diff options
| author | Gleb Shchepa <gshchepa@mysql.com> | 2009-07-24 20:58:58 +0500 |
|---|---|---|
| committer | Gleb Shchepa <gshchepa@mysql.com> | 2009-07-24 20:58:58 +0500 |
| commit | 6aea4cebfc2eb6d39ccfe4f7fc53ac0dd1fc9ac5 (patch) | |
| tree | 09d21c8df0aaa2410de0d4420236458edc9d4022 /sql/log_event.cc | |
| parent | ec7ea4454102db998c5477624f576308e52d9f3d (diff) | |
| download | mariadb-git-6aea4cebfc2eb6d39ccfe4f7fc53ac0dd1fc9ac5.tar.gz | |
Bug #38816: kill + flush tables with read lock + stored
procedures causes crashes!
The problem of that bugreport was mostly fixed by the
patch for bug 38691.
However, attached test case focused on another crash or
valgrind warning problem: SHOW PROCESSLIST query accesses
freed memory of SP instruction that run in a parallel
connection.
Changes of thd->query/thd->query_length in dangerous
places have been guarded with the per-thread
LOCK_thd_data mutex (the THD::LOCK_delete mutex has been
renamed to THD::LOCK_thd_data).
Diffstat (limited to 'sql/log_event.cc')
| -rw-r--r-- | sql/log_event.cc | 16 |
1 files changed, 4 insertions, 12 deletions
diff --git a/sql/log_event.cc b/sql/log_event.cc index d50c7cc8111..9b0f8e97a28 100644 --- a/sql/log_event.cc +++ b/sql/log_event.cc @@ -1960,8 +1960,7 @@ int Query_log_event::exec_event(struct st_relay_log_info* rli, db_ok(thd->db, replicate_do_db, replicate_ignore_db)) { thd->set_time((time_t)when); - thd->query_length= q_len_arg; - thd->query= (char*)query_arg; + thd->set_query((char*)query_arg, q_len_arg); VOID(pthread_mutex_lock(&LOCK_thread_count)); thd->query_id = next_query_id(); VOID(pthread_mutex_unlock(&LOCK_thread_count)); @@ -2164,7 +2163,6 @@ Default database: '%s'. Query: '%s'", } /* End of if (db_ok(... */ end: - VOID(pthread_mutex_lock(&LOCK_thread_count)); /* Probably we have set thd->query, thd->db, thd->catalog to point to places in the data_buf of this event. Now the event is going to be deleted @@ -2177,10 +2175,8 @@ end: */ thd->catalog= 0; thd->set_db(NULL, 0); /* will free the current database */ + thd->set_query(NULL, 0); DBUG_PRINT("info", ("end: query= 0")); - thd->query= 0; // just to be sure - thd->query_length= 0; - VOID(pthread_mutex_unlock(&LOCK_thread_count)); close_thread_tables(thd); free_root(thd->mem_root,MYF(MY_KEEP_PREALLOC)); /* @@ -3259,8 +3255,7 @@ int Load_log_event::exec_event(NET* net, struct st_relay_log_info* rli, print_query(FALSE, load_data_query, &end, (char **)&thd->lex->fname_start, (char **)&thd->lex->fname_end); *end= 0; - thd->query_length= (uint) (end - load_data_query); - thd->query= load_data_query; + thd->set_query(load_data_query, (uint) (end - load_data_query)); if (sql_ex.opt_flags & REPLACE_FLAG) { @@ -3366,12 +3361,9 @@ int Load_log_event::exec_event(NET* net, struct st_relay_log_info* rli, error: thd->net.vio = 0; const char *remember_db= thd->db; - VOID(pthread_mutex_lock(&LOCK_thread_count)); thd->catalog= 0; thd->set_db(NULL, 0); /* will free the current database */ - thd->query= 0; - thd->query_length= 0; - VOID(pthread_mutex_unlock(&LOCK_thread_count)); + thd->set_query(NULL, 0); close_thread_tables(thd); if (thd->query_error) { |