1berry/MariaDB-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

MDEV-10563 Crash during shutdown in Master_info_index::any_slave_sql_running

Browse Source 
In well defined C code, the "this" pointer is never NULL. Currently, we
were potentially dereferencing a NULL pointer (master_info_index). GCC v6
removes any "if (!this)" conditions as it assumes this is always a
non-null pointer. In order to prevent undefined behaviour, check the
pointer before dereferencing and remove the check within member
functions.
This commit is contained in:
Vicențiu Ciorbaru 2016-08-16 11:25:11 +03:00
parent 4da2b83af7
commit 4eb898bb16
5 changed files with 26 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
sql/item_func.cc
View File

@ -3942,7 +3942,7 @@ longlong Item_master_pos_wait::val_int()
longlong timeout = (arg_count>=3) ? args[2]->val_int() : 0 ; longlong timeout = (arg_count>=3) ? args[2]->val_int() : 0 ;
String connection_name_buff; String connection_name_buff;
LEX_STRING connection_name; LEX_STRING connection_name;
Master_info *mi; Master_info *mi= NULL;
if (arg_count >= 4) if (arg_count >= 4)
{ {
String *con; String *con;
@ -3962,6 +3962,7 @@ longlong Item_master_pos_wait::val_int()
connection_name= thd->variables.default_master_connection; connection_name= thd->variables.default_master_connection;
mysql_mutex_lock(&LOCK_active_mi); mysql_mutex_lock(&LOCK_active_mi);
if (master_info_index) // master_info_index is set to NULL on shutdown.
mi= master_info_index->get_master_info(&connection_name, mi= master_info_index->get_master_info(&connection_name,
Sql_condition::WARN_LEVEL_WARN); Sql_condition::WARN_LEVEL_WARN);
mysql_mutex_unlock(&LOCK_active_mi); mysql_mutex_unlock(&LOCK_active_mi);

3
sql/mysqld.cc
View File

@ -7307,7 +7307,10 @@ static int show_slaves_running(THD *thd, SHOW_VAR *var, char *buff)
var->value= buff; var->value= buff;
mysql_mutex_lock(&LOCK_active_mi); mysql_mutex_lock(&LOCK_active_mi);
if (master_info_index)
*((longlong *)buff)= master_info_index->any_slave_sql_running(); *((longlong *)buff)= master_info_index->any_slave_sql_running();
else
*((longlong *)buff)= 0;
mysql_mutex_unlock(&LOCK_active_mi); mysql_mutex_unlock(&LOCK_active_mi);
return 0; return 0;

7
sql/rpl_mi.cc
View File

@ -1095,8 +1095,6 @@ Master_info_index::get_master_info(LEX_STRING *connection_name,
connection_name->str)); connection_name->str));
mysql_mutex_assert_owner(&LOCK_active_mi); mysql_mutex_assert_owner(&LOCK_active_mi);
if (!this) // master_info_index is set to NULL on server shutdown
DBUG_RETURN(NULL);
/* Make name lower case for comparison */ /* Make name lower case for comparison */
res= strmake(buff, connection_name->str, connection_name->length); res= strmake(buff, connection_name->str, connection_name->length);
@ -1250,8 +1248,6 @@ bool Master_info_index::give_error_if_slave_running()
{ {
DBUG_ENTER("give_error_if_slave_running"); DBUG_ENTER("give_error_if_slave_running");
mysql_mutex_assert_owner(&LOCK_active_mi); mysql_mutex_assert_owner(&LOCK_active_mi);
if (!this) // master_info_index is set to NULL on server shutdown
DBUG_RETURN(TRUE);
for (uint i= 0; i< master_info_hash.records; ++i) for (uint i= 0; i< master_info_hash.records; ++i)
{ {
@ -1282,8 +1278,7 @@ uint Master_info_index::any_slave_sql_running()
{ {
uint count= 0; uint count= 0;
DBUG_ENTER("any_slave_sql_running"); DBUG_ENTER("any_slave_sql_running");
if (!this) // master_info_index is set to NULL on server shutdown mysql_mutex_assert_owner(&LOCK_active_mi);
DBUG_RETURN(count);
for (uint i= 0; i< master_info_hash.records; ++i) for (uint i= 0; i< master_info_hash.records; ++i)
{ {

1
sql/slave.cc
View File

@ -649,6 +649,7 @@ int terminate_slave_threads(Master_info* mi,int thread_mask,bool skip_lock)
mysql_mutex_unlock(log_lock); mysql_mutex_unlock(log_lock);
} }
if (opt_slave_parallel_threads > 0 && if (opt_slave_parallel_threads > 0 &&
master_info_index &&// master_info_index is set to NULL on server shutdown
!master_info_index->any_slave_sql_running()) !master_info_index->any_slave_sql_running())
rpl_parallel_inactivate_pool(&global_rpl_thread_pool); rpl_parallel_inactivate_pool(&global_rpl_thread_pool);
if (thread_mask & (SLAVE_IO|SLAVE_FORCE_ALL)) if (thread_mask & (SLAVE_IO|SLAVE_FORCE_ALL))

25
sql/sys_vars.cc
View File

@ -1538,7 +1538,8 @@ Sys_var_gtid_slave_pos::do_check(THD *thd, set_var *var)
} }
mysql_mutex_lock(&LOCK_active_mi); mysql_mutex_lock(&LOCK_active_mi);
running= master_info_index->give_error_if_slave_running(); running= (!master_info_index ||
master_info_index->give_error_if_slave_running());
mysql_mutex_unlock(&LOCK_active_mi); mysql_mutex_unlock(&LOCK_active_mi);
if (running) if (running)
return true; return true;
@ -1578,7 +1579,7 @@ Sys_var_gtid_slave_pos::global_update(THD *thd, set_var *var)
mysql_mutex_unlock(&LOCK_global_system_variables); mysql_mutex_unlock(&LOCK_global_system_variables);
mysql_mutex_lock(&LOCK_active_mi); mysql_mutex_lock(&LOCK_active_mi);
if (master_info_index->give_error_if_slave_running()) if (!master_info_index || master_info_index->give_error_if_slave_running())
err= true; err= true;
else else
err= rpl_gtid_pos_update(thd, var->save_result.string_value.str, err= rpl_gtid_pos_update(thd, var->save_result.string_value.str,
@ -1767,7 +1768,8 @@ check_slave_parallel_threads(sys_var *self, THD *thd, set_var *var)
bool running; bool running;
mysql_mutex_lock(&LOCK_active_mi); mysql_mutex_lock(&LOCK_active_mi);
running= master_info_index->give_error_if_slave_running(); running= (!master_info_index ||
master_info_index->give_error_if_slave_running());
mysql_mutex_unlock(&LOCK_active_mi); mysql_mutex_unlock(&LOCK_active_mi);
if (running) if (running)
return true; return true;
@ -1782,7 +1784,8 @@ fix_slave_parallel_threads(sys_var *self, THD *thd, enum_var_type type)
mysql_mutex_unlock(&LOCK_global_system_variables); mysql_mutex_unlock(&LOCK_global_system_variables);
mysql_mutex_lock(&LOCK_active_mi); mysql_mutex_lock(&LOCK_active_mi);
err= master_info_index->give_error_if_slave_running(); err= (!master_info_index ||
master_info_index->give_error_if_slave_running());
mysql_mutex_unlock(&LOCK_active_mi); mysql_mutex_unlock(&LOCK_active_mi);
mysql_mutex_lock(&LOCK_global_system_variables); mysql_mutex_lock(&LOCK_global_system_variables);
@ -1809,7 +1812,8 @@ check_slave_domain_parallel_threads(sys_var *self, THD *thd, set_var *var)
bool running; bool running;
mysql_mutex_lock(&LOCK_active_mi); mysql_mutex_lock(&LOCK_active_mi);
running= master_info_index->give_error_if_slave_running(); running= (!master_info_index ||
master_info_index->give_error_if_slave_running());
mysql_mutex_unlock(&LOCK_active_mi); mysql_mutex_unlock(&LOCK_active_mi);
if (running) if (running)
return true; return true;
@ -1824,7 +1828,8 @@ fix_slave_domain_parallel_threads(sys_var *self, THD *thd, enum_var_type type)
mysql_mutex_unlock(&LOCK_global_system_variables); mysql_mutex_unlock(&LOCK_global_system_variables);
mysql_mutex_lock(&LOCK_active_mi); mysql_mutex_lock(&LOCK_active_mi);
running= master_info_index->give_error_if_slave_running(); running= (!master_info_index ||
master_info_index->give_error_if_slave_running());
mysql_mutex_unlock(&LOCK_active_mi); mysql_mutex_unlock(&LOCK_active_mi);
mysql_mutex_lock(&LOCK_global_system_variables); mysql_mutex_lock(&LOCK_global_system_variables);
@ -1862,7 +1867,8 @@ check_gtid_ignore_duplicates(sys_var *self, THD *thd, set_var *var)
bool running; bool running;
mysql_mutex_lock(&LOCK_active_mi); mysql_mutex_lock(&LOCK_active_mi);
running= master_info_index->give_error_if_slave_running(); running= (!master_info_index ||
master_info_index->give_error_if_slave_running());
mysql_mutex_unlock(&LOCK_active_mi); mysql_mutex_unlock(&LOCK_active_mi);
if (running) if (running)
return true; return true;
@ -1877,7 +1883,8 @@ fix_gtid_ignore_duplicates(sys_var *self, THD *thd, enum_var_type type)
mysql_mutex_unlock(&LOCK_global_system_variables); mysql_mutex_unlock(&LOCK_global_system_variables);
mysql_mutex_lock(&LOCK_active_mi); mysql_mutex_lock(&LOCK_active_mi);
running= master_info_index->give_error_if_slave_running(); running= (!master_info_index ||
master_info_index->give_error_if_slave_running());
mysql_mutex_unlock(&LOCK_active_mi); mysql_mutex_unlock(&LOCK_active_mi);
mysql_mutex_lock(&LOCK_global_system_variables); mysql_mutex_lock(&LOCK_global_system_variables);
@ -2830,7 +2837,7 @@ Sys_var_replicate_events_marked_for_skip::global_update(THD *thd, set_var *var)
mysql_mutex_unlock(&LOCK_global_system_variables); mysql_mutex_unlock(&LOCK_global_system_variables);
mysql_mutex_lock(&LOCK_active_mi); mysql_mutex_lock(&LOCK_active_mi);
if (!master_info_index->give_error_if_slave_running()) if (master_info_index && !master_info_index->give_error_if_slave_running())
result= Sys_var_enum::global_update(thd, var); result= Sys_var_enum::global_update(thd, var);
mysql_mutex_unlock(&LOCK_active_mi); mysql_mutex_unlock(&LOCK_active_mi);
mysql_mutex_lock(&LOCK_global_system_variables); mysql_mutex_lock(&LOCK_global_system_variables);