From: Date: October 3 2008 1:21am
Subject: bzr commit into mysql-6.0-falcon-team branch (cpowers:2848) Bug#39796
List-Archive: http://lists.mysql.com/commits/55158
X-Bug: 39796
Message-Id: <20081002232100.21EFE1DB0669@xeno.mysql.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

#At file:///home/cpowers/work/dev/dev-08a/mysql/

 2848 Christopher Powers	2008-10-02
      Bug#39796, "Falcon: Reference count decrement not atomic"
      
      The release() method in Transaction and DeferredIndex check useCount after the interlocked decrement, allowing other threads to alter useCount before it is evaluated for 0.
modified:
  storage/falcon/DeferredIndex.cpp
  storage/falcon/Transaction.cpp
  storage/falcon/Transaction.h

per-file messages:
  storage/falcon/DeferredIndex.cpp
    Corrected refcount atomicity in ::releaseRef()
  storage/falcon/Transaction.cpp
    Corrected refcount in ::release() to ensure atomicity
    Declared Transaction::release() as void
  storage/falcon/Transaction.h
    Declared Transaction::release() as void
=== modified file 'storage/falcon/DeferredIndex.cpp'
--- a/storage/falcon/DeferredIndex.cpp	2008-09-10 19:51:03 +0000
+++ b/storage/falcon/DeferredIndex.cpp	2008-10-02 23:20:47 +0000
@@ -884,11 +884,7 @@ void DeferredIndex::addRef()
 
 void DeferredIndex::releaseRef()
 {
-	ASSERT(useCount > 0);
-	
-	INTERLOCKED_DECREMENT(useCount);
-
-	if (useCount == 0)
+	if (INTERLOCKED_DECREMENT(useCount) == 0)
 		delete this;
 }
 

=== modified file 'storage/falcon/Transaction.cpp'
--- a/storage/falcon/Transaction.cpp	2008-09-10 19:51:03 +0000
+++ b/storage/falcon/Transaction.cpp	2008-10-02 23:20:47 +0000
@@ -1076,14 +1076,10 @@ void Transaction::addRef()
 	INTERLOCKED_INCREMENT(useCount);
 }
 
-int Transaction::release()
+void Transaction::release()
 {
-	int count = INTERLOCKED_DECREMENT(useCount);
-
-	if (count == 0)
+	if (INTERLOCKED_DECREMENT(useCount) == 0)
 		delete this;
-
-	return count;
 }
 
 int Transaction::createSavepoint()

=== modified file 'storage/falcon/Transaction.h'
--- a/storage/falcon/Transaction.h	2008-09-10 04:02:07 +0000
+++ b/storage/falcon/Transaction.h	2008-10-02 23:20:47 +0000
@@ -99,7 +99,7 @@ public:
 	void		prepare(int xidLength, const UCHAR *xid);
 	void		rollback();
 	void		commit();
-	int			release();
+	void		release();
 	void		addRef();
 	void		waitForTransaction();
 	bool		waitForTransaction (TransId transId);