Skip to content

Commit e5b155a

Browse files
dr-mdr-m
committed
MDEV-12091 Shutdown fails to wait for rollback of recovered transactions to finish
In the 10.1 InnoDB Plugin, a call os_event_free(buf_flush_event) was misplaced. The event could be triggered by rollback of resurrected transactions while shutdown was in progress. This bug was caught by cmake -DWITH_ASAN testing. This call was only present in the 10.1 InnoDB Plugin, not in other versions, or in XtraDB. That said, the bug affects all InnoDB versions. Shutdown assumes the cessation of any page-dirtying activity, including the activity of the background rollback thread. InnoDB only waited for the background rollback to finish as part of a slow shutdown (innodb_fast_shutdown=0). The default is a clean shutdown (innodb_fast_shutdown=1). In a scenario where InnoDB is killed, restarted, and shut down soon enough, the data files could become corrupted. logs_empty_and_mark_files_at_shutdown(): Wait for the rollback to finish, except if innodb_fast_shutdown=2 (crash-like shutdown) was requested. trx_rollback_or_clean_recovered(): Before choosing the next recovered transaction to roll back, terminate early if non-slow shutdown was initiated. Roll back everything on slow shutdown (innodb_fast_shutdown=0). srv_innodb_monitor_mutex: Declare as static, because the mutex is only used within one module. In 10.2, os_event_destroy() sets the event to a NULL pointer, while os_event_free() in earlier versions did not do that.
1 parent ff8bf6e commit e5b155a

File tree

3 files changed

+13
-11
lines changed

3 files changed

+13
-11
lines changed

storage/innobase/log/log0log.cc

Lines changed: 3 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
33
Copyright (c) 1995, 2016, Oracle and/or its affiliates. All Rights Reserved.
44
Copyright (c) 2009, Google Inc.
5-
Copyright (c) 2014, 2017, MariaDB Corporation. All Rights Reserved.
5+
Copyright (c) 2014, 2017, MariaDB Corporation.
66
77
Portions of this file contain modifications contributed and copyrighted by
88
Google, Inc. Those modifications are gratefully acknowledged and are described
@@ -2001,12 +2001,6 @@ logs_empty_and_mark_files_at_shutdown(void)
20012001

20022002
ib::info() << "Starting shutdown...";
20032003

2004-
while (srv_fast_shutdown == 0 && trx_rollback_or_clean_is_active) {
2005-
/* we should wait until rollback after recovery end
2006-
for slow shutdown */
2007-
os_thread_sleep(100000);
2008-
}
2009-
20102004
/* Wait until the master thread and all other operations are idle: our
20112005
algorithm only works if the server is idle at shutdown */
20122006

@@ -2068,6 +2062,8 @@ logs_empty_and_mark_files_at_shutdown(void)
20682062
thread_name = "lock_wait_timeout_thread";
20692063
} else if (srv_buf_dump_thread_active) {
20702064
thread_name = "buf_dump_thread";
2065+
} else if (srv_fast_shutdown != 2 && trx_rollback_or_clean_is_active) {
2066+
thread_name = "rollback of recovered transactions";
20712067
} else {
20722068
thread_name = NULL;
20732069
}

storage/innobase/srv/srv0srv.cc

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
Copyright (c) 1995, 2016, Oracle and/or its affiliates. All Rights Reserved.
44
Copyright (c) 2008, 2009 Google Inc.
55
Copyright (c) 2009, Percona Inc.
6-
Copyright (c) 2013, 2017, MariaDB Corporation. All Rights Reserved.
6+
Copyright (c) 2013, 2017, MariaDB Corporation.
77
88
Portions of this file contain modifications contributed and copyrighted by
99
Google, Inc. Those modifications are gratefully acknowledged and are described
@@ -463,7 +463,7 @@ const char* srv_io_thread_function[SRV_MAX_N_IO_THREADS];
463463

464464
time_t srv_last_monitor_time;
465465

466-
ib_mutex_t srv_innodb_monitor_mutex;
466+
static ib_mutex_t srv_innodb_monitor_mutex;
467467

468468
/** Mutex protecting page_zip_stat_per_index */
469469
ib_mutex_t page_zip_stat_per_index_mutex;

storage/innobase/trx/trx0roll.cc

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
/*****************************************************************************
22
33
Copyright (c) 1996, 2016, Oracle and/or its affiliates. All Rights Reserved.
4-
Copyright (c) 2016, MariaDB Corporation. All Rights Reserved.
4+
Copyright (c) 2016, 2017, MariaDB Corporation.
55
66
This program is free software; you can redistribute it and/or modify it under
77
the terms of the GNU General Public License as published by the Free Software
@@ -810,7 +810,7 @@ trx_rollback_or_clean_recovered(
810810

811811
if (all) {
812812
ib::info() << "Starting in background the rollback"
813-
" of uncommitted transactions";
813+
" of recovered transactions";
814814
}
815815

816816
/* Note: For XA recovered transactions, we rely on MySQL to
@@ -830,6 +830,12 @@ trx_rollback_or_clean_recovered(
830830

831831
assert_trx_in_rw_list(trx);
832832

833+
if (srv_shutdown_state != SRV_SHUTDOWN_NONE
834+
&& srv_fast_shutdown != 0) {
835+
all = FALSE;
836+
break;
837+
}
838+
833839
/* If this function does a cleanup or rollback
834840
then it will release the trx_sys->mutex, therefore
835841
we need to reacquire it before retrying the loop. */

0 commit comments

Comments
 (0)