1
0
mirror of https://github.com/MariaDB/server.git synced 2025-07-29 05:21:33 +03:00

Fixes for Bug #38016 Maria: trying to access freed memory when committing a transaction

Don't write out states if they haven't changed

sql/sql_base.cc:
  Call extra(HA_EXTRA_PREPARE_FOR_DROP) before doing a drop of a table
  More DBUG
sql/sql_table.cc:
  Call extra(HA_EXTRA_PREPARE_FOR_RENAME) before renaming a table
storage/maria/ha_maria.cc:
  Ensure that file->trn is set when we call extra(HA_EXTRA_PREPARE_FOR_DROP/RENAME)
storage/maria/ma_close.c:
  When doing close, assert if we have pointers in trn->table_list that points to the MARIA_SHARE
storage/maria/ma_extra.c:
  Reset info->state_start in case of drop/rename. This fixes the problem of accessing freed memory in repair
  Don't write state changed if they haven't changed
storage/maria/ma_open.c:
  Reset share->changed after we have written out a state (speed optimization to not write states when they haven't changed)
storage/maria/ma_state.c:
  Decrement share->in_trans properly in DBUG_BINARY to ensure that the DBUG_ASSERT() in maria_close() works
  More DBUG
This commit is contained in:
Michael Widenius
2008-08-19 01:21:22 +03:00
parent 47a82ad552
commit ea31b1e6ec
7 changed files with 64 additions and 9 deletions

View File

@ -2184,6 +2184,7 @@ void unlink_open_table(THD *thd, TABLE *find, bool unlock)
void drop_open_table(THD *thd, TABLE *table, const char *db_name,
const char *table_name)
{
DBUG_ENTER("drop_open_table");
if (table->s->tmp_table)
close_temporary_table(thd, table, 1, 1);
else
@ -2194,10 +2195,12 @@ void drop_open_table(THD *thd, TABLE *table, const char *db_name,
unlink_open_table() also tells threads waiting for refresh or close
that something has happened.
*/
table->file->extra(HA_EXTRA_PREPARE_FOR_DROP);
unlink_open_table(thd, table, FALSE);
quick_rm_table(table_type, db_name, table_name, 0);
VOID(pthread_mutex_unlock(&LOCK_open));
}
DBUG_VOID_RETURN;
}
@ -3680,6 +3683,9 @@ TABLE *drop_locked_tables(THD *thd,const char *db, const char *table_name)
if (!strcmp(table->s->table_name.str, table_name) &&
!strcmp(table->s->db.str, db))
{
/* Inform handler that table will be dropped after close */
table->file->extra(HA_EXTRA_PREPARE_FOR_DROP);
/* If MERGE child, forward lock handling to parent. */
mysql_lock_remove(thd, thd->locked_tables,
table->parent ? table->parent : table, TRUE);