MDEV-29322 ASAN heap-use-after-free in Query_log_event::do_apply_event

The ASAN report was made in the parallel slave execution of a query event and implicitly involved (so also parallelly run) Format-Description event. The Query actually had unexpected impossible dependency on a preceding "old" FD whose instance got destructed, to cause the ASAN error. The case is fixed with storing the FD's value into Query-log-event at its instantiating on slave. The stored value is from the very FD of the Query's original binlog so remains to be correct at the query event applying. The branch C. of a new rpl_parallel_29322.test also demonstrates (may need few --repeat though) the bug in its simple form of the same server version binlog.
author: Andrei <andrei.elkin@mariadb.com> 2022-08-30 00:26:20 +0300
committer: Andrei <andrei.elkin@mariadb.com> 2022-09-07 20:35:43 +0300
commit: 5563202089e78855ad9295a3526a70e766d8a42d (patch)
tree: 6915bcd142b3b73ab59e4f07251fd627da09fb64 /sql/log_event.h
parent: 80cf7a4c43209a91ac6514ac3ea0dd0b592e17f0 (diff)
download: mariadb-git-5563202089e78855ad9295a3526a70e766d8a42d.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/sql/log_event.h b/sql/log_event.h
index 4c2ee3e484e..096d8587848 100644
--- a/sql/log_event.h
+++ b/sql/log_event.h
@@ -2088,7 +2088,7 @@ public:
     flags2==0 (5.0 master, we know this has a meaning of flags all down which
     must influence the query).
   */
-  bool flags2_inited;
+  uint32 flags2_inited;
   bool sql_mode_inited;
   bool charset_inited;
author	Andrei <andrei.elkin@mariadb.com>	2022-08-30 00:26:20 +0300
committer	Andrei <andrei.elkin@mariadb.com>	2022-09-07 20:35:43 +0300
commit	5563202089e78855ad9295a3526a70e766d8a42d (patch)
tree	6915bcd142b3b73ab59e4f07251fd627da09fb64 /sql/log_event.h
parent	80cf7a4c43209a91ac6514ac3ea0dd0b592e17f0 (diff)
download	mariadb-git-5563202089e78855ad9295a3526a70e766d8a42d.tar.gz