diff options
| author | unknown <dlenev@mockturtle.local> | 2006-08-21 12:18:59 +0400 |
|---|---|---|
| committer | unknown <dlenev@mockturtle.local> | 2006-08-21 12:18:59 +0400 |
| commit | 8daf4e8373b9fc3def33e2146445cd1600cbc084 (patch) | |
| tree | 6a868f4d4dd2f337c35b36ca08707db968bc3ec8 /sql/lock.cc | |
| parent | 3c8150b79bf5302879897e0d1ebd594798bb419e (diff) | |
| download | mariadb-git-8daf4e8373b9fc3def33e2146445cd1600cbc084.tar.gz | |
Fix for bug#21216 "Simultaneous DROP TABLE and SHOW OPEN TABLES causes
server to crash".
Crash caused by assertion failure happened when one ran SHOW OPEN TABLES
while concurrently doing DROP TABLE (or RENAME TABLE, CREATE TABLE LIKE
or any other command that takes name-lock) in other connection.
For non-debug version of server problem exposed itself as wrong output
of SHOW OPEN TABLES statement (it was missing name-locked tables).
Finally in 5.1 both debug and non-debug versions simply crashed in
this situation due to NULL-pointer dereference.
This problem was caused by the fact that table placeholders which were
added to table cache in order to obtain name-lock had TABLE_SHARE::table_name
set to 0. Therefore they broke assumption that this member is non-0 for
all tables in table cache which was checked by assert in list_open_tables()
(in 5.1 this function simply relies on it).
The fix simply sets this member for such placeholders to appropriate value
making this assumption true again.
This patch also includes test for similar bug 12212 "Crash that happens
during removing of database name from cache" reappeared in 5.1 as bug 19403.
mysql-test/r/drop.result:
Added test for bug#21216 "Simultaneous DROP TABLE and SHOW OPEN TABLES
causes server to crash" and bug#12212/19403 "Crash that happens during
removing of database name from cache".
mysql-test/t/drop.test:
Added test for bug#21216 "Simultaneous DROP TABLE and SHOW OPEN TABLES
causes server to crash" and bug#12212/19403 "Crash that happens during
removing of database name from cache".
sql/lock.cc:
lock_table_name():
Our code assumes that TABLE_SHARE::table_name for objects in table cache
is non-NULL (for example look at assertion in list_open_tables()). This
was not true for table placeholders that were added to table cache for
name-locking. So let us set this member for such placeholders.
Diffstat (limited to 'sql/lock.cc')
| -rw-r--r-- | sql/lock.cc | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/sql/lock.cc b/sql/lock.cc index 97a080c5634..90ddcc957a2 100644 --- a/sql/lock.cc +++ b/sql/lock.cc @@ -854,6 +854,7 @@ int lock_table_name(THD *thd, TABLE_LIST *table_list) TABLE *table; char key[MAX_DBKEY_LENGTH]; char *db= table_list->db; + int table_in_key_offset; uint key_length; HASH_SEARCH_STATE state; DBUG_ENTER("lock_table_name"); @@ -861,8 +862,9 @@ int lock_table_name(THD *thd, TABLE_LIST *table_list) safe_mutex_assert_owner(&LOCK_open); - key_length=(uint) (strmov(strmov(key,db)+1,table_list->table_name) - -key)+ 1; + table_in_key_offset= strmov(key, db) - key + 1; + key_length= (uint)(strmov(key + table_in_key_offset, table_list->table_name) + - key) + 1; /* Only insert the table if we haven't insert it already */ @@ -883,6 +885,7 @@ int lock_table_name(THD *thd, TABLE_LIST *table_list) table->s= &table->share_not_to_be_used; memcpy((table->s->table_cache_key= (char*) (table+1)), key, key_length); table->s->db= table->s->table_cache_key; + table->s->table_name= table->s->table_cache_key + table_in_key_offset; table->s->key_length=key_length; table->in_use=thd; table->locked_by_name=1; |