#At file:///home/gluh/MySQL/mysql-6.0-backup/ based on revid:rafal.somla@stripped
2906 Sergey Glukhov 2009-12-10
Bug#43357 Server crash when selecting from INFORMATION_SCHEMA
Server crashes in mysqld_list_processes() function on
pthread_mutex_unlock(&tmp->LOCK_thd_data) call.
It happens because threads after its delete are still visible
in thread list with destroyed LOCK_thd_data mutex.
The fix is to remove deleted thd from thread list.
@ sql/sql_class.cc
added deleted thd removal from thread list
@ sql/sql_list.h
added is_linked() method
modified:
sql/sql_class.cc
sql/sql_list.h
=== modified file 'sql/sql_class.cc'
--- a/sql/sql_class.cc 2009-12-02 22:58:41 +0000
+++ b/sql/sql_class.cc 2009-12-10 08:58:39 +0000
@@ -1067,6 +1067,8 @@ THD::~THD()
{
THD_CHECK_SENTRY(this);
DBUG_ENTER("~THD()");
+ if (is_linked())
+ safe_mutex_assert_owner(&LOCK_thread_count);
/* Ensure that no one is using THD */
pthread_mutex_lock(&LOCK_thd_data);
/*
@@ -1102,6 +1104,7 @@ THD::~THD()
safeFree(db);
free_root(&transaction.mem_root,MYF(0));
mysys_var=0; // Safety (shouldn't be needed)
+ unlink();
pthread_mutex_destroy(&LOCK_thd_data);
#ifndef DBUG_OFF
dbug_sentry= THD_SENTRY_GONE;
=== modified file 'sql/sql_list.h'
--- a/sql/sql_list.h 2009-10-12 09:08:34 +0000
+++ b/sql/sql_list.h 2009-12-10 08:58:39 +0000
@@ -476,6 +476,7 @@ struct ilink
if (next) next->prev=prev;
prev=0 ; next=0;
}
+ inline bool is_linked() { return next || prev; }
virtual ~ilink() { unlink(); } /*lint -e1740 */
};
Attachment: [text/bzr-bundle] bzr/sergey.glukhov@sun.com-20091210085839-lzucwd4nn40bbfke.bundle
| Thread |
|---|
| • bzr commit into mysql-6.0-backup branch (Sergey.Glukhov:2906) Bug#43357 | Sergey Glukhov | 10 Dec |
