MDEV-29544 SIGSEGV in HA_CREATE_INFO::finalize_locked_tables

Usually when we get into finalize_locked_tables() with error
m_locked_tables_count was not decremented. m_locked_tables_count is
decremented when we drop the original table and if we failed that
m_locked_tables_count is expected intact.

The bug comes from the fact that finalize_atomic_replace() violates
the above contract. It does HA_EXTRA_PREPARE_FOR_DROP and decrements
m_locked_tables_count. Then it tries rename_table_and_triggers() and
fails. With decremented m_locked_tables_count reopen_tables() does
nothing and we don't get new value for pos_in_locked_tables->table.

The test case demonstrates ER_ERROR_ON_RENAME where non-atomic CREATE
OR REPLACE would not fail. The original RENAME TABLE fails under such
broken environment, so nothing is wrong with atomic CREATE OR REPLACE
failing there too.

mysql-test/main/create_or_replace.result

@@ -891,3 +891,24 @@ select * from information_schema.innodb_sys_foreign;
 ID	FOR_NAME	REF_NAME	N_COLS	TYPE
 select * from information_schema.innodb_sys_foreign_cols;
 ID	FOR_COL_NAME	REF_COL_NAME	POS
+#
+# MDEV-29544 SIGSEGV in HA_CREATE_INFO::finalize_locked_tables
+#
+call mtr.add_suppression("mysql.innodb_index_stats");
+set sql_mode= '';
+create table t (x int) engine innodb;
+insert into t values (77);
+alter table mysql.innodb_index_stats modify stat_description char(10);
+Warnings:
+Warning	1265	Data truncated for column 'stat_description' at row 2
+Warning	1265	Data truncated for column 'stat_description' at row 3
+lock table t write;
+create or replace table t (y int);
+ERROR HY000: Error on rename of './test/t' to './test/#sql-backup-t' (errno: 168 "Unknown (generic) error from engine")
+unlock tables;
+alter table mysql.innodb_index_stats modify stat_description varchar(1024) not null;
+select * from t;
+x
+77
+drop table t;
+set sql_mode= default;