mirror/mariadb
1
0
Fork 0
mirror of https://github.com/MariaDB/server.git synced 2026-04-22 08:15:31 +02:00
Code Issues Projects Releases Packages Wiki Activity

MDEV-7793 - Race condition between XA COMMIT/ROLLBACK and disconnect

Browse source 
XA COMMIT/ROLLBACK of XA transaction owned by different thread may access
freed memory if that thread disconnects at the same time.

Also concurrent XA COMMIT/ROLLBACK of recovered XA transaction were not
serialized properly.
This commit is contained in:
Sergey Vojtovich 2015-03-17 19:49:04 +04:00
commit 7ed673f35c
6 changed files with 136 additions and 53 deletions
Download patch file Download diff file Expand all files Collapse all files

15
sql/transaction.cc
View file

@ -837,18 +837,9 @@ bool trans_xa_commit(THD *thd)
my_error(ER_OUT_OF_RESOURCES, MYF(0));
DBUG_RETURN(TRUE);
}
/*
xid_state.in_thd is always true beside of xa recovery procedure.
Note, that there is no race condition here between xid_cache_search
and xid_cache_delete, since we always delete our own XID
(thd->lex->xid == thd->transaction.xid_state.xid).
The only case when thd->lex->xid != thd->transaction.xid_state.xid
and xid_state->in_thd == 0 is in the function
xa_cache_insert(XID, xa_states), which is called before starting
client connections, and thus is always single-threaded.
*/
XID_STATE *xs= xid_cache_search(thd, thd->lex->xid);
res= !xs || xs->in_thd;
res= !xs;
if (res)
my_error(ER_XAER_NOTA, MYF(0));
else
@ -949,7 +940,7 @@ bool trans_xa_rollback(THD *thd)
}
XID_STATE *xs= xid_cache_search(thd, thd->lex->xid);
if (!xs || xs->in_thd)
if (!xs)
my_error(ER_XAER_NOTA, MYF(0));
else
{