1. 23 Nov, 2022 1 commit
    • Marko Mäkelä's avatar
      MDEV-30009 InnoDB shutdown hangs when the change buffer is corrupted · 165564d3
      Marko Mäkelä authored
      The InnoDB change buffer (ibuf.index, stored in the system tablespace)
      and the change buffer bitmaps in persistent tablespaces could get out
      of sync with each other: According to the bitmap, no changes exist for
      a page, while there actually exist buffered entries in ibuf.index.
      
      InnoDB performs lazy deletion of buffered changes. When a secondary
      index leaf page is freed (possibly as part of DROP INDEX), any
      buffered changes will not be deleted. Instead, they would be deleted
      on a subsequent buf_page_create_low().
      
      One scenario where InnoDB failed to delete buffered changes is
      as follows:
      1. Some changes were buffered for a secondary index leaf page.
      2. The index page had been freed.
      3. ibuf_read_merge_pages() invoked ibuf_merge_or_delete_for_page(),
      which noticed that the page had been freed, and reset the change buffer
      bits, but did not delete the records from ibuf.index.
      4. The index page was reallocated for something else.
      5. The index page was removed from the buffer pool.
      6. Some changes were buffered for the newly created page.
      7. Finally, the buffered changes from both 1. and 6. were merged.
      8. The index is corrupted.
      
      An alternative outcome is:
      4. Shutdown with innodb_fast_shutdown=0 gets into an infinite loop.
      
      An alternative scenario is:
      3. ibuf_set_bitmap_for_bulk_load() reset the IBUF_BITMAP_BUFFERED bit
      but did not delete the ibuf.index records for that page number.
      
      The shutdown hang was already once fixed in
      commit d7a24017, refactored for
      10.5 in commit 77e8a311 and
      disabled in commit 310dff5d
      due to corruption.
      
      We will fix this as follows:
      
      ibuf_delete_recs(): Delete all ibuf.index entries for the specified page.
      
      ibuf_merge_or_delete_for_page(): When the change buffer bitmap bits
      were set and the page had been freed, and the page does not belong
      to ibuf.index itself, invoke ibuf_delete_recs(). This prevents the
      corruption from occurring when a DML operation is allocating a
      previously freed page for which changes had been buffered.
      
      ibuf_set_bitmap_for_bulk_load(): When the change buffer bitmap bits
      were set, invoke ibuf_delete_recs(). This prevents the corruption
      from occurring when CREATE INDEX is reusing a previously freed page.
      
      ibuf_read_merge_pages(): On slow shutdown, remove the orphan records
      by invoking ibuf_delete_recs(). This fixes the hang when the change
      buffer had become corrupted. We also remove the dops[] accounting,
      because nothing can monitor it during shutdown. We invoke
      ibuf_delete_recs() if:
      (a) buf_page_get_gen() failed to load the page or merge changes
      (b) the page is not a valid index leaf page
      (c) the page number is out of tablespace bounds
      
      srv_shutdown(): Invoke ibuf_max_size_update(0) to ensure that
      the race condition that motivated us to disable the code in
      ibuf_read_merge_pages() in commit 310dff5d
      is no longer possible. That is, during slow shutdown, both the
      rollback of transactions and the purge of history will return
      early from ibuf_insert_low().
      
      ibuf_merge_space(), ibuf_delete_for_discarded_space(): Cleanup:
      Do not allocate a memory heap.
      
      This was implemented by Thirunarayanan Balathandayuthapani
      and tested with innodb_change_buffering_debug=1 by Matthias Leich.
      165564d3
  2. 22 Nov, 2022 2 commits
  3. 21 Nov, 2022 3 commits
  4. 20 Nov, 2022 3 commits
  5. 17 Nov, 2022 1 commit
    • Marko Mäkelä's avatar
      MDEV-29982 fixup: Relax the test · 41028d70
      Marko Mäkelä authored
      The log overwrite warnings are not being reliably emitted in all
      debug-instrumented environments. It may be related to the
      scheduling of some InnoDB internal activity, such as the purging
      of committed transaction history.
      41028d70
  6. 16 Nov, 2022 1 commit
  7. 15 Nov, 2022 2 commits
  8. 14 Nov, 2022 5 commits
    • Marko Mäkelä's avatar
      MDEV-29984 innodb_fast_shutdown=0 fails to report change buffer merge progress · dc2741be
      Marko Mäkelä authored
      ibuf.size, ibuf.max_size: Changed the type to Atomic_relaxed<ulint>
      in order to fix some (not all) race conditions.
      
      ibuf_contract(): Renamed from ibuf_merge_pages(ulint*).
      
      ibuf_merge(), ibuf_merge_all(): Removed.
      
      srv_shutdown(): Invoke log_free_check() and ibuf_contract(). Even though
      ibuf_contract() is not writing anything, it will trigger calls of
      ibuf_merge_or_delete_for_page(), which will write something. Because
      we cannot invoke log_free_check() at that low level, we must invoke
      it at the high level.
      
      srv_shutdown_print(): Replaces srv_shutdown_print_master_pending().
      Report progress and remaining work every 15 seconds. For the
      change buffer merge, the remaining work is indicated by ibuf.size.
      dc2741be
    • Marko Mäkelä's avatar
      Cleanup: Remove a useless header file · 744b33c2
      Marko Mäkelä authored
      744b33c2
    • Marko Mäkelä's avatar
      MDEV-16264 fixup: Remove unused variables · ee7fba17
      Marko Mäkelä authored
      ee7fba17
    • Marko Mäkelä's avatar
      MDEV-29982 Improve the InnoDB log overwrite error message · e0e096fa
      Marko Mäkelä authored
      The InnoDB write-ahead log ib_logfile0 is of fixed size,
      specified by innodb_log_file_size. If the tail of the log
      manages to overwrite the head (latest checkpoint) of the log,
      crash recovery will be broken.
      
      Let us clarify the messages about this, including adding
      a message on the completion of a log checkpoint that notes
      that the dangerous situation is over.
      
      To reproduce the dangerous scenario, we will introduce the
      debug injection label ib_log_checkpoint_avoid_hard, which will
      avoid log checkpoints even harder than the previous
      ib_log_checkpoint_avoid.
      
      log_t::overwrite_warned: The first known dangerous log sequence number.
      Set in log_close() and cleared in log_write_checkpoint_info(),
      which will output a "Crash recovery was broken" message.
      e0e096fa
    • Marko Mäkelä's avatar
      MDEV-29905 fixup: Remove some unnecessary code · 2283f82d
      Marko Mäkelä authored
      srv_shutdown(): Do not call log_free_check(), because it will now
      be repeatedly called by ibuf_merge_all(). Do not call
      srv_sync_log_buffer_in_background(), because we do not actually care
      about durability during shutdown. Log writes will already be triggered
      by buf_flush_page_cleaner() for writing back modified pages, possibly by
      log_free_check().
      
      logs_empty_and_mark_files_at_shutdown(): Clean up a condition.
      This function is the caller of srv_shutdown(), and it will ensure that
      the log and the buffer pool will be in clean state before shutdown.
      2283f82d
  9. 13 Nov, 2022 1 commit
  10. 10 Nov, 2022 1 commit
  11. 09 Nov, 2022 5 commits
  12. 08 Nov, 2022 15 commits