Dereference of deallocated NAString in UPDATE STATISTICS can cause cores

In ustat/hs_globals.cpp, the HSColGroupStruct destructor deletes the colNames member (an NAString), then calls HSColGroupStruct::freeISMemory. If logging is on (which is the default nowadays), the latter method dereferences colNames, calling its data() method. NAString :: data() adds a null terminator to the end of its string; in a deleted NAString, this can result in the corruption of a heap boundary tag. This seems to only happen in the case where the original string did not fit into the small_ buffer of the NAString (which happens when column names are sufficiently long, e.g. multi-column histograms) and then only rarely.

The fix is to defer deleting colNames until after freeISMemory is called.