diff options
| author | Nayuta Yanagisawa <nayuta.yanagisawa@hey.com> | 2021-03-05 17:51:17 +0000 |
|---|---|---|
| committer | Sergei Golubchik <serg@mariadb.org> | 2021-03-08 21:24:38 +0100 |
| commit | 75f781f0d27d73dce4c7570e5b94b9482903c907 (patch) | |
| tree | b1ad8eaa88d309c95b45e801eb82b94f943d066e | |
| parent | ecc1cd219d427e62acbd37c4c02e1f99d6c2d769 (diff) | |
| download | mariadb-git-75f781f0d27d73dce4c7570e5b94b9482903c907.tar.gz | |
MDEV-24868 Server crashes in optimize_schema_tables_memory_usage after select from information_schema.innodb_sys_columns
optimize_schema_tables_memory_usage() crashed when its argument included
TABLE struct that was not fully initialized.
To prevent such a crash, we check if a table is an information schema table at
the beginning of each iteration.
Closes #1768
| -rw-r--r-- | mysql-test/main/information_schema.result | 7 | ||||
| -rw-r--r-- | mysql-test/main/information_schema.test | 8 | ||||
| -rw-r--r-- | sql/sql_show.cc | 11 |
3 files changed, 23 insertions, 3 deletions
diff --git a/mysql-test/main/information_schema.result b/mysql-test/main/information_schema.result index c65a10cbd4b..28c1122ac03 100644 --- a/mysql-test/main/information_schema.result +++ b/mysql-test/main/information_schema.result @@ -2316,5 +2316,12 @@ count(*) 2 DROP TABLE t1; # +# MDEV-24868 Server crashes in optimize_schema_tables_memory_usage after select from information_schema.innodb_sys_columns +# +create table t1 ( name varchar(64) character set utf8, len int); +select * from t1 where (name, len) in (select name, len from information_schema.innodb_sys_columns having len = 8); +name len +drop table t1; +# # End of 10.3 tests # diff --git a/mysql-test/main/information_schema.test b/mysql-test/main/information_schema.test index 4468eb18e45..71e700f3f18 100644 --- a/mysql-test/main/information_schema.test +++ b/mysql-test/main/information_schema.test @@ -2044,6 +2044,14 @@ INSERT INTO t1 VALUES ('2012-12-12'),('2021-11-11'); SELECT count(*) FROM t1 AS t1a LEFT JOIN (t1 AS t1b JOIN INFORMATION_SCHEMA.ROUTINES) ON (t1b.a IS NULL); SELECT count(*) FROM t1 AS t1a LEFT JOIN (t1 AS t1b JOIN INFORMATION_SCHEMA.PROFILING) ON (t1b.a IS NULL); DROP TABLE t1; + +--echo # +--echo # MDEV-24868 Server crashes in optimize_schema_tables_memory_usage after select from information_schema.innodb_sys_columns +--echo # +create table t1 ( name varchar(64) character set utf8, len int); +select * from t1 where (name, len) in (select name, len from information_schema.innodb_sys_columns having len = 8); +drop table t1; + --echo # --echo # End of 10.3 tests --echo # diff --git a/sql/sql_show.cc b/sql/sql_show.cc index e6b5461e5af..469f28acf6c 100644 --- a/sql/sql_show.cc +++ b/sql/sql_show.cc @@ -8672,14 +8672,19 @@ end: bool optimize_schema_tables_memory_usage(List<TABLE_LIST> &tables) { + DBUG_ENTER("optimize_schema_tables_memory_usage"); + List_iterator<TABLE_LIST> tli(tables); while (TABLE_LIST *table_list= tli++) { + if (!table_list->schema_table) + continue; + TABLE *table= table_list->table; THD *thd=table->in_use; - if (!table_list->schema_table || !thd->fill_information_schema_tables()) + if (!thd->fill_information_schema_tables()) continue; if (!table->is_created()) @@ -8726,10 +8731,10 @@ bool optimize_schema_tables_memory_usage(List<TABLE_LIST> &tables) // TODO switch from Aria to Memory if all blobs were optimized away? if (instantiate_tmp_table(table, p->keyinfo, p->start_recinfo, &p->recinfo, table_list->select_lex->options | thd->variables.option_bits)) - return 1; + DBUG_RETURN(1); } } - return 0; + DBUG_RETURN(0); } |