• Thirunarayanan Balathandayuthapani's avatar
    MDEV-27700 ASAN: Heap_use_after_free in btr_search_drop_page_hash_index() · c7f8cfc9
    Thirunarayanan Balathandayuthapani authored
    Reason:
    =======
    Race condition between btr_search_drop_hash_index() and
    btr_search_lazy_free(). One thread does resizing of buffer pool
    and clears the ahi on all pages in the buffer pool, frees the
    index and table while removing the last reference. At the same time,
    other thread access index->heap in btr_search_drop_hash_index().
    
    Solution:
    =========
    Acquire the respective ahi latch before checking index->freed()
    
    btr_search_drop_page_hash_index(): Added new parameter to indicate
    that drop ahi entries only if the index is marked as freed
    
    btr_search_check_marked_free_index(): Acquire all ahi latches and
    return true if the index was freed
    c7f8cfc9
buf0buf.cc 199 KB