MySQL patches by Codership

MariaDB binlog_annotate_row_events option can cause slave crash

Bug #1232890 reported by Seppo Jaakola on 2013-09-29

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	MySQL patches by Codership	Fix Released	High	Seppo Jaakola	MySQL patches by Codership 5.5.34-25.9
	Percona XtraDB Cluster moved to https://jira.percona.com/projects/PXC	Fix Released	Undecided	Unassigned	Percona XtraDB Cluster moved to https://jira.percona.com/projects/PXC 5.5.34-23.7.6

Bug Description

MariaDB version can crash when binlog_annotate_row_events option is set.
Stack trace as follows:

#0 0x00007f497a9ae69c in pthread_kill () from /lib64/libpthread.so.0
#1 0x000000000070750b in handle_fatal_signal (sig=11) at /home/buildbot/buildbot/build/sql/signal_handler.cc:262
#2 <signal handler called>
#3 0x0000000000599a0a in wsrep_apply_rbr (thd=0x7f3ce40009a0, rbr_buf=<value optimized out>, buf_len=2823) at /home/buildbot/buildbot/build/sql/sql_parse.cc:8201
#4 0x0000000000599eab in wsrep_apply_cb (ctx=0x7f3ce40009a0, buf=0x7f3cf4242f0c, buf_len=2893, global_seqno=<value optimized out>) at /home/buildbot/buildbot/build/sql/sql_parse.cc:8252
#5 0x00007f4978744bcd in apply_wscoll (recv_ctx=0x7f3ce40009a0, apply_cb=0x599e30 <wsrep_apply_cb(void*, void const*, size_t, wsrep_seqno_t)>, commit_cb=0x5a5ac0 <wsrep_commit_cb(void*, wsrep_seqno_t, bool)>, trx=...)
at galera/src/replicator_smm.cpp:40
#6 apply_trx_ws (recv_ctx=0x7f3ce40009a0, apply_cb=0x599e30 <wsrep_apply_cb(void*, void const*, size_t, wsrep_seqno_t)>, commit_cb=0x5a5ac0 <wsrep_commit_cb(void*, wsrep_seqno_t, bool)>, trx=...) at galera/src/replicator_smm.cpp:81
#7 0x00007f4978746053 in galera::ReplicatorSMM::apply_trx (this=0x2181e70, recv_ctx=0x7f3ce40009a0, trx=0x7f3ce4127ba0) at galera/src/replicator_smm.cpp:475
#8 0x00007f4978746945 in galera::ReplicatorSMM::process_trx (this=0x2181e70, recv_ctx=0x7f3ce40009a0, trx=0x7f3ce4127ba0) at galera/src/replicator_smm.cpp:1061
#9 0x00007f497872006c in galera::GcsActionSource::dispatch (this=0x21823f8, recv_ctx=0x7f3ce40009a0, act=<value optimized out>) at galera/src/gcs_action_source.cpp:110
#10 0x00007f4978720528 in galera::GcsActionSource::process (this=0x21823f8, recv_ctx=0x7f3ce40009a0) at galera/src/gcs_action_source.cpp:168
#11 0x00007f49787400ed in galera::ReplicatorSMM::async_recv (this=0x2181e70, recv_ctx=0x7f3ce40009a0) at galera/src/replicator_smm.cpp:372
#12 0x00007f4978754ee3 in galera_recv (gh=<value optimized out>, recv_ctx=<value optimized out>) at galera/src/wsrep_provider.cpp:202
#13 0x000000000059945c in wsrep_replication_process (thd=0x7f3ce40009a0) at /home/buildbot/buildbot/build/sql/sql_parse.cc:8414

The probable cause for the issue is generic non safe type cast in wsrep_apply_rbr, but the problem surfaces only in MariaDB version. However, the fix has to go in MySQL version as well.

Seppo Jaakola (seppo-jaakola) on 2013-09-29

Changed in codership-mysql:
importance:	Undecided → High
status:	New → In Progress
assignee:	nobody → Seppo Jaakola (seppo-jaakola)
milestone:	none → 5.5.34-24.9

Revision history for this message

Seppo Jaakola (seppo-jaakola) wrote on 2013-09-29:

Fix pushed in wsrep-5.5-23 in revision: http://bazaar.launchpad.net/~codership/codership-mysql/5.5-23/revision/3923
Fix pushed in wsrep-5.5 in revision: http://bazaar.launchpad.net/~codership/codership-mysql/wsrep-5.5/revision/3888

Changed in codership-mysql:
status:	In Progress → Fix Committed

Revision history for this message

Alex Yurchenko (ayurchen) wrote on 2013-09-29:

Seppo, what about 5.6? Will it need a fix too?

Raghavendra D Prabhu (raghavendra-prabhu) on 2013-09-30

Changed in percona-xtradb-cluster:
milestone:	none → 5.5.34-23.7.6

Raghavendra D Prabhu (raghavendra-prabhu) on 2013-10-16

Changed in percona-xtradb-cluster:
status:	New → Fix Committed

Hrvoje Matijakovic (hrvojem) on 2013-11-04

Changed in percona-xtradb-cluster:
status:	Fix Committed → Fix Released

Teemu Ollakka (teemu-ollakka) on 2013-11-18

Changed in codership-mysql:
status:	Fix Committed → Fix Released

Revision history for this message

Shahriyar Rzayev (rzayev-sehriyar) wrote on 2018-01-18:

Percona now uses JIRA for bug reports so this bug report is migrated to: https://jira.percona.com/browse/PXC-1455

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.