[MDEV-7967] [PATCH] segfault after (re-)moving audit log file Created: 2015-04-09  Updated: 2016-01-12  Resolved: 2016-01-12

Status: Closed
Project: MariaDB Server
Component/s: Plugin - Audit
Affects Version/s: 5.5, 10.0, 10.1
Fix Version/s: 5.5.48

Type: Bug Priority: Critical
Reporter: Hans-Joachim Kliemeck Assignee: Alexey Botchkov
Resolution: Fixed Votes: 0
Labels: server_audit, verified

Attachments: File query.patch    
Sprint: 10.2.0-3

 Description   

if an external program will move or remove the audit log, a segmentation fault will occur. this error will not happen, if the audit log file exist while mysql is started. if flush logs is executed after file has been moved but before stop+start of audit is triggered (via setting the file path or setting audit=OFF and audit=ON, see logrotate config), the probability of getting a segfault will be reduced.

problem will occur with audit plugin (file rotation disabled) + mysql 5.6 + ubuntu 14.04 on git commit cc84ac3be41d9d6ac480d55449d5bf4e324cca10

gdb output: http://pastebin.com/ccs2Fug7
logrotate script: http://pastebin.com/CnLANyEm
mysql error log: http://pastebin.com/P51NsFxs

my naive solution would be to call stop_logging/start_logging on rotate() if file rotations are set to 0. this will trigger the needed reopen of the logfile

 Comments   
Comment by Elena Stepanova [ 2015-04-14 ]

Hi,

Are you really also getting the crash on MariaDB 5.5, 10.0, 10.1.1 as the 'Affects Version/s' field states?
And which exact version of MySQL 5.6 are you using?

I can reproduce it on MySQL 5.6.23, but so far only there. Couldn't reproduce on MariaDB, or on MySQL 5.5, or on MySQL 5.6.24.
It's possible though it's just the matter of "luck"...

Comment by Hans-Joachim Kliemeck [ 2015-04-14 ]

i added the versions because there is no mysql/audit version available and i'm using the current trunk version of audit plugin. i'm using ubuntu 14.04 LTS and my mysql version is 5.6.19. could you find the reason for 5.6.23?

removed affected versions

Comment by Elena Stepanova [ 2015-04-15 ]

Apparently, it was this commit on MySQL 5.6 after which the problem disappeared:

commit 38dcb9fb00d5cb1a398977edc56fa0f454037498
 
Author: Kristofer Pettersson <kristofer.pettersson@oracle.com>
 
Date:   Tue Mar 17 13:59:31 2015 +0100
 
 
 
    Bug #20536590: BACKPORT BUG #12368204 AND BUG #16953758 TO MYSQL-5.6
 
    
    Backported the fixes.
 
    Partially backported the fix for bug #19463877 too :
 
    the part about different audit events count for the different
 
    protocols.
 
    Changed the strategy of the original fix to account for the lack
 
    of the changes done in WL#6613 as follows:
 
    Instead of mixing the calls to the audit log API by calling them
 
    both outside of the general log hooks and inside some
 
    moved all audit log API calls inside the general log hooks but
 
    before any checks to the general log options. Made sure that the
 
    general log hooks are called regardless of the value of the
 
    general log option and moved all checking of it inside the
 
    hooks.
 
    Changed the binary log calles used by the prepared statement
 
    code to use the convenience hooks instead of directly calling the
 
    LOGGER functions. Ensured that prepared statements pass down the
 
    query text.
 
    Getting it from the THD is not correct for prepared statements.
 
    ** Added an extra test file that tests firewall with general log off.
 
 

Still, holyfoot, could you please double-check that there is nothing to do/fix on the audit plugin side?

Comment by Hans-Joachim Kliemeck [ 2015-04-18 ]

i can confirm that this commit will fix the issue. i created a backport patch for current mysql-server-5.6 version on trusty: https://bugs.launchpad.net/ubuntu/+source/mysql-5.6/+bug/1444904

Comment by Hans-Joachim Kliemeck [ 2015-04-20 ]

i was able to fix this problem for mysql on plugin level too. could you please take a look at the attached patch?

Comment by Hans-Joachim Kliemeck [ 2015-04-21 ]

created pull request https://github.com/MariaDB/server/pull/46

Comment by Hans-Joachim Kliemeck [ 2015-06-17 ]

any progress on this issue?

Comment by Alexey Botchkov [ 2016-01-12 ]

Should be fixed with the patch to MDEV-9106.

Generated at Thu Feb 08 07:23:39 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.