mirror of
https://github.com/MariaDB/server.git
synced 2025-01-16 12:02:42 +01:00
f7552313d4
There are two TABLE objects in each thread: first one is created in delayed thread by Delayed_insert::open_and_lock_table(), second one is created in connection thread by Delayed_insert::get_local_table(). It is copied from the delayed thread table. When the second table is copied copy-assignment operator copies vcol_refix_list which is already filled with an item from delayed thread. Then get_local_table() adds its own item. Thus both tables contains the same list with two items which is wrong. Then connection thread finishes and its item freed. Then delayed thread tries to access it in vcol_cleanup_expr(). The fix just clears vcol_refix_list in the copied table. Another problem is that copied table contains the same mem_root, any allocations on it will be invalid if the original table is freed (and that is indeterministic as it is done in another thread). Since copied table is allocated in connection THD and lives not longer than thd->mem_root we may assign its mem_root from thd->mem_root. Third, it doesn't make sense to do open_and_lock_tables() on NULL pointer. |
||
|---|---|---|
| .. | ||
| inc | ||
| r | ||
| t | ||
| disabled.def | ||