• Marko Mäkelä's avatar
    MDEV-16376 ASAN: heap-use-after-free in gcol.innodb_virtual_debug · 8dc70c86
    Marko Mäkelä authored
    After a failed ADD INDEX, dict_index_remove_from_cache_low()
    could iterate the index fields and dereference a freed virtual
    column object when trying to remove the index from the v_indexes
    of the virtual column.
    
    This regression was caused by a merge of
    MDEV-16119 InnoDB lock->index refers to a freed object.
    
    ha_innobase_inplace_ctx::clear_added_indexes(): Detach the
    indexes of uncommitted indexes from virtual columns, so that
    the iteration in dict_index_remove_from_cache_low() can be avoided.
    
    ha_innobase::prepare_inplace_alter_table(): Ignore uncommitted
    corrupted indexes when rejecting ALTER TABLE. (This minor bug was
    revealed by the extension of the test case.)
    
    dict_index_t::detach_columns(): Detach an index from virtual columns.
    Invoked by both dict_index_remove_from_cache_low() and
    ha_innobase_inplace_ctx::clear_added_indexes().
    
    dict_col_t::detach(const dict_index_t& index): Detach an index from
    a column.
    
    dict_col_t::is_virtual(): Replaces dict_col_is_virtual().
    
    dict_index_t::has_virtual(): Replaces dict_index_has_virtual().
    8dc70c86
dict0dict.h 69.9 KB