Bug #53643 | assert in Field_new_decimal::store_value on slave server | ||
---|---|---|---|
Submitted: | 14 May 2010 10:43 | Modified: | 15 Nov 2010 13:08 |
Reporter: | Matthias Leich | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | MySQL Server: Row Based Replication ( RBR ) | Severity: | S3 (Non-critical) |
Version: | mysql-5.1-rpl-wl5092 | OS: | Any |
Assigned to: | Luis Soares | CPU Architecture: | Any |
Tags: | assert, decimal |
[14 May 2010 10:43]
Matthias Leich
[17 May 2010 15:09]
Luis Soares
Analysis ======== Symptom ~~~~~~~ While unpacking a row, the server calls f->reset() for nullable fields, ie, for fields that are later set to null (f->set_null()). This means that for the test case depicted, and for decimal types an assertion is faced because the table->write_set was not properly initialised before the procedure to unpack the row takes place. Calling Field_decimal::reset would ultimately make Field_decimal::store_value be called, which in its turn would check if the column being (re)set was marked in the table->write_set (this is the actual assertion). Given that the table->write_set was not conveniently initialised before unpacking, the bit for the given decimal column would not be set. As a consequence, the assertion would be triggered. Reason ~~~~~~ The table->write_set was not properly initialised because it was being calculated from the event's read_set bitmap instead of the write_set bitmap in some cases. Initialisation takes place before the rows execution loop: log_event.cc:Rows_log_event::do_apply_event and at that point, write_set was being set from m_cols instead of m_cols_ai. This would work for Write_rows_event or Delete_event (the former just has one image, after image, and the m_cols is actually the write_set, while the latter also just has one image, before image, and m_cols is the read_set - for deletes the write_set is useless). The problem surfaces in the Update_rows_event, which uses both m_cols and m_cols_ai which can be different (as this case proves it), and therefore, table->read/write_set must be initialised according to the proper bitmap. Notes ~~~~~ N1. Some fields types would not trigger this assertion because their reset method does not call store_value. Instead a simple assignment or memory cleanup is done. For example, for TINYINT: int reset(void) { ptr[0]=0; return 0; } N2. I don't think this is dependant of the engine for the reasons stated above. I have triggered the assertion even when using MyISAM in t0. N3. col3 CHAR(35) instead of col3 DECIMAL(35,0) for t1 does not trigger this assertion because the Field_string::reset does not resort to store_value for resetting the field. N4. If removing the PRIMARY KEY the REPLACE behaves as an INSERT and Write_rows_event(s) are used instead of Updates, thence the correct bitmap would be used (as inserts were not vulnerable).
[17 May 2010 15:17]
Bugs System
A patch for this bug has been committed. After review, it may be pushed to the relevant source trees for release in the next version. You can access the patch from: http://lists.mysql.com/commits/108452 3187 Luis Soares 2010-05-17 [merge] BUG#53643: assert in Field_new_decimal::store_value on slave server The table->write_set at the slave was improperly set before processing a row event. For update events, it was being calculated from the event's read set instead of the event's write_set. In some cases, this would lead to an assertion while unpacking and resetting decimal fields because the corresponding bit in the slave's table->write_set was incorrectly set. We fix this by properly initializing the read_set and write_set before unpacking takes place.
[8 Oct 2010 13:29]
Bugs System
Pushed into mysql-next-mr (revid:alexander.nozdrin@oracle.com-20101008132832-pbzewvmi9f365ak4) (version source revid:alexander.nozdrin@oracle.com-20101008132832-pbzewvmi9f365ak4) (pib:21)
[13 Nov 2010 16:04]
Bugs System
Pushed into mysql-trunk 5.6.99-m5 (revid:alexander.nozdrin@oracle.com-20101113155825-czmva9kg4n31anmu) (version source revid:vasil.dimov@oracle.com-20100629074804-359l9m9gniauxr94) (merge vers: 5.6.99-m4) (pib:21)
[15 Nov 2010 13:08]
Jon Stephens
Per MLeich's comments in Description, bug does not appear in any release versions. No changelog entry required. Closed.