Bug #55730 kill_server() calls SetEvent on a null handle, smem_event_connect_request
Submitted: 4 Aug 2010 7:36 Modified: 3 May 2011 1:19
Reporter: Shane Bester (Platinum Quality Contributor) Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: General Severity:S3 (Non-critical)
Version:5.1.49 OS:Windows
Assigned to: Magne Mæhre CPU Architecture:Any

[4 Aug 2010 7:36] Shane Bester 
Description:
=======================================
VERIFIER STOP 0000000000000303: pid 0xF78: NULL handle passed as parameter. A valid handle must be used. 

00 ntdll!DbgBreakPoint
01 vrfcore!VerifierStopMessageEx
02 vfbasics!AVrfpHandleSanityChecks
03 vfbasics!AVrfpNtSetEvent
04 kernel32!SetEvent
05 mysqld!kill_server
06 mysqld!handle_shutdown
07 mysqld!pthread_start
08 mysqld!_callthreadstart
09 mysqld!_threadstart
0a vfbasics!AVrfpStandardThreadFunction+0x2b
0b kernel32!BaseThreadStart+0x3a

Offending code:
#if defined(HAVE_SMEM) && defined(__WIN__)    
  /*    
   Send event to smem_event_connect_request for aborting    
   */    
  if (!SetEvent(smem_event_connect_request))    
  {      
	  DBUG_PRINT("error",
		("Got error: %ld from SetEvent of smem_event_connect_request",
		 GetLastError()));    
  }
#endif

Note: this is not a crash.  It's just a small programming error that should be fixed with a one-liner.

How to repeat:
just trust me, or read the code. Otherwise, use application verifier to detect invalid handle usage, then:

mysqld --no-defaults --skip-gr --skip-na --console
mysqladmin shut -uroot

Suggested fix:
check if the handle is null before setting it
[14 Dec 2010 13:39] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/126773

3426 Magne Mahre	2010-12-14
      Bug #58179 cannot start mysqld with app verifier
      Bug #55730 kill_server() calls SetEvent on a null handle, 
                  smem_event_connect_request
      
      Application Verifier is a Microsoft tool used for
      detecting certain classes of programming errors.
      In particular, MS Windows OS resource usage is 
      monitored for wrong usage (handles, thread local
      storage, critical sections, ...)
      
      In MySQL 5.5.x, an error was introduced where an
      object on thread local storage was used before the
      TLS and the object was created.
      
      The fix has been to move the mysys initialization
      to an earlier stage in the boot process when built for
      Windows.  For non-win builds, the init already happens
      early.
      
      Some un-tangling of calls to my_init(), my_basic_init() 
      and my_thread_global_init() was done.  There is no
      longer a need to do init in steps, so the full my_init()
      is called instead of my_init_basic().
      
      In addition, Bug#55730 was fixed.  The event handle
      'smem_event_connect_request' is only created if 
      'opt_enable_shared_memory' is set.  When killing the
      server, an event was flagged on the handle
      unconditionally.  Added a test, so it will only be 
      flagged if created.
     @ mysys/my_init.c
        my_thread_global_init is already called from
        my_basic_init.
[5 Jan 2011 13:56] Bugs System 
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/127977

3461 Magne Mahre	2011-01-05
      Bug#58179 cannot start mysqld with app verifier
      Bug#55730 kill_server() calls SetEvent on a null handle, 
                 smem_event_connect_request
            
      Application Verifier is a Microsoft tool used for
      detecting certain classes of programming errors.
      In particular, MS Windows OS resource usage is 
      monitored for wrong usage (handles, thread local
      storage, critical sections, ...)
            
      In MySQL 5.5.x, an error was introduced where an
      object on thread local storage was used before the
      TLS and the object was created.
            
      The fix has been to split the mysys initialization
      into additional parts so the different subsystems
      of mysys can be initialized at different stages
      in the database startup sequence.
            
      In addition, Bug#55730 was fixed.  The event handle
      'smem_event_connect_request' is only created if 
      'opt_enable_shared_memory' is set.  When killing the
      server, an event was flagged on the handle
      unconditionally.  Added a test, so it will only be 
      flagged if created.
     @ mysys/my_init.c
        my_basic_init was renamed to my_init_part1
        The rest of mysys initialization is moved
        to my_init_part2.   my_init() now only
        calls my_init_part1() and my_init_part2()
        
        my_init_part1() now calls my_thread_init_part1()
        my_init_part2() call my_thread_init_part2() and
        my_thread init_part3()
     @ mysys/my_thr_init.c
        Thread initialization is split into three
        parts (was two).  my_thread_init_part1()
        initializes 'THR_KEY_mysys', as this must
        be done before you can use debugging
        features.
        
        my_thread_init_part2 is a new name for
        my_thread_basic_global_init
        
        my_thread_init_part3 is mostly just a rename
        for my_thread_global_init.
[26 Mar 2011 9:26] MySQL Verification Team 
a workaround for avoiding this bug is to start mysqld with --shared-memory=1
so that the code works on shutdown.
[3 May 2011 1:19] Paul DuBois 
Noted in 5.5.11, 5.6.3 changelogs.

On Windows, an object in thread local storage could be used before
the object was created. 

CHANGESET - http://lists.mysql.com/commits/132201