Bug#28008107 MAKE UBSAN ERROR REPORTING FAIL-FAST

in mysql-test-run
$ENV{'UBSAN_OPTIONS'} = "print_stacktrace=1,halt_on_error=1" if $opt_sanitize;

Also fix a few simple one-liners reported by UBSAN
Don't divide by zero.
Don't call get_file_tracker() unless it is actually needed.
Don't call memcpy(foo, nullptr, 0)
Add support for sizes up to Yottabyte in "explain"
Ensure proper alignment of of regexp strings.
Don't righshift bitmask more than 63 places.

Fix this warning
storage/innobase/buf/buf0buddy.cc:313:28:
runtime error: index 2048 out of bounds for type 'unsigned char [38]'
by taking the start address first, then do reinterpret_cast.

Change-Id: Ie88c847b51d3524559d8bc70f80fe4e0f7a37cb5

Author: Tor Didriksen

client/mysqltest.cc

@@ -36,6 +36,7 @@
 #include <algorithm>
 #include <cmath>  // std::isinf
 #include <functional>
+#include <limits>
 #include <new>
 #include <string>
 #ifdef _WIN32
@@ -4944,9 +4945,15 @@ static void do_expr(struct st_command *command) {
     result = operand1 - operand2;
   else if (!std::strcmp(math_operator, "*"))
     result = operand1 * operand2;
-  else if (!std::strcmp(math_operator, "/"))
-    result = operand1 / operand2;
-  else if (!std::strcmp(math_operator, "%"))
+  else if (!std::strcmp(math_operator, "/")) {
+    if (operand2 == 0.0) {
+      if (operand1 == 0.0)
+        result = std::numeric_limits<double>::quiet_NaN();
+      else
+        result = std::numeric_limits<double>::infinity();
+    } else
+      result = operand1 / operand2;
+  } else if (!std::strcmp(math_operator, "%"))
     result = (int)operand1 % (int)operand2;
   // Logical Operators
   else if (!std::strcmp(math_operator, "&&"))
@@ -4970,7 +4977,10 @@ static void do_expr(struct st_command *command) {
   char buf[128];
   size_t result_len;
   // Check if result is an infinite value
-  if (!std::isinf(result)) {
+  if (std::isnan(result)) {
+    // Print 'nan' if result is Not a Number
+    result_len = snprintf(buf, sizeof(buf), "%s", "nan");
+  } else if (!std::isinf(result)) {
     const char *format = (result < 1e10 && result > -1e10) ? "%f" : "%g";
     result_len = snprintf(buf, sizeof(buf), format, result);
   } else

extra/re2/re2/compile.cc

@@ -265,7 +265,8 @@ int Compiler::AllocInst(int n) {
     while (inst_len_ + n > inst_cap_)
       inst_cap_ *= 2;
     Prog::Inst* ip = new Prog::Inst[inst_cap_];
-    memmove(ip, inst_, inst_len_ * sizeof ip[0]);
+    if (inst_len_ > 0)
+      memmove(ip, inst_, inst_len_ * sizeof ip[0]);
     memset(ip + inst_len_, 0, (inst_cap_ - inst_len_) * sizeof ip[0]);
     delete[] inst_;
     inst_ = ip;

include/m_string.h

@@ -1,5 +1,5 @@
 /*
-   Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
+   Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License, version 2.0,
@@ -29,8 +29,10 @@
 */
 
 #include <float.h>
+#include <limits.h>
 #include <stdbool.h>  // IWYU pragma: keep
 #include <stdint.h>
+#include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 
@@ -48,7 +50,7 @@
 
 /*
   my_str_malloc(), my_str_realloc() and my_str_free() are assigned to
-  implementations in strings/alloc.c, but can be overridden in
+  implementations in strings/alloc.cc, but can be overridden in
   the calling program.
  */
 extern void *(*my_str_malloc)(size_t);
@@ -324,6 +326,32 @@ static inline const uchar *skip_trailing_space(const uchar *ptr, size_t len) {
   return (end);
 }
 
+/*
+  Format a double (representing number of bytes) into a human-readable string.
+
+  @param buf     Buffer used for printing
+  @param buf_len Length of buffer
+  @param dbl_val Value to be formatted
+
+  @note
+    Sample output format: 42 1K 234M 2G
+    If we exceed ULLONG_MAX YiB we give up, and convert to "+INF".
+
+  @todo Consider writing KiB GiB etc, since we use 1024 rather than 1000
+ */
+static inline void human_readable_num_bytes(char *buf, int buf_len,
+                                            double dbl_val) {
+  const char size[] = {'\0', 'K', 'M', 'G', 'T', 'P', 'E', 'Z', 'Y'};
+  unsigned int i;
+  for (i = 0; dbl_val > 1024 && i < sizeof(size) - 1; i++) dbl_val /= 1024;
+  const char mult = size[i];
+  // 18446744073709551615 Yottabytes should be enough for most ...
+  if (dbl_val > ULLONG_MAX)
+    snprintf(buf, buf_len, "+INF");
+  else
+    snprintf(buf, buf_len, "%llu%c", (unsigned long long)dbl_val, mult);
+}
+
 static inline void lex_string_set(LEX_STRING *lex_str, const char *c_str) {
   lex_str->str = (char *)c_str;
   lex_str->length = strlen(c_str);

mysql-test/mysql-test-run.pl

@@ -2852,8 +2852,8 @@ sub environment_setup {
   # for test cases
   $ENV{'VALGRIND_SERVER_TEST'} = $opt_valgrind_mysqld;
 
-  # Ask UBSAN to print stack traces
-  $ENV{'UBSAN_OPTIONS'} = "print_stacktrace=1" if $opt_sanitize;
+  # Ask UBSAN to print stack traces, and to be fail-fast.
+  $ENV{'UBSAN_OPTIONS'} = "print_stacktrace=1,halt_on_error=1" if $opt_sanitize;
 
   # Make sure LeakSanitizer exits if leaks are found
   $ENV{'LSAN_OPTIONS'} = "exitcode=42" if $opt_sanitize;

mysql-test/r/mysqltest.result

@@ -1469,6 +1469,9 @@ inf
 # Division by 0, result will be an infinite value and MTR will print 'inf' keyword.
 expr $res= 10 / 0
 inf
+# 0.0 / 0.0, result will be NaN and MTR will print 'nan' keyword.
+expr $res= 0 / 0
+nan
 # Invalid mathematical expressions
 expr
 mysqltest: At line 1: Missing arguments to expr command.

mysql-test/t/mysqltest.test

@@ -3680,6 +3680,11 @@ EOF
 --expr $res= $var1 / $var8
 --echo $res
 
+--echo # 0.0 / 0.0, result will be NaN and MTR will print 'nan' keyword.
+--echo expr \$res= $var8 / $var8
+--expr $res= $var8 / $var8
+--echo $res
+
 --echo # Invalid mathematical expressions
 --echo expr
 --error 1

mysys/my_string.cc

@@ -1,4 +1,4 @@
-/* Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
+/* Copyright (c) 2000, 2018, Oracle and/or its affiliates. All rights reserved.
 
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License, version 2.0,
@@ -106,6 +106,7 @@ bool dynstr_append(DYNAMIC_STRING *str, const char *append) {
 
 bool dynstr_append_mem(DYNAMIC_STRING *str, const char *append, size_t length) {
   char *new_ptr;
+  if (length == 0) return false;
   if (str->length + length >= str->max_length) {
     size_t new_length =
         (str->length + length + str->alloc_increment) / str->alloc_increment;

sql/opt_explain.cc

@@ -1426,15 +1426,6 @@ bool Explain_join::explain_ref() {
   return explain_ref_key(fmt, tab->ref().key_parts, tab->ref().key_copy);
 }
 
-static void human_readable_size(char *buf, int buf_len, double data_size) {
-  char size[] = " KMGTP";
-  int i;
-  for (i = 0; data_size > 1024 && i < 5; i++) data_size /= 1024;
-  const char mult = i == 0 ? 0 : size[i];
-  snprintf(buf, buf_len, "%llu%c", (ulonglong)data_size, mult);
-  buf[buf_len - 1] = 0;
-}
-
 bool Explain_join::explain_rows_and_filtered() {
   if (!tab || tab->table_ref->schema_table) return false;
 
@@ -1469,7 +1460,7 @@ bool Explain_join::explain_rows_and_filtered() {
     // Calculate amount of data from this table per query
     char data_size_str[32];
     double data_size = prefix_rows * tab->table()->s->rec_buff_length;
-    human_readable_size(data_size_str, sizeof(data_size_str), data_size);
+    human_readable_num_bytes(data_size_str, sizeof(data_size_str), data_size);
     fmt->entry()->col_data_size_query.set(data_size_str);
   }
 

sql/regexp/regexp_facade.cc

@@ -24,6 +24,7 @@
 
 #include <string>
 
+#include "my_pointer_arithmetic.h"
 #include "sql/mysqld.h"  // make_unique_destroy_only
 #include "sql/regexp/regexp_engine.h"
 #include "sql_string.h"
@@ -55,6 +56,13 @@ bool EvalExprToCharset(Item *expr, std::u16string *out) {
     return false;
   }
   // No conversion needed; just copy into the u16string.
+  // However: val_str() may ignore the input argument,
+  // and return a pointer to some other buffer.
+  if (!is_aligned_to(s->ptr(), alignof(UChar))) {
+    DBUG_ASSERT(s != &aligned_str);
+    aligned_str.copy(*s);
+    s = &aligned_str;
+  }
   out->clear();
   out->insert(out->end(), pointer_cast<const UChar *>(s->ptr()),
               pointer_cast<const UChar *>(s->ptr() + s->length()));

storage/innobase/buf/buf0buddy.cc

@@ -309,8 +309,9 @@ static buf_buddy_free_t *buf_buddy_alloc_zip(buf_pool_t *buf_pool, ulint i) {
     buf = buf_buddy_alloc_zip(buf_pool, i + 1);
 
     if (buf) {
+      byte *allocated_block = buf->stamp.bytes;
       buf_buddy_free_t *buddy = reinterpret_cast<buf_buddy_free_t *>(
-          buf->stamp.bytes + (BUF_BUDDY_LOW << i));
+          allocated_block + (BUF_BUDDY_LOW << i));
 
       mutex_enter(&buf_pool->zip_free_mutex);
       ut_ad(!buf_pool_contains_zip(buf_pool, buddy));

storage/myisam/myisampack.cc

@@ -1761,7 +1761,8 @@ static void make_traverse_code_tree(HUFF_TREE *huff_tree, HUFF_ELEMENT *element,
   if (!element->a.leaf.null) {
     chr = element->a.leaf.element_nr;
     huff_tree->code_len[chr] = (uchar)(8 * sizeof(ulonglong) - size);
-    huff_tree->code[chr] = (code >> size);
+    // >> 64 is undefined (platform specific)
+    huff_tree->code[chr] = size >= 64 ? 0 : (code >> size);
     if (huff_tree->height < 8 * sizeof(ulonglong) - size)
       huff_tree->height = 8 * sizeof(ulonglong) - size;
   } else {
@@ -2653,7 +2654,8 @@ static void flush_bits(void) {
   ulonglong bit_buffer;
 
   bits = file_buffer.bits & ~7;
-  bit_buffer = file_buffer.bitbucket >> bits;
+  // >> 64 is undefined (platform specific)
+  bit_buffer = bits >= 64 ? 0 : file_buffer.bitbucket >> bits;
   bits = BITS_SAVED - bits;
   while (bits > 0) {
     bits -= 8;

unittest/gunit/CMakeLists.txt

@@ -296,6 +296,7 @@ SET(TESTS
   inplace_vector
   key
   like_range
+  m_string
   mdl
   my_bitmap
   my_error

unittest/gunit/m_string-t.cc

@@ -0,0 +1,95 @@
+/* Copyright (c) 2018, Oracle and/or its affiliates. All rights reserved.
+
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License, version 2.0,
+   as published by the Free Software Foundation.
+
+   This program is also distributed with certain software (including
+   but not limited to OpenSSL) that is licensed under separate terms,
+   as designated in a particular file or component or in included license
+   documentation.  The authors of MySQL hereby grant you an additional
+   permission to link the program and your derivative works with the
+   separately licensed software that they have included with MySQL.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License, version 2.0, for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301  USA */
+
+#include <gtest/gtest.h>
+#include <string>
+
+#include <limits.h>
+
+#include "m_string.h"
+
+namespace m_string_unittest {
+
+TEST(MString, HumanReadableSize) {
+  char data_size_str[32];
+  double data_size = 1.0;
+  human_readable_num_bytes(data_size_str, 32, data_size);
+  EXPECT_STREQ("1", data_size_str);
+
+  data_size = 1024.0;
+  human_readable_num_bytes(data_size_str, 32, data_size);
+  EXPECT_STREQ("1024", data_size_str);
+
+  data_size = 1024.1;
+  human_readable_num_bytes(data_size_str, 32, data_size);
+  EXPECT_STREQ("1K", data_size_str);
+
+  data_size = 1025.0;
+  human_readable_num_bytes(data_size_str, 32, data_size);
+  EXPECT_STREQ("1K", data_size_str);
+
+  data_size *= 1024;
+  human_readable_num_bytes(data_size_str, 32, data_size);
+  EXPECT_STREQ("1M", data_size_str);
+
+  data_size *= 1024;
+  human_readable_num_bytes(data_size_str, 32, data_size);
+  EXPECT_STREQ("1G", data_size_str);
+
+  data_size *= 1024;
+  human_readable_num_bytes(data_size_str, 32, data_size);
+  EXPECT_STREQ("1T", data_size_str);
+
+  data_size *= 1024;
+  human_readable_num_bytes(data_size_str, 32, data_size);
+  EXPECT_STREQ("1P", data_size_str);
+
+  data_size *= 1024;
+  human_readable_num_bytes(data_size_str, 32, data_size);
+  EXPECT_STREQ("1E", data_size_str);
+
+  data_size *= 1024;
+  human_readable_num_bytes(data_size_str, 32, data_size);
+  EXPECT_STREQ("1Z", data_size_str);
+
+  data_size *= 1024;
+  human_readable_num_bytes(data_size_str, 32, data_size);
+  EXPECT_STREQ("1Y", data_size_str);
+
+  data_size *= 1024;
+  human_readable_num_bytes(data_size_str, 32, data_size);
+  EXPECT_STREQ("1025Y", data_size_str);
+
+  data_size *= 1000;
+  human_readable_num_bytes(data_size_str, 32, data_size);
+  EXPECT_STREQ("1025000Y", data_size_str);
+
+  data_size *= 1000;
+  human_readable_num_bytes(data_size_str, 32, data_size);
+  EXPECT_STREQ("1025000000Y", data_size_str);
+
+  data_size *= std::numeric_limits<unsigned long long>::max();
+  human_readable_num_bytes(data_size_str, 32, data_size);
+  EXPECT_STREQ("+INF", data_size_str);
+}
+
+}  // namespace m_string_unittest