Commit dd02b98d authored by unknown's avatar unknown

Fix for bug #12739 "Deadlock in multithreaded environment during creating/

droping trigger on InnoDB table".

Deadlock occured in cases when we were trying to create two triggers for
the same InnoDB table concurrently and both threads were able to reach
close_cached_table() simultaneously. Bugfix implements new approach to
table locking and table cache invalidation during creation/dropping
of trigger.

No testcase is supplied since bug was repeatable only under high concurrency.


sql/mysql_priv.h:
  reopen_name_locked_table():
    Changed function signature to make it more robust against erroneous usage.
sql/sql_base.cc:
  reopen_name_locked_table():
    Changed function signature to make it more robust against erroneous usage.
    Obtaining LOCK_open lock is now resposibility of caller.
    When searching for the table to open we should not prefer connection's current
    database over database which was explicitly specified in TABLE_LIST::db member
    (even if database is not explicitly specified for table in original query
    TABLE_LIST::db will be set properly at parsing stage).
    Fixed behavior of function in cases when error occurs during opening of table.
sql/sql_table.cc:
  prepare_for_restore()/prepare_for_repair():
    We should not prefer connection's current database over database which was
    specified in TABLE_LIST::db member (even if database is not explicitly
    specified for table in original query TABLE_LIST::db will be set properly
    at parsing stage). Fixed behavior in unlikely case when we are unable
    to open table which we are restoring/reparing at the end of preparation
    stage.
sql/sql_trigger.cc:
  mysql_create_or_drop_trigger():
    Now instead of opening and locking table, creating trigger, and then trying
    to invalidate all instances of this table in table cache, we obtain name
    lock on table first (thus ensuring that no other thread has this table
    open), open it, create trigger and then close table therefore releasing lock.
    New approach is more in line with other places where change .frm files
    (i.e. change table meta-data).
    With this change we also get rid of deadlock which occured in cases when we
    were trying to create two triggers for the same InnoDB table concurrently
    and both threads were able to reach close_cached_table() simultaneously.
    (Alternative was to forbid to InnoDB downgrade locks for CREATE/DROP
     TRIGGER statements in one way or another but I think that proposed
     solution is better long term).
parent 63e7824f
...@@ -757,7 +757,7 @@ bool mysql_create_or_drop_trigger(THD *thd, TABLE_LIST *tables, bool create); ...@@ -757,7 +757,7 @@ bool mysql_create_or_drop_trigger(THD *thd, TABLE_LIST *tables, bool create);
TABLE *open_ltable(THD *thd, TABLE_LIST *table_list, thr_lock_type update); TABLE *open_ltable(THD *thd, TABLE_LIST *table_list, thr_lock_type update);
TABLE *open_table(THD *thd, TABLE_LIST *table_list, MEM_ROOT* mem, TABLE *open_table(THD *thd, TABLE_LIST *table_list, MEM_ROOT* mem,
bool *refresh, uint flags); bool *refresh, uint flags);
TABLE *reopen_name_locked_table(THD* thd, TABLE_LIST* table); bool reopen_name_locked_table(THD* thd, TABLE_LIST* table);
TABLE *find_locked_table(THD *thd, const char *db,const char *table_name); TABLE *find_locked_table(THD *thd, const char *db,const char *table_name);
bool reopen_table(TABLE *table,bool locked); bool reopen_table(TABLE *table,bool locked);
bool reopen_tables(THD *thd,bool get_locks,bool in_refresh); bool reopen_tables(THD *thd,bool get_locks,bool in_refresh);
......
...@@ -976,32 +976,57 @@ void wait_for_refresh(THD *thd) ...@@ -976,32 +976,57 @@ void wait_for_refresh(THD *thd)
} }
TABLE *reopen_name_locked_table(THD* thd, TABLE_LIST* table_list) /*
Open table which is already name-locked by this thread.
SYNOPSIS
reopen_name_locked_table()
thd Thread handle
table_list TABLE_LIST object for table to be open, TABLE_LIST::table
member should point to TABLE object which was used for
name-locking.
NOTE
This function assumes that its caller already acquired LOCK_open mutex.
RETURN VALUE
FALSE - Success
TRUE - Error
*/
bool reopen_name_locked_table(THD* thd, TABLE_LIST* table_list)
{ {
DBUG_ENTER("reopen_name_locked_table"); TABLE *table= table_list->table;
if (thd->killed)
DBUG_RETURN(0);
TABLE *table;
TABLE_SHARE *share; TABLE_SHARE *share;
if (!(table = table_list->table)) char *db= table_list->db;
DBUG_RETURN(0); char *table_name= table_list->table_name;
char key[MAX_DBKEY_LENGTH];
uint key_length;
TABLE orig_table;
DBUG_ENTER("reopen_name_locked_table");
char* db = thd->db ? thd->db : table_list->db; safe_mutex_assert_owner(&LOCK_open);
char* table_name = table_list->table_name;
char key[MAX_DBKEY_LENGTH]; if (thd->killed || !table)
uint key_length; DBUG_RETURN(TRUE);
orig_table= *table;
key_length=(uint) (strmov(strmov(key,db)+1,table_name)-key)+1; key_length=(uint) (strmov(strmov(key,db)+1,table_name)-key)+1;
pthread_mutex_lock(&LOCK_open);
if (open_unireg_entry(thd, table, db, table_name, table_name, 0, if (open_unireg_entry(thd, table, db, table_name, table_name, 0,
thd->mem_root) || thd->mem_root) ||
!(table->s->table_cache_key= memdup_root(&table->mem_root, (char*) key, !(table->s->table_cache_key= memdup_root(&table->mem_root, (char*) key,
key_length))) key_length)))
{ {
delete table->triggers; intern_close_table(table);
closefrm(table); /*
pthread_mutex_unlock(&LOCK_open); If there was an error during opening of table (for example if it
DBUG_RETURN(0); does not exist) '*table' object can be wiped out. To be able
properly release name-lock in this case we should restore this
object to its original state.
*/
*table= orig_table;
DBUG_RETURN(TRUE);
} }
share= table->s; share= table->s;
...@@ -1011,7 +1036,6 @@ TABLE *reopen_name_locked_table(THD* thd, TABLE_LIST* table_list) ...@@ -1011,7 +1036,6 @@ TABLE *reopen_name_locked_table(THD* thd, TABLE_LIST* table_list)
share->flush_version=0; share->flush_version=0;
table->in_use = thd; table->in_use = thd;
check_unused(); check_unused();
pthread_mutex_unlock(&LOCK_open);
table->next = thd->open_tables; table->next = thd->open_tables;
thd->open_tables = table; thd->open_tables = table;
table->tablenr=thd->current_tablenr++; table->tablenr=thd->current_tablenr++;
...@@ -1021,7 +1045,7 @@ TABLE *reopen_name_locked_table(THD* thd, TABLE_LIST* table_list) ...@@ -1021,7 +1045,7 @@ TABLE *reopen_name_locked_table(THD* thd, TABLE_LIST* table_list)
table->status=STATUS_NO_RECORD; table->status=STATUS_NO_RECORD;
table->keys_in_use_for_query= share->keys_in_use; table->keys_in_use_for_query= share->keys_in_use;
table->used_keys= share->keys_for_keyread; table->used_keys= share->keys_for_keyread;
DBUG_RETURN(table); DBUG_RETURN(FALSE);
} }
......
...@@ -1950,8 +1950,8 @@ static int prepare_for_restore(THD* thd, TABLE_LIST* table, ...@@ -1950,8 +1950,8 @@ static int prepare_for_restore(THD* thd, TABLE_LIST* table,
{ {
char* backup_dir= thd->lex->backup_dir; char* backup_dir= thd->lex->backup_dir;
char src_path[FN_REFLEN], dst_path[FN_REFLEN]; char src_path[FN_REFLEN], dst_path[FN_REFLEN];
char* table_name = table->table_name; char* table_name= table->table_name;
char* db = thd->db ? thd->db : table->db; char* db= table->db;
if (fn_format_relative_to_data_home(src_path, table_name, backup_dir, if (fn_format_relative_to_data_home(src_path, table_name, backup_dir,
reg_ext)) reg_ext))
...@@ -1987,12 +1987,15 @@ static int prepare_for_restore(THD* thd, TABLE_LIST* table, ...@@ -1987,12 +1987,15 @@ static int prepare_for_restore(THD* thd, TABLE_LIST* table,
Now we should be able to open the partially restored table Now we should be able to open the partially restored table
to finish the restore in the handler later on to finish the restore in the handler later on
*/ */
if (!(table->table = reopen_name_locked_table(thd, table))) pthread_mutex_lock(&LOCK_open);
if (reopen_name_locked_table(thd, table))
{ {
pthread_mutex_lock(&LOCK_open);
unlock_table_name(thd, table); unlock_table_name(thd, table);
pthread_mutex_unlock(&LOCK_open); pthread_mutex_unlock(&LOCK_open);
DBUG_RETURN(send_check_errmsg(thd, table, "restore",
"Failed to open partially restored table"));
} }
pthread_mutex_unlock(&LOCK_open);
DBUG_RETURN(0); DBUG_RETURN(0);
} }
...@@ -2089,12 +2092,16 @@ static int prepare_for_repair(THD* thd, TABLE_LIST *table_list, ...@@ -2089,12 +2092,16 @@ static int prepare_for_repair(THD* thd, TABLE_LIST *table_list,
Now we should be able to open the partially repaired table Now we should be able to open the partially repaired table
to finish the repair in the handler later on. to finish the repair in the handler later on.
*/ */
if (!(table_list->table = reopen_name_locked_table(thd, table_list))) pthread_mutex_lock(&LOCK_open);
if (reopen_name_locked_table(thd, table_list))
{ {
pthread_mutex_lock(&LOCK_open);
unlock_table_name(thd, table_list); unlock_table_name(thd, table_list);
pthread_mutex_unlock(&LOCK_open); pthread_mutex_unlock(&LOCK_open);
error= send_check_errmsg(thd, table_list, "repair",
"Failed to open partially repaired table");
goto end;
} }
pthread_mutex_unlock(&LOCK_open);
end: end:
if (table == &tmp_table) if (table == &tmp_table)
......
...@@ -103,8 +103,7 @@ static TABLE_LIST *add_table_for_trigger(THD *thd, sp_name *trig); ...@@ -103,8 +103,7 @@ static TABLE_LIST *add_table_for_trigger(THD *thd, sp_name *trig);
bool mysql_create_or_drop_trigger(THD *thd, TABLE_LIST *tables, bool create) bool mysql_create_or_drop_trigger(THD *thd, TABLE_LIST *tables, bool create)
{ {
TABLE *table; TABLE *table;
bool result= 0; bool result= TRUE;
DBUG_ENTER("mysql_create_or_drop_trigger"); DBUG_ENTER("mysql_create_or_drop_trigger");
/* /*
...@@ -119,9 +118,6 @@ bool mysql_create_or_drop_trigger(THD *thd, TABLE_LIST *tables, bool create) ...@@ -119,9 +118,6 @@ bool mysql_create_or_drop_trigger(THD *thd, TABLE_LIST *tables, bool create)
/* We should have only one table in table list. */ /* We should have only one table in table list. */
DBUG_ASSERT(tables->next_global == 0); DBUG_ASSERT(tables->next_global == 0);
if (!(table= open_ltable(thd, tables, tables->lock_type)))
DBUG_RETURN(TRUE);
/* /*
TODO: We should check if user has TRIGGER privilege for table here. TODO: We should check if user has TRIGGER privilege for table here.
Now we just require SUPER privilege for creating/dropping because Now we just require SUPER privilege for creating/dropping because
...@@ -131,28 +127,24 @@ bool mysql_create_or_drop_trigger(THD *thd, TABLE_LIST *tables, bool create) ...@@ -131,28 +127,24 @@ bool mysql_create_or_drop_trigger(THD *thd, TABLE_LIST *tables, bool create)
DBUG_RETURN(TRUE); DBUG_RETURN(TRUE);
/* /*
We do not allow creation of triggers on temporary tables. We also don't There is no DETERMINISTIC clause for triggers, so can't check it.
allow creation of triggers on views but fulfilment of this restriction But a trigger can in theory be used to do nasty things (if it supported
is guaranteed by open_ltable(). It is better to have this check here DROP for example) so we do the check for privileges. For now there is
than do it in Table_triggers_list::create_trigger() and mess with table already a stronger test right above; but when this stronger test will
cache. be removed, the test below will hold.
*/ */
if (table->s->tmp_table != NO_TMP_TABLE) if (!trust_routine_creators && mysql_bin_log.is_open() &&
!(thd->security_ctx->master_access & SUPER_ACL))
{ {
my_error(ER_TRG_ON_VIEW_OR_TEMP_TABLE, MYF(0), tables->alias); my_error(ER_BINLOG_CREATE_ROUTINE_NEED_SUPER, MYF(0));
DBUG_RETURN(TRUE); DBUG_RETURN(TRUE);
} }
if (!table->triggers) /* We do not allow creation of triggers on temporary tables. */
if (create && find_temporary_table(thd, tables->db, tables->table_name))
{ {
if (!create) my_error(ER_TRG_ON_VIEW_OR_TEMP_TABLE, MYF(0), tables->alias);
{ DBUG_RETURN(TRUE);
my_message(ER_TRG_DOES_NOT_EXIST, ER(ER_TRG_DOES_NOT_EXIST), MYF(0));
DBUG_RETURN(TRUE);
}
if (!(table->triggers= new (&table->mem_root) Table_triggers_list(table)))
DBUG_RETURN(TRUE);
} }
/* /*
...@@ -161,31 +153,41 @@ bool mysql_create_or_drop_trigger(THD *thd, TABLE_LIST *tables, bool create) ...@@ -161,31 +153,41 @@ bool mysql_create_or_drop_trigger(THD *thd, TABLE_LIST *tables, bool create)
again until we are done. (Acquiring LOCK_open is not enough because again until we are done. (Acquiring LOCK_open is not enough because
global read lock is held without helding LOCK_open). global read lock is held without helding LOCK_open).
*/ */
if (wait_if_global_read_lock(thd, 0, 0)) if (wait_if_global_read_lock(thd, 0, 1))
DBUG_RETURN(TRUE); DBUG_RETURN(TRUE);
/* VOID(pthread_mutex_lock(&LOCK_open));
There is no DETERMINISTIC clause for triggers, so can't check it.
But a trigger can in theory be used to do nasty things (if it supported if (lock_table_names(thd, tables))
DROP for example) so we do the check for privileges. For now there is goto end;
already a stronger test above (see start of the function); but when this
stronger test will be removed, the test below will hold. /* We also don't allow creation of triggers on views. */
*/ tables->required_type= FRMTYPE_TABLE;
if (!trust_routine_creators && mysql_bin_log.is_open() &&
!(thd->security_ctx->master_access & SUPER_ACL)) if (reopen_name_locked_table(thd, tables))
{ {
my_message(ER_BINLOG_CREATE_ROUTINE_NEED_SUPER, unlock_table_name(thd, tables);
ER(ER_BINLOG_CREATE_ROUTINE_NEED_SUPER), MYF(0)); goto end;
DBUG_RETURN(TRUE); }
table= tables->table;
if (!table->triggers)
{
if (!create)
{
my_error(ER_TRG_DOES_NOT_EXIST, MYF(0));
goto end;
}
if (!(table->triggers= new (&table->mem_root) Table_triggers_list(table)))
goto end;
} }
VOID(pthread_mutex_lock(&LOCK_open));
result= (create ? result= (create ?
table->triggers->create_trigger(thd, tables): table->triggers->create_trigger(thd, tables):
table->triggers->drop_trigger(thd, tables)); table->triggers->drop_trigger(thd, tables));
/* It is sensible to invalidate table in any case */ end:
close_cached_table(thd, table);
VOID(pthread_mutex_unlock(&LOCK_open)); VOID(pthread_mutex_unlock(&LOCK_open));
start_waiting_global_read_lock(thd); start_waiting_global_read_lock(thd);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment