Bug #86874 Group Replication variable updates are not safe against stop
Submitted: 29 Jun 2017 16:44 Modified: 9 Jan 2018 17:03
Reporter: Pedro Gomes Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Group Replication Severity:S3 (Non-critical)
Version:5.7.19 OS:Any
Assigned to: CPU Architecture:Any

[29 Jun 2017 16:44] Pedro Gomes 
Description:
On plugin.cc, lets take a look at 
update_recovery_completion_policy 

notice how it does 

  if (recovery_module != NULL)
  {
    recovery_module->
        set_recovery_completion_policy(

now look at the stack that leads to 
terminate_recovery_module()

It can be the case that if someone stops the plugin when someone changes a plugin variable 

  if (recovery_module != NULL)
  {

<< terminate_recovery_module() is invoked 

    recovery_module->
        set_recovery_completion_policy(

<< segmentation fault 

This may affect all variables that use this formula on update/check 

How to repeat:
No test was produced but in theory such problem is visible if you continuously stop the plugin while changing recovery variables 

Suggested fix:
Protect accesses somehow.

Maybe use Mutex_autolock. 

Question is, what if manage to execute a variable update when the locks was deleted?

Is there a safe a solution?
[9 Jan 2018 17:03] David Moss 
Posted by developer:
 
Thank you for your feedback, this has been fixed in upcoming versions and the following was added to the 8.0.4 changelog:
Changes to Group Replication variables while starting or stopping the plugin were not being correctly validated. Now, variables can only be changed if the plugin is not changing state.
[1 Feb 2018 14:01] David Moss 
Now published.