MDEV-21223 innodb_fts.sync_ddl fails in buildbot, server crashed in que_thr_step

FreeState(): replace pointer to freed memory with NULL. This actually fixes a crash which is use-after-free as reported by ASAN DbugParse(): unconditionally lock mutex because we're touching shared init_settings.keywords
author: Eugene Kosov <claprix@yandex.ru> 2019-12-05 14:51:55 +0700
committer: Eugene Kosov <claprix@yandex.ru> 2019-12-10 21:16:21 +0700
commit: 4c0854f2211a034683afd3a2c1e4f8d020c6785a (patch)
tree: 0cb7350f7c6eca4cfeb437a1d027259ebeda785d /dbug
parent: af650c76a63838047b268d8106cd229438f6db92 (diff)
download: mariadb-git-4c0854f2211a034683afd3a2c1e4f8d020c6785a.tar.gz
1 files changed, 5 insertions, 2 deletions
diff --git a/dbug/dbug.c b/dbug/dbug.c
index cde6363c86a..e7bf69a14e5 100644
--- a/dbug/dbug.c
+++ b/dbug/dbug.c
@@ -511,9 +511,9 @@ static int DbugParse(CODE_STATE *cs, const char *control)
     {
       /* never share with the global parent - it can change under your feet */
       stack->functions= ListCopy(init_settings.functions);
-      LockIfInitSettings(cs);
+      LockMutex(cs);
       stack->keywords= ListCopy(init_settings.keywords);
-      UnlockIfInitSettings(cs);
+      UnlockMutex(cs);
       stack->processes= ListCopy(init_settings.processes);
     }
     else
@@ -1617,7 +1617,10 @@ static void FreeState(CODE_STATE *cs, int free_state)
   struct settings *state= cs->stack;
   LockIfInitSettings(cs);
   if (!is_shared(state, keywords))
+  {
     FreeList(state->keywords);
+    state->keywords= NULL;
+  }
   UnlockIfInitSettings(cs);
   if (!is_shared(state, functions))
     FreeList(state->functions);
author	Eugene Kosov <claprix@yandex.ru>	2019-12-05 14:51:55 +0700
committer	Eugene Kosov <claprix@yandex.ru>	2019-12-10 21:16:21 +0700
commit	4c0854f2211a034683afd3a2c1e4f8d020c6785a (patch)
tree	0cb7350f7c6eca4cfeb437a1d027259ebeda785d /dbug
parent	af650c76a63838047b268d8106cd229438f6db92 (diff)
download	mariadb-git-4c0854f2211a034683afd3a2c1e4f8d020c6785a.tar.gz