MDEV-23229 Read of Uninitialized memory during buffer pool resizing

commit b1ab211dee (MDEV-15053)
introduced the code to unfix the block earlier in buf_block_t::unfix().
After unfixing the block, InnoDB can withdraw the block from the
buffer pool and deallocate it while doing buffer pool resizing.
So subsequent assert could leads to uninitialized memory access of
block.

buf_block_t::unfix(): Unfix the block after checking the assert.
This commit is contained in:
Thirunarayanan Balathandayuthapani 2020-07-24 20:17:43 +05:30
parent a18639f1a9
commit 744919552c

View file

@ -1198,12 +1198,11 @@ struct buf_block_t{
void fix() { page.fix(); }
uint32_t unfix()
{
uint32_t fix_count= page.unfix();
ut_ad(fix_count || page.io_fix() != BUF_IO_NONE ||
ut_ad(page.buf_fix_count() || page.io_fix() != BUF_IO_NONE ||
page.state() == BUF_BLOCK_ZIP_PAGE ||
!rw_lock_own_flagged(&lock, RW_LOCK_FLAG_X | RW_LOCK_FLAG_S |
RW_LOCK_FLAG_SX));
return fix_count;
return page.unfix();
}
/** @return the physical size, in bytes */