Bug #90839 make ubsan error reporting fail-fast
Submitted: 11 May 2018 14:06 Modified: 23 May 2018 17:56
Reporter: Tor Didriksen Email Updates:
Status: Closed Impact on me:
None 
Category:MySQL Server: Compiling Severity:S3 (Non-critical)
Version:8.0.13 OS:Any
Assigned to: CPU Architecture:Any

[11 May 2018 14:06] Tor Didriksen 
Description:
gcc/ubsan actually reports several errors which are not reported by mtr.
Make ubsan fail-fast, for gcc and clang, and fix misc errors reported.

How to repeat:
build with clang/ubsan

./mtr --mem --sanitize main.greedy_optimizer

sql/opt_explain.cc:1434:47: runtime error: 3.89816e+19 is outside the range of representable values of type 'unsigned long long'
    #0 0x5f30186 in human_readable_size(char*, int, double) sql/opt_explain.cc:1434:47
    #1 0x5f2fc66 in Explain_join::explain_rows_and_filtered() sql/opt_explain.cc:1472:5

./mtr --mem --sanitize main.ctype_utf16le

/usr/bin/../lib/gcc/x86_64-redhat-linux/7/../../../../include/c++/7/bits/basic_string.h:367:32: runtime error: load of misaligned address 0x7fea503284cd for type 'const unsigned short', which requires 2 byte alignment
0x7fea503284cd: note: pointer points here
 00 00 06 00 61 00 61  00 61 00 00 00 00 00 00  00 00 00 00 00 00 00 00  00 00 00 00 00 00 00 00  00

./mtr --mem --sanitizeinnodb_fts.zip

storage/innobase/buf/buf0buddy.cc:313:28: runtime error: index 2048 out of bounds for type 'unsigned char [38]'
    #0 0xb02a84d in buf_buddy_alloc_zip(buf_pool_t*, unsigned long) storage/innobase/buf/buf0buddy.cc:313:28

./mtr --mem main.mysqltest
/usr/include/string.h:43:28: note: nonnull attribute specified here
    #0 0x57560f in dynstr_append_mem(DYNAMIC_STRING*, char const*, unsigned long) mysys/my_string.cc:119:3
    #1 0x4bc623 in do_eval(DYNAMIC_STRING*, char const*, char const*, bool) client/mysqltest.cc:834:11
    #2 0x4dea0b in do_let(st_command*) client/mysqltest.cc:5037:3
    #3 0x4cbef0 in main client/mysqltest.cc:9104:11
    #4 0x7f7f28ad1009 in __libc_start_main (/lib64/libc.so.6+0x21009)
    #5 0x496149 in _start (bin-club/runtime_output_directory/mysqltest+0x496149)

client/mysqltest.cc:4948:23: runtime error: division by zero
    #0 0x4e19db in do_expr(st_command*) client/mysqltest.cc:4948:23
    #1 0x4cbefe in main client/mysqltest.cc:9107:11
    #2 0x7f66b4bdf009 in __libc_start_main (/lib64/libc.so.6+0x21009)
    #3 0x496149 in _start (bin-club/runtime_output_directory/mysqltest+0x496149)

./mtr --mem --sanitize --suite=meb
meb/meb/back_systablespace.cpp:644:39: runtime error: member call on null pointer of type 'meb::State_ibd_file'
meb/meb/meb_session.cpp:1314:67: runtime error: division by zero

Suggested fix:
  $ENV{'UBSAN_OPTIONS'} = "print_stacktrace=1,halt_on_error=1" if $opt_sanitize;
[14 May 2018 8:39] Tor Didriksen 
Posted by developer:
 
more failing tests:
i_main.gis                               w2 [ fail ]

sql/item_func.cc:1177:24: runtime error: -1.84467e+19 is outside the range of representable values of type 'long long'
    #0 0x59ea32b in Item_func_numhybrid::val_int() sql/item_func.cc:1177:24
    #1 0x5bde483 in Item_func_export_set::val_str(String*) sql/item_strfunc.cc:3417:49
    #2 0x6534848 in Item_func_geometry_from_wkb::val_str(String*) sql/item_geofunc.cc:733:26

./mtr --mem --sanitize main.myisampack

mysys/tree.cc:505:18: runtime error: call to function save_counts_in_queue(unsigned char*, unsigned int, HUFF_TREE*) through pointer to incorrect function type 'int (*)(void *, unsigned int, void *)'
storage/myisam/myisampack.cc:1558: note: save_counts_in_queue(unsigned char*, unsigned int, HUFF_TREE*) defined here
    #0 0x7c7544 in tree_walk_left_root_right(TREE*, TREE_ELEMENT*, int (*)(void*, unsigned int, void*), void*) mysys/tree.cc:505:18
    #1 0x7c7301 in tree_walk(TREE*, int (*)(void*, unsigned int, void*), void*, TREE_WALK) mysys/tree.cc:491:14
    #2 0x4d4881 in make_huff_tree(HUFF_TREE*, HUFF_COUNTS*) storage/myisam/myisampack.cc:1429:5
[14 May 2018 9:06] Tor Didriksen 
Posted by developer:
 
./mtr --mem --sanitize main.myisampack

storage/myisam/myisampack.cc:2656:38: runtime error: shift exponent 64 is too large for 64-bit type 'ulonglong' (aka 'unsigned long long')
    #0 0x4d8593 in flush_bits() storage/myisam/myisampack.cc:2656:38
    #1 0x4bfba1 in write_huff_tree(HUFF_TREE*, unsigned int) storage/myisam/myisampack.cc:2135:5
    #2 0x4aa438 in compress(PACK_MRG_INFO*, char*) storage/myisam/myisampack.cc:586:24

storage/myisam/myisampack.cc:1764:34: runtime error: shift exponent 64 is too large for 64-bit type 'ulonglong' (aka 'unsigned long long')
    #0 0x4d7272 in make_traverse_code_tree(HUFF_TREE*, HUFF_ELEMENT*, unsigned int, unsigned long long) storage/myisam/myisampack.cc:1764:34
    #1 0x4b92f8 in make_huff_decode_table(HUFF_TREE*, unsigned int) storage/myisam/myisampack.cc:1751:7
    #2 0x4aa340 in compress(PACK_MRG_INFO*, char*) storage/myisam/myisampack.cc:566:7
[23 May 2018 9:56] Tor Didriksen 
Posted by developer:
 
gcc/ubsan:
./mtr --mem --sanitize myisampack

storage/myisam/myisampack.cc:2656:38: runtime error: shift exponent 64 is too large for 64-bit type 'ulonglong' (aka 'unsigned long long')
    #0 0x4d8593 in flush_bits() storage/myisam/myisampack.cc:2656:38
    #1 0x4bfba1 in write_huff_tree(HUFF_TREE*, unsigned int) storage/myisam/myisampack.cc:2135:5
    #2 0x4aa438 in compress(PACK_MRG_INFO*, char*) storage/myisam/myisampack.cc:586:24

storage/myisam/myisampack.cc:1764:34: runtime error: shift exponent 64 is too large for 64-bit type 'ulonglong' (aka 'unsigned long long')
    #0 0x4d7272 in make_traverse_code_tree(HUFF_TREE*, HUFF_ELEMENT*, unsigned int, unsigned long long) storage/myisam/myisampack.cc:1764:34
    #1 0x4b92f8 in make_huff_decode_table(HUFF_TREE*, unsigned int) storage/myisam/myisampack.cc:1751:7
    #2 0x4aa340 in compress(PACK_MRG_INFO*, char*) storage/myisam/myisampack.cc:566:7
[23 May 2018 17:56] Paul DuBois 
Posted by developer:
 
Fixed in 8.0.13.

Work was done for test suite. No changelog entry needed.