innodb_blob_unrecoverable_crash.test
[MDEV-4662] InnoDB: Use of large externally-stored fields makes crash recovery lose data Created: 2013-06-14 Updated: 2014-11-10 Resolved: 2014-11-10 |
|
| Status: | Closed |
| Project: | MariaDB Server |
| Component/s: | Storage Engine - InnoDB |
| Affects Version/s: | 10.0.3, 5.5.31 |
| Fix Version/s: | 10.0.14 |
| Type: | Bug | Priority: | Major |
| Reporter: | Jeremy Cole | Assignee: | Unassigned |
| Resolution: | Fixed | Votes: | 0 |
| Labels: | upstream-fixed | ||
| Environment: |
All |
||
| Attachments: |
innodb_blob_unrecoverable_crash.test
|
| Description |
|
When too-large blob fields are used, this is noted to the administrator in a rather innocuous looking message: InnoDB: ERROR: the age of the last checkpoint is XXX, I would have expected that this means that InnoDB is stalling in order to make more space in its redo logs. However, what it actually means is that InnoDB has overwritten its most recent checkpoint in its redo logs. This compromises crash recovery, potentially causing data loss (or even metadata loss, such as writes to data dictionary tables or system tablespace data). This is easily reproducible using the attached test case. This appears to happen because externally-stored fields are always written in a single batch to the redo logs, all while holding the log mutex, thus making it impossible to checkpoint during that write. There are several possible solutions to this: 1. Allow flushing to "catch up" and checkpoint during large external field writes. This will involve releasing the log mutex during the write, which is likely complex. 2. Disallow (at least optionally) such large writes. Disallowing external field writes which sum to more than 10% of the total redo log space will in theory prevent this problem, because log_free_check() is called before the write of the external field, and (although it has some races) it should ensure that 10% of the log space is available before starting the write. This issue exists in all versions of MySQL and MariaDB. |
| Comments |
| Comment by Elena Stepanova [ 2013-06-14 ] | ||||||||||||||||||||||
|
I think it was even documented somewhere, wasn't it? | ||||||||||||||||||||||
| Comment by Jeremy Cole [ 2013-06-14 ] | ||||||||||||||||||||||
|
Elena: There have been a few bug reports about this, but none of them have touched on the core issue that this compromises the actual ACID properties of InnoDB itself. Personally I would rather have InnoDB assert itself with "durability may be compromised by continuing" rather than its current situation which could best be described as "keep going and hope for the best". Most of the bug reports have been either "Can't repeat" or have had people increase their logs and "it doesn't happen anymore". This bug report was a first effort to discuss the actual problem and propose some fixes. | ||||||||||||||||||||||
| Comment by Jeremy Cole [ 2013-06-14 ] | ||||||||||||||||||||||
|
Also reported as: http://bugs.mysql.com/bug.php?id=69477 | ||||||||||||||||||||||
| Comment by Elena Stepanova [ 2013-06-14 ] | ||||||||||||||||||||||
|
Right, thanks. I just had a vague remembrance and was wondering if it's the same issue. | ||||||||||||||||||||||
| Comment by Jeremy Cole [ 2014-05-31 ] | ||||||||||||||||||||||
|
Note that this was the other day marked as fixed in upstream MySQL Bug 69477. Perhaps it should be merged in once they release it. | ||||||||||||||||||||||
| Comment by Elena Stepanova [ 2014-11-10 ] | ||||||||||||||||||||||
|
Upstream bugfix in 5.6.20:
Not reproducible on the current 10.0 (10.0.14+) tree, which is expected since InnoDB 5.6.20 was merged into 10.0.14. |