Bug #55878 Possible race condition in INNOBASE_SHARE (no race condition)
Submitted: 10 Aug 2010 12:17 Modified: 15 Sep 2010 8:31
Reporter: Marko Mäkelä Email Updates:
Status: Verified Impact on me:
None 
Category:MySQL Server: InnoDB storage engine Severity:S3 (Non-critical)
Version:5.5 OS:Any
Assigned to: Assigned Account CPU Architecture:Any
Tags: innodb INNOBASE_SHARE thr_lock

[10 Aug 2010 12:17] Marko Mäkelä 
Description:
The fix of Bug #47622 introduced a potential race condition. The data structure INNOBASE_SHARE::idx_trans_tbl is not uniformly protected by a mutex. In the InnoDB Plugin under MySQL 5.1, it is protected by LOCK_open, but MySQL 5.5 does without this lock. Also, MySQL 5.5 aims to get rid of thr_lock and INNOBASE_SHARE.

Currently, innobase_build_index_translation() is protected by dict_sys->mutex and all reads of idx_trans_tbl are unprotected: innobase_index_lookup(), ha_innobase::innobase_get_index(), innobase_get_mysql_key_number_for_index().

How to repeat:
This could lead to crashes when creating and dropping indexes on a table that is being updated heavily.

Suggested fix:
Make idx_trans_tbl a member of dict_table_t and protect the access properly.
[11 Aug 2010 1:10] Jimmy Yang 
Marko, this is intentional, since ha_innobase::innobase_get_index(), innobase_get_mysql_key_number_for_index() will not be used when the index is being rebuilt with innobase_build_index_translation().
[20 Jan 2012 15:10] Mattias Jonsson 
This is done as a part of WL#4305 (which attach the Innobase_share to TABLE_SHARE or the holding partition engine, see wl for details).