List:Commits« Previous MessageNext Message »
From:marko.makela Date:January 25 2011 9:54am
Subject:bzr commit into mysql-5.1-innodb branch (marko.makela:3690) Bug#59464
View as plain text  
#At file:///home/marko/innobase/dev/mysql2a/5.1-innodb/ based on revid:marko.makela@strippedncnbm8ynzjy7

 3690 Marko Mäkelä	2011-01-25
      Bug#59464 Race condition in row_vers_build_for_semi_consistent_read
      
      row_vers_build_for_semi_consistent_read(): Dereference version_trx before
      releasing kernel_mutex, but not thereafter.

    modified:
      storage/innobase/row/row0vers.c
      storage/innodb_plugin/ChangeLog
      storage/innodb_plugin/row/row0vers.c
=== modified file 'storage/innobase/row/row0vers.c'
--- a/storage/innobase/row/row0vers.c	revid:marko.makela@stripped110125075618-2y2dncnbm8ynzjy7
+++ b/storage/innobase/row/row0vers.c	revid:marko.makela@strippedme5ynezoivygr8t
@@ -593,11 +593,15 @@ row_vers_build_for_semi_consistent_read(
 
 		mutex_enter(&kernel_mutex);
 		version_trx = trx_get_on_id(version_trx_id);
+		if (version_trx
+		    && (version_trx->conc_state == TRX_COMMITTED_IN_MEMORY
+			|| version_trx->conc_state == TRX_NOT_STARTED)) {
+
+			version_trx = NULL;
+		}
 		mutex_exit(&kernel_mutex);
 
-		if (!version_trx
-		    || version_trx->conc_state == TRX_NOT_STARTED
-		    || version_trx->conc_state == TRX_COMMITTED_IN_MEMORY) {
+		if (!version_trx) {
 
 			/* We found a version that belongs to a
 			committed transaction: return it. */

=== modified file 'storage/innodb_plugin/ChangeLog'
--- a/storage/innodb_plugin/ChangeLog	revid:marko.makela@stripped2y2dncnbm8ynzjy7
+++ b/storage/innodb_plugin/ChangeLog	revid:marko.makela@stripped8t
@@ -1,5 +1,10 @@
 2011-01-25	The InnoDB Team
 
+	* row/row0vers.c:
+	Fix Bug#59464 Race condition in row_vers_build_for_semi_consistent_read
+
+2011-01-25	The InnoDB Team
+
 	* btr/btr0btr.c, btr/btr0cur.c, btr/btr0sea.c,
 	buf/buf0buddy.c, buf/buf0buf.c, buf/buf0lru.c,
 	include/buf0buf.h, include/buf0buf.ic, include/buf0lru.h,

=== modified file 'storage/innodb_plugin/row/row0vers.c'
--- a/storage/innodb_plugin/row/row0vers.c	revid:marko.makela@oracle.com-20110125075618-2y2dncnbm8ynzjy7
+++ b/storage/innodb_plugin/row/row0vers.c	revid:marko.makela@stripped20110125095450-cme5ynezoivygr8t
@@ -669,11 +669,15 @@ row_vers_build_for_semi_consistent_read(
 
 		mutex_enter(&kernel_mutex);
 		version_trx = trx_get_on_id(version_trx_id);
+		if (version_trx
+		    && (version_trx->conc_state == TRX_COMMITTED_IN_MEMORY
+			|| version_trx->conc_state == TRX_NOT_STARTED)) {
+
+			version_trx = NULL;
+		}
 		mutex_exit(&kernel_mutex);
 
-		if (!version_trx
-		    || version_trx->conc_state == TRX_NOT_STARTED
-		    || version_trx->conc_state == TRX_COMMITTED_IN_MEMORY) {
+		if (!version_trx) {
 
 			/* We found a version that belongs to a
 			committed transaction: return it. */

Attachment: [text/bzr-bundle] bzr/marko.makela@oracle.com-20110125095450-cme5ynezoivygr8t.bundle
Thread
bzr commit into mysql-5.1-innodb branch (marko.makela:3690) Bug#59464marko.makela25 Jan