Description:
Playing around with InnoDB table monitor leads occasionally to server crash. Happens now 2nd time within a few days.

How to repeat:
create\040table\040innodb_table_monitor\040(id\040int);
select\040*\040from\040information_schema.INNODB_SYS_TABLESTATS\040where\040name\040like\040'test/special_offer%';
drop\040table\040innodb_table_monitor;
select\040*\040from\040information_schema.INNODB_SYS_TABLESTATS\040where\040name\040like\040'test/special_offer%';
select\040*\040from\040test.special_offer;
select\040*\040from\040information_schema.INNODB_SYS_TABLESTATS\040where\040name\040like\040'test/special_offer%';
create\040table\040innodb_table_monitor(id\040int);
select\040*\040from\040information_schema.INNODB_SYS_TABLESTATS\040where\040name\040like\040'test/special_offer%';
select\040*\040from\040test.special_offer;
select\040*\040from\040information_schema.INNODB_SYS_TABLESTATS\040where\040name\040like\040'test/special_offer%';
drop\040table\040innodb_table_monitor;
select\040*\040from\040information_schema.INNODB_SYS_TABLESTATS\040where\040name\040like\040'test/special_offer%';
select\040*\040from\040information_schema.INNODB_SYS_TABLESTATS\040where\040name\040like\040'test/special_offer%'\040limit\04010;
select\040*\040from\040test.special_offer;
--> crash

Thread pointer: 0x18cbd80
Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
stack_bottom = 7fdf8005ae20 thread_stack 0x40000
/home/mysql/product/mysql-5.6.15/bin/mysqld(my_print_stacktrace+0x35)[0x9024f5]
/home/mysql/product/mysql-5.6.15/bin/mysqld(handle_fatal_signal+0x3e8)[0x66f518]
/lib/x86_64-linux-gnu/libpthread.so.0(+0xfcb0)[0x7fdf83a78cb0]
/lib/x86_64-linux-gnu/libc.so.6(gsignal+0x35)[0x7fdf82686425]
/lib/x86_64-linux-gnu/libc.so.6(abort+0x17b)[0x7fdf82689b8b]
/home/mysql/product/mysql-5.6.15/bin/mysqld[0x923c2f]
/home/mysql/product/mysql-5.6.15/bin/mysqld(_ZN12ha_partition4infoEj+0x30d)[0xb383dd]
/home/mysql/product/mysql-5.6.15/bin/mysqld(_ZN4JOIN8optimizeEv+0x10be)[0x867f3e]
/home/mysql/product/mysql-5.6.15/bin/mysqld[0x70fcc4]
/home/mysql/product/mysql-5.6.15/bin/mysqld(_Z12mysql_selectP3THDP10TABLE_LISTjR4ListI4ItemEPS4_P10SQL_I_ListI8st_orderESB_S7_yP13select_resultP18st_select_lex_unitP13st_select_lex+0xbc)[0x71103c]
/home/mysql/product/mysql-5.6.15/bin/mysqld(_Z13handle_selectP3THDP13select_resultm+0x175)[0x711245]
/home/mysql/product/mysql-5.6.15/bin/mysqld[0x6eb799]
/home/mysql/product/mysql-5.6.15/bin/mysqld(_Z21mysql_execute_commandP3THD+0x3575)[0x6f0995]
/home/mysql/product/mysql-5.6.15/bin/mysqld(_Z11mysql_parseP3THDPcjP12Parser_state+0x318)[0x6f4398]
/home/mysql/product/mysql-5.6.15/bin/mysqld(_Z16dispatch_command19enum_server_commandP3THDPcj+0xbcb)[0x6f576b]
/home/mysql/product/mysql-5.6.15/bin/mysqld(_Z10do_commandP3THD+0xd7)[0x6f7567]
/home/mysql/product/mysql-5.6.15/bin/mysqld(_Z24do_handle_one_connectionP3THD+0x116)[0x6bf686]
/home/mysql/product/mysql-5.6.15/bin/mysqld(handle_one_connection+0x45)[0x6bf765]
/home/mysql/product/mysql-5.6.15/bin/mysqld(pfs_spawn_thread+0x126)[0xacdc36]
/lib/x86_64-linux-gnu/libpthread.so.0(+0x7e9a)[0x7fdf83a70e9a]
/lib/x86_64-linux-gnu/libc.so.6(clone+0x6d)[0x7fdf827443fd]

Suggested fix:
no clue.

Hi Oli!  Verifying this now with a psuedo random testcase.

---------
drop procedure if exists p1;
delimiter $
create procedure p1()
begin
  declare continue handler for sqlexception begin end;
  repeat
    if rand()*10000 >9999 then drop table if exists innodb_table_monitor; select 'dropped'; end if;
	if rand()*100 <20   then create table if not exists innodb_table_monitor(a int)engine=innodb; select 'created'; end if;
	if rand()>0.5       then drop table if exists t1; end if;
	if rand()>0.5       then create table if not exists t1(a int primary key)partition by key(a) partitions 5; end if;
	if rand()>0.1       then replace into t1 values(rand()*100); end if;
	if rand()>0.1       then select * from information_schema.INNODB_SYS_TABLESTATS where name like '%t1%'; end if;
	if(rand()>0.1       then analyze table t1; end if;
	
  until 1=2 end repeat;

end $
delimiter ;
call p1();
----------

In my 5.6.15 I got assertion:

InnoDB: Assertion failure in thread 5984 in file ha_innodb.cc line 10832
InnoDB: Failing assertion: ib_table->stat_initialized
mysqld.exe!my_sigabrt_handler()[my_thr_init.c:517]
mysqld.exe!raise()[winsig.c:593]
mysqld.exe!abort()[abort.c:81]
mysqld.exe!ha_innobase::info_low()[ha_innodb.cc:10840]
mysqld.exe!get_schema_tables_record()[sql_show.cc:4353]
mysqld.exe!fill_schema_table_by_open()[sql_show.cc:3427]
mysqld.exe!get_all_tables()[sql_show.cc:4087]
mysqld.exe!do_fill_table()[sql_show.cc:7184]
mysqld.exe!get_schema_tables_result()[sql_show.cc:7285]
mysqld.exe!JOIN::prepare_result()[sql_select.cc:823]
mysqld.exe!JOIN::exec()[sql_executor.cc:116]
mysqld.exe!mysql_execute_select()[sql_select.cc:1103]
mysqld.exe!handle_select()[sql_select.cc:110]
mysqld.exe!execute_sqlcom_select()[sql_parse.cc:5094]
mysqld.exe!mysql_execute_command()[sql_parse.cc:2642]
mysqld.exe!sp_instr_stmt::exec_core()[sp_instr.cc:891]
mysqld.exe!sp_lex_instr::reset_lex_and_exec_core()[sp_instr.cc:390]
mysqld.exe!sp_lex_instr::validate_lex_and_execute_core()[sp_instr.cc:628]
mysqld.exe!sp_instr_stmt::execute()[sp_instr.cc:798]
mysqld.exe!sp_head::execute()[sp_head.cc:645]
mysqld.exe!sp_head::execute_procedure()[sp_head.cc:1315]
mysqld.exe!mysql_execute_command()[sql_parse.cc:4560]
mysqld.exe!mysql_parse()[sql_parse.cc:6240]
mysqld.exe!dispatch_command()[sql_parse.cc:1337]
mysqld.exe!do_command()[sql_parse.cc:1042]
mysqld.exe!do_handle_one_connection()[sql_connect.cc:982]
mysqld.exe!handle_one_connection()[sql_connect.cc:900]
mysqld.exe!pfs_spawn_thread()[pfs.cc:1861]
mysqld.exe!pthread_start()[my_winthread.c:63]
mysqld.exe!_callthreadstartex()[threadex.c:314]

Duplicate of: http://bugs.mysql.com/bug.php?id=69641