Bug #53372 RESTORE TABLE under LOCK TABLES leads to a crash
Submitted: 3 May 2010 13:05 Modified: 4 May 2010 8:32
Reporter: Davi Arnaut (OCA) Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Server: DDL Severity:S2 (Serious)
Version:5.0, 5.1 OS:Any
Assigned to: CPU Architecture:Any
Tags: regression

[3 May 2010 13:05] Davi Arnaut 
Description:
Restore table under locked tables mode leads to a server crash.

How to repeat:
--write_file /tmp/t2.frm
EOF
CREATE TABLE t1 (a INT);
LOCK TABLE t1 READ;
RESTORE TABLE t2 FROM '/tmp';
[4 May 2010 8:32] Sveta Smirnova 
Thank you for the feedback.

Verified as described on Linux with version 5.1.

Stack trace:

The following stack traces are from all threads (so the failing one is
duplicated).
--------------------------
Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `/users/ssmirnova/blade12/src/mysql-5.1/sql/mysqld --defaults-group-suffix=.1 --'.
Program terminated with signal 11, Segmentation fault.
#0  0x0000003429e0b002 in pthread_kill () from /lib64/libpthread.so.0
#0  0x0000003429e0b002 in pthread_kill () from /lib64/libpthread.so.0
#1  0x0000000000b23fd5 in my_write_core (sig=11) at stacktrace.c:329
#2  0x000000000069625e in handle_segfault (sig=11) at mysqld.cc:2571
#3  <signal handler called>
#4  0x00000000006f0c20 in table_cache_key (record=0x1d3ad478 '\217' <repeats 200 times>..., length=0x40a7f7b0, not_used=0 '\0') at sql_base.cc:118
#5  0x0000000000b13998 in my_hash_key (hash=0x11886c0, record=0x1d3ad478 '\217' <repeats 200 times>..., length=0x40a7f7b0, first=0 '\0') at hash.c:175
#6  0x0000000000b13a9e in rec_hashnr (hash=0x11886c0, record=0x1d3ad478 '\217' <repeats 200 times>...) at hash.c:206
#7  0x0000000000b1440a in my_hash_delete (hash=0x11886c0, record=0x1d3ad478 '\217' <repeats 200 times>...) at hash.c:479
#8  0x000000000068f156 in unlock_table_name (thd=0x1d34af18, table_list=0x1d385b90) at lock.cc:1063
#9  0x0000000000815c4c in prepare_for_restore (thd=0x1d34af18, table=0x1d385b90, check_opt=0x0) at sql_table.cc:4323
#10 0x0000000000816d96 in mysql_admin_table (thd=0x1d34af18, tables=0x1d385b90, check_opt=0x0, operator_name=0xcb1cd4 "restore", lock_type=TL_WRITE, open_for_modify=true, no_warnings_for_error=true, 
    extra_open_options=0, prepare_func=0x815950 <prepare_for_restore>, operator_func={__pfn = 0x7ef16e <handler::ha_restore(THD*, st_ha_check_opt*)>, __delta = 0}, view_operator_func=0)
    at sql_table.cc:4631
#11 0x000000000081887f in mysql_restore_table (thd=0x1d34af18, table_list=0x1d385b90) at sql_table.cc:5030
#12 0x00000000006a8913 in mysql_execute_command (thd=0x1d34af18) at sql_parse.cc:2392
#13 0x00000000006b365c in mysql_parse (thd=0x1d34af18, inBuf=0x1d385aa8 "RESTORE TABLE t2 FROM '/tmp'", length=28, found_semicolon=0x40a81ec0) at sql_parse.cc:5971
#14 0x00000000006a5c91 in dispatch_command (command=COM_QUERY, thd=0x1d34af18, packet=0x1d379bd9 "", packet_length=28) at sql_parse.cc:1233
#15 0x00000000006a4c48 in do_command (thd=0x1d34af18) at sql_parse.cc:874
#16 0x00000000006a2f49 in handle_one_connection (arg=0x1d34af18) at sql_connect.cc:1127
#17 0x0000003429e061b5 in start_thread () from /lib64/libpthread.so.0
#18 0x00000034292cd39d in clone () from /lib64/libc.so.6
#19 0x0000000000000000 in ?? ()

Thread 3 (process 29393):
#0  0x00000034292c6952 in __select_nocancel () from /lib64/libc.so.6
#1  0x000000000069a186 in handle_connections_sockets (arg=0x0) at mysqld.cc:5055
#2  0x00000000006995ad in main (argc=8, argv=0x7fff0c502298) at mysqld.cc:4539

Thread 2 (process 29395):
#0  0x0000003429e0da78 in do_sigwait () from /lib64/libpthread.so.0
#1  0x0000003429e0db1d in sigwait () from /lib64/libpthread.so.0
#2  0x0000000000696ac1 in signal_hand (arg=0x0) at mysqld.cc:2773
#3  0x0000003429e061b5 in start_thread () from /lib64/libpthread.so.0
#4  0x00000034292cd39d in clone () from /lib64/libc.so.6
#5  0x0000000000000000 in ?? ()

Thread 1 (process 29433):
#0  0x0000003429e0b002 in pthread_kill () from /lib64/libpthread.so.0
#1  0x0000000000b23fd5 in my_write_core (sig=11) at stacktrace.c:329
#2  0x000000000069625e in handle_segfault (sig=11) at mysqld.cc:2571
#3  <signal handler called>
#4  0x00000000006f0c20 in table_cache_key (record=0x1d3ad478 '\217' <repeats 200 times>..., length=0x40a7f7b0, not_used=0 '\0') at sql_base.cc:118
#5  0x0000000000b13998 in my_hash_key (hash=0x11886c0, record=0x1d3ad478 '\217' <repeats 200 times>..., length=0x40a7f7b0, first=0 '\0') at hash.c:175
#6  0x0000000000b13a9e in rec_hashnr (hash=0x11886c0, record=0x1d3ad478 '\217' <repeats 200 times>...) at hash.c:206
#7  0x0000000000b1440a in my_hash_delete (hash=0x11886c0, record=0x1d3ad478 '\217' <repeats 200 times>...) at hash.c:479
#8  0x000000000068f156 in unlock_table_name (thd=0x1d34af18, table_list=0x1d385b90) at lock.cc:1063
#9  0x0000000000815c4c in prepare_for_restore (thd=0x1d34af18, table=0x1d385b90, check_opt=0x0) at sql_table.cc:4323
#10 0x0000000000816d96 in mysql_admin_table (thd=0x1d34af18, tables=0x1d385b90, check_opt=0x0, operator_name=0xcb1cd4 "restore", lock_type=TL_WRITE, open_for_modify=true, no_warnings_for_error=true, 
    extra_open_options=0, prepare_func=0x815950 <prepare_for_restore>, operator_func={__pfn = 0x7ef16e <handler::ha_restore(THD*, st_ha_check_opt*)>, __delta = 0}, view_operator_func=0)
    at sql_table.cc:4631
#11 0x000000000081887f in mysql_restore_table (thd=0x1d34af18, table_list=0x1d385b90) at sql_table.cc:5030
#12 0x00000000006a8913 in mysql_execute_command (thd=0x1d34af18) at sql_parse.cc:2392
#13 0x00000000006b365c in mysql_parse (thd=0x1d34af18, inBuf=0x1d385aa8 "RESTORE TABLE t2 FROM '/tmp'", length=28, found_semicolon=0x40a81ec0) at sql_parse.cc:5971
#14 0x00000000006a5c91 in dispatch_command (command=COM_QUERY, thd=0x1d34af18, packet=0x1d379bd9 "", packet_length=28) at sql_parse.cc:1233
#15 0x000hd=0x1d34af18, table=0x1d385b90, check_opt=0x0) at sql_table.cc:4323
#10 0x0000000000816d96 in mysql_admin_table (thd=0x1d34af18, tables=0x1d385b90, check_opt=0x0, operator_name=0xcb1cd4 "restore", lock_type=TL_WRITE, open_for_modify=true, no_warnings_for_error=true, 
    extra_open_options=0, prepare_func=0x815950 <prepare_for_restore>, operator_func={__pfn = 0x7ef16e <handler::ha_restore(THD*, st_ha_check_opt*)>, __delta = 0}, view_operator_func=0)
    at sql_table.cc:4631
#11 0x000000000081887f in mysql_restore_table (thd=0x1d34af18, table_list=0x1d385b90) at sql_table.cc:5030
#12 0x00000000006a8913 in mysql_execute_command (thd=0x1d34af18) at sql_parse.cc:2392
#13 0x00000000006b365c in mysql_parse (thd=0x1d34af18, inBuf=0x1d385aa8 "RESTORE TABLE t2 FROM '/tmp'", length=28, found_semicolon=0x40a81ec0) at sql_parse.cc:5971
#14 0x00000000006a5c91 in dispatch_command (command=COM_QUERY, thd=0x1d34af18, packet=0x1d379bd9 "", packet_length=28) at sql_parse.cc:1233
#15 0x00000000006a4c48 in do_command (thd=0x1d34af18) at sql_parse.cc:874
#16 0x00000000006a2f49 in handle_one_connection (arg=0x1d34af18) at sql_connect.cc:1127
#17 0x0000003429e061b5 in start_thread () from /lib64/libpthread.so.0
#18 0x00000034292cd39d in clone () from /lib64/libc.so.6
#19 0x0000000000000000 in ?? ()
[4 May 2010 8:37] Sveta Smirnova 
Version 4.1 doesn't crash.

Version next-mr fails with error "mysqltest: At line 5: query 'RESTORE TABLE t2 FROM '/tmp'' failed: 1064: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'RESTORE TABLE t2 FROM '/tmp'' at line 1"