Bug #69847 btr_cur_optimistic_update() incorrectly documented to allow thr == NULL arg
Submitted: 26 Jul 2013 9:45 Modified: 3 Feb 2014 10:46
Reporter: Laurynas Biveinis (OCA) Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: InnoDB storage engine Severity:S3 (Non-critical)
Version:5.6 OS:Any
Assigned to: CPU Architecture:Any

[26 Jul 2013 9:45] Laurynas Biveinis 
Description:
The comment below that suggests that NULL can be passed as thr to btr_cur_optimistic_update(), is incorrect.

dberr_t
btr_cur_optimistic_update(
...
	que_thr_t*	thr,	/*!< in: query thread, or NULL if
				appropriate flags are set */
...

First,

	ut_ad(thr_get_trx(thr)->id == trx_id
	      || (flags & ~(BTR_KEEP_POS_FLAG | BTR_KEEP_IBUF_BITMAP))
	      == (BTR_NO_UNDO_LOG_FLAG | BTR_NO_LOCKING_FLAG
		  | BTR_CREATE_FLAG | BTR_KEEP_SYS_FLAG));

will dereference NULL.

Second, the above was introduced by [1], which clearly states NULL is not allowed.

[1]

5.6$ bzr log -r 4672
------------------------------------------------------------
revno: 4672
committer: Marko Mäkelä <marko.makela@oracle.com>
branch nick: mysql-5.6
timestamp: Thu 2013-01-24 17:13:43 +0200
message:
  Bug#16063835 ASSERT THR ROW_UPD_CHANGES_ORD_FIELD_BINARY_FUNC,
  ROW_LOG_TABLE_APPLY_UPDATE
  
  btr_cur_pessimistic_update(), btr_cur_optimistic_update(),
  btr_cur_update_in_place(): Require thr!=NULL. Allow
  thr->graph->trx->id != trx_id during online table rebuild, as neither
  trx_id nor thr->graph->trx->id will be written to the record due to
  BTR_KEEP_SYS_FLAG.
  
  row_log_table_apply_update(): Pass thr to btr_cur_pessimistic_insert()
  in order to avoid the debug assertion failure.
  
  rb#1892

How to repeat:
Code reading.

Suggested fix:
Remove ", or NULL if appropriate flags are set", add attribute((nonnull(...))).
[26 Jul 2013 10:00] Laurynas Biveinis 
btr_cur_pessimistic_update() too.
[27 Jul 2013 5:57] MySQL Verification Team 
Hello Laurynas,

Thank you for the report.

Thanks,
Umesh
[27 Nov 2013 13:12] Daniel Price 
Fixed as of 5.6.16, 5.7.4. Noted in 5.6.16, 5.7.4 changelogs:

Comments in "btr0cur.cc" incorrectly stated that
"btr_cur_pessimistic_update()" and "btr_cur_optimistic_update()" would
accept a NULL value. 

Thank you for the bug report.
[3 Feb 2014 10:46] Laurynas Biveinis 
5.6$ bzr log -r 5653
------------------------------------------------------------
revno: 5653
committer: Marko Mäkelä <marko.makela@oracle.com>
branch nick: mysql-5.6
timestamp: Wed 2013-11-27 12:39:25 +0200
message:
  Bug#17231743 BTR_CUR_OPTIMISTIC_UPDATE() INCORRECTLY DOCUMENTED
  TO ALLOW THR == NULL ARG
  
  btr_cur_pessimistic_update(), btr_cur_optimistic_update(): Correct the
  comments in btr0cur.cc. The comments in btr0cur.h were already correct.