Bug #95181 The bugfix for Bug#28511326 seems incorrect
Submitted: 29 Apr 2019 10:02 Modified: 20 May 2020 13:40
Reporter: Jie Zhou Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Logging Severity:S3 (Non-critical)
Version:5.7, 8.0 OS:Any
Assigned to: CPU Architecture:Any

[29 Apr 2019 10:02] Jie Zhou
Description:
Bugfix for "Bug#28511326: DEADLOCK DURING PURGE_LOGS_BEFORE_DATE" solves a deadlock problem by changing the lock from LOCK_log to LOCK_slave_trans_dep_tracker in global variable binlog_transaction_dependency_tracking.
But it seems introduce another problem:
Thread 1:
set global binlog_transaction_dependency_tracking=WRITESET
It acquires LOCK_slave_trans_dep_tracker
invokes Transaction_dependency_tracker::tracking_mode_changed
             ->Writeset_trx_dependency_tracker::rotate
             ->m_writeset_history.clear();
Thread 2:
commit a transaction
It acquires LOCK_log
invokes MYSQL_BIN_LOG::write_gtid
             -> ... -> Writeset_trx_dependency_tracker::get_dependency
             -> m_writeset_history.find, m_writeset_history.insert...

Before Bug#28511326, m_writeset_history is protected by LOCK_log.
After Bug#28511326, m_writeset_history, which is a std::map, has no protection from concurrent access.

How to repeat:
Just analyze from the code...

Suggested fix:
Lock LOCK_slave_trans_dep_tracker in function Writeset_trx_dependency_tracker::get_dependency.
[2 May 2019 14:20] MySQL Verification Team
Hi Jie,

I fully agree with your code analysis.

Verified as reported.
[24 Oct 2019 11:19] MySQL Verification Team
Bug # 96192 is a duplicate of this report.
[20 May 2020 13:40] Margaret Fisher
Posted by developer:
 
Changelog entry added for MySQL 8.0.21 and 5.7.31:

A fix made in MySQL 8.0.14 and MySQL 5.7.25 for a deadlock scenario involving  the system variables binlog_transaction_dependency_tracking and binlog_transaction_dependency_history_size had the side effect of leaving the writeset history used for transaction dependency tracking unprotected from concurrent update. The writeset history and tracking mode are now locked correctly whenever they are accessed.