MDEV-23229 Read of Uninitialized memory during buffer pool resizing

commit b1ab211d (MDEV-15053)
introduced the code to unfix the block earlier in buf_block_t::unfix().
After unfixing the block, InnoDB can withdraw the block from the
buffer pool and deallocate it while doing buffer pool resizing.
So subsequent assert could leads to uninitialized memory access of
block.

buf_block_t::unfix(): Unfix the block after checking the assert.
parent a18639f1
......@@ -1198,12 +1198,11 @@ struct buf_block_t{
void fix() { page.fix(); }
uint32_t unfix()
{
uint32_t fix_count= page.unfix();
ut_ad(fix_count || page.io_fix() != BUF_IO_NONE ||
ut_ad(page.buf_fix_count() || page.io_fix() != BUF_IO_NONE ||
page.state() == BUF_BLOCK_ZIP_PAGE ||
!rw_lock_own_flagged(&lock, RW_LOCK_FLAG_X | RW_LOCK_FLAG_S |
RW_LOCK_FLAG_SX));
return fix_count;
return page.unfix();
}
/** @return the physical size, in bytes */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment