• Dmitry Lenev's avatar
    Fix for bug #51136 "Crash in pthread_rwlock_rdlock on · 5180e803
    Dmitry Lenev authored
    TEMPORARY + HANDLER + LOCK + SP".
    
    Server crashed when one: 
    1) Opened HANDLER or acquired global read lock
    2) Then locked one or several temporary tables with
       LOCK TABLES statement (but no base tables).
    3) Then issued any statement causing commit (explicit 
       or implicit).
    4) Issued statement which should have closed HANDLER
       or released global read lock.
       
    The problem was that when entering LOCK TABLES mode in the
    scenario described above we incorrectly set transactional
    MDL sentinel to zero. As result during commit all metadata 
    locks were released (including lock for open HANDLER or
    global metadata shared lock). Indeed, attempt to release
    metadata lock for the second time which happened during
    HANLDER CLOSE or during release of GLR caused crash.
    
    This patch fixes problem by changing MDL_context's
    set_trans_sentinel() method to set sentinel to correct 
    value (it should point to the most recent ticket).
    
    mysql-test/include/handler.inc:
      Added test for bug #51136 "Crash in pthread_rwlock_rdlock on 
      TEMPORARY + HANDLER + LOCK + SP".
    mysql-test/r/flush.result:
      Updated test results (see flush.test).
    mysql-test/r/handler_innodb.result:
      Updated test results (see include/handler.inc).
    mysql-test/r/handler_myisam.result:
      Updated test results (see include/handler.inc).
    mysql-test/t/flush.test:
      Added additional coverage for bug #51136 "Crash in
      pthread_rwlock_rdlock on TEMPORARY + HANDLER + LOCK +
      SP".
    sql/mdl.h:
      When setting new value of transactional sentinel use 
      pointer to the most recent ticket instead of value 
      returned by MDL_context::mdl_savepoint(). 
      This allows to handle correctly situation when the new 
      value of sentinel should be the same as its current value 
      (MDL_context::mdl_savepoint() returns NULL in this case).
    5180e803
handler_innodb.result 37.8 KB