Percona Server moved to https://jira.percona.com/projects/PS

  1. Bug #1626519
  2. Comment #4

Comment 4 for bug 1626519

Revision history for this message
Sergei Glushchenko (sergei.glushchenko) wrote :

With slightly modified server:

diff --git i/sql/sql_plugin.cc w/sql/sql_plugin.cc
index 0aea4da..37da9c7 100644
--- i/sql/sql_plugin.cc
+++ w/sql/sql_plugin.cc
@@ -3351,6 +3351,9 @@ static void plugin_var_memalloc_free(struct system_variables *vars)
   for (root= vars->dynamic_variables_allocs; root; root= next)
   {
     next= root->next;
+ char *var= (char *) (root + 1);
+ for (int i=0; var[i]; i++)
+ var[i]= 0;
     my_free(root);
   }
   vars->dynamic_variables_allocs= NULL;

it is possible to crash it sometimes with stack trace

(lldb) bt
* thread #25: tid = 0x0018, 0x00007fff900e6f06 libsystem_kernel.dylib`__pthread_kill + 10, stop reason = signal SIGSTOP
    frame #0: 0x00007fff900e6f06 libsystem_kernel.dylib`__pthread_kill + 10
    frame #1: 0x00007fff890cb4ec libsystem_pthread.dylib`pthread_kill + 90
    frame #2: 0x0000000103d58a1b mysqld`my_write_core(sig=11) + 43 at stacktrace.c:247
    frame #3: 0x0000000103c10178 mysqld`::handle_fatal_signal(sig=11) + 1640 at signal_handler.cc:223
    frame #4: 0x00007fff8e04552a libsystem_platform.dylib`_sigtramp + 26
  * frame #5: 0x000000010d3032d3 audit_log.so`audit_log_update_thd_local(thd=0x00007fc6a410ae00, local=0x00007fc6a350c6d8, event_class=0, event=0x0000700000bc6460) + 883 at audit_log.c:1013
    frame #6: 0x000000010d302915 audit_log.so`audit_log_notify(thd=0x00007fc6a410ae00, event_class=MYSQL_AUDIT_GENERAL_CLASS, event=0x0000700000bc6460) + 133 at audit_log.c:1137
    frame #7: 0x0000000103c13700 mysqld`plugins_dispatch(thd=0x00007fc6a410ae00, plugin=0x00007fc6a3508ec0, arg=0x0000700000bc63d8) + 144 at sql_audit.cc:1230
    frame #8: 0x0000000103c10d0b mysqld`event_class_dispatch(thd=0x00007fc6a410ae00, event_class=MYSQL_AUDIT_GENERAL_CLASS, event=0x0000700000bc6460) + 331 at sql_audit.cc:1294
    frame #9: 0x0000000103c10652 mysqld`mysql_audit_notify(thd=0x00007fc6a410ae00, subclass=MYSQL_AUDIT_GENERAL_STATUS, error_code=1096, msg="Query", msg_len=5) + 866 at sql_audit.cc:327
    frame #10: 0x0000000103a2f636 mysqld`mysql_audit_general(thd=0x00007fc6a410ae00, event_subtype=MYSQL_AUDIT_GENERAL_STATUS, error_code=1096, msg="Query") + 118 at sql_audit.h:92
    frame #11: 0x0000000103a2d93a mysqld`dispatch_command(thd=0x00007fc6a410ae00, com_data=0x0000700000bc7db8, command=COM_QUERY) + 10266 at sql_parse.cc:1871
    frame #12: 0x0000000103a2e26e mysqld`do_command(thd=0x00007fc6a410ae00) + 1390 at sql_parse.cc:1010
    frame #13: 0x0000000103bd1196 mysqld`::handle_connection(arg=0x00007fc6a482f6e0) + 662 at connection_handler_per_thread.cc:312
    frame #14: 0x000000010434b40c mysqld`::pfs_spawn_thread(arg=0x00007fc6a4847a70) + 396 at pfs.cc:2188
    frame #15: 0x00007fff890c899d libsystem_pthread.dylib`_pthread_body + 131
    frame #16: 0x00007fff890c891a libsystem_pthread.dylib`_pthread_start + 168
    frame #17: 0x00007fff890c6351 libsystem_pthread.dylib`thread_start + 13

p event_general->general_query
(MYSQL_LEX_CSTRING) $2 = (str = "SET STATEMENT sql_mode='' FOR SELECT *", length = 38)

It means that plugin variables are freed first and then audit event passed to plugin which is a core server bug IMHO.