Bug #22301 ndb: File_class::size() is not thread safe
Submitted: 13 Sep 2006 11:38 Modified: 3 Jan 2007 3:34
Reporter: Stewart Smith Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Cluster: Cluster (NDB) storage engine Severity:S3 (Non-critical)
Version:5.0,5.1 OS:
Assigned to: Stewart Smith CPU Architecture:Any

[13 Sep 2006 11:38] Stewart Smith 
Description:
00037 File_class::size(FILE* f)
00038 {
00039   long cur_pos = 0, length = 0;
00040   
00041   cur_pos = ::ftell(f);
00042   ::fseek(f, 0, SEEK_END); 
00043   length = ::ftell(f); 
00044   ::fseek(f, cur_pos, SEEK_SET); // restore original position
00045 
00046   return length;
00047 }

the following could happen:
thread A: ftell
thread B: write log message
thread A: seek(END)
thread A: ftell
thread A: fseek

back to before the log message was written, overwriting the log message.

How to repeat:
be very, very unlucky.

can be seen with helgrind.

==21063==    by 0x80F2304: File_class::size(_IO_FILE*) (File.cpp:41)
==21063==    by 0x80F27E6: File_class::size() const (File.cpp:163)
==21063==    by 0x80EFBEE: FileLogHandler::isTimeForNewFile() (FileLogHandler.cpp:141)
==21063==    by 0x80EFDCE: FileLogHandler::writeFooter() (FileLogHandler.cpp:116)
==21063==    by 0x80EF0AF: LogHandler::append_impl(char const*, Logger::LoggerLevel, char const*) (LogHandler.cpp:90)
==21063==    by 0x80EF1FB: LogHandler::append(char const*, Logger::LoggerLevel,
char const*) (LogHandler.cpp:72)
==21063==    by 0x80EE041: Logger::log(Logger::LoggerLevel, char const*, char*)
const (Logger.cpp:369)
==21063==    by 0x80EE0E0: Logger::info(char const*, ...) const (Logger.cpp:342)
==21063==    by 0x808F777: MgmtSrvr::Allocated_resources::~Allocated_resources() (MgmtSrvr.cpp:2520)
==21063==    by 0x8097582: MgmApiSession::~MgmApiSession() (Services.cpp:307)

Suggested fix:
use stat(2) instead.
[13 Sep 2006 12:09] Stewart Smith 
on closer examination, the likelyhood of hitting this is *very* rare due to most log messages being surrounded by other mutexes (node id mutex, config mutex) that it's not surprising nobody has ever noticed this before.
[27 Oct 2006 8:59] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/14459

ChangeSet@1.2276, 2006-10-27 18:59:20+10:00, stewart@willster.(none) +3 -0
  BUG#22301 ndb: File_class::size() is not thread safe
[8 Nov 2006 4:21] Stewart Smith 
pushed to 5.1-ndb
[4 Dec 2006 8:31] Martin Skold 
Pushed to 5.1.14
[29 Dec 2006 0:36] Stewart Smith 
pushed to 5.0-ndb
[29 Dec 2006 8:19] Stewart Smith 
pushed to 5.0.34
[3 Jan 2007 3:34] Jon Stephens 
No changes visible to end users; closed w/o further action at this time.