From 2deaa292e71630325d4c1d7aedfb2678fe356ba1 Mon Sep 17 00:00:00 2001 From: Daniel Black Date: Wed, 4 Feb 2015 13:57:09 +0100 Subject: [PATCH] MDEV-7201: parallel threads resizing - potential race condition to access freed memory pool->threads is freed before being reassigned the new pool. Although not really a memory barrier I though it prudent to keep the pool thread count to be the lower of the old/new thread list before the new threads is allocated. --- sql/rpl_parallel.cc | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/sql/rpl_parallel.cc b/sql/rpl_parallel.cc index 55cc699d078..e37a82720b5 100644 --- a/sql/rpl_parallel.cc +++ b/sql/rpl_parallel.cc @@ -1007,6 +1007,7 @@ rpl_parallel_change_thread_count(rpl_parallel_thread_pool *pool, uint32 new_count, bool skip_check) { uint32 i; + rpl_parallel_thread **old_list= NULL; rpl_parallel_thread **new_list= NULL; rpl_parallel_thread *new_free_list= NULL; rpl_parallel_thread *rpt_array= NULL; @@ -1111,10 +1112,14 @@ rpl_parallel_change_thread_count(rpl_parallel_thread_pool *pool, } } - my_free(pool->threads); + old_list= pool->threads; + if (new_count < pool->count) + pool->count= new_count; pool->threads= new_list; + if (new_count > pool->count) + pool->count= new_count; + my_free(old_list); pool->free_list= new_free_list; - pool->count= new_count; for (i= 0; i < pool->count; ++i) { mysql_mutex_lock(&pool->threads[i]->LOCK_rpl_thread);