Bug #75245 Segfault on large row purge in main thread on startup
Submitted: 17 Dec 2014 14:16 Modified: 24 Dec 2014 10:05
Reporter: Tyler Mitchell Email Updates:
Status: Duplicate Impact on me:
None 
Category:MySQL Server: InnoDB storage engine Severity:S1 (Critical)
Version:5.5.41, 5.6.22, 5.6.23 OS:Linux (x86_64)
Assigned to: CPU Architecture:Any
Tags: 139, ib_warn_row_too_big, innodb, purge

[17 Dec 2014 14:16] Tyler Mitchell 
Description:
Server upgraded from 5.5.40 to 5.5.41 via yum.

Next startup segfaulted immediately (<1s) after startup. Loading the server in innodb_force_recovery = 2 was sufficient to allow MySQL to start (ifr = 1 failed).

No solution was found; reverting to 5.5.40 allowed successful startup.

How to repeat:
Unsure of exact mechanism to reproduce. Error seems to indicate that generating sql errorno 139 in the purge thread is sufficient to reproduce; however, no test case has been generated. This has occurred on 3 environments so far with all yielding an identical stack trace. See attached backtrace for reference.
[17 Dec 2014 14:16] Tyler Mitchell 
Stack trace

Attachment: bt_ib_warn_row_too_big_segv.txt (text/plain), 5.90 KiB.
[17 Dec 2014 14:17] Tyler Mitchell 
my.cnf

Attachment: mycnf_ib_warn_row_too_big_segv.txt (text/plain), 2.25 KiB.
[17 Dec 2014 15:12] Tyler Mitchell 
We have now received an instance of this occurring on 5.6.22 with an identical call stack. Reverting to 5.6.21 resolved the behavior.
[17 Dec 2014 19:58] Tyler Mitchell 
Adding steps to reproduce. Changing severity to critical as there is no known resolution except to downgrade a version.
[19 Dec 2014 19:22] Sveta Smirnova 
Thank you for the  report.

Verified as described using latest test case.
[21 Dec 2014 12:54] MySQL Verification Team 
Looks like duplicate of:
https://bugs.mysql.com/bug.php?id=75095
[24 Dec 2014 10:05] Thirunarayanan Balathandayuthapani 
It is a duplicate of https://bugs.mysql.com/bug.php?id=75095
[20 May 2015 14:39] Sergei Glushchenko 
Please mark as fixed

commit 901ce5314b6b0d4115b0237491e2afaafe5a274e
Author: Thiru <thirunarayanan.balathandayuth@oracle.com>
Commit: Thiru <thirunarayanan.balathandayuth@oracle.com>

    Bug #20144839       AFTER UPDATING TO MYSQL 5.6.22 SERVER
                CRASHES ON EVERY START ATTEMPT

    Description:
    ------------
    push_warning_printf function is used to print the warning message
    to the client. So this function should not invoke while recovering
    the server. Moreover current_thd is NULL while starting the server.

    Solution:
    ---------
     - Avoiding the warning to be printed while recovery.
    This patch already pushed in mysql-5.6.

diff --git a/storage/innobase/handler/ha_innodb.cc b/storage/innobase/handler/ha_innodb.cc
index fab832d..676a20f 100644
--- a/storage/innobase/handler/ha_innodb.cc
+++ b/storage/innobase/handler/ha_innodb.cc
@@ -12102,6 +12102,10 @@ ib_warn_row_too_big(const dict_table_t*        table)

        THD*    thd = current_thd;

+       if (thd == NULL) {
+               return;
+       }
+
        push_warning_printf(
                thd, MYSQL_ERROR::WARN_LEVEL_WARN, HA_ERR_TO_BIG_ROW,
                "Row size too large (> %lu). Changing some columns to TEXT"