[MDBF-741] Remove the gcc UBSAN builder to use the clang based UBSAN - Jira

Details

Type: Bug
Status: In Testing (View Workflow)
Priority: Major
Resolution: Unresolved
Affects Version/s: None
Fix Version/s: N/A
Component/s: Buildbot
Labels:
- foundation

Sprint:
Sprint 6 (24.03.2025), Sprint 7 (07.04.2025)

Description

Evidently, that the clang UBSAN is significantly more capable than the gcc based UBSAN.

There are some significant amount of UBSAN errors that will occur in even the most basic of MTR tests.

Attachments

Issue Links

is blocked by

CONC-711 UBSAN: client_mpvio_write_packet through pointer to incorrect function

Closed

CONC-766 Disable clang -Wcast-function-type-strict for makecontext

Open

MDBF-740 bump clang-14 asan builder to use clang 20 (and do ubsan too)

In Testing

MDEV-22940 perfschema, clang, UBSAN - fails to build - libperfschema.a(pfs_instr.cc.o):(.data+0x63b8): undefined reference to `typeinfo for THD'

Open

MDEV-25454 Make MariaDB server UBSAN safe

Confirmed

MDEV-34507 UBSAN: mysys/hash.c:197:20: runtime error: call to function get_sys_var_length

Closed

MDEV-34508 UBSAN: mf_keycache.c:5950:11: runtime error: call to function init_simple_key_cache

Closed

MDEV-34509 UBSAN: call to function option_cmp(my_option*, my_option*) through pointer to incorrect function type

Closed

MDEV-34510 UBSAN: crc32 x86 - integer overflow

Closed

MDEV-34511 UBSAN: qsort based function argument mismatch

Closed

MDEV-36347 UBSAN: plugins.auth_v0100 - runtime error: call to function do_auth_0x0100 through pointer to incorrect function type

Closed

MDEV-36542 Remove compile options for faking initialization

In Review

relates to

MDEV-33478 Tests massively fail with clang-18 -fsanitize=memory

Closed

MDEV-35510 ASAN build crashes during bootstrap

In Review

MDEV-35721 UBSAN: runtime error: -nan is outside the range of representable values of type 'unsigned long long' in Index_statistics::set_avg_frequency on INSERT or SHOW INDEX

Closed

MDEV-35738 MariaDB cannot be compiled with -fsanitize=pointer-compare due to two invalid pointer pairs

Open

MDEV-36337 runtime error: call to function (udf_example) netaphon through pointer to incorrect function type 'char *(*)(st_udf_init *, st_udf_args *, char *, unsigned long *, unsigned char *, unsigned char *)

Stalled

MDEV-36344 UBSAN: lifo buffer (optimizer) - runtime error: applying non-zero offset 12 to null pointer

Confirmed

MDEV-36451 UBSAN: float-cast-overflow /source/sql/sql_select.cc:8618:48 (main.blackhole)

Open

MDEV-36453 UBSAN: main.mysqltest - runtime error: null pointer passed as argument 2, which is declared to never be null (dynstr_append_mem)

Open

MDEV-36467 UBSAN: _ma_unique_hash on NULL BLOB results in strings/ctype-uca-scanner_next.inl:84:23: runtime error: applying non-zero offset 1 to null pointer (main.type_blob)

Open

MDEV-36468 UBSAN: null blob in Field_blob::cmp resuting in my_uca_scanner_next_utf8mb4 overflow

Open

links to

kernel infra precondition

(7 is blocked by, 10 relates to, 1 links to)

Activity

Ascending order - Click to sort in descending order

View 5 older comments

Daniel Black added a comment - 2025-03-28 08:08

working on getting server clean:

so far mroonga upstream https://github.com/mroonga/mroonga/pull/902
our UDF functions - https://github.com/MariaDB/server/pull/3906
~~MDEV-36347~~ in review
MDEV-35715 masked https://github.com/mariadb-corporation/mariadb-qa/blob/master/UBSAN.filter#L30
~~MDEV-36341~~ federatedx still to fix:

WIP - probably temp structure insufficiently populated.
federated.federated_transactions 'X' [ pass ] 159
***Warnings generated in error logs during shutdown after running tests: federated.federated_transactions

/source/storage/federatedx/ha_federatedx.cc:1514:17: runtime error: applying non-zero offset 138217089612088 to null pointer
SUMMARY: UndefinedBehaviorSanitizer: nullptr-with-nonzero-offset /source/storage/federatedx/ha_federatedx.cc:1514:17

mysql-test/mtr --manual-gdb='b fill_server;b __ubsan::ScopedReport::~ScopedReport; r' --mem federated.federated_transactions

Test:

diff --git a/include/my_global.h b/include/my_global.h

index fd774bdac1f..ebef24cf1f0 100644

--- a/include/my_global.h

+++ b/include/my_global.h

@@ -440,10 +440,7 @@ extern "C" int madvise(void *addr, size_t len, int behav);

/*

    Suppress uninitialized variable warning without generating code.

*/

-#if defined(__GNUC__)

-/* GCC specific self-initialization which inhibits the warning. */

-#define UNINIT_VAR(x) x= x

-#elif defined(_lint) || defined(FORCE_INIT_OF_VARS)

+#if defined(_lint) || defined(FORCE_INIT_OF_VARS)

 #define UNINIT_VAR(x) x= 0

its a hack. There was a USan abouve a UNINIT var of bool that was being assigned a 0/1 value. Will find again.

Daniel Black added a comment - 2025-03-28 08:08 working on getting server clean: so far mroonga upstream https://github.com/mroonga/mroonga/pull/902 our UDF functions - https://github.com/MariaDB/server/pull/3906 MDEV-36347 in review MDEV-35715 masked https://github.com/mariadb-corporation/mariadb-qa/blob/master/UBSAN.filter#L30 MDEV-36341 federatedx still to fix: WIP - probably temp structure insufficiently populated. federated.federated_transactions 'X' [ pass ] 159 ***Warnings generated in error logs during shutdown after running tests: federated.federated_transactions /source/storage/federatedx/ha_federatedx.cc:1514:17: runtime error: applying non-zero offset 138217089612088 to null pointer SUMMARY: UndefinedBehaviorSanitizer: nullptr-with-nonzero-offset /source/storage/federatedx/ha_federatedx.cc:1514:17 mysql-test/mtr --manual-gdb='b fill_server;b __ubsan::ScopedReport::~ScopedReport; r' --mem federated.federated_transactions Test: diff --git a/include/my_global.h b/include/my_global.h index fd774bdac1f..ebef24cf1f0 100644 --- a/include/my_global.h +++ b/include/my_global.h @@ -440,10 +440,7 @@ extern "C" int madvise(void *addr, size_t len, int behav); /* Suppress uninitialized variable warning without generating code. */ -#if defined(__GNUC__) -/* GCC specific self-initialization which inhibits the warning. */ -#define UNINIT_VAR(x) x= x -#elif defined(_lint) || defined(FORCE_INIT_OF_VARS) +#if defined(_lint) || defined(FORCE_INIT_OF_VARS) #define UNINIT_VAR(x) x= 0 its a hack. There was a USan abouve a UNINIT var of bool that was being assigned a 0/1 value. Will find again.

Daniel Black added a comment - 6 days ago

auth_v0100 federated and mroonga fixes - https://github.com/MariaDB/server/pull/3932 -

MDEV-36337 udf - runtime error: call to function (udf_example) netaphon through pointer to incorrect function type #3906 - in review

my_global.h still todo

Daniel Black added a comment - 6 days ago auth_v0100 federated and mroonga fixes - https://github.com/MariaDB/server/pull/3932 - MDEV-36337 udf - runtime error: call to function (udf_example) netaphon through pointer to incorrect function type #3906 - in review my_global.h still todo

Daniel Black added a comment - 6 days ago

BB configuration done - https://github.com/MariaDB/buildbot/pull/732 for review.

Rest is resolving some server faults and masking the others until a fix can be made.

Daniel Black added a comment - 6 days ago BB configuration done - https://github.com/MariaDB/buildbot/pull/732 for review. Rest is resolving some server faults and masking the others until a fix can be made.

Daniel Black added a comment - 5 days ago

I don't think anything infra is related as I think containers have limited stack size - ulimit -s to be sure.

Just the config above and the UBSAN fixes to be done are being worked though.

Marking observed failures in Relates to issues;

Daniel Black added a comment - 5 days ago I don't think anything infra is related as I think containers have limited stack size - ulimit -s to be sure. Just the config above and the UBSAN fixes to be done are being worked though. Marking observed failures in Relates to issues;

Daniel Black added a comment - 4 days ago

resolve MDEV-35738 and there's no need for an ASAN filter exclusion.

Daniel Black added a comment - 4 days ago resolve MDEV-35738 and there's no need for an ASAN filter exclusion.

People

Assignee:: Daniel Black

Reporter:: Daniel Black

Votes:: 1 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2024-07-02 07:17

Updated:: 3 days ago 06:22

Time Tracking

Estimated:

Remaining:

Logged:

4d 3h

MariaDB Foundation Development