diff options
| author | unknown <davi@endora.local> | 2007-11-01 18:52:56 -0200 |
|---|---|---|
| committer | unknown <davi@endora.local> | 2007-11-01 18:52:56 -0200 |
| commit | 611dbd0bb3e05d047ed0f42bd5211f17b8330bd2 (patch) | |
| tree | 6665bd29057800c65aa07195e3d351558f7d3173 /sql/table.h | |
| parent | ecef837931ae10467bb112eb5364051e419521dc (diff) | |
| download | mariadb-git-611dbd0bb3e05d047ed0f42bd5211f17b8330bd2.tar.gz | |
Bug#30882 Dropping a temporary table inside a stored function may cause a server crash
If a stored function that contains a drop temporary table statement
is invoked by a create temporary table of the same name may cause
a server crash. The problem is that when dropping a table no check
is done to ensure that table is not being used by some outer query
(or outer statement), potentially leaving the outer query with a
reference to a stale (freed) table.
The solution is when dropping a temporary table, always check if
the table is being used by some outer statement as a temporary
table can be dropped inside stored procedures.
The check is performed by looking at the TABLE::query_id value for
temporary tables. To simplify this check and to solve a bug related
to handling of temporary tables in prelocked mode, this patch changes
the way in which this member is used to track the fact that table is
used/unused. Now we ensure that TABLE::query_id is zero for unused
temporary tables (which means that all temporary tables which were
used by a statement should be marked as free for reuse after it's
execution has been completed).
mysql-test/include/handler.inc:
Add test case for side effect of Bug#30882
mysql-test/r/handler_innodb.result:
Add test case result for side effect of Bug#30882
mysql-test/r/handler_myisam.result:
Add test case result for side effect of Bug#30882
mysql-test/r/sp-error.result:
Add test case result for Bug#30882
mysql-test/t/sp-error.test:
Add test case for Bug#30882
sql/event_db_repository.cc:
Update close_thread_tables call, no more default values.
sql/mysql_priv.h:
Remove implicit default parameters values of the close_thread_tables
function as no callers are using it.
sql/slave.cc:
Update close_thread_tables call, no more default values
sql/sp_head.cc:
Update close_thread_tables call, no more default values
sql/sql_base.cc:
Changed the approach to distinguishing currently unused temporary tables.
Now we ensure that such tables always have TABLE::query_id set to 0 and
use this fact to perform checks during opening and dropping of temporary
tables. This means that we have to call close_thread_tables() even for
statements which use only temporary tables. To make this call cheaper,
we re-factored close_thread_tables() to not take LOCK_open unless there
are open base tables.
sql/sql_handler.cc:
Properly close temporary tables associated with a handler.
sql/sql_insert.cc:
close_temporary_table is now merged into drop_temporary_table.
sql/sql_parse.cc:
Now the condition doesn't cover all cases because close_thread_tables()
must be called even for statements that use only temporary tables.
sql/sql_table.cc:
Use drop_temporary_table which perform checks to verify if
the table is not being used. Error path problem is due to
a handler tables issue and is going to be addressed in bug
31397.
sql/table.h:
Rename previously unused clear_query_id and document the usage of
query_id and open_by_handler.
Diffstat (limited to 'sql/table.h')
| -rw-r--r-- | sql/table.h | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/sql/table.h b/sql/table.h index 6554b6ed578..2bbd71b70c6 100644 --- a/sql/table.h +++ b/sql/table.h @@ -499,6 +499,24 @@ struct st_table { my_bitmap_map *bitmap_init_value; MY_BITMAP def_read_set, def_write_set, tmp_set; /* containers */ MY_BITMAP *read_set, *write_set; /* Active column sets */ + /* + The ID of the query that opened and is using this table. Has different + meanings depending on the table type. + + Temporary tables: + + table->query_id is set to thd->query_id for the duration of a statement + and is reset to 0 once it is closed by the same statement. A non-zero + table->query_id means that a statement is using the table even if it's + not the current statement (table is in use by some outer statement). + + Non-temporary tables: + + Under pre-locked or LOCK TABLES mode: query_id is set to thd->query_id + for the duration of a statement and is reset to 0 once it is closed by + the same statement. A non-zero query_id is used to control which tables + in the list of pre-opened and locked tables are actually being used. + */ query_id_t query_id; /* @@ -593,8 +611,8 @@ struct st_table { my_bool locked_by_name; my_bool fulltext_searched; my_bool no_cache; - /* To signal that we should reset query_id for tables and cols */ - my_bool clear_query_id; + /* To signal that the table is associated with a HANDLER statement */ + my_bool open_by_handler; /* To indicate that a non-null value of the auto_increment field was provided by the user or retrieved from the current record. |