[SERVER-12516] Multi-updates may fail to detect replica set primary step-down, leading to inconsistency. Created: 28/Jan/14 Updated: 11/Jul/16 Resolved: 19/Feb/14 |
|
| Status: | Closed |
| Project: | Core Server |
| Component/s: | Replication, Write Ops |
| Affects Version/s: | 2.4.9, 2.5.5 |
| Fix Version/s: | 2.6.0-rc0 |
| Type: | Bug | Priority: | Major - P3 |
| Reporter: | Andy Schwerin | Assignee: | Andy Schwerin |
| Resolution: | Done | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Operating System: | ALL | ||||||||
| Steps To Reproduce: | Start up a 2-node replica set. Connect a shell, with legacy write operations or write commands.
From another shell, immediately run
Notice in the log on the primary a stack trace and the following message
|
||||||||
| Participants: | |||||||||
| Description |
|
If the primary steps down while in the middle of a multi-update, the operation may continue to update documents until it first attempts to log the op to the oplog. At that point, the logOp() will fail, but the database is inconsistent. The database will contain the last update, but it won't appear in the oplog, and so will not replicate. It also won't get rolled back when the new primary takes writes, because there's no trace of it in the oplog. A minimal option would be to make the current massert() on this condition an fassert(), to eliminate corruption. Later, it will be necessary to audit all insert, update and remove paths (legacy and write command) to ensure that they validate primary-ness after recovering from yields. |
| Comments |
| Comment by Githook User [ 19/Feb/14 ] |
|
Author: {u'username': u'andy10gen', u'name': u'Andy Schwerin', u'email': u'schwerin@10gen.com'}Message: |
| Comment by Githook User [ 19/Feb/14 ] |
|
Author: {u'username': u'andy10gen', u'name': u'Andy Schwerin', u'email': u'schwerin@10gen.com'}Message: Without this patch, a replicaset member running a long-running write operation |