Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-22440

GRANT executed during shutdown causes Assertion `thd->transaction.stmt.is_empty() || (thd->state_flags & Open_tables_state::BACKUPS_AVAIL)' failed in open_normal_and_derived_tables

    XMLWordPrintable

    Details

      Description

      Note: The original failure happens on normal debug builds in concurrent tests without any injections, but the probability of reproducing without the injection is very low (the provided test case occasionally failed for me on 10.3 without the injection, but not on 10.4+). With the patch, it fails for me every time on all of 10.3-10.5, although I suppose it is still non-deterministic by nature. After analyzing and fixing, please try to create a better synchronized test for the regression suite.

      10.4 af9126649 with the injection below

      mysqld: /data/src/10.4-bug/sql/sql_base.cc:5293: bool open_normal_and_derived_tables(THD*, TABLE_LIST*, uint, uint): Assertion `thd->transaction.stmt.is_empty() || (thd->state_flags & Open_tables_state::BACKUPS_AVAIL)' failed.
      200503 18:00:15 [ERROR] mysqld got signal 6 ;
       
      #6  0x00007fec17170e67 in __assert_fail_base (fmt=<optimized out>, assertion=assertion@entry=0x5651254b7e18 "thd->transaction.stmt.is_empty() || (thd->state_flags & Open_tables_state::BACKUPS_AVAIL)", file=file@entry=0x5651254b6dc8 "/data/src/10.4-bug/sql/sql_base.cc", line=line@entry=5293, function=function@entry=0x5651254b99a0 <open_normal_and_derived_tables(THD*, TABLE_LIST*, unsigned int, unsigned int)::__PRETTY_FUNCTION__> "bool open_normal_and_derived_tables(THD*, TABLE_LIST*, uint, uint)") at assert.c:92
      #7  0x00007fec17170f12 in __GI___assert_fail (assertion=0x5651254b7e18 "thd->transaction.stmt.is_empty() || (thd->state_flags & Open_tables_state::BACKUPS_AVAIL)", file=0x5651254b6dc8 "/data/src/10.4-bug/sql/sql_base.cc", line=5293, function=0x5651254b99a0 <open_normal_and_derived_tables(THD*, TABLE_LIST*, unsigned int, unsigned int)::__PRETTY_FUNCTION__> "bool open_normal_and_derived_tables(THD*, TABLE_LIST*, uint, uint)") at assert.c:101
      #8  0x000056512472d3be in open_normal_and_derived_tables (thd=0x7febc4000af0, tables=0x7febc4011f38, flags=0, dt_phases=2) at /data/src/10.4-bug/sql/sql_base.cc:5292
      #9  0x0000565124701d20 in mysql_table_grant (thd=0x7febc4000af0, table_list=0x7febc4011f38, user_list=..., columns=..., rights=0, revoke_grant=false) at /data/src/10.4-bug/sql/sql_acl.cc:6741
      #10 0x00005651247d19b1 in mysql_execute_command (thd=0x7febc4000af0) at /data/src/10.4-bug/sql/sql_parse.cc:5342
      #11 0x00005651247da213 in mysql_parse (thd=0x7febc4000af0, rawbuf=0x7febc4011dd8 "GRANT SELECT (cache_size) ON s TO u@localhost", length=45, parser_state=0x7fec104ce160, is_com_multi=false, is_next_command=false) at /data/src/10.4-bug/sql/sql_parse.cc:7900
      #12 0x00005651247c53e2 in dispatch_command (command=COM_QUERY, thd=0x7febc4000af0, packet=0x7febc40083a1 "GRANT SELECT (cache_size) ON s TO u@localhost", packet_length=45, is_com_multi=false, is_next_command=false) at /data/src/10.4-bug/sql/sql_parse.cc:1842
      #13 0x00005651247c3a6f in do_command (thd=0x7febc4000af0) at /data/src/10.4-bug/sql/sql_parse.cc:1360
      #14 0x000056512494d1ed in do_handle_one_connection (connect=0x5651278a4fd0) at /data/src/10.4-bug/sql/sql_connect.cc:1412
      #15 0x000056512494cf3c in handle_one_connection (arg=0x5651278a4fd0) at /data/src/10.4-bug/sql/sql_connect.cc:1316
      #16 0x00005651253573e1 in pfs_spawn_thread (arg=0x5651278c0de0) at /data/src/10.4-bug/storage/perfschema/pfs.cc:1869
      #17 0x00007fec190f94a4 in start_thread (arg=0x7fec104cf700) at pthread_create.c:456
      #18 0x00007fec1722dd0f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97
       
      Query (0x7febc4011dd8): GRANT SELECT (cache_size) ON s TO u@localhost
      Connection ID (thread ID): 10
      Status: KILL_SERVER
      

      Injection, currently applicable to 10.3-10.5

      diff --git a/sql/sql_sequence.cc b/sql/sql_sequence.cc
      index 035fb1211e6..876348d524e 100644
      --- a/sql/sql_sequence.cc
      +++ b/sql/sql_sequence.cc
      @@ -466,6 +466,7 @@ int SEQUENCE::read_initial_values(TABLE *table)
           }
           save_lock_type= table->reginfo.lock_type;
           table->reginfo.lock_type= TL_READ;
      +    DBUG_EXECUTE_IF("grant_sleep_before_lock",my_sleep(1000000););
           if (!(lock= mysql_lock_tables(thd, &table, 1,
                                         MYSQL_LOCK_IGNORE_GLOBAL_READ_ONLY)))
           {
      

      Test case (fails much better with the injection above)

      --source include/have_innodb.inc
       
      CREATE USER u@localhost;
      --connect (con1,localhost,root,,)
      CREATE SEQUENCE s ENGINE=InnoDB;
      FLUSH TABLES;
      SET debug_dbug='+d,grant_sleep_before_lock';
      --send
        GRANT SELECT (cache_size) ON s TO u@localhost;
       
      --connection default
      --source include/restart_mysqld.inc
       
      # Cleanup
      DROP SEQUENCE s;
      DROP USER u@localhost;
      

      Reproducible on 10.3-10.5.
      I have no information if the problem has any effect on non-debug builds.
      All threads full stack trace is attached.

        Attachments

          Activity

            People

            Assignee:
            sanja Oleksandr Byelkin
            Reporter:
            elenst Elena Stepanova
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: