[MDEV-33157] runtime error: call to function wsrep_plugin_init(void*) through pointer to incorrect function type Created: 2024-01-03  Updated: 2024-01-03  Resolved: 2024-01-03

Status: Closed
Project: MariaDB Server
Component/s: Galera
Affects Version/s: 10.4, 10.5, 10.6, 10.7, 10.8, 10.9, 10.10, 10.11, 11.0, 11.1, 11.2, 11.3, 11.4
Fix Version/s: 10.4.33, 10.5.24, 10.6.17, 10.11.7, 11.0.5, 11.1.4, 11.2.3, 11.3.2

Type: Bug Priority: Major
Reporter: Marko Mäkelä Assignee: Marko Mäkelä
Resolution: Fixed Votes: 0
Labels: UBSAN

Issue Links:
Blocks
blocks MDEV-33160 show_status_array() calls various fun... Closed
is blocked by MDEV-26272 The macro MASTER_INFO_VAR invokes und... Closed
Relates
relates to MDEV-25454 Make MariaDB server UBSAN safe Confirmed

 Description   

Now that MDEV-26272 was finally fixed, I thought that I would give clang-16 a try with cmake -DWITH_UBSAN=ON. One of the many errors (a function pointer type mismatch) would be fixed by the following:

diff --git a/sql/wsrep_plugin.cc b/sql/wsrep_plugin.cc
 
index 743b8a593b8..3fa5f7b7ef4 100644
 
--- a/sql/wsrep_plugin.cc
 
+++ b/sql/wsrep_plugin.cc
 
@@ -18,18 +18,6 @@
 
 
 #include <mysql/plugin.h>
 
 
-static int wsrep_plugin_init(void *p)
 
-{
 
-  WSREP_DEBUG("wsrep_plugin_init()");
 
-  return 0;
 
-}
 
-
 
-static int wsrep_plugin_deinit(void *p)
 
-{
 
-  WSREP_DEBUG("wsrep_plugin_deinit()");
 
-  return 0;
 
-}
 
-
 
 struct Mysql_replication wsrep_plugin= {
 
   MYSQL_REPLICATION_INTERFACE_VERSION
 
 };
 
@@ -42,8 +30,8 @@ maria_declare_plugin(wsrep)
 
   "Codership Oy",
 
   "Wsrep replication plugin",
 
   PLUGIN_LICENSE_GPL,
 
-  wsrep_plugin_init,
 
-  wsrep_plugin_deinit,
 
+  NULL,
 
+  NULL,
 
   0x0100,
 
   NULL, /* Status variables */
 
   NULL, /* System variables */



 Comments   
Comment by Marko Mäkelä [ 2024-01-03 ]

I tested clang 15.0.7 as well, and it too is complaining about function pointer type mismatch. Here are two more examples:

10.4 9695974e4b212aa4820e0ccfeb164f5444c0d58e

 
/mariadb/10.4/sql/sql_show.cc:3843:7: runtime error: call to function wsrep_show_bf_aborts(THD*, st_mysql_show_var*, char*, enum_var_type) through pointer to incorrect function type 'int (*)(THD *, st_mysql_show_var *, void *, system_status_var *, enum_var_type)'
 
/mariadb/10.4/sql/sql_show.cc:3843:7: runtime error: call to function wsrep_show_ready(THD*, st_mysql_show_var*, char*) through pointer to incorrect function type 'int (*)(THD *, st_mysql_show_var *, void *, system_status_var *, enum_var_type)'

Because the mismatching parameters are at the end of the functions and unused, this may not result in an actual bug, depending on the ABI. For example, in the System-V AMD64 ABI, the first 6 function parameters would be passed in registers. It should not matter if the callee is ignoring some of these registers.

Comment by Marko Mäkelä [ 2024-01-03 ]

I tested my fix with the following patch so that mtr would not flag test failures due to other cmake -DWITH_UBSAN=ON issues:

index cdd8f0bf6cd..7df05378f0a 100755
 
--- a/mysql-test/mysql-test-run.pl
 
+++ b/mysql-test/mysql-test-run.pl
 
@@ -4370,8 +4370,8 @@ sub extract_warning_lines ($$) {
 
      qr/missing DBUG_RETURN/,
 
      qr/Attempting backtrace/,
 
      qr/Assertion .* failed/,
 
-     qr/Sanitizer/,
 
-     qr/runtime error:/,
 
+     qr/(Address|Leak)Sanitizer/,
 
+#     qr/runtime error:/,
 
     );
 
   # These are taken from the include/mtr_warnings.sql global suppression
 
   # list. They occur delayed, so they can be parsed during shutdown rather

and the following test invocation:

./mtr --parallel=40 --big-test --force --suite=galera,galera_3nodes,galera_sr,galera_3nodes_sr
 
grep 'runtime error.*function wsrep' var/*/log/mysqld*err*

The grep command returned an empty result. There were incorrect calls to some functions (see MDEV-33158), but not to ones whose name would start with wsrep.

Generated at Thu Feb 08 10:36:48 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.