diff --git a/mysql-test/suite/rpl/r/bug85371.result b/mysql-test/suite/rpl/r/bug85371.result new file mode 100644 index 0000000..8cbccd7 --- /dev/null +++ b/mysql-test/suite/rpl/r/bug85371.result @@ -0,0 +1,31 @@ +include/rpl_init.inc [topology=1->3,3->2,1->2] +Warnings: +Note #### Sending passwords in plain text without SSL/TLS is extremely insecure. +Note #### Storing MySQL user name or password information in the master info repository is not secure and is therefore not recommended. Please consider using the USER and PASSWORD connection options for START SLAVE; see the 'START SLAVE Syntax' in the MySQL Manual for more information. +Warnings: +Note #### Sending passwords in plain text without SSL/TLS is extremely insecure. +Note #### Storing MySQL user name or password information in the master info repository is not secure and is therefore not recommended. Please consider using the USER and PASSWORD connection options for START SLAVE; see the 'START SLAVE Syntax' in the MySQL Manual for more information. +Warnings: +Note #### Sending passwords in plain text without SSL/TLS is extremely insecure. +Note #### Storing MySQL user name or password information in the master info repository is not secure and is therefore not recommended. Please consider using the USER and PASSWORD connection options for START SLAVE; see the 'START SLAVE Syntax' in the MySQL Manual for more information. +### Create some binlog events on server_1 +CREATE TABLE t1(a INT); +INSERT INTO t1 (a) VALUES (1), (2), (3), (4), (5); +INSERT INTO t1 (a) VALUES (6), (7), (8), (9), (10); +DROP TABLE t1; +### sync the server_3 with server_1 +[connection server_1] +include/sync_slave_sql_with_master.inc +### sync the server_2 with server_3 +[connection server_3] +include/sync_slave_sql_with_master.inc +### sync the server_2 with server_1 +### here crash must take place if the bug is not fixed +[connection server_1] +include/sync_slave_sql_with_master.inc +### finish replication +[connection server_1] +include/rpl_end.inc +RESET SLAVE ALL FOR CHANNEL 'channel_1'; +RESET SLAVE ALL FOR CHANNEL 'channel_3'; +RESET SLAVE ALL FOR CHANNEL 'channel_1'; diff --git a/mysql-test/suite/rpl/t/bug85371.cnf b/mysql-test/suite/rpl/t/bug85371.cnf new file mode 100644 index 0000000..4c44878 --- /dev/null +++ b/mysql-test/suite/rpl/t/bug85371.cnf @@ -0,0 +1,30 @@ +!include ../my.cnf + +[mysqld.1] +enforce-gtid-consistency=ON +gtid-mode=ON +master-info-repository=TABLE +relay-log-info-repository=TABLE +binlog-rows-query-log-events= ON +log-slave-updates + +[mysqld.2] +enforce-gtid-consistency=ON +gtid-mode=ON +master-info-repository=TABLE +relay-log-info-repository=TABLE +binlog-rows-query-log-events= ON +log-slave-updates + +[mysqld.3] +enforce-gtid-consistency=ON +gtid-mode=ON +master-info-repository=TABLE +relay-log-info-repository=TABLE +binlog-rows-query-log-events= ON +log-slave-updates + +[ENV] +SERVER_MYPORT_3= @mysqld.3.port +SERVER_MYSOCK_3= @mysqld.3.socket + diff --git a/mysql-test/suite/rpl/t/bug85371.test b/mysql-test/suite/rpl/t/bug85371.test new file mode 100644 index 0000000..7b06314 --- /dev/null +++ b/mysql-test/suite/rpl/t/bug85371.test @@ -0,0 +1,51 @@ +# +# In the case if the bug is not fixed the test will crash on assert +# in Rows_query_log_event::do_apply_event() on debug build. +# +--source include/have_binlog_format_row.inc +--source include/have_gtid.inc +--source include/not_group_replication_plugin.inc + +--let $rpl_topology= 1->3,3->2,1->2 +--let $rpl_multi_source= 1 +--let $use_gtids= 1 +--source include/rpl_init.inc + +--echo ### Create some binlog events on server_1 +--connection server_1 +CREATE TABLE t1(a INT); +INSERT INTO t1 (a) VALUES (1), (2), (3), (4), (5); +INSERT INTO t1 (a) VALUES (6), (7), (8), (9), (10); +DROP TABLE t1; + +--echo ### sync the server_3 with server_1 +--let $rpl_connection_name= server_1 +--source include/rpl_connection.inc + +--let $rpl_channel_name= channel_1 +--let $sync_slave_connection= server_3 +--source include/sync_slave_sql_with_master.inc + +--echo ### sync the server_2 with server_3 +--let $rpl_connection_name= server_3 +--source include/rpl_connection.inc + +--let $rpl_channel_name= channel_3 +--let $sync_slave_connection=server_2 +--source include/sync_slave_sql_with_master.inc + +--echo ### sync the server_2 with server_1 +--echo ### here crash must take place if the bug is not fixed +--let $rpl_connection_name= server_1 +--source include/rpl_connection.inc + +--let $rpl_channel_name= channel_1 +--let $sync_slave_connection= server_2 +--source include/sync_slave_sql_with_master.inc + +--echo ### finish replication +--let $rpl_connection_name= server_1 +--source include/rpl_connection.inc + +--let $rpl_skip_sync= 1 +--source include/rpl_end.inc diff --git a/sql/log_event.cc b/sql/log_event.cc index a9ea321..3b56fd4 100644 --- a/sql/log_event.cc +++ b/sql/log_event.cc @@ -10723,7 +10723,21 @@ int Rows_log_event::do_apply_event(Relay_log_info const *rli) DBUG_RETURN(-1); } else if (state == GTID_STATEMENT_SKIP) + { + if (rli->rows_query_ev) + { + /* + thd->m_query_string now points to the data from + rli->rows_query_ev->m_rows_query + (see Rows_query_log_event::do_apply_event()), don't let it point + to unallocated memory, reset query string first + */ + thd->reset_query(); + delete rli->rows_query_ev; + const_cast(rli)->rows_query_ev= NULL; + } DBUG_RETURN(0); + } /* The current statement is just about to begin and diff --git a/sql/rpl_rli.cc b/sql/rpl_rli.cc index eaff108..653a16d 100644 --- a/sql/rpl_rli.cc +++ b/sql/rpl_rli.cc @@ -1774,9 +1774,15 @@ void Relay_log_info::cleanup_context(THD *thd, bool error) } if (rows_query_ev) { + /* + thd->m_query_string now points to the data from + rli->rows_query_ev->m_rows_query + (see Rows_query_log_event::do_apply_event()), don't let it point + to unallocated memory, reset query string first + */ + info_thd->reset_query(); delete rows_query_ev; rows_query_ev= NULL; - info_thd->reset_query(); } m_table_map.clear_tables(); slave_close_thread_tables(thd);