Bug #43706 libmysqld segfaults when re-intialised
Submitted: 17 Mar 2009 16:11 Modified: 15 May 2009 2:12
Reporter: Andrew Hutchings Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Embedded Library ( libmysqld ) Severity:S3 (Non-critical)
Version:5.1.32 OS:Linux
Assigned to: Davi Arnaut CPU Architecture:Any

[17 Mar 2009 16:11] Andrew Hutchings 
Description:
When calling mysql_library_init followed by mysql_library_end and a further mysql_library_init the library segfaults with:

#0  0x0000003278e7b07c in _int_malloc () from /lib64/libc.so.6
#1  0x0000003278e7ca38 in malloc () from /lib64/libc.so.6
#2  0x000000000052adbc in init_common_variables (conf_file_name=0x8cd7da "my", 
    argc=4, argv=0xd18040, groups=0x7fffffffe250) at ../sql/mysqld.cc:3136
#3  0x000000000052c3c4 in init_embedded_server (argc=4, argv=0xd18040, 
    groups=0x7fffffffe250) at lib_sql.cc:493
#4  0x0000000000503998 in main (argc=1, argv=0x7fffffffe398) at test.c:24

A user may need to do this to access one datadir followed by another one in the same application.  This functionality/test does work in 5.0.22 (although libmysqld is not supported in that version).

How to repeat:
Will attach test.c shortly.
[17 Mar 2009 16:11] Andrew Hutchings 
Test to reproduce the issue

Attachment: test.c (text/plain), 637 bytes.
[19 Mar 2009 15:46] Andrew Hutchings 
Second test case, crashes on mysql_init

Attachment: test2.c (text/plain), 1.79 KiB.
[7 Apr 2009 17:48] Andrew Hutchings 
Simplified test case, crash happens on mysql_init()

Attachment: test3.c (text/plain), 1.11 KiB.
[9 Apr 2009 0:50] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/71707

2857 Davi Arnaut	2009-04-08
      Bug#43706: libmysqld segfaults when re-intialised
      Bug#44091: libmysqld gets stuck waiting on mutex on initialization
      
      The problem was that libmysqld wasn't enforcing a certain
      initialization and deinitialization order for the mysys
      library. Another problem was that the global object used
      for management of log event handlers (aka LOGGER) wasn't
      being prepared for a possible reutilization.
      
      The solution is enforce a order on the initialization and
      deinitialization of the mysys library within the libmysqld
      library and to ensure that the global LOGGER object reset
      it's internal state during cleanup.
      
      No test case is provided as the infrastructure for testing
      the C client API with the embedded server is disabled.
     @ mysys/my_init.c
        Deinitialize only if initialized already.
     @ sql/log.cc
        Reset state.
[9 Apr 2009 15:22] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/71793

2867 Davi Arnaut	2009-04-09
      Bug#43706: libmysqld segfaults when re-intialised
      Bug#44091: libmysqld gets stuck waiting on mutex on initialization
      
      The problem was that libmysqld wasn't enforcing a certain
      initialization and deinitialization order for the mysys
      library. Another problem was that the global object used
      for management of log event handlers (aka LOGGER) wasn't
      being prepared for a possible reutilization.
      
      What leads to the hang/crash reported is that a failure
      to load the language file triggers a double call of the
      cleanup functions, causing a already destroyed mutex to
      be used.
      
      The solution is enforce a order on the initialization and
      deinitialization of the mysys library within the libmysqld
      library and to ensure that the global LOGGER object reset
      it's internal state during cleanup.
     @ mysys/my_init.c
        Deinitialize only if initialized already.
     @ sql/log.cc
        Reset state.
[9 Apr 2009 15:25] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/71794

2867 Davi Arnaut	2009-04-09
      Bug#43706: libmysqld segfaults when re-intialised
      Bug#44091: libmysqld gets stuck waiting on mutex on initialization
      
      The problem was that libmysqld wasn't enforcing a certain
      initialization and deinitialization order for the mysys
      library. Another problem was that the global object used
      for management of log event handlers (aka LOGGER) wasn't
      being prepared for a possible reutilization.
      
      What leads to the hang/crash reported is that a failure
      to load the language file triggers a double call of the
      cleanup functions, causing an already destroyed mutex to
      be used.
      
      The solution is enforce a order on the initialization and
      deinitialization of the mysys library within the libmysqld
      library and to ensure that the global LOGGER object reset
      it's internal state during cleanup.
     @ mysys/my_init.c
        Deinitialize only if initialized already.
     @ sql/log.cc
        Reset state.
[9 Apr 2009 15:33] Davi Arnaut 
Queued to 5.1-bugteam
[5 May 2009 19:39] Bugs System 
Pushed into 5.1.35 (revid:davi.arnaut@sun.com-20090505190206-9xmh7dlc6kom8exp) (version source revid:davi.arnaut@sun.com-20090505190206-9xmh7dlc6kom8exp) (merge vers: 5.1.35) (pib:6)
[6 May 2009 14:12] Bugs System 
Pushed into 6.0.12-alpha (revid:svoj@sun.com-20090506125450-yokcmvqf2g7jhujq) (version source revid:davi.arnaut@sun.com-20090409152928-1v9z9bnf7zefopul) (merge vers: 6.0.11-alpha) (pib:6)
[15 May 2009 2:12] Paul DuBois 
Noted in 5.1.35, 6.0.12 changelogs.

libmysqld crashed when it was reinitialized.
[15 Jun 2009 8:26] Bugs System 
Pushed into 5.1.35-ndb-6.3.26 (revid:jonas@mysql.com-20090615074202-0r5r2jmi83tww6sf) (version source revid:jonas@mysql.com-20090615070837-9pccutgc7repvb4d) (merge vers: 5.1.35-ndb-6.3.26) (pib:6)
[15 Jun 2009 9:06] Bugs System 
Pushed into 5.1.35-ndb-7.0.7 (revid:jonas@mysql.com-20090615074335-9hcltksp5cu5fucn) (version source revid:jonas@mysql.com-20090615072714-rmfkvrbbipd9r32c) (merge vers: 5.1.35-ndb-7.0.7) (pib:6)
[15 Jun 2009 9:46] Bugs System 
Pushed into 5.1.35-ndb-6.2.19 (revid:jonas@mysql.com-20090615061520-sq7ds4yw299ggugm) (version source revid:jonas@mysql.com-20090615054654-ebgpz7elwu1xj36j) (merge vers: 5.1.35-ndb-6.2.19) (pib:6)
[10 Jul 2009 23:19] Bugs System 
Pushed into 5.1.37 (revid:build@mysql.com-20090710231213-9guqdu0avc0uwdkp) (version source revid:build@mysql.com-20090710231213-9guqdu0avc0uwdkp) (merge vers: 5.1.37) (pib:11)
[23 Jul 2009 10:24] Bugs System 
Pushed into 5.4.4-alpha (revid:alik@sun.com-20090723102221-ps4uaphwbxzj8p0q) (version source revid:joerg@mysql.com-20090721145751-rqqnhv0kage18wfi) (merge vers: 5.4.4-alpha) (pib:11)
[26 Aug 2009 13:46] Bugs System 
Pushed into 5.1.37-ndb-7.0.8 (revid:jonas@mysql.com-20090826132541-yablppc59e3yb54l) (version source revid:jonas@mysql.com-20090826132541-yablppc59e3yb54l) (merge vers: 5.1.37-ndb-7.0.8) (pib:11)
[26 Aug 2009 13:46] Bugs System 
Pushed into 5.1.37-ndb-6.3.27 (revid:jonas@mysql.com-20090826105955-bkj027t47gfbamnc) (version source revid:jonas@mysql.com-20090826105955-bkj027t47gfbamnc) (merge vers: 5.1.37-ndb-6.3.27) (pib:11)
[26 Aug 2009 13:48] Bugs System 
Pushed into 5.1.37-ndb-6.2.19 (revid:jonas@mysql.com-20090825194404-37rtosk049t9koc4) (version source revid:jonas@mysql.com-20090825194404-37rtosk049t9koc4) (merge vers: 5.1.37-ndb-6.2.19) (pib:11)
[27 Aug 2009 16:33] Bugs System 
Pushed into 5.1.35-ndb-7.1.0 (revid:magnus.blaudd@sun.com-20090827163030-6o3kk6r2oua159hr) (version source revid:jonas@mysql.com-20090826132541-yablppc59e3yb54l) (merge vers: 5.1.37-ndb-7.0.8) (pib:11)