| Bug #20655 | MySQL Server crashes in function check_table_access | ||
|---|---|---|---|
| Submitted: | 23 Jun 2006 10:37 | Modified: | 6 Jul 2006 6:49 |
| Reporter: | Andrey Kazachkov | Email Updates: | |
| Status: | Duplicate | Impact on me: | |
| Category: | MySQL Server | Severity: | S1 (Critical) |
| Version: | 5.0.22 | OS: | Windows (Windows 2000) |
| Assigned to: | CPU Architecture: | Any | |
[23 Jun 2006 10:54]
Andrey Kazachkov
I added dump "ftp://ftp.mysql.com/pub/mysql/upload/bug_20655_001.zip"
[23 Jun 2006 15:13]
MySQL Verification Team
Thank you for the bug report. Looks the dump file and the .pdb file which were uploaded aren't matching: Loading Dump File [c:\st\mysql_001.dmp] User Mini Dump File with Full Memory: Only application data is available Windows 2000 Version 2195 (Service Pack 4) UP Free x86 compatible Product: WinNt Debug session time: Tue Jun 20 03:46:43.000 2006 (GMT-3) System Uptime: 6 days 0:49:19.457 Process Uptime: 0 days 16:01:27.000 Symbol search path is: symsrv*symsrv.dll*C:\st\nt*http://msdl.microsoft.com/download/symbols Executable search path is: ........................................ This dump file has an exception of interest stored in it. The stored exception information can be accessed via .ecxr. (144.39c): Access violation - code c0000005 (first/second chance not available) eax=04d26680 ebx=00000008 ecx=00000000 edx=00000000 esi=045d3070 edi=00000000 eip=004daf9e esp=0420e798 ebp=04c8bb78 iopl=0 nv up ei pl nz na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=0038 gs=0000 efl=00000202 *** WARNING: Unable to verify checksum for mysqld-nt.exe *** ERROR: Module load completed but symbols could not be loaded for mysqld-nt.exe mysqld_nt+0xdaf9e: 004daf9e 8b82dc000000 mov eax,[edx+0xdc] ds:0023:000000dc=???????? 0:013> cdb: Reading initial command '!analyze -v;q' ERROR: FindPlugIns 8007007b ******************************************************************************* * * * Exception Analysis * * * ******************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: ntdll!_PEB *** *** *** ************************************************************************* FAULTING_IP: mysqld_nt+daf9e 004daf9e 8b82dc000000 mov eax,[edx+0xdc] EXCEPTION_RECORD: ffffffff -- (.exr ffffffffffffffff) ExceptionAddress: 004daf9e (mysqld_nt+0x000daf9e) ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000 NumberParameters: 2 Parameter[0]: 00000000 Parameter[1]: 000000dc Attempt to read from address 000000dc PROCESS_NAME: mysqld-nt.exe ERROR_CODE: (NTSTATUS) 0xc0000005 - A instru o no "0x%08lx" fez refer ncia mem ria no "0x%08lx". A mem READ_ADDRESS: 000000dc BUGCHECK_STR: ACCESS_VIOLATION DEFAULT_BUCKET_ID: NULL_CLASS_PTR_DEREFERENCE LAST_CONTROL_TRANSFER: from 08186178 to 004daf9e STACK_TEXT: WARNING: Stack unwind information not available. Following frames may be wrong. 04c8bb78 08186178 07eafd88 006a5ee8 00000000 mysqld_nt+0xdaf9e 04c8bb7c 07eafd88 006a5ee8 00000000 0420f1d4 0x8186178 08186178 006a5ee8 00000000 0818618c 00000003 0x7eafd88 0818617c 00000000 0818618c 00000003 0500e0a0 mysqld_nt+0x2a5ee8 FOLLOWUP_IP: mysqld_nt+daf9e 004daf9e 8b82dc000000 mov eax,[edx+0xdc] FAULTING_SOURCE_CODE: SYMBOL_STACK_INDEX: 0 FOLLOWUP_NAME: MachineOwner SYMBOL_NAME: mysqld_nt+daf9e MODULE_NAME: mysqld_nt IMAGE_NAME: mysqld-nt.exe DEBUG_FLR_IMAGE_TIMESTAMP: 4483d968 STACK_COMMAND: ~13s; .ecxr ; kb FAILURE_BUCKET_ID: ACCESS_VIOLATION_mysqld_nt+daf9e BUCKET_ID: ACCESS_VIOLATION_mysqld_nt+daf9e Followup: MachineOwner --------- quit: C:\st> Anyway comparing the call stack provided looks similar to the bug: http://bugs.mysql.com/bug.php?id=20540 Thanks in advance.
[24 Jun 2006 7:47]
Andrey Kazachkov
Well, possibly I've uploaded old symbol file. Here ftp://ftp.mysql.com/pub/mysql/upload/bug_20655_002.zip is correct symbol file mysqld-nt.pdb. So, if I put symbol mysqld-nt.pdb into D:\DOCUME~1\andrew\LOCALS~1\Temp\1 directory I can get following 0:013> .sympath symsrv*symsrv.dll*C:\Symbols*http://msdl.microsoft.com/download/symbols;D:\DOCUME~1\andrew\LOCALS~1\Temp\1 Symbol search path is: symsrv*symsrv.dll*C:\Symbols*http://msdl.microsoft.com/download/symbols;D:\DOCUME~1\andrew\LOCALS~1\Temp\1 0:013> .reload .*** WARNING: Unable to verify checksum for mysqld-nt.exe ....................................... 0:013> kb50 ChildEBP RetAddr Args to Child 0420e7ac 004dccfd 04c8bb78 00000008 00000000 mysqld_nt!check_table_access+0x8e [o:\mysql-5.0.22\sql\sql_parse.cpp @ 5209] 0420e7d0 004e209a 04c8bb78 045d3270 045df6c4 mysqld_nt!multi_delete_precheck+0x4d [o:\mysql-5.0.22\sql\sql_parse.cpp @ 7033] 0420f0f8 004a3fdd 04c8bb78 04c8bb78 004a3e81 mysqld_nt!mysql_execute_command+0x28da [o:\mysql-5.0.22\sql\sql_parse.cpp @ 3398] 0420f104 004a3e81 04c8bb78 0420f178 045df6a0 mysqld_nt!sp_instr_stmt::exec_core+0xd [o:\mysql-5.0.22\sql\sp_head.cpp @ 2305] 0420f11c 004a6661 04c8bb78 0420f178 00000000 mysqld_nt!sp_lex_keeper::reset_lex_and_exec_core+0xd1 [o:\mysql-5.0.22\sql\sp_head.cpp @ 2183] 0420f140 004a72ea 00000016 0420f178 059d98d8 mysqld_nt!sp_instr_stmt::execute+0x71 [o:\mysql-5.0.22\sql\sp_head.cpp @ 2258] 0420f280 004a7c8d 04c8bb78 04c8c0bc 04c8bb78 mysqld_nt!sp_head::execute+0x2ba [o:\mysql-5.0.22\sql\sp_head.cpp @ 1059] 0420f2d0 004e4046 04c8bb78 04c8c0bc 04c8bb78 mysqld_nt!sp_head::execute_procedure+0x27d [o:\mysql-5.0.22\sql\sp_head.cpp @ 1499] 0420fbfc 004e53c2 04c8bb78 04c8cc98 05ae481e mysqld_nt!mysql_execute_command+0x4886 [o:\mysql-5.0.22\sql\sql_parse.cpp @ 4423] 0420fc10 004e60f2 04c8bb78 05ae4808 00000016 mysqld_nt!mysql_parse+0x102 [o:\mysql-5.0.22\sql\sql_parse.cpp @ 5696] 0420ff24 004e6e8d 00000003 04c8bb78 05ac8009 mysqld_nt!dispatch_command+0x582 [o:\mysql-5.0.22\sql\sql_parse.cpp @ 1738] 0420ff48 004e710e 04c8bb78 004e6ea0 02e2dd60 mysqld_nt!do_command+0xad [o:\mysql-5.0.22\sql\sql_parse.cpp @ 1522] 0420ff68 0054e1eb 04c8bb78 02e2dd60 0410fb38 mysqld_nt!handle_one_connection+0x26e [o:\mysql-5.0.22\sql\sql_parse.cpp @ 1165] 0420ff80 00658d70 02e2dd60 0410fb38 77fcae15 mysqld_nt!pthread_start+0x3b 0420ffb4 7c57b388 02e49880 0410fb38 77fcae15 mysqld_nt!_threadstart+0x6c [f:\vs70builds\3077\vc\crtbld\crt\src\thread.c @ 196] 0420ffec 00000000 00658d04 02e49880 00000000 KERNEL32!BaseThreadStart+0x52
[26 Jun 2006 16:05]
MySQL Verification Team
Thank you for the feedback. Let this one as duplicate of bug: http://bugs.mysql.com/bug.php?id=20540 and when it will fixed try the version fixed. Thanks in advance.
[2 Jul 2006 17:49]
MySQL Verification Team
Hi Andrey, this is probably the same as bug #19399 and bug #20540. Can you please post the SP which contains a multi-table DELETE statement, and their corresponding tables? Thanks,
[2 Jul 2006 18:09]
MySQL Verification Team
The SP containing this statement crashed: "DELETE `host_pubkey` FROM `host_pubkey`, `__ttmp_t_host_to_clean` WHERE `host_pubkey`.`nId` = `__ttmp_t_host_to_clean`.`host_id`" If possible, please post the SP and the table structures for `host_pubkey`, `__ttmp_t_host_to_clean`. Thanks!
[6 Jul 2006 6:49]
Andrey Kazachkov
Here are SP and required tables.
CREATE TEMPORARY TABLE IF NOT EXISTS `__ttmp_t_host_to_clean` (
`host_id` INT PRIMARY KEY
)ENGINE=InnoDB DEFAULT CHARACTER SET `ascii` COLLATE `ascii_general_ci`;
/* creating table host_pubkey*/
CREATE TABLE `host_pubkey` (
`nId` INT PRIMARY KEY,
`binPublicKey` MEDIUMBLOB NOT NULL,
`strPublicKeyHash` VARCHAR(32) NOT NULL
)ENGINE=InnoDB DEFAULT CHARACTER SET `ascii` COLLATE `ascii_general_ci`
GO
/* altering table host_pubkey*/
ALTER TABLE `host_pubkey`
ADD CONSTRAINT `FK_host_pubkey__Hosts` FOREIGN KEY (`nId`) REFERENCES `Hosts` (`nId`) ON UPDATE CASCADE ON DELETE CASCADE
GO
/* creating procedure hst_clear_hosts */
CREATE PROCEDURE `hst_clear_hosts` ()
BEGIN
/* Declarations */
DECLARE __st_FETCH_STATUS INT;
DECLARE __vtmp_tmNow DATETIME;
DECLARE _st_AutoCommit INT;
DECLARE CONTINUE HANDLER FOR SQLSTATE '02000' SET __st_FETCH_STATUS = 1;
SELECT @@session.autocommit INTO _st_AutoCommit;
IF 0 <> _st_AutoCommit THEN SET AUTOCOMMIT = 0; END IF ;
SET `__vtmp_tmNow` = UTC_TIMESTAMP( ) ;
IF (0 = 0 ) THEN
UPDATE `Hosts` SET `Hosts`.`strConnectionName`= NULL , `Hosts`.`tmMustBeCleared`= NULL WHERE `Hosts`.`tmMustBeCleared` <= `__vtmp_tmNow` ;
END IF;
CREATE TEMPORARY TABLE IF NOT EXISTS `__ttmp_t_host_to_clean` (
`host_id` INT PRIMARY KEY
)ENGINE=InnoDB DEFAULT CHARACTER SET `ascii` COLLATE `ascii_general_ci`;
TRUNCATE TABLE `__ttmp_t_host_to_clean`;
INSERT INTO `__ttmp_t_host_to_clean` SELECT `Hosts`.`nId` FROM `Hosts` , `AdmGroups` WHERE `Hosts`.`strConnectionName` IS NULL AND `Hosts`.`tmLastNagentConnected` IS NOT NULL AND `AdmGroups`.`nId` = `Hosts`.`nGroup` AND `AdmGroups`.`bChildUnassigned` <> 0 ;
IF (0 = 0 ) THEN
DELETE `hst_prdstates` FROM `hst_prdstates`, `__ttmp_t_host_to_clean` WHERE `hst_prdstates`.`nHostId` = `__ttmp_t_host_to_clean`.`host_id` ;
END IF;
IF (0 = 0 ) THEN
DELETE `host_pubkey` FROM `host_pubkey`, `__ttmp_t_host_to_clean` WHERE `host_pubkey`.`nId` = `__ttmp_t_host_to_clean`.`host_id` ;
END IF;
IF (0 = 0 ) THEN
DELETE `hst_tskstates` FROM `hst_tskstates`, `__ttmp_t_host_to_clean` WHERE `hst_tskstates`.`nHostId` = `__ttmp_t_host_to_clean`.`host_id` ;
END IF;
IF (0 = 0 ) THEN
DELETE `GS_Hosts` FROM `GS_Hosts`, `__ttmp_t_host_to_clean` WHERE `GS_Hosts`.`nHostId` = `__ttmp_t_host_to_clean`.`host_id` ;
END IF;
IF (0 = 0 ) THEN
UPDATE `Hosts`, `__ttmp_t_host_to_clean` SET `Hosts`.`tmLastNagentConnected`= NULL WHERE `Hosts`.`nId` = `__ttmp_t_host_to_clean`.`host_id` ;
END IF;
IF (0 = 0 ) THEN
IF 0 <> _st_AutoCommit THEN COMMIT; SET AUTOCOMMIT = 1; END IF ;
ELSE
IF 0 <> _st_AutoCommit THEN ROLLBACK; SET AUTOCOMMIT = 1; END IF ;
END IF;
END
GO
Description: MySQL Server occasionally crashes in function check_table_access with following stack. mysqld_nt!check_table_access+0x8e [o:\mysql-5.0.22\sql\sql_parse.cpp @ 5209] mysqld_nt!multi_delete_precheck+0x4d [o:\mysql-5.0.22\sql\sql_parse.cpp @ 7033] mysqld_nt!mysql_execute_command+0x28da [o:\mysql-5.0.22\sql\sql_parse.cpp @ 3398] mysqld_nt!sp_instr_stmt::exec_core+0xd [o:\mysql-5.0.22\sql\sp_head.cpp @ 2305] mysqld_nt!sp_lex_keeper::reset_lex_and_exec_core+0xd1 [o:\mysql-5.0.22\sql\sp_head.cpp @ 2183] mysqld_nt!sp_instr_stmt::execute+0x71 [o:\mysql-5.0.22\sql\sp_head.cpp @ 2258] mysqld_nt!sp_head::execute+0x2ba [o:\mysql-5.0.22\sql\sp_head.cpp @ 1059] mysqld_nt!sp_head::execute_procedure+0x27d [o:\mysql-5.0.22\sql\sp_head.cpp @ 1499] mysqld_nt!mysql_execute_command+0x4886 [o:\mysql-5.0.22\sql\sql_parse.cpp @ 4423] mysqld_nt!mysql_parse+0x102 [o:\mysql-5.0.22\sql\sql_parse.cpp @ 5696] mysqld_nt!dispatch_command+0x582 [o:\mysql-5.0.22\sql\sql_parse.cpp @ 1738] mysqld_nt!do_command+0xad [o:\mysql-5.0.22\sql\sql_parse.cpp @ 1522] mysqld_nt!handle_one_connection+0x26e [o:\mysql-5.0.22\sql\sql_parse.cpp @ 1165] mysqld_nt!pthread_start+0x3b mysqld_nt!_threadstart+0x6c [f:\vs70builds\3077\vc\crtbld\crt\src\thread.c @ 196] KERNEL32!BaseThreadStart+0x52 Place of crash /* Register access for view underlying table. Remove SHOW_VIEW_ACL, because it will be checked during making view */ tables->grant.orig_want_privilege= (want_access & ~SHOW_VIEW_ACL); if (tables->derived || tables->schema_table || tables->belong_to_view || (tables->table && (int)tables->table->s->tmp_table) || my_tz_check_n_skip_implicit_tables(&tables, > thd->lex->time_zone_tables_used)) > continue; thd->lex is equal to NULL The problem seems not to be related to a particular query -- the same query runs successevely after the crash. How to repeat: MySQL server occasionally crashes while running several concurrent queries. I have several memory dumps, so I may attach them.