Bug #38786 InnoDB plugin crashes on drop table/create table with FK
Submitted: 14 Aug 2008 0:23 Modified: 20 Jun 2010 17:30
Reporter: Vadim TKACHENKO Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: InnoDB Plugin storage engine Severity:S1 (Critical)
Version:5.1.26, 5.1 bzr + 1.0.1 plugin OS:Any
Assigned to: Marko Mäkelä CPU Architecture:Any
Tags: qc

[14 Aug 2008 0:23] Vadim TKACHENKO
Description:
I got crash on MySQL 5.1.26 with compiled in InnoDB plugin 1.0.1 when I repeat next script several times.

Stack trace
Version: '5.1.26-rc-log'  socket: '/var/lib/mysql/mysql.sock'  port: 3306  Source distribution
080810 20:40:43 - mysqld got signal 11 ;
This could be because you hit a bug. It is also possible that this binary
or one of the libraries it was linked against is corrupt, improperly built,
or misconfigured. This error can also be caused by malfunctioning hardware.
We will try our best to scrape up some info that will hopefully help diagnose
the problem, but since we have already crashed, something is definitely wrong
and this may fail.

key_buffer_size=8388600
read_buffer_size=131072
max_used_connections=1
max_threads=3000
threads_connected=1
It is possible that mysqld could use up to
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 614379 K
bytes of memory
Hope that's ok; if not, decrease some variables in the equation.

thd: 0x2b6b0740
Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
/usr/local/mysql-5.1-innodb/libexec/mysqld(print_stacktrace+0x20) [0x6ae580]
/usr/local/mysql-5.1-innodb/libexec/mysqld(handle_segfault+0x324) [0x582284]
/lib64/tls/libpthread.so.0 [0x357be0c5b0]
/usr/local/mysql-5.1-innodb/libexec/mysqld [0x724ddc]
/usr/local/mysql-5.1-innodb/libexec/mysqld [0x72578d]
/usr/local/mysql-5.1-innodb/libexec/mysqld [0x72a871]
/usr/local/mysql-5.1-innodb/libexec/mysqld [0x78cba2]
/usr/local/mysql-5.1-innodb/libexec/mysqld [0x6f8698]
/usr/local/mysql-5.1-innodb/libexec/mysqld(ha_create_table(THD*, char const*, char const*, char const*, st_ha_create_information*, bool)+0x147) [0x669da7]
/usr/local/mysql-5.1-innodb/libexec/mysqld(rea_create_table(THD*, char const*, char const*, char const*, st_ha_create_information*, List<Create_field>&, unsigned int, st_key*, handler*)+0x12b) [0x6320bb]
/usr/local/mysql-5.1-innodb/libexec/mysqld(mysql_create_table_no_lock(THD*, char const*, char const*, st_ha_create_information*, Alter_info*, bool, unsigned int)+0x428) [0x677378]
/usr/local/mysql-5.1-innodb/libexec/mysqld(mysql_create_table(THD*, char const*, char const*, st_ha_create_information*, Alter_info*, bool, unsigned int)+0x141) [0x67c361]
/usr/local/mysql-5.1-innodb/libexec/mysqld(mysql_execute_command(THD*)+0x6fb4) [0x5978a4]
/usr/local/mysql-5.1-innodb/libexec/mysqld(mysql_parse(THD*, char const*, unsigned int, char const**)+0x143) [0x5983e3]
/usr/local/mysql-5.1-innodb/libexec/mysqld(dispatch_command(enum_server_command, THD*, char*, unsigned int)+0xf55) [0x599405]
/usr/local/mysql-5.1-innodb/libexec/mysqld(do_command(THD*)+0xc8) [0x599c58]
/usr/local/mysql-5.1-innodb/libexec/mysqld(handle_one_connection+0x582) [0x58a972]
/lib64/tls/libpthread.so.0 [0x357be06137]
/lib64/tls/libc.so.6(__clone+0x73) [0x357b5c7543]
Trying to get some variables.
Some pointers may be invalid and cause the dump to abort...
thd->query at 0x2b707af0 = CREATE TABLE ...

How to repeat:
SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;

DROP TABLE IF EXISTS t1;
CREATE TABLE t1(
 c1    BIGINT(12) NOT NULL,
 PRIMARY KEY (c1)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

DROP TABLE IF EXISTS t2;
CREATE TABLE t2(
 c1    BIGINT(16) NOT NULL,
 c2    BIGINT(12) NOT NULL,
 c3    BIGINT(12) NOT NULL,
 PRIMARY KEY (c1)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;

ALTER TABLE t2 ADD CONSTRAINT fk_t2_ca
FOREIGN KEY (c3) REFERENCES t1(c1);

CREATE INDEX i_t2_c3_c2 ON t2(c3, c2);

SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
[15 Aug 2008 10:28] Sveta Smirnova
Thank you for the report.

Verified as described.

Stack trace:

(gdb) bt
#0  0x002ce402 in __kernel_vsyscall ()
#1  0x0046264f in pthread_kill () from /lib/libpthread.so.0
#2  0x086c49ad in my_write_core (sig=11) at stacktrace.c:310
#3  0x08271d8b in handle_segfault (sig=11) at mysqld.cc:2507
#4  <signal handler called>
#5  0x08530c75 in cmp_cols_are_equal (col1=0xb72bb178, col2=0x2, check_charsets=1) at rem/rem0cmp.c:129
#6  0x084ec9da in dict_foreign_find_index (table=0xb72bb068, columns=0xb72c59e8, n_cols=1, types_idx=0xb72ba068, check_charsets=1, check_null=0) at dict/dict0dict.c:2111
#7  0x084ecdd9 in dict_foreign_add_to_cache (foreign=0xb72bff68, check_charsets=1) at dict/dict0dict.c:2284
#8  0x084f3622 in dict_load_foreign (id=0xb72bfc98 "test/fk_t2_ca", check_charsets=1) at dict/dict0load.c:1294
#9  0x084f38f8 in dict_load_foreigns (table_name=0xb2b12edc "test/t1", check_charsets=1) at dict/dict0load.c:1410
#10 0x0853eb30 in row_table_add_foreign_constraints (trx=0xb72be468, sql_string=0xa03ef58 "CREATE TABLE t1(\nc1    BIGINT(12) NOT NULL,\nPRIMARY KEY (c1)\n) ENGINE=InnoDB DEFAULT CHARSET=latin1", 
    name=0xb2b12edc "test/t1", reject_fks=0) at row/row0mysql.c:2057
#11 0x084c7359 in ha_innobase::create (this=0xa030458, name=0xb2b14144 "./test/t1", form=0xb2b1337c, create_info=0xb2b14634) at handler/ha_innodb.cc:5880
#12 0x083a605e in handler::ha_create (this=0xa030458, name=0xb2b14144 "./test/t1", form=0xb2b1337c, info=0xb2b14634) at handler.cc:3216
#13 0x083a67a6 in ha_create_table (thd=0x9fe7468, path=0xb2b14144 "./test/t1", db=0xa03f270 "test", table_name=0xa03f068 "t1", create_info=0xb2b14634, update_create_info=false) at handler.cc:3487
#14 0x0835b5b4 in rea_create_table (thd=0x9fe7468, path=0xb2b14144 "./test/t1", db=0xa03f270 "test", table_name=0xa03f068 "t1", create_info=0xb2b14634, create_fields=@0xb2b14b24, keys=1, 
    key_info=0xa03f558, file=0xa03f410) at unireg.cc:408
#15 0x083c1526 in mysql_create_table_no_lock (thd=0x9fe7468, db=0xa03f270 "test", table_name=0xa03f068 "t1", create_info=0xb2b14634, alter_info=0xb2b14b00, internal_tmp_table=false, select_field_count=0)
    at sql_table.cc:3552
#16 0x083c1958 in mysql_create_table (thd=0x9fe7468, db=0xa03f270 "test", table_name=0xa03f068 "t1", create_info=0xb2b14634, alter_info=0xb2b14b00, internal_tmp_table=false, select_field_count=0)
    at sql_table.cc:3659
#17 0x08287e93 in mysql_execute_command (thd=0x9fe7468) at sql_parse.cc:2524
#18 0x0828fd94 in mysql_parse (thd=0x9fe7468, inBuf=0xa03ef58 "CREATE TABLE t1(\nc1    BIGINT(12) NOT NULL,\nPRIMARY KEY (c1)\n) ENGINE=InnoDB DEFAULT CHARSET=latin1", length=99, 
    found_semicolon=0xb2b152fc) at sql_parse.cc:5656
#19 0x0829099c in dispatch_command (command=COM_QUERY, thd=0x9fe7468, packet=0xa02c039 "CREATE TABLE t1(\nc1    BIGINT(12) NOT NULL,\nPRIMARY KEY (c1)\n) ENGINE=InnoDB DEFAULT CHARSET=latin1", 
    packet_length=99) at sql_parse.cc:1137
#20 0x08291ba4 in do_command (thd=0x9fe7468) at sql_parse.cc:794
#21 0x0827ed91 in handle_one_connection (arg=0x9fe7468) at sql_connect.cc:1115
#22 0x0045fbd4 in start_thread () from /lib/libpthread.so.0
#23 0x003b74fe in clone () from /lib/libc.so.6
(gdb)
[15 Aug 2008 10:33] Sveta Smirnova
Bug is not repeatable with not-plugin version of InnoDB. To repeat one needs to run test several times.
[11 Sep 2008 10:22] Marko Mäkelä
The fix will be included in the next version of the InnoDB plugin.
[7 Jan 2009 11:47] Marko Mäkelä
This bug has been fixed in the InnoDB Plugin 1.0.2: http://www.innodb.com/wp/2008/12/01/innodb-plugin-102-released/
[5 May 2010 15:15] Bugs System
Pushed into 5.1.47 (revid:joro@sun.com-20100505145753-ivlt4hclbrjy8eye) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)
[6 May 2010 15:59] Paul DuBois
Push resulted from incorporation of InnoDB tree. No changes pertinent to this bug.
Re-closing.
[28 May 2010 5:56] Bugs System
Pushed into mysql-next-mr (revid:alik@sun.com-20100524190136-egaq7e8zgkwb9aqi) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (pib:16)
[28 May 2010 6:24] Bugs System
Pushed into 6.0.14-alpha (revid:alik@sun.com-20100524190941-nuudpx60if25wsvx) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)
[28 May 2010 6:52] Bugs System
Pushed into 5.5.5-m3 (revid:alik@sun.com-20100524185725-c8k5q7v60i5nix3t) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)
[30 May 2010 0:03] Paul DuBois
Push resulted from incorporation of InnoDB tree. No changes pertinent to this bug.
Re-closing.
[17 Jun 2010 11:53] Bugs System
Pushed into 5.1.47-ndb-7.0.16 (revid:martin.skold@mysql.com-20100617114014-bva0dy24yyd67697) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)
[17 Jun 2010 12:31] Bugs System
Pushed into 5.1.47-ndb-6.2.19 (revid:martin.skold@mysql.com-20100617115448-idrbic6gbki37h1c) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)
[17 Jun 2010 13:18] Bugs System
Pushed into 5.1.47-ndb-6.3.35 (revid:martin.skold@mysql.com-20100617114611-61aqbb52j752y116) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)