Bug #38691 | segfault/abort in ``UPDATE ...JOIN'' while ``FLUSH TABLES WITH READ LOCK'' | ||
---|---|---|---|
Submitted: | 9 Aug 2008 16:08 | Modified: | 17 Oct 2008 18:22 |
Reporter: | Erik Schoenfelder | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Server | Severity: | S1 (Critical) |
Version: | 5.0.67, 5.0 - rev 2646, 5.1 - rev 2673, 6.0 - rev 2664 bzr | OS: | Any |
Assigned to: | Gleb Shchepa | CPU Architecture: | Any |
Tags: | flush tables with read lock, mysqlhotcopy, race, segfault, update join |
[9 Aug 2008 16:08]
Erik Schoenfelder
[9 Aug 2008 16:10]
Erik Schoenfelder
script s1.sh
Attachment: s1.sh (application/x-sh, text), 805 bytes.
[9 Aug 2008 16:11]
Erik Schoenfelder
script s2.sh
Attachment: s2.sh (application/x-sh, text), 96 bytes.
[9 Aug 2008 17:12]
Sveta Smirnova
Thank you for the report. Verified as described.
[9 Aug 2008 20:22]
MySQL Verification Team
sveta, do you think this could be related to bug #38499 ?
[12 Aug 2008 6:11]
Sveta Smirnova
Yes, looks similar, but because trace is a bit different, I'd leave these bugs separate until one who will fix them decide if they are duplicates.
[16 Sep 2008 18:22]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/54225 2674 Gleb Shchepa 2008-09-16 Bug #38691: segfault/abort in ``UPDATE ...JOIN'' while ``FLUSH TABLES WITH READ LOCK'' Concurrent execution of 1) multitable update with a NATURAL/USING join and 2) a such query as "FLUSH TABLES WITH READ LOCK" or "ALTER TABLE" of updating table led to a server crash. The mysql_multi_update_prepare() function call is optimized to lock updating tables only, so it postpones locking to the last, and if locking fails, it does cleanup of modified syntax structures and repeats a query analysis. However, that cleanup procedure was incomplete for NATURAL/USING join syntax data: 1) some Field_item items pointed into freed table structures, and 2) the TABLE_LIST::join_columns fields was not reset.
[6 Oct 2008 22:50]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/55494 2689 Gleb Shchepa 2008-10-07 Bug #38691: segfault/abort in ``UPDATE ...JOIN'' while ``FLUSH TABLES WITH READ LOCK'' Concurrent execution of 1) multitable update with a NATURAL/USING join and 2) a such query as "FLUSH TABLES WITH READ LOCK" or "ALTER TABLE" of updating table led to a server crash. The mysql_multi_update_prepare() function call is optimized to lock updating tables only, so it postpones locking to the last, and if locking fails, it does cleanup of modified syntax structures and repeats a query analysis. However, that cleanup procedure was incomplete for NATURAL/USING join syntax data: 1) some Field_item items pointed into freed table structures, and 2) the TABLE_LIST::join_columns fields was not reset. Major change: short-living Field *Natural_join_column::table_field has been replaced with long-living Item*.
[7 Oct 2008 11:44]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/55573 2689 Gleb Shchepa 2008-10-07 Bug #38691: segfault/abort in ``UPDATE ...JOIN'' while ``FLUSH TABLES WITH READ LOCK'' Concurrent execution of 1) multitable update with a NATURAL/USING join and 2) a such query as "FLUSH TABLES WITH READ LOCK" or "ALTER TABLE" of updating table led to a server crash. The mysql_multi_update_prepare() function call is optimized to lock updating tables only, so it postpones locking to the last, and if locking fails, it does cleanup of modified syntax structures and repeats a query analysis. However, that cleanup procedure was incomplete for NATURAL/USING join syntax data: 1) some Field_item items pointed into freed table structures, and 2) the TABLE_LIST::join_columns fields was not reset. Major change: short-living Field *Natural_join_column::table_field has been replaced with long-living Item*.
[7 Oct 2008 16:20]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/55611 2689 Gleb Shchepa 2008-10-07 Bug #38691: segfault/abort in ``UPDATE ...JOIN'' while ``FLUSH TABLES WITH READ LOCK'' Concurrent execution of 1) multitable update with a NATURAL/USING join and 2) a such query as "FLUSH TABLES WITH READ LOCK" or "ALTER TABLE" of updating table led to a server crash. The mysql_multi_update_prepare() function call is optimized to lock updating tables only, so it postpones locking to the last, and if locking fails, it does cleanup of modified syntax structures and repeats a query analysis. However, that cleanup procedure was incomplete for NATURAL/USING join syntax data: 1) some Field_item items pointed into freed table structures, and 2) the TABLE_LIST::join_columns fields was not reset. Major change: short-living Field *Natural_join_column::table_field has been replaced with long-living Item*.
[7 Oct 2008 18:08]
Paul DuBois
Noted in 5.1.29 changelog. A server crash resulted from concurrent execution of a multiple-table UPDATE that used a NATURAL ... USING join together with FLUSH TABLES WITH READ LOCK or ALTER TABLE for the table being updated. Leaving report status unchanged; this is early documentation of an upcoming push into 5.1.29.
[7 Oct 2008 18:35]
Paul DuBois
Revised changelog entry. A server crash resulted from concurrent execution of a multiple-table UPDATE that used a NATURAL or USING join together with FLUSH TABLES WITH READ LOCK or ALTER TABLE for the table being updated.
[7 Oct 2008 21:36]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/55630 2689 Gleb Shchepa 2008-10-08 Bug #38691: segfault/abort in ``UPDATE ...JOIN'' while ``FLUSH TABLES WITH READ LOCK'' Concurrent execution of 1) multitable update with a NATURAL/USING join and 2) a such query as "FLUSH TABLES WITH READ LOCK" or "ALTER TABLE" of updating table led to a server crash. The mysql_multi_update_prepare() function call is optimized to lock updating tables only, so it postpones locking to the last, and if locking fails, it does cleanup of modified syntax structures and repeats a query analysis. However, that cleanup procedure was incomplete for NATURAL/USING join syntax data: 1) some Field_item items pointed into freed table structures, and 2) the TABLE_LIST::join_columns fields was not reset. Major change: short-living Field *Natural_join_column::table_field has been replaced with long-living Item*.
[9 Oct 2008 17:25]
Bugs System
Pushed into 5.0.72 (revid:gshchepa@mysql.com-20081007213400-0iombn7tl0rf1sok) (version source revid:kgeorge@mysql.com-20081008083624-owy9lio04hq16le1) (pib:4)
[9 Oct 2008 17:47]
Bugs System
Pushed into 5.1.30 (revid:gshchepa@mysql.com-20081007213400-0iombn7tl0rf1sok) (version source revid:gshchepa@mysql.com-20081007215249-0yjxbe6boyydv96k) (pib:4)
[9 Oct 2008 18:34]
Paul DuBois
Setting report to NDI pending push into 6.0.x.
[9 Oct 2008 18:35]
Paul DuBois
Noted in 5.0.72 changelog.
[14 Oct 2008 17:57]
Paul DuBois
See also Bug#38823.
[17 Oct 2008 16:42]
Bugs System
Pushed into 6.0.8-alpha (revid:gshchepa@mysql.com-20081007213400-0iombn7tl0rf1sok) (version source revid:kgeorge@mysql.com-20081008092313-4wzrak2duhsz7ylm) (pib:5)
[17 Oct 2008 18:22]
Paul DuBois
Noted in 6.0.8 changelog.
[28 Oct 2008 21:05]
Bugs System
Pushed into 5.1.29-ndb-6.2.17 (revid:gshchepa@mysql.com-20081007213400-0iombn7tl0rf1sok) (version source revid:tomas.ulin@sun.com-20081028140209-u4emkk1xphi5tkfb) (pib:5)
[28 Oct 2008 22:23]
Bugs System
Pushed into 5.1.29-ndb-6.3.19 (revid:gshchepa@mysql.com-20081007213400-0iombn7tl0rf1sok) (version source revid:tomas.ulin@sun.com-20081028194045-0353yg8cvd2c7dd1) (pib:5)
[1 Nov 2008 9:46]
Bugs System
Pushed into 5.1.29-ndb-6.4.0 (revid:gshchepa@mysql.com-20081007213400-0iombn7tl0rf1sok) (version source revid:jonas@mysql.com-20081101082305-qx5a1bj0z7i8ueys) (pib:5)