Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-12699

Improve crash recovery of corrupted data pages

Details

    • 10.2.11

    Description

      If a page cannot be decrypted (or read) during crash recovery, InnoDB should cleanly abort the startup. If innodb_force_recovery is specified, we should ignore the problematic page and apply redo log to other pages.

      If there is a MLOG_INIT_FILE_PAGE or MLOG_ZIP_PAGE_COMPRESS record for a corrupted page, we can always safely ignore the previous page contents and apply the redo log. There is no need to read a page from the data file when applying MLOG_INIT_FILE_PAGE or MLOG_ZIP_PAGE_COMPRESS.

      Currently in 10.2, the test encryption.innodb-redo-badkey randomly fails, possibly because of this. Also, the test innodb.innodb_bug14147491 needs to be extended.

      Attachments

        Issue Links

          blocks

          Bug - A problem which impairs or prevents the functions of the product. MDEV-19738 Doublewrite buffer is unnecessarily used for newly (re)initialized pages

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed
          causes

          Bug - A problem which impairs or prevents the functions of the product. MDEV-20688 Recovery crashes after unnecessarily reading a corrupted page

          • Major - Major loss of function.
          • Closed
          is blocked by

          Bug - A problem which impairs or prevents the functions of the product. MDEV-19241 InnoDB fails to write MLOG_INDEX_LOAD upon completing ALTER TABLE

          • Major - Major loss of function.
          • Closed
          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. MDEV-12898 encryption.innodb-redo-badkey failed in buildbot, server hung on startup

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-14079 encryption.innodb-force-corrupt failed in buildbot

          • Major - Major loss of function.
          • Closed
          relates to

          Bug - A problem which impairs or prevents the functions of the product. MDEV-12700 Allow innodb_read_only startup without prior slow shutdown

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-12750 Fix crash recovery of key rotation

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-15528 Avoid writing freed InnoDB pages

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. MDEV-18976 Implement a CHECKSUM redo log record for improved validation

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-19541 InnoDB crashes when trying to recover a corrupted page

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. MDEV-19586 Replace recv_sys_t::addr_hash with a std::map

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-19739 Avoid unnecessary page reads on recovery with innodb_log_optimize_ddl=ON

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-20755 InnoDB: Database page corruption on disk or a failed file read of tablespace upon prepare of mariabackup incremental backup

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-21572 buf_page_get_gen() should apply buffered page initialized redo log during recovery

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Task - A task that needs to be done. MDEV-23971 add the ability to fix corrupted pages on --prepare

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-10217 innodb.innodb_bug59641 fails sporadically in buildbot: InnoDB: Failing assertion: current_rec != insert_rec in file page0cur.c line 1052

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Task - A task that needs to be done. MDEV-11125 Introduce a reduced doublewrite mode, handling error detection only

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-11808 innodb.innodb_bug14147491 failed in buildbot

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-12253 Buffer pool blocks are accessed after they have been freed

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. MDEV-12353 Efficient InnoDB redo log record format

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-12627 innodb.innodb_bug14147491 does not do proper cleanup

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-13823 innodb.log_data_file_size fails on buildbot with warnings intermittently

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-13872 innodb.innodb-64k-crash failed in buildbot with error on startup and SIGSEGV

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-13893 encryption.innodb-redo-badkey failed in buildbot with page cannot be decrypted

          • Major - Major loss of function.
          • Closed

          Task - A task that needs to be done. MDEV-14425 Change the InnoDB redo log format to reduce write amplification

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed

          Task - A task that needs to be done. MDEV-14481 Execute InnoDB crash recovery in the background

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-16941 innodb_gis.kill_server failed in buildbot with checksum mismatch in datafile

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-19335 Removal of encrypted from buf_page_t

          • Major - Major loss of function.
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. MDEV-19374 innodb.table_flags failed in buildbot with Server failed to restart

          • Major - Major loss of function.
          • Closed

          Activity

            Ascending order - Click to sort in descending order
            View 4 older comments
            marko Marko Mäkelä added a comment -

            Testing the fix should include running ./mtr encryption.innodb-redo-badkey, which is currently disabled due to MDEV-13893.

            marko Marko Mäkelä added a comment - Testing the fix should include running ./mtr encryption.innodb-redo-badkey , which is currently disabled due to MDEV-13893 .
            thiru Thirunarayanan Balathandayuthapani added a comment - 

            --source include/have_file_key_management.inc
            		 
             
            		 
            CREATE TABLE t1(c VARCHAR(128)) ENGINE INNODB, encrypted=yes;
            		 
            insert into t1 select repeat('a',100);
            		 
             
            		 
            let $restart_parameters = --innodb_flush_log_at_trx_commit=1;
            		 
            --source include/restart_mysqld.inc
            		 
             
            		 
            let $MYSQLD_DATADIR=`select @@datadir`;
            		 
            let t1_IBD = $MYSQLD_DATADIR/test/t1.ibd;
            		 
             
            		 
            insert into t1 select repeat('b', 100);
            		 
             
            		 
            --source include/kill_mysqld.inc
            		 
             
            		 
            --echo # Corrupt the table
            		 
             
            		 
            perl;
            		 
            use strict;
            		 
            use warnings;
            		 
            use Fcntl qw(:DEFAULT :seek);
            		 
             
            		 
            my $ibd_file = $ENV{'t1_IBD'};
            		 
             
            		 
            my $chunk;
            		 
            my $len;
            		 
             
            		 
            sysopen IBD_FILE, $ibd_file, O_RDWR || die "Unable to open $ibd_file";
            		 
            sysseek IBD_FILE, 16384 * 3, SEEK_CUR;
            		 
            $chunk = '\xAA\xAA\xAA\xAA';
            		 
            syswrite IBD_FILE, $chunk, 4;
            		 
             
            		 
            close IBD_FILE;
            		 
            EOF
            		 
             
            		 
            #--exec $INNOCHECKSUM $MYSQLD_DATADIR/test/t1.ibd
            		 
             
            		 
            --source include/start_mysqld.inc
            		 
             
            		 
            SELECT * FROM t1;

            The above test case will make the server recovery hang because the read page is corrupted and it fails to decrypt.

            thiru Thirunarayanan Balathandayuthapani added a comment - --source include/have_file_key_management.inc   CREATE TABLE t1(c VARCHAR(128)) ENGINE INNODB, encrypted=yes; insert into t1 select repeat('a',100);   let $restart_parameters = --innodb_flush_log_at_trx_commit=1; --source include/restart_mysqld.inc   let $MYSQLD_DATADIR=`select @@datadir`; let t1_IBD = $MYSQLD_DATADIR/test/t1.ibd;   insert into t1 select repeat('b', 100);   --source include/kill_mysqld.inc   --echo # Corrupt the table   perl; use strict; use warnings; use Fcntl qw(:DEFAULT :seek);   my $ibd_file = $ENV{'t1_IBD'};   my $chunk; my $len;   sysopen IBD_FILE, $ibd_file, O_RDWR || die "Unable to open $ibd_file"; sysseek IBD_FILE, 16384 * 3, SEEK_CUR; $chunk = '\xAA\xAA\xAA\xAA'; syswrite IBD_FILE, $chunk, 4;   close IBD_FILE; EOF   #--exec $INNOCHECKSUM $MYSQLD_DATADIR/test/t1.ibd   --source include/start_mysqld.inc   SELECT * FROM t1; The above test case will make the server recovery hang because the read page is corrupted and it fails to decrypt.
            marko Marko Mäkelä added a comment -

            The MDEV-15528 record MLOG_INIT_FREE_PAGE should be handled in a similar way as MLOG_INIT_FILE_PAGE2 or MLOG_ZIP_PAGE_COMPRESS that is encountered in a complete mini-transaction: discard any preceding records for the page, and do not load the page to the buffer pool.

            marko Marko Mäkelä added a comment - The MDEV-15528 record MLOG_INIT_FREE_PAGE should be handled in a similar way as MLOG_INIT_FILE_PAGE2 or MLOG_ZIP_PAGE_COMPRESS that is encountered in a complete mini-transaction: discard any preceding records for the page, and do not load the page to the buffer pool.
            marko Marko Mäkelä added a comment -

            I fixed some concurrency issues that caused intermittent recovery failures, and cleaned up both the existing and new code. I pushed to buildbot for final testing, and expect to push to 10.2 tomorrow.

            marko Marko Mäkelä added a comment - I fixed some concurrency issues that caused intermittent recovery failures, and cleaned up both the existing and new code. I pushed to buildbot for final testing, and expect to push to 10.2 tomorrow.
            marko Marko Mäkelä added a comment -

            I have pushed preparatory refactoring and cleanup to 10.2 and merged to 10.3.

            A merge to 10.4 along with a test of MLOG_INIT_FREE_PAGE revealed corruption, which I think we must fix before pushing the actual fix to main trees. Also, some corruption became more frequent in mariabackup tests. Hopefully these corruptions are related.

            marko Marko Mäkelä added a comment - I have pushed preparatory refactoring and cleanup to 10.2 and merged to 10.3. A merge to 10.4 along with a test of MLOG_INIT_FREE_PAGE revealed corruption , which I think we must fix before pushing the actual fix to main trees. Also, some corruption became more frequent in mariabackup tests. Hopefully these corruptions are related.

            People

              marko Marko Mäkelä
              marko Marko Mäkelä
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.