Details
-
Bug
-
Status: Closed (View Workflow)
-
Major
-
Resolution: Fixed
-
None
-
None
-
Can result in unexpected behaviour
Description
MariaDB sometimes reports "index is corrupted" for encrypted Aria tables, but this appears to be a false positive caused by an off-by-one check in the encryption post-read hook.
Environment
- MariaDB 10.5.21
- Aria storage engine
- aria_encrypt_tables=ON
- Encryption plugin is loaded (custom MariaDB_ENCRYPTION_PLUGIN; key is stable and not rotated)
Symptoms / observed behavior
During massive INSERTs (order of ~1M rows) into an encrypted Aria table, the server occasionally fails with HA_ERR_DECRYPTION_FAILED raised from ma_crypt_index_post_read_hook(). The failure is not fully deterministic: the row number varies between runs. The issue is easier to reproduce when aria-block-size is smaller and/or when the page cache is small, because two conditions are needed:
1) a key page becomes completely full, and
2) the page is later read from disk (i.e. it was evicted from the cache; the hook runs on disk reads).
Debugging details
At the failure point:
- block_size = 4096
- CRC_SIZE = 4
- page_used = 4092
So page_used == block_size - CRC_SIZE (the page is full up to the CRC), which should be a valid state.
Root cause
In ma_crypt_index_post_read_hook(), the following condition treats a fully packed page as invalid:
if (res || |
page_used < share->keypage_header ||
|
page_used >= block_size - CRC_SIZE)
|
{
|
res= 1;
|
my_errno= HA_ERR_DECRYPTION_FAILED;
|
}
|
For page_used == block_size - CRC_SIZE the check triggers (due to >=), incorrectly raising HA_ERR_DECRYPTION_FAILED. This later bubbles up as "index corrupted".
The error was introduced in commit 3691cc15751b01afaa807de1fb6f83b75668c479 (storage/maria/ma_crypt.c, ma_crypt_index_post_read_hook).
Suggested fix
Change the upper bound check to allow equality, i.e. use:
page_used > block_size - CRC_SIZE
Attachments
Issue Links
- is part of
-
-
- Closed
-