Bug #30451 rpl_udf.test crashed slave in debug build using binlog-format=statement
Submitted: 15 Aug 2007 23:09 Modified: 21 Nov 2008 20:51
Reporter: Jonathan Miller Email Updates:
Status: Can't repeat Impact on me:
None 
Category:Tests: Replication Severity:S3 (Non-critical)
Version:mysql5.1-telco-6.2-debug OS:Linux (32 bit)
Assigned to: Andrei Elkin CPU Architecture:Any

[15 Aug 2007 23:09] Jonathan Miller 
Description:
Hi,

I am opening this as a P3 because I have only had it to happen twice out of 20 something tries. I have not been able to narrow it down to a repeatable test case. In addition it only happens if you run all the rpl test and not just rpl_udf alone. Crash seems to be in hash.c: at line 496, see below

0x82769d7 handle_segfault + 671
0x8681786 hash_delete + 551
0x8409763 _Z8free_udfP11st_udf_func + 175
0x81e936d _ZN11udf_handler7cleanupEv + 85
0x81ea1ec _ZN13Item_udf_func7cleanupEv + 20
0x8267ee0 _ZN4Item11delete_selfEv + 24
0x825f84a _ZN11Query_arena10free_itemsEv + 90
0x825f923 _ZN3THD19cleanup_after_queryEv + 163
0x8293c7b _Z11mysql_parseP3THDPKcjPS2_ + 751
0x82946a1 _Z16dispatch_command19enum_server_commandP3THDPcj + 2481
0x8295877 _Z10do_commandP3THD + 591
0x82834fc handle_one_connection + 256
0xd1ebd4 (?)
0xc764fe (?)

#0  0x00b8d402 in __kernel_vsyscall ()
#1  0x00d2164f in pthread_kill () from /lib/libpthread.so.0
#2  0x0843deee in write_core (sig=11) at stacktrace.c:229
#3  0x08276b21 in handle_segfault (sig=11) at mysqld.cc:2240
#4  <signal handler called>
#5  0x08681786 in hash_delete (hash=0x8984b20, record=0x9c20670 "\201\uffff}\b\001") at hash.c:496
#6  0x08409763 in free_udf (udf=0x9c20670) at sql_udf.cc:304
#7  0x081e936d in udf_handler::cleanup (this=0x9be38c4) at item_func.cc:2790
#8  0x081ea1ec in Item_udf_func::cleanup (this=0x9be3850) at item_func.cc:3088
#9  0x08267ee0 in Item::delete_self (this=0x9be3850) at item.h:923
#10 0x0825f84a in Query_arena::free_items (this=0x9b8d6bc) at sql_class.cc:1818
#11 0x0825f923 in THD::cleanup_after_query (this=0x9b8d6b0) at sql_class.cc:813
#12 0x08293c7b in mysql_parse (thd=0x9b8d6b0, inBuf=0x9be36f8 "SELECT myfunc_double(75.00)",
    length=27, found_semicolon=0xb7442310) at sql_parse.cc:5376
#13 0x082946a1 in dispatch_command (command=COM_QUERY, thd=0x9b8d6b0, packet=0x9bdb699 "",
    packet_length=28) at sql_parse.cc:906
#14 0x08295877 in do_command (thd=0x9b8d6b0) at sql_parse.cc:667
#15 0x082834fc in handle_one_connection (arg=0x9b8d6b0) at sql_connect.cc:1091
#16 0x00d1ebd4 in start_thread () from /lib/libpthread.so.0
#17 0x00c764fe in clone () from /lib/libc.so.6

(gdb) f 5
#5  0x08681786 in hash_delete (hash=0x8984b20, record=0x9c20670 "\201\uffff}\b\001") at hash.c:496
496       pos_hashnr=rec_hashnr(hash,pos->data);
Current language:  auto; currently c
(gdb) l
491       if (pos == empty)                     /* Move to empty position. */
492       {
493         empty[0]=lastpos[0];
494         goto exit;
495       }
496       pos_hashnr=rec_hashnr(hash,pos->data);
497       /* pos3 is where the pos should be */
498       pos3= data+hash_mask(pos_hashnr,hash->blength,hash->records);
499       if (pos != pos3)
500       {                                     /* pos is on wrong posit */

rpl_udf                        [ fail ]

Errors are (from /data1/mysql-5.1-telco-6.2-new/mysql-test/var/log/mysqltest-time) :
mysqltest: In included file "./include/rpl_udf.inc": At line 87: failed in 'select master_pos_wait('master-bin.000001', 3566)': 2013: Lost connection to MySQL server during query
(the last lines may be the most important ones)
Result from queries before failure can be found in /data1/mysql-5.1-telco-6.2-new/mysql-test/var/log/rpl_udf.log

How to repeat:
./mysql-test-run.pl --do-test=rpl --mysqld=--binlog-format=statement
[21 Nov 2008 20:51] Andrei Elkin 
Could not reproduce the problem with the up-to-date 5.1 tree.