Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-22388

Corrupted undo log record leads to server crash

    XMLWordPrintable

    Details

      Description

      The function trx_undo_rec_copy() calculates the size of the undo log record by assuming that it has been passed a valid pointer to an undo log record in an undo page. Sometimes this does not hold. The error might be caught by an assertion (only in debug builds) or by a failure to allocate a large amount of memory.

      Perhaps the function should also take a const buf_block_t& parameter to identify the buffer pool page, and perform some consistency checks? Its callers should check for an error value (a null pointer would seem to be appropriate) and deal accordingly.

      • In purge, we should probably just skip the undo log record and move on.
      • On MVCC read, we should return an error that the undo log is corrupted.
      • On ROLLBACK, we should probably write a message to the error log and not release any locks. Fixing this would require manual intervention.

      This ticket is motivated by some MySQL 5.7.30 code changes in this area:
      Bug #29448406 TRX_UNDO_REC_COPY NEEDLESSLY RELIES ON BUFFER POOL PAGE ALIGNMENT

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              marko Marko Mäkelä
              Reporter:
              marko Marko Mäkelä
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Dates

                Created:
                Updated:

                  Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.