-
Type:
Bug
-
Status:
Closed
-
Priority:
Critical - P2
-
Resolution:
Fixed
-
Affects Version/s:
None
-
-
-
-
Backwards Compatibility:
Fully Compatible
-
-
Sprint:
Integration 2016-08-29
- Thread A calls ViewCatalog::lookup() and obtains a raw ViewDefinition*.
- Thread B inserts a valid view directly into system.views. ViewCatalog::_valid is marked as false. (Note that this insert is possible because Thread A locks the database in MODE_IS, which does not conflict with a MODE_IX lock obtained by Thread B. Other commands that modify the view definitions require a MODE_X lock; i.e. create, collMod, drop.)
- Thread C calls a method of ViewCatalog, which implicitly reloads the catalog, clearing the old ViewMap, freeing all of the old ViewDefinitions.
- All iterators to the old ViewMap are now invalidated and all the ViewDefinition pointers have been freed, but Thread A might still be holding onto the ViewDefinition and may try to use it, resulting in undefined behavior.