Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-36346

UBSAN: runtime error: inf is outside the range of representable values of type 'unsigned long long'

Details

    Description

      CURRENT_TEST: main.select
      		 
      /source/sql/sql_select.cc:31065:33: runtime error: inf is outside the range of representable values of type 'unsigned long long'
      		 
          #0 0x55f4d34f0f98 in test_if_cheaper_ordering(bool, st_join_table const*, st_order*, TABLE*, Bitmap<64u>, int, unsigned long long, int*, int*, unsigned lon
      		 
      g long*, double*, unsigned int*, unsigned int*) /source/sql/sql_select.cc:31065:33
      		 
          #1 0x55f4d3498ee2 in test_if_skip_sort_order(st_join_table*, st_order*, unsigned long long, bool, Bitmap<64u> const*, bool*) /source/sql/sql_select.cc:2556
      		 
      4:5
      		 
          #2 0x55f4d346ce6f in JOIN::optimize_stage2() /source/sql/sql_select.cc:3334:15
      		 
          #3 0x55f4d3472aa5 in JOIN::optimize_inner() /source/sql/sql_select.cc:2639:9
      		 
          #4 0x55f4d3466367 in JOIN::optimize() /source/sql/sql_select.cc:1927:10
      		 
          #5 0x55f4d344acdc in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_r
      		 
      esult*, st_select_lex_unit*, st_select_lex*) /source/sql/sql_select.cc:5182:19
      		 
          #6 0x55f4d344a183 in handle_select(THD*, LEX*, select_result*, unsigned long) /source/sql/sql_select.cc:573:10
      		 
          #7 0x55f4d339698c in execute_sqlcom_select(THD*, TABLE_LIST*) /source/sql/sql_parse.cc:6422:12
      		 
          #8 0x55f4d33770c1 in mysql_execute_command(THD*, bool) /source/sql/sql_parse.cc:4013:12
      		 
          #9 0x55f4d335cab6 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /source/sql/sql_parse.cc:8209:18
      		 
          #10 0x55f4d3354d5b in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /source/sql/sql_parse.cc:1908:7
      		 
          #11 0x55f4d335ea1b in do_command(THD*, bool) /source/sql/sql_parse.cc:1421:17
      		 
          #12 0x55f4d38de94c in do_handle_one_connection(CONNECT*, bool) /source/sql/sql_connect.cc:1386:11
      		 
          #13 0x55f4d38de2d2 in handle_one_connection /source/sql/sql_connect.cc:1298:5
      		 
          #14 0x55f4d2f12476 in asan_thread_start(void*) asan_interceptors.cpp.o
      		 
          #15 0x7f4d0013d1c3  (/lib/x86_64-linux-gnu/libc.so.6+0x891c3) (BuildId: c047672cae7964324658491e7dee26748ae5d2f8)
      		 
          #16 0x7f4d001bd85b  (/lib/x86_64-linux-gnu/libc.so.6+0x10985b) (BuildId: c047672cae7964324658491e7dee26748ae5d2f8)
      		 
       
      		 
      SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /source/sql/sql_select.cc:31065:33

      Attachments

        Issue Links

          is part of

          Task - A task that needs to be done. MDEV-25454 Make MariaDB server UBSAN safe

          • Major - Major loss of function.
          • Confirmed

          Activity

            Ascending order - Click to sort in descending order
            danblack Daniel Black created issue -
            danblack Daniel Black made changes -
            Field Original Value New Value
            Roel Roel Van de Paar added a comment -

            Confirmed. Trace with error type report:

            export UBSAN_OPTIONS=suppressions=${HOME}/mariadb-qa/UBSAN.filter:print_stacktrace=1:report_error_type=1

            CS 10.6.22 f1d7e0c17e33f77278e6226dd94aeb30fc856bf0 (Debug, UBASAN) Build 15/02/2025

            		 
            /test/10.6_dbg_san/sql/sql_select.cc:31065:33: runtime error: inf is outside the range of representable values of type 'unsigned long long'
            		 
                #0 0x55cd21c12dbb in test_if_cheaper_ordering(bool, st_join_table const*, st_order*, TABLE*, Bitmap<64u>, int, unsigned long long, int*, int*, unsigned long long*, double*, unsigned int*, unsigned int*) /test/10.6_dbg_san/sql/sql_select.cc:31065:33
            		 
                #1 0x55cd21bb3942 in test_if_skip_sort_order(st_join_table*, st_order*, unsigned long long, bool, Bitmap<64u> const*, bool*) /test/10.6_dbg_san/sql/sql_select.cc:25564:5
            		 
                #2 0x55cd21b8208f in JOIN::optimize_stage2() /test/10.6_dbg_san/sql/sql_select.cc:3334:15
            		 
                #3 0x55cd21b8830c in JOIN::optimize_inner() /test/10.6_dbg_san/sql/sql_select.cc:2639:9
            		 
                #4 0x55cd21b7a7cb in JOIN::optimize() /test/10.6_dbg_san/sql/sql_select.cc:1927:10
            		 
                #5 0x55cd21b5c570 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /test/10.6_dbg_san/sql/sql_select.cc:5182:19
            		 
                #6 0x55cd21b5b9a2 in handle_select(THD*, LEX*, select_result*, unsigned long) /test/10.6_dbg_san/sql/sql_select.cc:573:10
            		 
                #7 0x55cd21a81ab5 in execute_sqlcom_select(THD*, TABLE_LIST*) /test/10.6_dbg_san/sql/sql_parse.cc:6422:12
            		 
                #8 0x55cd21a6a119 in mysql_execute_command(THD*, bool) /test/10.6_dbg_san/sql/sql_parse.cc:4013:12
            		 
                #9 0x55cd21a39b28 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/10.6_dbg_san/sql/sql_parse.cc:8209:18
            		 
                #10 0x55cd21a2ddb4 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/10.6_dbg_san/sql/sql_parse.cc:1908:7
            		 
                #11 0x55cd21a3c54d in do_command(THD*, bool) /test/10.6_dbg_san/sql/sql_parse.cc:1421:17
            		 
                #12 0x55cd220836ec in do_handle_one_connection(CONNECT*, bool) /test/10.6_dbg_san/sql/sql_connect.cc:1386:11
            		 
                #13 0x55cd22082fab in handle_one_connection /test/10.6_dbg_san/sql/sql_connect.cc:1298:5
            		 
                #14 0x55cd215433ac in asan_thread_start(void*) asan_interceptors.cpp.o
            		 
                #15 0x14f78c49ca93 in start_thread nptl/pthread_create.c:447:8
            		 
                #16 0x14f78c529c3b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
            		 
             
            		 
            SUMMARY: UndefinedBehaviorSanitizer: float-cast-overflow /test/10.6_dbg_san/sql/sql_select.cc:31065:33

            Please note that this will be the last UBSAN error trace in the log, there will likely be other issues before it, like:

            UBSAN|applying zero offset to null pointer|storage/maria/ma_unique.c|_ma_unique_hash|maria_write|handler::ha_write_tmp_row|end_write

            Which is MDEV-35620.

            Roel Roel Van de Paar added a comment - Confirmed. Trace with error type report: export UBSAN_OPTIONS=suppressions=${HOME} /mariadb-qa/UBSAN .filter:print_stacktrace=1:report_error_type=1 CS 10.6.22 f1d7e0c17e33f77278e6226dd94aeb30fc856bf0 (Debug, UBASAN) Build 15/02/2025 /test/10.6_dbg_san/sql/sql_select.cc:31065:33: runtime error: inf is outside the range of representable values of type 'unsigned long long' #0 0x55cd21c12dbb in test_if_cheaper_ordering(bool, st_join_table const*, st_order*, TABLE*, Bitmap<64u>, int, unsigned long long, int*, int*, unsigned long long*, double*, unsigned int*, unsigned int*) /test/10.6_dbg_san/sql/sql_select.cc:31065:33 #1 0x55cd21bb3942 in test_if_skip_sort_order(st_join_table*, st_order*, unsigned long long, bool, Bitmap<64u> const*, bool*) /test/10.6_dbg_san/sql/sql_select.cc:25564:5 #2 0x55cd21b8208f in JOIN::optimize_stage2() /test/10.6_dbg_san/sql/sql_select.cc:3334:15 #3 0x55cd21b8830c in JOIN::optimize_inner() /test/10.6_dbg_san/sql/sql_select.cc:2639:9 #4 0x55cd21b7a7cb in JOIN::optimize() /test/10.6_dbg_san/sql/sql_select.cc:1927:10 #5 0x55cd21b5c570 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /test/10.6_dbg_san/sql/sql_select.cc:5182:19 #6 0x55cd21b5b9a2 in handle_select(THD*, LEX*, select_result*, unsigned long) /test/10.6_dbg_san/sql/sql_select.cc:573:10 #7 0x55cd21a81ab5 in execute_sqlcom_select(THD*, TABLE_LIST*) /test/10.6_dbg_san/sql/sql_parse.cc:6422:12 #8 0x55cd21a6a119 in mysql_execute_command(THD*, bool) /test/10.6_dbg_san/sql/sql_parse.cc:4013:12 #9 0x55cd21a39b28 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/10.6_dbg_san/sql/sql_parse.cc:8209:18 #10 0x55cd21a2ddb4 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/10.6_dbg_san/sql/sql_parse.cc:1908:7 #11 0x55cd21a3c54d in do_command(THD*, bool) /test/10.6_dbg_san/sql/sql_parse.cc:1421:17 #12 0x55cd220836ec in do_handle_one_connection(CONNECT*, bool) /test/10.6_dbg_san/sql/sql_connect.cc:1386:11 #13 0x55cd22082fab in handle_one_connection /test/10.6_dbg_san/sql/sql_connect.cc:1298:5 #14 0x55cd215433ac in asan_thread_start(void*) asan_interceptors.cpp.o #15 0x14f78c49ca93 in start_thread nptl/pthread_create.c:447:8 #16 0x14f78c529c3b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78   SUMMARY: UndefinedBehaviorSanitizer: float-cast-overflow /test/10.6_dbg_san/sql/sql_select.cc:31065:33 Please note that this will be the last UBSAN error trace in the log, there will likely be other issues before it, like: UBSAN|applying zero offset to null pointer|storage/maria/ma_unique.c|_ma_unique_hash|maria_write|handler::ha_write_tmp_row|end_write Which is MDEV-35620 .
            Roel Roel Van de Paar made changes -
            Labels UBSAN UBSAN float-cast-overflow
            Roel Roel Van de Paar made changes -
            Assignee Sergei Petrunia [ psergey ]
            Roel Roel Van de Paar made changes -
            Status Open [ 1 ] Confirmed [ 10101 ]
            Roel Roel Van de Paar made changes -
            Affects Version/s 10.11 [ 27614 ]
            Roel Roel Van de Paar made changes -
            Fix Version/s 10.11 [ 27614 ]
            Roel Roel Van de Paar made changes -
            Labels UBSAN float-cast-overflow UBSAN float-cast-overflow not-11.4+
            Roel Roel Van de Paar made changes -
            Labels UBSAN float-cast-overflow not-11.4+ UBSAN float-cast-overflow not-10.5 not-11.4+
            Roel Roel Van de Paar made changes -
            Comment [ The {{test_if_cheaper_ordering}} float cast overfloat is present only in CS 10.6 and 10.11, and in ES 10.6. ]
            Roel Roel Van de Paar added a comment -

            The test_if_cheaper_ordering float cast overflow is present only in CS 10.6 and 10.11, and in ES 10.6.

            Roel Roel Van de Paar added a comment - The test_if_cheaper_ordering float cast overflow is present only in CS 10.6 and 10.11, and in ES 10.6.

            People

              psergei Sergei Petrunia
              danblack Daniel Black
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.