From 78b6ca55cbc2ee278c953a00b0e5aa32511253a8 Mon Sep 17 00:00:00 2001
From: Davi Arnaut <davi.arnaut@oracle.com>
Date: Fri, 7 Jan 2011 16:33:36 -0200
Subject: [PATCH 1/2] Bug#51023: Mysql server crashes on SIGHUP and destroys
 InnoDB files

From a user perspective, the problem is that a FLUSH LOGS or SIGHUP
signal could end up associating the stdout and stderr to random
files. In the case of this bug report, the streams would end up
associated to InnoDB ibd files.

The freopen(3) function is not thread-safe on FreeBSD. What this
means is that if another thread calls open(2) during freopen()
is executing that another thread's fd returned by open(2) may get
re-associated with the file being passed to freopen(3). See FreeBSD
PR number 79887 for reference:

  http://www.freebsd.org/cgi/query-pr.cgi?pr=79887

This problem is worked around by substituting a internal hook within
the FILE structure. This avoids the loss of atomicity by not having
the original fd closed before its duplicated.

Patch based on the original work by Vasil Dimov.
---
 include/my_sys.h |   1 +
 mysys/my_fopen.c | 135 ++++++++++++++++++++++++++++++++++++++++++++++-
 sql/log.cc       |  76 ++++----------------------
 3 files changed, 146 insertions(+), 66 deletions(-)

diff --git a/include/my_sys.h b/include/my_sys.h
index 90fd78f77ba..0ac220cec31 100644
--- a/include/my_sys.h
+++ b/include/my_sys.h
@@ -664,6 +664,7 @@ extern void init_glob_errs(void);
 extern void wait_for_free_space(const char *filename, int errors);
 extern FILE *my_fopen(const char *FileName,int Flags,myf MyFlags);
 extern FILE *my_fdopen(File Filedes,const char *name, int Flags,myf MyFlags);
+extern FILE *my_freopen(const char *path, const char *mode, FILE *stream);
 extern int my_fclose(FILE *fd,myf MyFlags);
 extern int my_chsize(File fd,my_off_t newlength, int filler, myf MyFlags);
 extern int my_sync(File fd, myf my_flags);
diff --git a/mysys/my_fopen.c b/mysys/my_fopen.c
index 44156da6ae3..a822b63dd63 100644
--- a/mysys/my_fopen.c
+++ b/mysys/my_fopen.c
@@ -18,6 +18,10 @@
 #include <errno.h>
 #include "mysys_err.h"
 
+#if defined(__FreeBSD__)
+extern int getosreldate(void);
+#endif
+
 static void make_ftype(char * to,int flag);
 
 /*
@@ -97,8 +101,137 @@ FILE *my_fopen(const char *filename, int flags, myf MyFlags)
 } /* my_fopen */
 
 
-	/* Close a stream */
+#if defined(_WIN32)
 
+static FILE *my_win_freopen(const char *path, FILE *stream)
+{
+  int handle_fd, fd= _fileno(stream);
+  HANDLE osfh;
+
+  DBUG_ASSERT(filename && stream);
+
+  /* Services don't have stdout/stderr on Windows, so _fileno returns -1. */
+  if (fd < 0)
+  {
+    if (!freopen(filename, mode, stream))
+      return NULL;
+
+    fd= _fileno(stream);
+  }
+
+  if ((osfh= CreateFile(path, GENERIC_READ | GENERIC_WRITE,
+                        FILE_SHARE_READ | FILE_SHARE_WRITE |
+                        FILE_SHARE_DELETE, NULL,
+                        OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL,
+                        NULL)) == INVALID_HANDLE_VALUE)
+    return NULL;
+
+  if ((handle_fd= _open_osfhandle((intptr_t)osfh,
+                                  _O_APPEND | _O_TEXT)) == -1)
+  {
+    CloseHandle(osfh);
+    return NULL;
+  }
+
+  if (_dup2(handle_fd, fd) < 0)
+  {
+    CloseHandle(osfh);
+    return NULL;
+  }
+
+  _close(handle_fd);
+
+  return stream;
+}
+
+#elif defined(__FreeBSD__)
+
+/* No close operation hook. */
+
+static int no_close(void *cookie __attribute__((unused)))
+{
+  return 0;
+}
+
+/*
+  A hack around a race condition in the implementation of freopen.
+
+  The race condition steams from the fact that the current fd of
+  the stream is closed before its number is used to duplicate the
+  new file descriptor. This defeats the desired atomicity of the
+  close and duplicate of dup2().
+
+  See PR number 79887 for reference:
+  http://www.freebsd.org/cgi/query-pr.cgi?pr=79887
+*/
+
+static FILE *my_freebsd_freopen(const char *path, const char *mode, FILE *stream)
+{
+  int old_fd;
+  FILE *result;
+
+  flockfile(stream);
+
+  old_fd= fileno(stream);
+
+  /* Use a no operation close hook to avoid having the fd closed. */
+  stream->_close= no_close;
+
+  /* Relies on the implicit dup2 to close old_fd. */
+  result= freopen(path, mode, stream);
+
+  /* If successful, the _close hook was replaced. */
+
+  if (result == NULL)
+    close(old_fd);
+  else
+    funlockfile(result);
+
+  return result;
+}
+
+#endif
+
+
+/**
+  Change the file associated with a file stream.
+
+  @param path   Path to file.
+  @param mode   Mode of the stream.
+  @param stream File stream.
+
+  @note
+    This function is used to redirect stdout and stderr to a file and
+    subsequently to close and reopen that file for log rotation.
+
+  @retval A FILE pointer on success. Otherwise, NULL.
+*/
+
+FILE *my_freopen(const char *path, const char *mode, FILE *stream)
+{
+  FILE *result;
+
+#if defined(_WIN32)
+  result= my_win_freopen(path, mode, stream);
+#elif defined(__FreeBSD__)
+  /*
+    XXX: Once the fix is ported to the stable releases, this should
+         be dependent upon the specific FreeBSD versions. Check at:
+         http://www.freebsd.org/cgi/query-pr.cgi?pr=79887
+  */
+  if (getosreldate() > 900027)
+    result= freopen(path, mode, stream);
+  else
+    result= my_freebsd_freopen(path, mode, stream);
+#else
+  result= freopen(path, mode, stream);
+#endif
+
+  return result;
+}
+
+
+/* Close a stream */
 int my_fclose(FILE *fd, myf MyFlags)
 {
   int err,file;
diff --git a/sql/log.cc b/sql/log.cc
index f3d3420194c..23182fa1902 100644
--- a/sql/log.cc
+++ b/sql/log.cc
@@ -5171,80 +5171,26 @@ void sql_perror(const char *message)
 }
 
 
-#ifdef __WIN__
+/*
+  Change the file associated with two output streams. Used to
+  redirect stdout and stderr to a file. The streams are reopened
+  only for appending (writing at end of file).
+*/
 extern "C" my_bool reopen_fstreams(const char *filename,
                                    FILE *outstream, FILE *errstream)
 {
-  int handle_fd;
-  int err_fd, out_fd;
-  HANDLE osfh;
+  if (outstream && !my_freopen(filename, "a", outstream))
+    return TRUE;
 
-  DBUG_ASSERT(filename && errstream);
-
-  // Services don't have stdout/stderr on Windows, so _fileno returns -1.
-  err_fd= _fileno(errstream);
-  if (err_fd < 0)
-  {
-    if (!freopen(filename, "a+", errstream))
-      return TRUE;
+  if (errstream && !my_freopen(filename, "a", errstream))
+    return TRUE;
 
+  /* The error stream must be unbuffered. */
+  if (errstream)
     setbuf(errstream, NULL);
-    err_fd= _fileno(errstream);
-  }
-
-  if (outstream)
-  {
-    out_fd= _fileno(outstream);
-    if (out_fd < 0)
-    {
-      if (!freopen(filename, "a+", outstream))
-        return TRUE;
-      out_fd= _fileno(outstream);
-    }
-  }
-
-  if ((osfh= CreateFile(filename, GENERIC_READ | GENERIC_WRITE,
-                        FILE_SHARE_READ | FILE_SHARE_WRITE |
-                        FILE_SHARE_DELETE, NULL,
-                        OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL,
-                        NULL)) == INVALID_HANDLE_VALUE)
-    return TRUE;
-
-  if ((handle_fd= _open_osfhandle((intptr_t)osfh,
-                                  _O_APPEND | _O_TEXT)) == -1)
-  {
-    CloseHandle(osfh);
-    return TRUE;
-  }
-
-  if (_dup2(handle_fd, err_fd) < 0)
-  {
-    CloseHandle(osfh);
-    return TRUE;
-  }
-
-  if (outstream && _dup2(handle_fd, out_fd) < 0)
-  {
-    CloseHandle(osfh);
-    return TRUE;
-  }
-
-  _close(handle_fd);
-  return FALSE;
-}
-#else
-extern "C" my_bool reopen_fstreams(const char *filename,
-                                   FILE *outstream, FILE *errstream)
-{
-  if (outstream && !freopen(filename, "a+", outstream))
-    return TRUE;
-
-  if (errstream && !freopen(filename, "a+", errstream))
-    return TRUE;
 
   return FALSE;
 }
-#endif
 
 
 /*

From 4c810790f74deb9a3697accc12c2756bff4dad44 Mon Sep 17 00:00:00 2001
From: Davi Arnaut <davi.arnaut@oracle.com>
Date: Fri, 7 Jan 2011 17:28:06 -0200
Subject: [PATCH 2/2] Bug#51023: Mysql server crashes on SIGHUP and destroys
 InnoDB files

WIN32 compilation fixes: define ETIMEDOUT only if not available and
fix typos and add a missing parameter.
---
 include/my_pthread.h | 4 +++-
 mysys/my_fopen.c     | 6 +++---
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/include/my_pthread.h b/include/my_pthread.h
index a7e4ea25064..3880511da2d 100644
--- a/include/my_pthread.h
+++ b/include/my_pthread.h
@@ -126,7 +126,9 @@ struct tm *gmtime_r(const time_t *timep,struct tm *tmp);
 
 void pthread_exit(void *a);	 /* was #define pthread_exit(A) ExitThread(A)*/
 
-#define ETIMEDOUT 145		    /* Win32 doesn't have this */
+#ifndef ETIMEDOUT
+#define ETIMEDOUT 145		    /* Win32 might not have this */
+#endif
 #define getpid() GetCurrentThreadId()
 #define HAVE_LOCALTIME_R		1
 #define _REENTRANT			1
diff --git a/mysys/my_fopen.c b/mysys/my_fopen.c
index a822b63dd63..b8373ecb3ab 100644
--- a/mysys/my_fopen.c
+++ b/mysys/my_fopen.c
@@ -103,17 +103,17 @@ FILE *my_fopen(const char *filename, int flags, myf MyFlags)
 
 #if defined(_WIN32)
 
-static FILE *my_win_freopen(const char *path, FILE *stream)
+static FILE *my_win_freopen(const char *path, const char *mode, FILE *stream)
 {
   int handle_fd, fd= _fileno(stream);
   HANDLE osfh;
 
-  DBUG_ASSERT(filename && stream);
+  DBUG_ASSERT(path && stream);
 
   /* Services don't have stdout/stderr on Windows, so _fileno returns -1. */
   if (fd < 0)
   {
-    if (!freopen(filename, mode, stream))
+    if (!freopen(path, mode, stream))
       return NULL;
 
     fd= _fileno(stream);