[MDEV-3504] LP:910817 - Race condition in kill_threads_for_user - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Resolution: Fixed
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
- Launchpad

Description

kill_threads_for_user has a race condition which can result in invalid pointer in the threads_to_kill list.

while ((ptr= it++))

{ ptr->awake(kill_signal); mysql_mutex_unlock(&ptr->LOCK_thd_data); (*rows)++; }

The problem with this code is that once ptr->LOCK_thd_data is unlocked, very short thereafter memory pointed to by
'ptr' can be freed, and the ptr->next becomes invalid, and ptr=it++ might crash.

Possible fix would be calculating 'next' pointer before unlocking the LOCK_thd_data.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List
- Download All

LPexportBug910817.xml
6 kB
2012-10-03 11:32

Activity

People

Assignee:: Kristian Nielsen

Reporter:: Vladislav Vaintroub

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Dates

Created:: 2012-01-02 12:10

Updated:: 2012-10-04 13:25

Resolved:: 2012-10-04 12:54

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.