1. 12 Jun, 2024 1 commit
    • Brandon Nesterenko's avatar
      MDEV-34365: UBSAN runtime error: call to function io_callback(tpool::aiocb*) · d3a7e46b
      Brandon Nesterenko authored
      On an UBSAN clang-15 build, if running with UBSAN option
      halt_on_error=1 (the issue doesn't show up without it),
      MTR fails during mysqld --bootstrap with UBSAN error:
      
      call to function io_callback(tpool::aiocb*) through pointer to incorrect function type 'void (*)(void *)'
      
      This patch corrects the parameter type of io_callback
      to match its expected type defined by callback_func,
      i.e. (void*).
      
      Reviewed By:
      ============
      <TODO>
      d3a7e46b
  2. 11 Jun, 2024 1 commit
    • Vladislav Vaintroub's avatar
      MDEV-33616 workaround libmariadb bug : mysql_errno = 0 on failed connection · f2eda615
      Vladislav Vaintroub authored
      The bug can happens on macOS, if server closes the socket without sending
      error packet to client. Closing the socket on server side is legitimate,
      and happen e.g when write timeout occurs, perhaps also other situations.
      
      However mysqltest is not prepared to handle mysql_errno 0, and erroneously
      thinks connection was successfully established.
      
      The fix/workaround in mysqltest is to treat client failure with
      mysql_errno 0 the same as CR_SERVER_LOST (generic client-side
      communication error)
      
      The real fix in client library would ensure that mysql_errno is set
      on errors.
      f2eda615
  3. 10 Jun, 2024 7 commits
    • Yuchen Pei's avatar
      MDEV-34002 Initialise fields in spider_db_handler · d524cb5b
      Yuchen Pei authored
      Otherwise it may result in nonsensical values like 190 for a boolean.
      d524cb5b
    • Sergei Golubchik's avatar
      fix the test for --view · 40dd5b86
      Sergei Golubchik authored
      40dd5b86
    • Dave Gosselin's avatar
      MDEV-34129 mariadb-install-db appears to hang on macOS · 90d376e0
      Dave Gosselin authored
      Immediately close down the signal handler loop when we decide to
      break connections as it's the start of process termination
      anyway, and there's no need to wait once we've invoked break_connections.
      90d376e0
    • Alexander Barkov's avatar
      mtr --skip-not-found did not skip suites · 3b80d23d
      Alexander Barkov authored
      --skip-not-found switch tells mtr to skip not found tests instead of aborting.
      But it failed to skip the test if the suite name was not found.
      
      This problem also made the *last-N-failed builbot builders fail
      to run `mtr --skip-not-found` if the last commit removed a file in
      the mysql-test/include/ directory.
      
      This commit fixes it, now the not found test is properly skipped,
      no matter what component of the test name was not found:
      
      $ ./mtr main.foo --skip-not-found foo.main
      ...
      ==============================================================================
      TEST                                  WORKER RESULT   TIME (ms) or COMMENT
      --------------------------------------------------------------------------
      foo.main                                 [ skipped ]  not found
      main.foo                                 [ skipped ]  not found
      --------------------------------------------------------------------------
      3b80d23d
    • Marko Mäkelä's avatar
      MDEV-33161 Function pointer signature mismatch in LF_HASH · a2bd936c
      Marko Mäkelä authored
      In cmake -DWITH_UBSAN=ON builds with clang but not with GCC,
      -fsanitize=undefined will flag several runtime errors on
      function pointer mismatch related to the lock-free hash table LF_HASH.
      
      Let us use matching function signatures and remove function pointer
      casts in order to avoid potential bugs due to undefined behaviour.
      
      These errors could be caught at compilation time by
      -Wcast-function-type-strict, which is available starting with clang-16,
      but not available in any version of GCC as of now. The old GCC flag
      -Wcast-function-type is enabled as part of -Wextra, but it specifically
      does not catch these errors.
      
      Reviewed by: Vladislav Vaintroub
      a2bd936c
    • Alexander Barkov's avatar
      MDEV-34227 On startup: UBSAN: runtime error: applying non-zero offset in... · 246c0b3a
      Alexander Barkov authored
      MDEV-34227 On startup: UBSAN: runtime error: applying non-zero offset in JOIN::make_aggr_tables_info in sql/sql_select.cc
      
      Avoid undefined behaviour (applying offset to nullptr).
      The reported scenario is covered in mysql-test/connect-no-db.test
      No new tests needed.
      246c0b3a
    • Alexander Barkov's avatar
      MDEV-32376 SHOW CREATE DATABASE statement crashes the server when db name... · 21f56583
      Alexander Barkov authored
      MDEV-32376 SHOW CREATE DATABASE statement crashes the server when db name contains some unicode characters, ASAN stack-buffer-overflow
      
      Adding the test for the length of lex->name into show_create_db().
      
      Without this test writes beyond the end of db_name_buff were possible
      upon a too long database name.
      21f56583
  4. 09 Jun, 2024 1 commit
    • Brandon Nesterenko's avatar
      MDEV-34237: On Startup: UBSAN: runtime error: call to function... · bf0aa99a
      Brandon Nesterenko authored
      MDEV-34237: On Startup: UBSAN: runtime error: call to function MDL_lock::lf_hash_initializer lf_hash_insert through pointer to incorrect function type 'void (*)(st_lf_hash *, void *, const void *)'
      
      A few different incorrect function type UBSAN issues have been
      grouped into this patch.
      
      The only real potentially undefined behavior is an error about
      show_func_mutex_instances_lost, which when invoked in
      sql_show.cc::show_status_array(), puts 5 arguments onto the stack;
      however, the implementing function only actually has 3 parameters (so
      only 3 would be popped). This was fixed by adding in the remaining
      parameters to satisfy the type mysql_show_var_func.
      
      The rest of the findings are pointer type mismatches that wouldn't
      lead to actual undefined behavior. The lf_hash_initializer function
      type definition is
      
      typedef void (*lf_hash_initializer)(LF_HASH *hash, void *dst, const void *src);
      
      but the MDL_lock and table cache's implementations of this function
      do not have that signature. The MDL_lock has specific MDL object
      parameters:
      
      static void lf_hash_initializer(LF_HASH *hash __attribute__((unused)),
                                      MDL_lock *lock, MDL_key *key_arg)
      
      and the table cache has specific TDC parameters:
      
      static void tdc_hash_initializer(LF_HASH *,
                                       TDC_element *element, LEX_STRING *key)
      
      leading to UBSAN runtime errors when invoking these functions.
      
      This patch fixes these type mis-matches by changing the
      implementing functions to use void * and const void * for their
      respective parameters, and later casting them to their expected
      type in the function body.
      
      Note too the functions tdc_hash_key and tc_purge_callback had
      a similar problem to tdc_hash_initializer and was fixed
      similarly.
      
      Reviewed By:
      ============
      Sergei Golubchik <serg@mariadb.com>
      bf0aa99a
  5. 07 Jun, 2024 7 commits
  6. 06 Jun, 2024 7 commits
  7. 05 Jun, 2024 11 commits
    • Vladislav Vaintroub's avatar
    • Nikita Malyavin's avatar
      7d86751d
    • Vladislav Vaintroub's avatar
      fix typo · db9c2d22
      Vladislav Vaintroub authored
      db9c2d22
    • Vladislav Vaintroub's avatar
    • Vladislav Vaintroub's avatar
      Appveyor build - skip irrelevant commits · b242b44f
      Vladislav Vaintroub authored
      Since we're only building on Windows, skip changes to debian directory
      and to shell scripts.
      b242b44f
    • Vladislav Vaintroub's avatar
      MDEV-34236 Mroonga build with ASAN/UBSAN with GCC 12+ extremely slow. · 40abd973
      Vladislav Vaintroub authored
      Workaround by disabling sanitizer for single source file.
      40abd973
    • Monty's avatar
      MDEV-22935 Erroneous Aria Index / Optimizer behaviour · 38cbef8b
      Monty authored
      The problem was in the Aria part of the range optimizer,
      maria_records_in_range(), which wrong concluded that there was no rows
      in the range.
      
      This error would happen in the unlikely case when searching for a range
      on a partial key and there was a match for the first key part in the
      upper part of the b-tree (node) and also a match in the underlying
      node page.
      
      In other words, for this bug to happen one have to use Aria, have a multi
      part key with a lot of identical values for the first key part and do a
      range search on the second part of the key.
      
      Fixed by ensuring that we do not stop searching for partial keys found
      on node.
      
      Other things:
      - Added some comments
      - Changed a variable name to more clearly explain it's purpose.
      - Fixed wrong cast in _ma_record_pos() that could cause problems on 32 bit
        systems.
      38cbef8b
    • Marko Mäkelä's avatar
      MDEV-34297 get_rnd_value() of ib_counter_t is unnecessarily complex · c6d36c3e
      Marko Mäkelä authored
      The shared counter template ib_counter_t uses the function
      my_timer_cycles() as a source of pseudo-random numbers to pick a shard.
      On some platforms, my_timer_cycles() could return the constant value 0.
      
      get_rnd_value(): Remove.
      
      my_pseudo_random(): Implement as an alias of my_timer_cycles() or
      a wrapper for pthread_self().
      
      Reviewed by: Vladislav Vaintroub
      c6d36c3e
    • ilyasa1211's avatar
    • Igor Babaev's avatar
      MDEV-29307 Wrong result when joining two derived tables over the same view · 4d38267f
      Igor Babaev authored
      This bug could affect queries containing a join of derived tables over
      grouping views such that one of the derived tables contains a window
      function while another uses view V with dependent subquery DSQ containing
      a set function aggregated outside of the subquery in the view V. The
      subquery also refers to the fields from the group clause of the view.Due to
      this bug execution of such queries could produce wrong result sets.
      
      When the fix_fields() method performs context analysis of a set function AF
      first, at the very beginning the function Item_sum::init_sum_func_check()
      is called. The function copies the pointer to the embedding set function,
      if any, stored in THD::LEX::in_sum_func into the corresponding field of the
      set function AF simultaneously changing the value of THD::LEX::in_sum_func
      to point to AF. When at the very end of the fix_fields() method the function
      Item_sum::check_sum_func() is called it is supposed to restore the value
      of THD::LEX::in_sum_func to point to the embedding set function. And in
      fact Item_sum::check_sum_func() did it, but only for regular set functions,
      not for those used in window functions. As a result after the context
      analysis of AF had finished THD::LEX::in_sum_func still pointed to AF.
      It confused the further context analysis. In particular it led to wrong
      resolution of Item_outer_ref objects in the fix_inner_refs() function.
      This wrong resolution forced reading the values of grouping fields referred
      in DSQ not from the temporary table used for aggregation from which they
      were supposed to be read, but from the table used as the source table for
      aggregation.
      
      This patch guarantees that the value of THD::LEX::in_sum_func is properly
      restored after the call of fix_fields() for any set function.
      4d38267f
    • Yuchen Pei's avatar
      MDEV-27186 spider/partition: Report error on info() failure · 042a0d85
      Yuchen Pei authored
      Like MDEV-28105, spider may attempt to connect to remote server in
      info(), and it may emit an error upon failure to connect. In this
      case, the downstream caller ha_partition::open() should return the
      error to avoid inconsistency.
      
      This fixes MDEV-27186, MDEV-27237, MDEV-27334, MDEV-28241, MDEV-34101.
      042a0d85
  8. 04 Jun, 2024 3 commits
  9. 03 Jun, 2024 2 commits