Commit 2deaa292 authored by Daniel Black's avatar Daniel Black Committed by Kristian Nielsen

MDEV-7201: parallel threads resizing - potential race condition to access freed memory

pool->threads is freed before being reassigned the new pool.

Although not really a memory barrier I though it prudent to keep the pool
thread count to be the lower of the old/new thread list before the new threads
is allocated.
parent 324cd36b
...@@ -1007,6 +1007,7 @@ rpl_parallel_change_thread_count(rpl_parallel_thread_pool *pool, ...@@ -1007,6 +1007,7 @@ rpl_parallel_change_thread_count(rpl_parallel_thread_pool *pool,
uint32 new_count, bool skip_check) uint32 new_count, bool skip_check)
{ {
uint32 i; uint32 i;
rpl_parallel_thread **old_list= NULL;
rpl_parallel_thread **new_list= NULL; rpl_parallel_thread **new_list= NULL;
rpl_parallel_thread *new_free_list= NULL; rpl_parallel_thread *new_free_list= NULL;
rpl_parallel_thread *rpt_array= NULL; rpl_parallel_thread *rpt_array= NULL;
...@@ -1111,10 +1112,14 @@ rpl_parallel_change_thread_count(rpl_parallel_thread_pool *pool, ...@@ -1111,10 +1112,14 @@ rpl_parallel_change_thread_count(rpl_parallel_thread_pool *pool,
} }
} }
my_free(pool->threads); old_list= pool->threads;
if (new_count < pool->count)
pool->count= new_count;
pool->threads= new_list; pool->threads= new_list;
pool->free_list= new_free_list; if (new_count > pool->count)
pool->count= new_count; pool->count= new_count;
my_free(old_list);
pool->free_list= new_free_list;
for (i= 0; i < pool->count; ++i) for (i= 0; i < pool->count; ++i)
{ {
mysql_mutex_lock(&pool->threads[i]->LOCK_rpl_thread); mysql_mutex_lock(&pool->threads[i]->LOCK_rpl_thread);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment