Bug #21298 ndbcluster_log_schema_op locks already freed mutex
Submitted: 26 Jul 2006 13:07 Modified: 1 Sep 2006 8:14
Reporter: Magnus Blåudd Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Cluster: Cluster (NDB) storage engine Severity:S2 (Serious)
Version:5.1.12 OS:Any (all)
Assigned to: Jonas Oreland CPU Architecture:Any

[26 Jul 2006 13:07] Magnus Blåudd 
Description:
Test cases rpl_truncate_7ndb fails quite randomly. When examining the core files it looks like safe_mutex_lock has detected a lock of an already free mutex in schema_share.

#2  0x0852137c in write_core (sig=11) at stacktrace.c:220
#3  0x082a56c3 in handle_segfault (sig=11) at mysqld.cc:2177
#4  <signal handler called>
#5  0x089d1d98 in safe_mutex_lock (mp=0xa8,
    file=0x8b2a875 "ha_ndbcluster_binlog.cc", line=1473) at thr_mutex.c:98
#6  0x0848e5d9 in ndbcluster_log_schema_op (thd=0xa0546b8, share=0xa0bb760,
    query=0xb79816f0 "drop table `t1`", query_length=15, db=0xa0b93aa "test",
    table_name=0xa0b93af "t1", ndb_table_id=5, ndb_table_version=9,
    type=SOT_DROP_TABLE, new_db=0x0, new_table_name=0x0, have_lock_open=1)
    at ha_ndbcluster_binlog.cc:1473
#7  0x0846bd9b in ha_ndbcluster::delete_table (h=0xa0b4150, ndb=0xa056310,
    path=0xb7982a10 "./test/t1", db=0xa0b4254 "test",
    table_name=0xa0b4351 "t1") at ha_ndbcluster.cc:5375
#8  0x0846c293 in ha_ndbcluster::delete_table (this=0xa0b4150,
    name=0xb7982a10 "./test/t1") at ha_ndbcluster.cc:5438
#9  0x0840ed14 in ha_delete_table (thd=0xa0546b8, table_type=0x8e098a0,
    path=0xb7982a10 "./test/t1", db=0xa0b4148 "test", alias=0xa0b3f80 "t1",
    generate_warning=true) at handler.cc:1369
#10 0x084a3dac in mysql_rm_table_part2 (thd=0xa0546b8, tables=0xa0b3fa8,
    if_exists=false, drop_temporary=false, drop_view=false,
    dont_log_query=false) at sql_table.cc:1636
---Type <return> to continue, or q <return> to quit---
#11 0x084a31d6 in mysql_rm_table (thd=0xa0546b8, tables=0xa0b3fa8,
    if_exists=0 '\0', drop_temporary=0 '\0') at sql_table.cc:1411
#12 0x082d7844 in mysql_execute_command (thd=0xa0546b8) at sql_parse.cc:3577
#13 0x082e1ab5 in mysql_parse (thd=0xa0546b8, inBuf=0xa0b9831 "DROP TABLE t1",
    length=13) at sql_parse.cc:6089
#14 0x083a8d9d in Query_log_event::exec_event (this=0xa0dfa40, rli=0xa05f314,
    query_arg=0xa0b9831 "DROP TABLE t1", q_len_arg=13) at log_event.cc:1821
#15 0x083a8639 in Query_log_event::exec_event (this=0xa0dfa40, rli=0xa05f314)
    at log_event.cc:1699
#16 0x08504107 in exec_relay_log_event (thd=0xa0546b8, rli=0xa05f314)
    at slave.cc:3151
#17 0x08506425 in handle_slave_sql (arg=0xa05e4b8) at slave.cc:3702

How to repeat:
Detected by PushBuild, See for example this test run https://intranet.mysql.com/~knielsen/getlog.pl?dir=mysql-5.1-new-maint&entry=msvensson@nep...

Suggested fix:
Protect the schema_share access.
[26 Jul 2006 13:08] Magnus Blåudd 
Crash can also occur in  rpl_ndb_idempotent
[27 Jul 2006 7:03] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/9648
[23 Aug 2006 13:49] Jonas Oreland 
https://intranet.mysql.com/secure/mailarchive/mail.php?folder=5&mail=54837
[30 Aug 2006 16:10] Magnus Blåudd 
Patch looks good. :)
[1 Sep 2006 8:14] Jonas Oreland 
pushed to 5.1.12, nothing to document