maria:bb-10.9-MDEV-31432-v2

Branch merges

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

75127e6... by Sergey Petrunia on 2023-08-14

MDEV-31432 tmp_table field accessed after free

Before this patch, the code in Item_field::print() used
this convention (described in sql_explain.h:ExplainDataStructureLifetime):

- By default, the table that Item_field refers to is accessible.
- ANALYZE and SHOW {EXPLAIN|ANALYZE} may print Items after some
  temporary tables have been dropped. They use
  QT_DONT_ACCESS_TMP_TABLES flag. When it is ON, Item_field::print
  will not access the table it refers to, if it is a temp.table

The bug was that EXPLAIN statement also may compute subqueries (depending
on subquery context and @@expensive_subquery_limit setting). After the
computation, the subquery calls JOIN::cleanup(true) which drops some of
its temporary tables. Calling Item_field::print() that refer to such table
will cause an access to free'd memory.

In this patch, we take into account that query optimization can compute
a subquery and discard its temporary tables. Item_field::print() now
assumes that any temporary table might have already been dropped.
This means QT_DONT_ACCESS_TMP_TABLES flag is not needed - we imply it is
always present.

But we also make one exception: derived tables are not freed in
JOIN::cleanup() call. They are freed later in close_thread_tables(),
at the same time when regular tables are closed.
Because of that, Item_field::print may assume that temp.tables
representing derived tables are available.

Initial patch by: Rex Jonston
Reviewed by: Monty <email address hidden>

27dc4cd... by Oleksandr "Sanja" Byelkin on 2023-08-08

Merge branch '10.6' into 10.9

d28d636... by Oleksandr "Sanja" Byelkin on 2023-08-08

Merge branch '10.5' into 10.6

8852afe... by Oleksandr "Sanja" Byelkin on 2023-08-08

Merge branch '10.4' into 10.5

0ede90d... by THIRUNARAYANAN BALATHANDAYUTHAPANI on 2023-08-08

MDEV-31869 Server aborts when table does drop column

- InnoDB aborts when table is dropping the column. This is
caused by 5f09b53bdb4e973e7c7ec2c53a24c98321223f98 (MDEV-31086).
While iterating the altered table fields, we fail to consider
the dropped columns.

2146541... by Oleksandr "Sanja" Byelkin on 2023-08-07

Merge branch '10.6' into 10.9

4bc9d50... by Oleksandr "Sanja" Byelkin on 2023-08-07

Merge branch '10.5' into 10.6

8adb610... by Sergei Golubchik on 2023-08-05

MDEV-31853 Assertion failure in Column_definition::check_vcol_for_key upon adding FK

when validating vcol's (default, check, etc) in ALTER TABLE
vcol_info->flags are modified in place. This means that if ALTER TABLE
fails for any reason we need to restore them to their original values.

(mroonga was freeing the memory on ::reset() but not on ::close())

998edc3... by Oleksandr "Sanja" Byelkin on 2023-08-04

Merge branch '10.6' into 10.9

c7b6707... by Oleksandr "Sanja" Byelkin on 2023-08-04

Merge branch '10.5' into 10.6