Skip to content

MDEV-38126 Dead code, race conditions and contentious lock_operations in audit plugin #4449

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

MDEV-38126 Dead code, race conditions and contentious lock_operations in audit plugin #4449

wants to merge 6 commits into from
+348 −1,337

Conversation

@dr-m
Copy link
Contributor

@dr-m dr-m commented Nov 19, 2025

  • The Jira issue number for this PR is: MDEV-38126

Description

The implementation of the audit plugin apparently follows obsolete 1990 version of ISO/IEC 9899, a.k.a. C90. Atomic memory operations were not introduced to the language until 2011. Therefore, a combination of mutexes and volatile variables is being used. This is prone to race conditions that could explain some failures such as MDEV-34074, because no well-defined consistency model is being followed. Elsewhere in the code base, we are making use of features that were introduced in ISO/IEC 14882:2011, such as std::atomic.

Release Notes

The performance of the server_audit plugin was improved and performance_schema instrumentation for SERVER_AUDIT_plugin::lock_operations removed.

How can this PR be tested?

HammerDB with auditing enabled

Basing the PR against the correct MariaDB version

  • This is a new feature or a refactoring, and the PR is based against the main branch.
  • This is a bug fix, and the PR is based against the earliest maintained branch in which the bug can be reproduced.

This depends on some write_log() code removal in 7251cbc. It should be technically possible to port some of this to an earlier major version (I tried it on 10.11), but that would have to be tested and reviewed separately.

PR quality check

  • I checked the CODING_STANDARDS.md file and my PR conforms to this where appropriate.
  • For any trivial modifications to the PR, I am ok with the reviewer making the changes themselves.

dr-m added 4 commits November 19, 2025 10:44
@dr-m
MDEV-38126: Remove dead code for MySQL 5.7 and old MariaDB
06da823 
The release of MySQL 5.7.44 (the last one in the 5.7 series) took place in
August 2023.

Also, the release of MariaDB 5.5.68 (the last one in the 5.5 series)
took place in May 2020.

Let us remove some dead code that is related to these, as well as
attempts to detect the server version by symbol lookup.
The audit plugin will typically be built and distributed together
with the current MariaDB server version.
@dr-m
MDEV-38126: Convert plugin/server_audit to C++11
cadc958 
To be able to improve performance, let us move from C90 to C++11,
which introduced std::atomic.
@dr-m
MDEV-38126: Remove __attribute__((unused)) from plugin/server_audit
1c8b9a0 
Starting with ISO/IEC 14882:1998 (C++98), unused function parameters
may be identified simply by omitting their names.
@dr-m
MDEV-38126: Remove lock_atomic from plugin/server_audit
f66cfd9 
internal_stop_logging: Declared as Atomic_counter<int>
@dr-m dr-m requested a review from sanja-byelkin November 19, 2025 09:34
@dr-m dr-m self-assigned this Nov 19, 2025
@CLAassistant
Copy link

CLAassistant commented Nov 19, 2025

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

@dr-m dr-m marked this pull request as ready for review November 19, 2025 10:06
@dr-m
Copy link
Contributor Author

dr-m commented Nov 19, 2025

I spotted some more errors:

/home/buildbot/src/plugin/server_audit/server_audit.cc:2337:3: runtime error: call to function logger_init_mutexes through pointer to incorrect function type 'void (*)()'
SUMMARY: UndefinedBehaviorSanitizer: function-type-mismatch /home/buildbot/src/plugin/server_audit/server_audit.cc:2337:3 
/home/buildbot/src/plugin/server_audit/server_audit.cc:2337:3: runtime error: call to function logger_init_mutexes through pointer to incorrect function type 'void (*)()'
SUMMARY: UndefinedBehaviorSanitizer: function-type-mismatch /home/buildbot/src/plugin/server_audit/server_audit.cc:2337:3

It looks like MDEV-34348 and clang -Wcast-function-type-strict were not implemented for this plugin.

@dr-m
MDEV-38126: Use InnoDB srw_lock_low for plugin/server_audit
f102d1b 
Replace the contention prone mysql_prlock_t with a simpler
rw-lock wrapper from InnoDB, and fix several potential
race conditions by making consistent use of lock_operations.

This will also omit any PERFORMANCE_SCHEMA instrumentation.
@dr-m
Copy link
Contributor Author

dr-m commented Nov 19, 2025

I could not figure out a solution to the logger_init_mutexes() problem. The following did not work out:

diff --git a/include/mysql/service_logger.h b/include/mysql/service_logger.h
index d11dd4291ae..aa6c34fd755 100644
--- a/include/mysql/service_logger.h
+++ b/include/mysql/service_logger.h
@@ -61,7 +61,7 @@ extern "C" {
 typedef struct logger_handle_st LOGGER_HANDLE;
 
 extern struct logger_service_st {
-  void (*logger_init_mutexes)();
+  void (*logger_init_mutexes)(void);
   LOGGER_HANDLE* (*open)(const char *path,
                          unsigned long long size_limit,
                          unsigned int rotations, size_t buffer_size);
diff --git a/plugin/server_audit/server_audit.cc b/plugin/server_audit/server_audit.cc
index b1cc1c08ce2..5972b09319e 100644
--- a/plugin/server_audit/server_audit.cc
+++ b/plugin/server_audit/server_audit.cc
@@ -74,11 +74,13 @@ static void closelog() {}
 #include <my_global.h>
 #include <my_base.h>
 #include <typelib.h>
+#include <string.h>
+extern "C" {
 #include <mysql/plugin.h>
 #include <mysql/plugin_audit.h>
-#include <string.h>
 #include <mysql/service_logger.h>
 #include "../../mysys/mysys_priv.h"
+}
 #ifndef RTLD_DEFAULT
 #define RTLD_DEFAULT NULL
 #endif

In any case, I think that the logger interface will need to be replaced with something similar to the InnoDB log_sys.buf and log_sys.flush_buf as well as #3925 so that we can allow multiple concurrent writes to the memory buffer. This could significantly improve multi-threaded performance.

@dr-m
MDEV-38126: Fix -DWITH_UBSAN=ON
5676ecf 
logger_init_mutexes(void): Define the function as taking no
arguments, to avoid function pointer type mismatch.

my_b_flush_io_cache(): runtime error: addition of unsigned offset ...
overflowed. Cast to a signed offset.
@dr-m
Copy link
Contributor Author

dr-m commented Nov 19, 2025

I hope that 5676ecf will not introduce function pointer type mismatch elsewhere.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sanja-byelkin sanja-byelkin sanja-byelkin approved these changes

Assignees

@dr-m dr-m

Labels

MariaDB Corporation

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@dr-m @CLAassistant @sanja-byelkin