[MDEV-23229] Read of Uninitialized memory during buffer pool resizing Created: 2020-07-20  Updated: 2020-07-24  Resolved: 2020-07-24

Status: Closed
Project: MariaDB Server
Component/s: Storage Engine - InnoDB
Affects Version/s: 10.5.4
Fix Version/s: 10.5.5

Type: Bug Priority: Major
Reporter: Thirunarayanan Balathandayuthapani Assignee: Thirunarayanan Balathandayuthapani
Resolution: Fixed Votes: 0
Labels: rr-profile-analyzed

Issue Links:
Problem/Incident
is caused by MDEV-15053 Reduce buf_pool_t::mutex contention Closed

 Description   

buf_block_t::unfix:

 
 
 uint32_t unfix()
 
  {
 
    uint32_t fix_count= page.unfix();
 
    ut_ad(fix_count || page.io_fix() != BUF_IO_NONE ||
 
          page.state() == BUF_BLOCK_ZIP_PAGE ||
 
          !rw_lock_own_flagged(&lock, RW_LOCK_FLAG_X | RW_LOCK_FLAG_S |
 
                               RW_LOCK_FLAG_SX));
 
    return fix_count;
 
  }

After unfixing the page, InnoDB waits to enter rw_lock_debug_mutex_enter(). In the meantime, InnoDB shrinking its buffer pool and de-allocate the memory. While accessing lock->debug_list inside rw_lock_own_flagged() leads to failure of access of uninitialized memory
Generated at Thu Feb 08 09:20:50 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.