summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--mysql-test/main/query_cache.result4
-rw-r--r--mysql-test/main/query_cache.test7
-rw-r--r--mysys/my_malloc.c2
-rw-r--r--storage/innobase/btr/btr0cur.cc8
-rw-r--r--storage/innobase/fil/fil0crypt.cc21
-rw-r--r--storage/innobase/fsp/fsp0fsp.cc4
-rw-r--r--storage/innobase/ibuf/ibuf0ibuf.cc1
-rw-r--r--storage/innobase/lock/lock0lock.cc4
-rw-r--r--storage/innobase/log/log0recv.cc1
9 files changed, 40 insertions, 12 deletions
diff --git a/mysql-test/main/query_cache.result b/mysql-test/main/query_cache.result
index fc7ca726c48..bff04de6520 100644
--- a/mysql-test/main/query_cache.result
+++ b/mysql-test/main/query_cache.result
@@ -2207,6 +2207,10 @@ Variable_name Value
Qcache_queries_in_cache 0
DROP FUNCTION foo;
drop table t1;
+#
+# MDEV-24858 SIGABRT in DbugExit from my_malloc in Query_cache::init_cache Regression
+#
+set global Query_cache_size=18446744073709547520;
restore defaults
SET GLOBAL query_cache_type= default;
SET GLOBAL query_cache_size=@save_query_cache_size;
diff --git a/mysql-test/main/query_cache.test b/mysql-test/main/query_cache.test
index 6e113f0cdb7..4d769b46213 100644
--- a/mysql-test/main/query_cache.test
+++ b/mysql-test/main/query_cache.test
@@ -1800,6 +1800,13 @@ show status like "Qcache_queries_in_cache";
DROP FUNCTION foo;
drop table t1;
+--echo #
+--echo # MDEV-24858 SIGABRT in DbugExit from my_malloc in Query_cache::init_cache Regression
+--echo #
+--disable_warnings
+set global Query_cache_size=18446744073709547520;
+--enable_warnings
+
--echo restore defaults
SET GLOBAL query_cache_type= default;
SET GLOBAL query_cache_size=@save_query_cache_size;
diff --git a/mysys/my_malloc.c b/mysys/my_malloc.c
index 4f378ba8603..befdcb0e5c3 100644
--- a/mysys/my_malloc.c
+++ b/mysys/my_malloc.c
@@ -79,7 +79,7 @@ void *my_malloc(PSI_memory_key key, size_t size, myf my_flags)
if (!size)
size=1;
if (size > SIZE_T_MAX - 1024L*1024L*16L) /* Wrong call */
- return 0;
+ DBUG_RETURN(0);
/* We have to align size as we store MY_THREAD_SPECIFIC flag in the LSB */
size= ALIGN_SIZE(size);
diff --git a/storage/innobase/btr/btr0cur.cc b/storage/innobase/btr/btr0cur.cc
index bb2124d118d..3f20c23c6b2 100644
--- a/storage/innobase/btr/btr0cur.cc
+++ b/storage/innobase/btr/btr0cur.cc
@@ -803,11 +803,13 @@ btr_cur_optimistic_latch_leaves(
mode, nullptr, BUF_GET_POSSIBLY_FREED,
mtr, &err);
- if (err == DB_DECRYPTION_FAILED) {
+ if (!cursor->left_block) {
cursor->index->table->file_unreadable = true;
}
- if (btr_page_get_next(cursor->left_block->frame)
+ if (cursor->left_block->page.status
+ == buf_page_t::FREED
+ || btr_page_get_next(cursor->left_block->frame)
!= curr_page_no) {
/* release the left block */
btr_leaf_page_release(
@@ -6067,7 +6069,7 @@ btr_estimate_n_rows_in_range_on_level(
ut_ad((block != NULL) == (err == DB_SUCCESS));
- if (err != DB_SUCCESS) {
+ if (!block) {
if (err == DB_DECRYPTION_FAILED) {
ib_push_warning((void *)NULL,
DB_DECRYPTION_FAILED,
diff --git a/storage/innobase/fil/fil0crypt.cc b/storage/innobase/fil/fil0crypt.cc
index bca3945dcf6..ec8ea6cbe00 100644
--- a/storage/innobase/fil/fil0crypt.cc
+++ b/storage/innobase/fil/fil0crypt.cc
@@ -1000,6 +1000,9 @@ fil_crypt_read_crypt_data(fil_space_t* space)
nullptr,
BUF_GET_POSSIBLY_FREED,
&mtr)) {
+ if (block->page.status == buf_page_t::FREED) {
+ goto func_exit;
+ }
mysql_mutex_lock(&fil_system.mutex);
if (!space->crypt_data && !space->is_stopping()) {
space->crypt_data = fil_space_read_crypt_data(
@@ -1007,6 +1010,7 @@ fil_crypt_read_crypt_data(fil_space_t* space)
}
mysql_mutex_unlock(&fil_system.mutex);
}
+func_exit:
mtr.commit();
}
@@ -1059,6 +1063,9 @@ func_exit:
page_id_t(space->id, 0), space->zip_size(),
RW_X_LATCH, NULL, BUF_GET_POSSIBLY_FREED,
&mtr, &err)) {
+ if (block->page.status == buf_page_t::FREED) {
+ goto abort;
+ }
crypt_data->type = CRYPT_SCHEME_1;
crypt_data->min_key_version = 0; // all pages are unencrypted
@@ -1798,7 +1805,10 @@ fil_crypt_rotate_page(
const lsn_t block_lsn = mach_read_from_8(FIL_PAGE_LSN + frame);
uint kv = buf_page_get_key_version(frame, space->flags);
- if (space->is_stopping()) {
+ if (block->page.status == buf_page_t::FREED) {
+ /* Do not modify freed pages to avoid an assertion
+ failure on recovery.*/
+ } else if (space->is_stopping()) {
/* The tablespace is closing (in DROP TABLE or
TRUNCATE TABLE or similar): avoid further access */
} else if (!kv && !*reinterpret_cast<uint16_t*>
@@ -1827,9 +1837,6 @@ fil_crypt_rotate_page(
some dummy pages will be allocated, with 0 in
the FIL_PAGE_TYPE. Those pages should be
skipped from key rotation forever. */
- } else if (block->page.status == buf_page_t::FREED) {
- /* Do not modify freed pages to avoid an assertion
- failure on recovery.*/
} else if (fil_crypt_needs_rotation(
crypt_data,
kv,
@@ -1982,8 +1989,10 @@ fil_crypt_flush_space(
if (buf_block_t* block = buf_page_get_gen(
page_id_t(space->id, 0), space->zip_size(),
RW_X_LATCH, NULL, BUF_GET_POSSIBLY_FREED, &mtr)) {
- mtr.set_named_space(space);
- crypt_data->write_page0(block, &mtr);
+ if (block->page.status != buf_page_t::FREED) {
+ mtr.set_named_space(space);
+ crypt_data->write_page0(block, &mtr);
+ }
}
mtr.commit();
diff --git a/storage/innobase/fsp/fsp0fsp.cc b/storage/innobase/fsp/fsp0fsp.cc
index e783bcfd29b..5ef65564b64 100644
--- a/storage/innobase/fsp/fsp0fsp.cc
+++ b/storage/innobase/fsp/fsp0fsp.cc
@@ -411,6 +411,10 @@ xdes_get_descriptor_const(
nullptr,
BUF_GET_POSSIBLY_FREED,
mtr)) {
+ if (block->page.status == buf_page_t::FREED) {
+ return nullptr;
+ }
+
ut_ad(page != 0 || space->free_limit == mach_read_from_4(
FSP_FREE_LIMIT + FSP_HEADER_OFFSET
+ block->frame));
diff --git a/storage/innobase/ibuf/ibuf0ibuf.cc b/storage/innobase/ibuf/ibuf0ibuf.cc
index 59bd47851b7..766f4b233a2 100644
--- a/storage/innobase/ibuf/ibuf0ibuf.cc
+++ b/storage/innobase/ibuf/ibuf0ibuf.cc
@@ -4195,6 +4195,7 @@ void ibuf_merge_or_delete_for_page(buf_block_t *block, const page_id_t page_id,
if (bitmap_bits && fseg_page_is_free(
space, page_id.page_no())) {
ibuf_mtr_start(&mtr);
+ mtr.set_named_space(space);
ibuf_reset_bitmap(block, page_id, zip_size, &mtr);
ibuf_mtr_commit(&mtr);
bitmap_bits = 0;
diff --git a/storage/innobase/lock/lock0lock.cc b/storage/innobase/lock/lock0lock.cc
index 223783a11bc..591091bb0e1 100644
--- a/storage/innobase/lock/lock0lock.cc
+++ b/storage/innobase/lock/lock0lock.cc
@@ -4631,8 +4631,8 @@ static void lock_rec_block_validate(const page_id_t page_id)
<< page_id << " err " << err;
}
- ut_ad(!block || lock_rec_validate_page(block,
- space->is_latched()));
+ ut_ad(!block || block->page.status == buf_page_t::FREED
+ || lock_rec_validate_page(block, space->is_latched()));
mtr_commit(&mtr);
diff --git a/storage/innobase/log/log0recv.cc b/storage/innobase/log/log0recv.cc
index d162c585b47..f8223d0ddee 100644
--- a/storage/innobase/log/log0recv.cc
+++ b/storage/innobase/log/log0recv.cc
@@ -2425,6 +2425,7 @@ set_start_lsn:
any buffered changes. */
init->created = false;
ut_ad(!mtr.has_modifications());
+ block->page.status = buf_page_t::FREED;
}
/* Make sure that committing mtr does not change the modification