From be02356206cfe08a6da9ca8ed15e299741210d4b Mon Sep 17 00:00:00 2001 From: Dmitry Shulga Date: Fri, 1 Sep 2023 19:27:34 +0700 Subject: [PATCH] MDEV-14959: Fixed memory leak happened on re-parsing a view that substitutes a table In case a table accessed by a PS/SP is dropped after the first execution of PS/SP and a view created with the same name as a table just dropped then the second execution of PS/SP leads to allocation of a memory on SP/PS memory root already marked as read only on first execution. For example, the following test case: CREATE TABLE t1 (a INT); PREPARE stmt FROM "INSERT INTO t1 VALUES (1)"; EXECUTE stmt; DROP TABLE t1; CREATE VIEW t1 S SELECT 1; --error ER_NON_INSERTABLE_TABLE EXECUTE stmt; # (*) DROP VIEW t1; will hit assert on running the statement 'EXECUTE stmt' marked with (*) when allocation of a memory be performed on parsing the view. Memory allocation is requested inside the function mysql_make_view when a view definition being parsed. In order to avoid an assertion failure, call of the function mysql_make_view() must be moved after invocation of the function check_and_update_table_version(). It will result in re-preparing the whole PS statement or current SP instruction that will free currently allocated items and reset read_only flag for the memory root. --- sql/sql_base.cc | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/sql/sql_base.cc b/sql/sql_base.cc index 9b1043393e7..97d214e1f17 100644 --- a/sql/sql_base.cc +++ b/sql/sql_base.cc @@ -2018,10 +2018,6 @@ retry_share: goto err_lock; } - /* Open view */ - if (mysql_make_view(thd, share, table_list, false)) - goto err_lock; - /* This table is a view. Validate its metadata version: in particular, that it was a view when the statement was prepared. @@ -2029,6 +2025,10 @@ retry_share: if (check_and_update_table_version(thd, table_list, share)) goto err_lock; + /* Open view */ + if (mysql_make_view(thd, share, table_list, false)) + goto err_lock; + /* TODO: Don't free this */ tdc_release_share(share);