MySQL Bugs: #95404: InnoDB crash at startup if giving illegal value to experiment sys

Bug #95404	InnoDB crash at startup if giving illegal value to experiment sys_vars
Submitted:	17 May 2019 8:26	Modified:	20 May 2019 10:32
Reporter:	Fungo Wang (OCA)	Email Updates:
Status:	Verified	Impact on me:	None
Category:	MySQL Server: InnoDB storage engine	Severity:	S3 (Non-critical)
Version:	8.0.16	OS:	Any
Assigned to:		CPU Architecture:	Any
Tags:	crash, ENABLE_EXPERIMENT_SYSVARS, Illegal, innodb

Description:
Building mysqld with -DENABLE_EXPERIMENT_SYSVARS=ON, then choose an existed testcase   to run with `--mysqld=--innodb_log_recent_closed_size=1023`.

For example ./mtr sys_vars.all_vars --mem --mysqld=--innodb_log_recent_closed_size=1023

crash info as bellow:

2019-05-17T08:12:45.931133Z 1 [ERROR] [MY-013183] [InnoDB] Assertion failure: ut0link_buf.h:199:(capacity & (capacity - 1)) == 0 thread 139869820540672

mysql-server-8/runtime_output_directory/mysqld(my_print_stacktrace(unsigned char*, unsigned long)+0x68) [0x569fa48]
mysql-server-8/runtime_output_directory/mysqld(handle_fatal_signal+0x473) [0x310385a]
/lib64/libpthread.so.0(+0xf7e0) [0x7f36086a77e0]
/lib64/libc.so.6(gsignal+0x35) [0x7f3606d02625]
/lib64/libc.so.6(abort+0x175) [0x7f3606d03e05]
mysql-server-8/runtime_output_directory/mysqld(ut_dbg_assertion_failed(char const*, char const*, unsigned long)+0x345) [0x5ea960b]
mysql-server-8/runtime_output_directory/mysqld(Link_buf<unsigned long>::Link_buf(unsigned long)+0xb0) [0x5ae52c0]
mysql-server-8/runtime_output_directory/mysqld() [0x5ae2452]
mysql-server-8/runtime_output_directory/mysqld(log_sys_init(unsigned int, unsigned long, unsigned int)+0x666) [0x5ade903]
mysql-server-8/runtime_output_directory/mysqld(srv_start(bool, std::string const&)+0x2b83) [0x5da31d6]
mysql-server-8/runtime_output_directory/mysqld() [0x58badfa]
mysql-server-8/runtime_output_directory/mysqld() [0x58d90c9]
mysql-server-8/runtime_output_directory/mysqld(dd::bootstrap::DDSE_dict_init(THD*, dict_init_mode_t, unsigned int)+0xd9) [0x510dde6]
mysql-server-8/runtime_output_directory/mysqld(dd::upgrade_57::do_pre_checks_and_initialize_dd(THD*)+0xe79) [0x553de4c]
mysql-server-8/runtime_output_directory/mysqld() [0x3342baa]
mysql-server-8/runtime_output_directory/mysqld() [0x64702ee]
/lib64/libpthread.so.0(+0x7aa1) [0x7f360869faa1]
/lib64/libc.so.6(clone+0x6d) [0x7f3606db893d]

How to repeat:
./mtr sys_vars.all_vars --mem --mysqld=--innodb_log_recent_closed_size=1023

Looks like these parameters has the same issue.

innodb_log_flush_events
innodb_log_write_events
innodb_log_recent_closed_size
innodb_log_recent_written_size

Suggested fix:
The internal logic require the value to be power of 2 ut_a((capacity & (capacity - 1)) == 0), so we need to add on_check function for these parameters, or use on_update function to make the value round to power of to.

Although these experimental sys_vars are not exposed to user using normal build, but I guess it's still a issue need to be fixed.

Hello Fungo Wang,

Thank you for the report.

regards,
Umesh