Bug #48250 mysqtest_embedded can lock destroyed mutex
Submitted: 22 Oct 2009 23:51 Modified: 17 Jun 2010 19:36
Reporter: Vladislav Vaintroub Email Updates:
Status: Closed Impact on me:
None 
Category:Tools: MTR / mysql-test-run Severity:S3 (Non-critical)
Version: OS:Any
Assigned to: Bjørn Munch CPU Architecture:Any

[22 Oct 2009 23:51] Vladislav Vaintroub
Description:
In embedded mode, if mysql_server_init() fails, it calls mysql_server_end which in turn calls my_end() which in turn calls my_thread_global_end() which destroys all mysys mutexes.

However, if mysql_server_init() fails, mysqltest.cc calls die(), which in turn calls cleanup_and_exit/free_unused_memory/close_files and this can under some circumstances attempt to close file with my_fclose(), which then attempts to lock THR_LOCK_open via   pthread_mutex_lock(&THR_LOCK_open), which is destroyed already.

Dependend on the OS used, it might well crash (and it does crash on Windows). This issue was found when I was experimenting with change compilation such that mysqltest_embedded links with the static mysqlserver.lib library instead of shared, to match the Unix behavior

How to repeat:
Examine the source code, or change compilation such that mysqltest_embedded is linked with static mysqlserver library. Using wrong parameter force error in mysql_server_init(). Observe crash with this callstack.

>	mysqltest_embedded.exe!my_fclose(_iobuf * fd=0x015168a0, int MyFlags=0x00000000)  Line 103 + 0x16 bytes	C
 	mysqltest_embedded.exe!close_files()  Line 1124 + 0x10 bytes	C++
 	mysqltest_embedded.exe!free_used_memory()  Line 1140	C++
 	mysqltest_embedded.exe!cleanup_and_exit(int exit_code=0x00000001)  Line 1181	C++
 	mysqltest_embedded.exe!die(const char * fmt=0x0122f404, ...)  Line 1246 + 0x7 bytes	C++
 	mysqltest_embedded.exe!main(int argc=0x00000017, char * * argv=0x001133e8)  Line 7638 + 0xa bytes	C++

Suggested fix:
do not use my_fopen/my_fclose in mysqltest, use fopen and fclose instead.
my_ does  not add any value (mysys does not reimplement IO streams from ANSI C library, it just adds some overhead of locking and tracking). Considering the fact that file needs to be opened or closed when mysys is already deinitialized, it is much safer no restrain from mysys usage. By the way, all other stream functions used in mysqtest.cc are not mysys , but ANSI.
[20 Nov 2009 11:10] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/91054

2861 Bjorn Munch	2009-11-20
      Bug #48250 mysqtest_embedded can lock destroyed mutex
      As suggested, replaced relevant uses of my_fopen with fopen (and close)
      Tested on HPUX where it was reproducable with test innodb_bug30919
[26 Nov 2009 10:17] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/91765

2863 Bjorn Munch	2009-11-26
      Bug #48250 mysqtest_embedded can lock destroyed mutex
      As suggested, replaced relevant uses of my_fopen with fopen (and close)
      Tested on HPUX where it was reproducable with test innodb_bug30919
[26 Nov 2009 11:46] Bjørn Munch
Pushed to 5.1-mtr, trunk-mtr, next-mr-mtr, 6.0-codebase-mtr
[20 Feb 2010 9:32] Bugs System
Pushed into 6.0.14-alpha (revid:alik@sun.com-20100220092844-jh07ayojyxn8uh9p) (version source revid:bjorn.munch@sun.com-20091126113643-14x9x1b5jw483wiv) (merge vers: 6.0.14-alpha) (pib:16)
[20 Feb 2010 9:35] Bugs System
Pushed into 5.5.3-m2 (revid:alik@sun.com-20100220092622-wvhh1vfy5tjq4mhu) (version source revid:bjorn.munch@sun.com-20091126103637-xcfhi92t575tgo3q) (merge vers: 5.5.0-beta) (pib:16)
[20 Feb 2010 9:37] Bugs System
Pushed into mysql-next-mr (revid:alik@sun.com-20100220092730-paoo5t9gcajs5dq8) (version source revid:bjorn.munch@sun.com-20091126110818-tmrskn0sw591eu9k) (pib:16)
[20 Feb 2010 19:01] Paul Dubois
Changes to test suite. No changelog entry needed.

Setting report to Need Merge pending push to 5.1.x.
[1 Mar 2010 8:46] Bugs System
Pushed into 5.1.45 (revid:joro@sun.com-20100301083827-xnimmrjg6bh33o1o) (version source revid:azundris@mysql.com-20100222175719-viuh0f3gdsrkgv0r) (merge vers: 5.1.45) (pib:16)
[1 Mar 2010 16:15] Paul Dubois
No changelog entry needed.
[17 Jun 2010 11:59] Bugs System
Pushed into 5.1.47-ndb-7.0.16 (revid:martin.skold@mysql.com-20100617114014-bva0dy24yyd67697) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)
[17 Jun 2010 12:39] Bugs System
Pushed into 5.1.47-ndb-6.2.19 (revid:martin.skold@mysql.com-20100617115448-idrbic6gbki37h1c) (version source revid:martin.skold@mysql.com-20100609140708-52rvuyq4q500sxkq) (merge vers: 5.1.45-ndb-6.2.19) (pib:16)
[17 Jun 2010 13:25] Bugs System
Pushed into 5.1.47-ndb-6.3.35 (revid:martin.skold@mysql.com-20100617114611-61aqbb52j752y116) (version source revid:vasil.dimov@oracle.com-20100331130613-8ja7n0vh36a80457) (merge vers: 5.1.46) (pib:16)