MySQL Lists are EOL. Please join:

List:Commits« Previous MessageNext Message »
From:dlenev Date:July 28 2006 10:37am
Subject:bk commit into 5.0 tree (dlenev:1.2243) BUG#21216
View as plain text  
Below is the list of changes that have just been committed into a local
5.0 repository of dlenev. When dlenev does a push these changes will
be propagated to the main repository and, within 24 hours after the
push, to the public repository.
For information on how to access the public repository
see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html

ChangeSet@stripped, 2006-07-28 14:37:51+04:00, dlenev@stripped +3 -0
  Fix for bug#21216 "Simultaneous DROP TABLE and SHOW OPEN TABLES causes
  server to crash".
  
  Crash caused by assertion failure happened when one ran SHOW OPEN TABLES
  while concurrently doing DROP TABLE (or RENAME TABLE, CREATE TABLE LIKE
  or any other command that takes name-lock) in other connection.
  For non-debug version of server problem exposed itself as wrong output
  of SHOW OPEN TABLES statement (it was missing name-locked tables).
  Finally in 5.1 both debug and non-debug versions simply crashed in
  this situation due to NULL-pointer dereference.
  
  This problem was caused by the fact that table placeholders which were
  added to table cache in order to obtain name-lock had TABLE_SHARE::table_name
  set to 0. Therefore they broke assumption that this member is non-0 for
  all tables in table cache which was checked by assert in list_open_tables()
  (in 5.1 this function simply relies on it).
  The fix simply sets this member for such placeholders to appropriate value
  making this assumption true again. 
  
  This patch also includes test for similar bug 12212 "Crash that happens
  during removing of database name from cache" reappeared in 5.1 as bug 19403.

  mysql-test/r/drop.result@stripped, 2006-07-28 14:37:48+04:00, dlenev@stripped +13 -0
    Added test for bug#21216 "Simultaneous DROP TABLE and SHOW OPEN TABLES 
    causes server to crash" and bug#12212/19403 "Crash that happens during
    removing of database name from cache".

  mysql-test/t/drop.test@stripped, 2006-07-28 14:37:48+04:00, dlenev@stripped +41 -0
    Added test for bug#21216 "Simultaneous DROP TABLE and SHOW OPEN TABLES 
    causes server to crash" and bug#12212/19403 "Crash that happens during
    removing of database name from cache".

  sql/lock.cc@stripped, 2006-07-28 14:37:48+04:00, dlenev@stripped +4 -1
    lock_table_name():
      Our code assumes that TABLE_SHARE::table_name for objects in table cache
      is non-NULL (for example look at assertion in list_open_tables()). This
      was not true for table placeholders that were added to table cache for
      name-locking. So let us set this member for such placeholders.

# This is a BitKeeper patch.  What follows are the unified diffs for the
# set of deltas contained in the patch.  The rest of the patch, the part
# that BitKeeper cares about, is below these diffs.
# User:	dlenev
# Host:	mockturtle.local
# Root:	/home/dlenev/src/mysql-5.0-bg21216

--- 1.89/sql/lock.cc	2006-07-28 14:37:56 +04:00
+++ 1.90/sql/lock.cc	2006-07-28 14:37:56 +04:00
@@ -854,6 +854,7 @@ int lock_table_name(THD *thd, TABLE_LIST
   TABLE *table;
   char  key[MAX_DBKEY_LENGTH];
   char *db= table_list->db;
+  char *table_in_search_key;
   uint  key_length;
   HASH_SEARCH_STATE state;
   DBUG_ENTER("lock_table_name");
@@ -861,7 +862,8 @@ int lock_table_name(THD *thd, TABLE_LIST
 
   safe_mutex_assert_owner(&LOCK_open);
 
-  key_length=(uint) (strmov(strmov(key,db)+1,table_list->table_name)
+  key_length=(uint) (strmov((table_in_search_key= strmov(key, db) + 1),
+                            table_list->table_name)
 		     -key)+ 1;
 
 
@@ -883,6 +885,7 @@ int lock_table_name(THD *thd, TABLE_LIST
   table->s= &table->share_not_to_be_used;
   memcpy((table->s->table_cache_key= (char*) (table+1)), key, key_length);
   table->s->db= table->s->table_cache_key;
+  table->s->table_name= table->s->table_cache_key + (table_in_search_key - key);
   table->s->key_length=key_length;
   table->in_use=thd;
   table->locked_by_name=1;

--- 1.28/mysql-test/r/drop.result	2006-07-28 14:37:56 +04:00
+++ 1.29/mysql-test/r/drop.result	2006-07-28 14:37:56 +04:00
@@ -72,3 +72,16 @@ show tables;
 Tables_in_test
 t1
 drop table t1;
+drop database if exists mysqltest;
+drop table if exists t1;
+create table t1 (i int);
+lock tables t1 read;
+create database mysqltest;
+ drop table t1;
+show open tables;
+ drop database mysqltest;
+select 1;
+1
+1
+unlock tables;
+End of 5.0 tests

--- 1.22/mysql-test/t/drop.test	2006-07-28 14:37:56 +04:00
+++ 1.23/mysql-test/t/drop.test	2006-07-28 14:37:56 +04:00
@@ -81,3 +81,44 @@ show tables;
 drop table t1;
 
 # End of 4.1 tests
+
+
+#
+# Test for bug#21216 "Simultaneous DROP TABLE and SHOW OPEN TABLES causes
+# server to crash". Crash (caused by failed assertion in 5.0 or by null
+# pointer dereference in 5.1) happened when one ran SHOW OPEN TABLES
+# while concurrently doing DROP TABLE (or RENAME TABLE, CREATE TABLE LIKE
+# or any other command that takes name-lock) in other connection.
+# 
+# Also includes test for similar bug#12212 "Crash that happens during
+# removing of database name from cache" reappeared in 5.1 as bug#19403
+# In its case crash happened when one concurrently executed DROP DATABASE
+# and one of name-locking command.
+# 
+--disable_warnings
+drop database if exists mysqltest;
+drop table if exists t1;
+--enable_warnings
+create table t1 (i int);
+lock tables t1 read;
+create database mysqltest;
+connect (addconroot1, localhost, root,,);
+--send drop table t1
+connect (addconroot2, localhost, root,,);
+# Server should not crash in any of the following statements
+--disable_result_log
+show open tables;
+--enable_result_log
+--send drop database mysqltest
+connection default;
+select 1;
+unlock tables;
+connection addconroot1;
+--reap
+connection addconroot2;
+--reap
+disconnect addconroot1;
+disconnect addconroot2;
+connection default;
+
+--echo End of 5.0 tests
Thread
bk commit into 5.0 tree (dlenev:1.2243) BUG#21216dlenev28 Jul