Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
10.6
Description
origin/10.6, 10.6 74281fe1fb0faf444aec3744b90995156f9f58f9 2021-02-24T15:52:55+02:00
|
Thread 3 received signal SIGSEGV, Segmentation fault.
|
[Switching to Thread 2910372.2922937]
|
0x0000563c4f30c373 in row_create_prebuilt (table=0x618000050d20, mysql_row_len=25) at /Server/10.6M/storage/innobase/row/row0mysql.cc:882
|
882 ulint type = temp_index->fields[i].col->mtype;
|
(rr) bt
|
#0 0x0000563c4f30c373 in row_create_prebuilt (table=0x618000050d20, mysql_row_len=25) at /Server/10.6M/storage/innobase/row/row0mysql.cc:882
|
#1 0x0000563c4ef6fea6 in ha_innobase::open (this=0x61d0009ba0b8, name=0x61b0000b0450 "./test/t4") at /Server/10.6M/storage/innobase/handler/ha_innodb.cc:5531
|
#2 0x0000563c4e453dc6 in handler::ha_open (this=0x61d0009ba0b8, table_arg=0x619000506998, name=0x61b0000b0450 "./test/t4", mode=2, test_if_locked=18, mem_root=0x0, partitions_to_open=0x0) at /Server/10.6M/sql/handler.cc:2984
|
#3 0x0000563c4df9308d in open_table_from_share (thd=0x62b0000d2218, share=0x61b0000afeb8, alias=0x62b0000cb458, db_stat=33, prgflag=8, ha_open_flags=18, outparam=0x619000506998, is_create_table=false, partitions_to_open=0x0) at /Server/10.6M/sql/table.cc:4218
|
#4 0x0000563c4da9ecb7 in open_table (thd=0x62b0000d2218, table_list=0x62b0000cb410, ot_ctx=0x1ce0235a5320) at /Server/10.6M/sql/sql_base.cc:2001
|
#5 0x0000563c4daa8a53 in open_and_process_table (thd=0x62b0000d2218, tables=0x62b0000cb410, counter=0x1ce0235a5450, flags=0, prelocking_strategy=0x1ce0235a5580, has_prelocking_list=false, ot_ctx=0x1ce0235a5320) at /Server/10.6M/sql/sql_base.cc:3801
|
#6 0x0000563c4daab5da in open_tables (thd=0x62b0000d2218, options=..., start=0x1ce0235a5460, counter=0x1ce0235a5450, flags=0, prelocking_strategy=0x1ce0235a5580) at /Server/10.6M/sql/sql_base.cc:4275
|
#7 0x0000563c4dab01f4 in open_and_lock_tables (thd=0x62b0000d2218, options=..., tables=0x62b0000cb410, derived=true, flags=0, prelocking_strategy=0x1ce0235a5580) at /Server/10.6M/sql/sql_base.cc:5199
|
#8 0x0000563c4da07f58 in open_and_lock_tables (thd=0x62b0000d2218, tables=0x62b0000cb410, derived=true, flags=0) at /Server/10.6M/sql/sql_base.h:507
|
#9 0x0000563c4db7c460 in mysql_insert (thd=0x62b0000d2218, table_list=0x62b0000cb410, fields=..., values_list=..., update_fields=..., update_values=..., duplic=DUP_ERROR, ignore=false, result=0x0) at /Server/10.6M/sql/sql_insert.cc:756
|
#10 0x0000563c4dc46982 in mysql_execute_command (thd=0x62b0000d2218) at /Server/10.6M/sql/sql_parse.cc:4519
|
#11 0x0000563c4dc5ede7 in mysql_parse (thd=0x62b0000d2218, rawbuf=0x62b0000cb238 "INSERT INTO t4 (col1, col_text ) VALUES ( 243, REPEAT(SUBSTR(CAST( 243 AS CHAR),1,1), 100) ) /* E_R Thread2 QNO 371 CON_ID 16 */", length=128, parser_state=0x1ce0235a67c0)
|
at /Server/10.6M/sql/sql_parse.cc:7972
|
#12 0x0000563c4dc35829 in dispatch_command (command=COM_QUERY, thd=0x62b0000d2218, packet=0x629000136219 "INSERT INTO t4 (col1, col_text ) VALUES ( 243, REPEAT(SUBSTR(CAST( 243 AS CHAR),1,1), 100) ) /* E_R Thread2 QNO 371 CON_ID 16 */ ", packet_length=129,
|
blocking=true) at /Server/10.6M/sql/sql_parse.cc:1886
|
#13 0x0000563c4dc32558 in do_command (thd=0x62b0000d2218, blocking=true) at /Server/10.6M/sql/sql_parse.cc:1397
|
#14 0x0000563c4e0744f0 in do_handle_one_connection (connect=0x6080000033b8, put_in_cache=true) at /Server/10.6M/sql/sql_connect.cc:1410
|
#15 0x0000563c4e073e54 in handle_one_connection (arg=0x6080000033b8) at /Server/10.6M/sql/sql_connect.cc:1312
|
#16 0x0000563c4ed7c05f in pfs_spawn_thread (arg=0x61500000af98) at /Server/10.6M/storage/perfschema/pfs.cc:2201
|
#17 0x0000000068209609 in start_thread (arg=<optimized out>) at pthread_create.c:477
|
#18 0x000064e260808293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
|
(rr)
|
pluto:/data/Results/1614178707/TBR-D4/dev/shm/vardir/1614178707/89/1/rr
|
_RR_TRACE_DIR="." rr replay --mark-stdio
|
|
|
RQG
|
====
|
git clone https://github.com/mleich1/rqg --branch experimental RQG
|
|
|
perl rqg.pl \
|
--duration=300 \
|
--queries=10000000 \
|
--no_mask \
|
--seed=random \
|
--gendata_sql=conf/mariadb/table_stress.sql \
|
--gendata=conf/mariadb/table_stress.zz \
|
--rpl_mode=none \
|
--engine=InnoDB \
|
--mysqld=--net_write_timeout=60 \
|
--mysqld=--log-bin \
|
--mysqld=--connect_timeout=60 \
|
--mysqld=--loose-idle_transaction_timeout=0 \
|
--mysqld=--interactive_timeout=28800 \
|
--mysqld=--net_read_timeout=30 \
|
--mysqld=--plugin-load-add=file_key_management.so \
|
--mysqld=--log_bin_trust_function_creators=1 \
|
--mysqld=--log-output=none \
|
--mysqld=--file-key-management-filename=$RQG_HOME/conf/mariadb/encryption_keys.txt \
|
--mysqld=--loose-table_lock_wait_timeout=50 \
|
--mysqld=--innodb_page_size=8K \
|
--mysqld=--loose-idle_write_transaction_timeout=0 \
|
--mysqld=--innodb_stats_persistent=on \
|
--mysqld=--slave_net_timeout=60 \
|
--mysqld=--innodb-lock-wait-timeout=50 \
|
--mysqld=--innodb_adaptive_hash_index=on \
|
--mysqld=--loose_innodb_lock_schedule_algorithm=fcfs \
|
--mysqld=--loose-idle_readonly_transaction_timeout=0 \
|
--mysqld=--loose-debug_assert_on_not_freed_memory=0 \
|
--mysqld=--loose-max-statement-time=30 \
|
--mysqld=--wait_timeout=28800 \
|
--mysqld=--lock-wait-timeout=86400 \
|
--mysqld=--innodb-buffer-pool-size=256M \
|
--reporters=Backtrace,Deadlock1,ErrorLog \
|
--validators=None \
|
--grammar=TBR-D4_min.yy \
|
--threads=2 \
|
--workdir=<local settings> \
|
--vardir=<local settings> \
|
--mtr-build-thread=<local settings> \
|
--basedir1=<local settings> \
|
--script_debug=_nix_ \
|
--rr=Extended \
|
--rr_options=--chaos
|
Attachments
Issue Links
- is duplicated by
-
-
- Closed
-
- relates to
-
-
- Open
-
-
-
- Closed
-
-
-
- Closed
-
Activity
1) Alter table add index(vc) fails inside {{inplace_alter_table()}}and clears the added virtual
column via clear_added_indexes(). In rollback_inplace_alter_table() InnoDB marks the index
as DROP ABORTED and drops the index id from dictionary and retains the index stub in dict_table_t.
2) InnoDB clears the ABORTED index while opening the table in dict_table_try_drop_aborted().
But in our case, one connection is waiting to call dict_table_try_drop_aborted(). another
connection skips dict_table_try_drop_aborted() due to reference count. So it leads to
crash in row_prebuilt_create() while accessing the cleared column.
if (try_drop
|
&& table != NULL
|
&& table->drop_aborted
|
&& table->get_ref_count() == 1
|
&& dict_table_get_first_index(table)) {
|
|
|
/* Attempt to drop the indexes whose online creation
|
was aborted. */
|
table_id_t table_id = table->id;
|
|
|
dict_sys.mutex_unlock();
|
|
|
DEBUG_SYNC(NULL, "unlock_then_lock");
|
dict_table_try_drop_aborted(table, table_id, 1);
|
} else {
|
dict_sys.mutex_unlock();
|
}
|
I think InnoDB should address two issues:
1) InnoDB should clear index stub objects when alter itself has exclusive lock on the table.
2) Other case related to committed index or online index abort. InnoDB should reload the
table definition when it has aborted index which has virtual column on it.
Thanks nikitamalyavin for the test case.
I think that the fix needs a thorough commit message that covers the life cycle of the changed data structures as well as mentions each added, removed or changed function.
nikitamalyavin, the latest version is in bb-10.6-MDEV-24971. I suggested some cosmetic changes to make it more readable. It was based on 10.6 for test purposes, but the final one will be pushed to 10.2. thiru is now working on that.
This patch reproduces the issue even without a pure thread
Index: mysql-test/suite/gcol/t/virt.test<+>UTF-8===================================================================diff --git a/mysql-test/suite/gcol/t/virt.test b/mysql-test/suite/gcol/t/virt.testnew file mode 100644--- /dev/null (date 1617070094231)+++ b/mysql-test/suite/gcol/t/virt.test (date 1617070094231)@@ -0,0 +1,24 @@+--source include/have_innodb.inc++--connect (con1,localhost,root,,test)+--connection default+CREATE TABLE t4 (col1 INT PRIMARY KEY, col_text TEXT,+ col_text_g TEXT AS (SUBSTR(col_text,1,499))+ ) ENGINE = InnoDB ROW_FORMAT = Compact ;++set debug_dbug= '+d,create_index_fail';++--error ER_DUP_ENTRY+ALTER TABLE t4 ADD UNIQUE u( col_text_g(9) ), LOCK = EXCLUSIVE , ALGORITHM = NOCOPY;++set debug_sync='unlock_then_lock signal unlock wait_for finish timeout 6';+--send+INSERT INTO t4 (col1, col_text ) VALUES ( 512 , REPEAT(SUBSTR(CAST( 512 AS CHAR),1,1), 100) );+--connection con1+# row_create_prebuilt_loop_indexes+set debug_sync='now wait_for unlock timeout 6';+INSERT INTO t4 (col1, col_text ) VALUES ( 511 , REPEAT(SUBSTR(CAST( 512 AS CHAR),1,1), 100) );+--connection default+--reap+set debug_sync='now signal read';+DROP TABLE t4;Index: storage/innobase/dict/dict0dict.cc<+>UTF-8===================================================================diff --git a/storage/innobase/dict/dict0dict.cc b/storage/innobase/dict/dict0dict.cc--- a/storage/innobase/dict/dict0dict.cc (revision 74281fe1fb0faf444aec3744b90995156f9f58f9)+++ b/storage/innobase/dict/dict0dict.cc (date 1617069764153)@@ -294,7 +294,7 @@table_id_t table_id = table->id;dict_sys.mutex_unlock();-+ DEBUG_SYNC(NULL, "unlock_then_lock");dict_table_try_drop_aborted(table, table_id, 1);} else {dict_sys.mutex_unlock();It also means that setting DICT_TABLE_OP_DROP_ORPHAN will not help