From: Date: December 1 2008 8:38pm
Subject: bzr commit into mysql-4.1 branch (timothy.smith:2707) Bug#27294
List-Archive: http://lists.mysql.com/commits/60323
X-Bug: 27294
Message-Id: <20081201193826.0A9E1208C3@ramayana.localdomain>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7BIT

#At file:///home/tsmith/m/bzr/41-b27294/ based on revid:bteam@astra04-20081127100024-7gha8r7jytu1b87y

 2707 Timothy Smith	2008-12-01
      Bug #27294: crash with innodb_locks_unsafe_for_binlog=1
      
      Back-port 5.0 fix to 4.1.  Fix Bug#27294 by using trx returned by
      check_trx_exists() instead of prebuilt->trx. This has been fixed in 5.1 in
      r782.
modified:
  sql/ha_innodb.cc

=== modified file 'sql/ha_innodb.cc'
--- a/sql/ha_innodb.cc	2006-08-10 14:55:20 +0000
+++ b/sql/ha_innodb.cc	2008-12-01 19:37:04 +0000
@@ -5516,6 +5516,13 @@ ha_innobase::store_lock(
 						'lock' */
 {
 	row_prebuilt_t* prebuilt	= (row_prebuilt_t*) innobase_prebuilt;
+	trx_t*		trx;
+
+	/* Note that trx in this function is NOT necessarily prebuilt->trx
+	because we call update_thd() later, in ::external_lock()! Failure to
+	understand this caused a serious memory corruption bug in 5.1.11. */
+
+	trx = check_trx_exists(thd);
 
 	if ((lock_type == TL_READ && thd->in_lock_tables) ||
 	    (lock_type == TL_READ_HIGH_PRIORITY && thd->in_lock_tables) ||
@@ -5537,7 +5544,7 @@ ha_innobase::store_lock(
 		case may get strengthened in ::external_lock() to LOCK_X. */
 
 		if (srv_locks_unsafe_for_binlog &&
-		    prebuilt->trx->isolation_level != TRX_ISO_SERIALIZABLE &&
+		    trx->isolation_level != TRX_ISO_SERIALIZABLE &&
 		    (lock_type == TL_READ || lock_type == TL_READ_NO_INSERT) &&
 		    thd->lex->sql_command != SQLCOM_SELECT &&
 		    thd->lex->sql_command != SQLCOM_UPDATE_MULTI &&