Bug #30193 crash during drop table and kill
Submitted: 2 Aug 2007 1:05 Modified: 29 Aug 2007 1:33
Reporter: Shane Bester (Platinum Quality Contributor) Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Locking Severity:S1 (Critical)
Version:5.0.48BK OS:Any
Assigned to: Georgi Kodinov CPU Architecture:Any
Tags: crash, drop table, KILL

[2 Aug 2007 1:05] Shane Bester 
Description:
070801 23:25:52 [Note] /home/sbester/server/5.0/mysql-5.0.48-linux-i686/bin/mysqld: ready for connections.
Version: '5.0.48-debug'  socket: '/tmp/mysql.sock'  port: 3306  yes
070802  0:37:05 - mysqld got signal 11;
This could be because you hit a bug. It is also possible that this binary
or one of the libraries it was linked against is corrupt, improperly built,
or misconfigured. This error can also be caused by malfunctioning hardware.
We will try our best to scrape up some info that will hopefully help diagnose
the problem, but since we have already crashed, something is definitely wrong
and this may fail.

key_buffer_size=8388572
read_buffer_size=131072
max_used_connections=9
max_connections=100
threads_connected=1
It is possible that mysqld could use up to 
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_connections = 225788 K
bytes of memory
Hope that's ok; if not, decrease some variables in the equation.

thd=0x41b00498
Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
Cannot determine thread, fp=0xbe5fe4c8, backtrace may not be correct.
Stack range sanity check OK, backtrace follows:
0x80e27a3 handle_segfault + 529
0x846588d __pthread_sighandler + 173
0x812cbb6 _Z23remove_table_from_cacheP3THDPKcS2_j + 620
0x80dd09b _Z15lock_table_nameP3THDP10TABLE_LIST + 521
0x80dd27f _Z16lock_table_namesP3THDP10TABLE_LIST + 37
0x81d3339 _Z20mysql_rm_table_part2P3THDP10TABLE_LISTbbbb + 219
0x81d303b _Z14mysql_rm_tableP3THDP10TABLE_LISTcc + 297
0x80fce81 _Z21mysql_execute_commandP3THD + 13137
0x810268d _Z11mysql_parseP3THDPKcjPS2_ + 363
0x80f8651 _Z16dispatch_command19enum_server_commandP3THDPcj + 2007
0x80f7e6f _Z10do_commandP3THD + 529
0x80f6f5e handle_one_connection + 874
0x8460761 pthread_start_thread + 225
0x84c375a __clone + 106
New value of fp=(nil) failed sanity check, terminating stack trace!
Please read http://dev.mysql.com/doc/mysql/en/using-stack-trace.html and follow instructions on how to resolve the stack trace. Resolved
stack trace is much more helpful in diagnosing the problem, so please do 
resolve it
Trying to get some variables.
Some pointers may be invalid and cause the dump to abort...
thd->query at 0x8cbf7f8 = drop table if exists t2
thd->thread_id=27710
The manual page at http://www.mysql.com/doc/en/Crashing.html contains
information that should help you find out what is causing the crash.

How to repeat:
no idea. happened once in many runs of killquery.php and the following stress test:

i|1|drop table if exists t1|
i|1|drop table if exists t2|
i|1|create table t1(id longtext, name tinytext,key(id(20)),key(name(10)))|
i|1|create table t2(id bigint, name varchar(15),key(id),key(name(10)))|
i|1|set global max_allowed_packet=1024*1024*1024|
n|1|set session max_allowed_packet=1024*1024*1024|
p|1|insert into t1(name,id) values (?,?)|char ./words,char ./words
p|1|insert into t2(id,name) values (?,?)|bigint,char ./words
p|100|select now()|
p|100|select name from t2 where name=?|char ./words

Suggested fix:
.
[2 Aug 2007 1:22] MySQL Verification Team 
testcase

Attachment: bug30193.c (text/plain), 5.79 KiB.
[2 Aug 2007 1:23] MySQL Verification Team 
crashed my windows 5.0.46 also:

mysqld-debug.exe!remove_table_from_cache()  Line 6068
mysqld-debug.exe!lock_table_name()  Line 887
mysqld-debug.exe!lock_table_names()  Line 960
mysqld-debug.exe!mysql_rm_table_part2()  Line 231
mysqld-debug.exe!mysql_rm_table()  Line 127
mysqld-debug.exe!mysql_execute_command()  Line 3727
mysqld-debug.exe!mysql_parse()  Line 6083
mysqld-debug.exe!dispatch_command()  Line 1812
mysqld-debug.exe!do_command()  Line 1586
mysqld-debug.exe!handle_one_connection()  Line 1197
mysqld-debug.exe!pthread_start()  Line 62
mysqld-debug.exe!_callthreadstart()  Line 293
mysqld-debug.exe!_threadstart(void * ptd=0x0288d028)  Line 277
[2 Aug 2007 1:28] MySQL Verification Team 
sbester@www:~> gcc bug30193.c -g -o bug30193 -L/home/sbester/server/5.0/mysql-5.0.48-linux-i686/lib -I/home/sbester/server/5.0/mysql-5.0.48-linux-i686/include   -lmysqlclient_r -lz -lpthread
sbester@www:~> ./bug30193 
running initializations..
about to spawn 10 threads
..........
completed spawning new database worker threads .. running them for 10 seconds...
now about to spawn the killer thread...
can't get processlist. server died!!!1 2003 (Can't connect to MySQL server on '127.0.0.1' (111))
error processing processlist results...
count: 1000
count: 1000
[2 Aug 2007 14:11] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/32012

ChangeSet@1.2498, 2007-08-02 17:11:35+03:00, gkodinov@magare.gmz +1 -0
  Bug #30193: crash during drop table and kill
  
  When DROP TABLE detects that it has been killed
  by another thread it must unlock the table names
  it locked.
  
  Fixed by backporting the 5.1 error handling code.
[15 Aug 2007 9:48] Bugs System 
Pushed into 5.1.22-beta
[15 Aug 2007 9:51] Bugs System 
Pushed into 5.0.48
[29 Aug 2007 1:33] Paul DuBois 
Noted in 5.0.48 changelog.

When a thread executing a DROP TABLE statement was killed, the table
name locks that had been acquired were not released.

(Fix does not apply to 5.1, which did not have the problem.)