5.5_dbg/storage/innobase/row/row0sel.c:1074
      #9 0x00000000008a7dbc in row_sel (node=node@entry=0x7f6ff401bfa0, thr=thr@entry=0x7f6ff401e948) at /bzr/5.5_dbg/storage/innobase/row/row0sel.c:1445
      #10 0x00000000008aa740 in row_sel_step (thr=thr@entry=0x7f6ff401e948) at /bzr/5.5_dbg/storage/innobase/row/row0sel.c:2105
      #11 0x0000000000a12dbd in que_thr_step (thr=0x7f6ff401e948) at /bzr/5.5_dbg/storage/innobase/que/que0que.c:1234
      #12 que_run_threads_low (thr=0x7f6ff401e948) at /bzr/5.5_dbg/storage/innobase/que/que0que.c:1319
      #13 que_run_threads (thr=<optimized out>) at /bzr/5.5_dbg/storage/innobase/que/que0que.c:1356
      #14 0x0000000000a13ab1 in que_eval_sql (info=info@entry=0x7f6ff4011ed8, sql=sql@entry=0xb61f98 "PROCEDURE DROP_TABLE_PROC () IS\nsys_foreign_id CHAR;\ntable_id CHAR;\nindex_id CHAR;\nforeign_id CHAR;\nfound INT;\nDECLARE CURSOR cur_fk IS\nSELECT ID FROM SYS_FOREIGN\nWHERE FOR_NAME = :table_name\nAND TO_BINARY(FOR_NAME)\n = TO_BINARY(:table_name)\nLOCK IN SHARE MODE;\nDECLARE CURSOR cur_idx IS\nSELECT ID FROM SYS_INDEXES\nWHERE TABLE_ID = table_id\nLOCK IN SHARE MODE;\nBEGIN\nSELECT ID INTO table_id\nFROM SYS_TABLES\nWHERE NAME = :table_name\nLOCK IN SHARE MODE;\nIF (SQL % NOTFOUND) THEN\n RETURN;\nEND IF;\nfound := 1;\nSELECT ID INTO sys_foreign_id\nFROM SYS_TABLES\nWHERE NAME = 'SYS_FOREIGN'\nLOCK IN SHARE MODE;\nIF (SQL % NOTFOUND) THEN\n found := 0;\nEND IF;\nIF (:table_name = 'SYS_FOREIGN') THEN\n found := 0;\nEND IF;\nIF (:table_name = 'SYS_FOREIGN_COLS') THEN\n found := 0;\nEND IF;\nOPEN cur_fk;\nWHILE found = 1 LOOP\n FETCH cur_fk INTO foreign_id;\n IF (SQL % NOTFOUND) THEN\n", ' ' <repeats 15 times>, "found := 0;\n ELSE\n", ' ' <repeats 15 times>, "DELETE FROM SYS_FOREIGN_COLS\n", ' ' <repeats 15 times>, "WHERE ID = foreign_id;\n", ' ' <repeats 15 times>, "DELETE FROM SYS_FOREIGN\n", ' ' <repeats 15 times>, "WHERE ID = foreign_id;\n END IF;\nEND LOOP;\nCLOSE cur_fk;\nfound := 1;\nOPEN cur_idx;\nWHILE found = 1 LOOP\n FETCH cur_idx INTO index_id;\n IF (SQL % NOTFOUND) THEN\n", ' ' <repeats 15 times>, "found := 0;\n ELSE\n", ' ' <repeats 15 times>, "DELETE FROM SYS_STATS\n", ' ' <repeats 15 times>, "WHERE INDEX_ID = index_id;\n", ' ' <repeats 15 times>, "DELETE FROM SYS_FIELDS\n", ' ' <repeats 15 times>, "WHERE INDEX_ID = index_id;\n", ' ' <repeats 15 times>, "DELETE FROM SYS_INDEXES\n", ' ' <repeats 15 times>..., reserve_dict_mutex=reserve_dict_mutex@entry=0, trx=trx@entry=0x7f6ff4017148) at /bzr/5.5_dbg/storage/innobase/que/que0que.c:1445
      #15 0x0000000000899b26 in row_drop_table_for_mysql (name=<optimized out>, trx=<optimized out>, drop_db=<optimized out>) at /bzr/5.5_dbg/storage/innobase/row/row0mysql.c:3454
      #16 0x000000000086e301 in ha_innobase::delete_table (this=<optimized out>, name=<optimized out>) at /bzr/5.5_dbg/storage/innobase/handler/ha_innodb.cc:8535
      #17 0x00000000006bdd53 in handler::ha_delete_table (this=this@entry=0x7f6ff400fe80, name=name@entry=0x7f709406c4b0 "./test/t1") at /bzr/5.5_dbg/sql/handler.cc:3694
      #18 0x00000000006bde58 in ha_delete_table (thd=thd@entry=0x7328360, table_type=table_type@entry=0x30362b0, path=path@entry=0x7f709406c4b0 "./test/t1", db=db@entry=0x7f6ff40051f0 "test", alias=0x7f6ff4004c90 "t1", generate_warning=generate_warning@entry=true) at /bzr/5.5_dbg/sql/handler.cc:2237
      #19 0x00000000005fec01 in mysql_rm_table_no_locks (thd=thd@entry=0x7328360, tables=tables@entry=0x7f6ff4004cc8, if_exists=if_exists@entry=false, drop_temporary=drop_temporary@entry=false, drop_view=drop_view@entry=false, dont_log_query=dont_log_query@entry=false) at /bzr/5.5_dbg/sql/sql_table.cc:2278
      #20 0x00000000005ff68f in mysql_rm_table (thd=thd@entry=0x7328360, tables=tables@entry=0x7f6ff4004cc8, if_exists=<optimized out>, drop_temporary=<optimized out>) at /bzr/5.5_dbg/sql/sql_table.cc:1969
      #21 0x0000000000597fd7 in mysql_execute_command (thd=thd@entry=0x7328360) at /bzr/5.5_dbg/sql/sql_parse.cc:3367
      #22 0x000000000059c8f3 in mysql_parse (thd=thd@entry=0x7328360, rawbuf=<optimized out>, length=16, parser_state=parser_state@entry=0x7f709406d580) at /bzr/5.5_dbg/sql/sql_parse.cc:6055
      #23 0x000000000059e2f7 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x7328360, packet=packet@entry=0x73abf41 "drop table t1,t2", packet_length=packet_length@entry=16) at /bzr/5.5_dbg/sql/sql_parse.cc:1075
      #24 0x00000000005a010f in do_command (thd=0x7328360) at /bzr/5.5_dbg/sql/sql_parse.cc:789
      #25 0x000000000064d8c0 in do_handle_one_connection (thd_arg=thd_arg@entry=0x7328360) at /bzr/5.5_dbg/sql/sql_connect.cc:1409
      #26 0x000000000064d9b6 in handle_one_connection (arg=0x7328360) at /bzr/5.5_dbg/sql/sql_connect.cc:1324
      #27 0x00007f709a862dc5 in start_thread (arg=0x7f709406e700) at pthread_create.c:308
      #28 0x00007f70992f521d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:113

        Smart Checklist

          Attachments

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                lpjirasync lpjirasync (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: