-
-
Notifications
You must be signed in to change notification settings - Fork 1.3k
Expand file tree
/
Copy pathPOTENTIAL_ISSUES
More file actions
148 lines (111 loc) · 8.37 KB
/
POTENTIAL_ISSUES
File metadata and controls
148 lines (111 loc) · 8.37 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
# POTENTIAL ISSUES AUDIT
This file records anomalies discovered during laboratory testing (Perl warnings, SQL errors, etc.).
## [2026-01-27 00:32] Session Start (v2.8.31)
### Logic Anomalies
- [x] **SQL Check Syntax Error**: `sh: 1: Syntax error: "(" unexpected` during `select CONCAT(...) from sys.schema_redundant_indexes`.
- Found in: MySQL 8.x and Percona 8.x laboratory logs.
- Fix: Escaped double quotes in `select_array` and `select_array_with_headers` to ensure safe transport in container mode.
- [x] **MariaDB LTS Stability**: Verified clean for 11.4, 10.11, 10.6.
- [x] **Performance Schema Disabled**: `Performance_schema should be activated.` reported during audit. Verified fix in lab tests.
- **How to fix**:
- **MySQL/MariaDB**: Add `performance_schema=ON` under `[mysqld]` in your `my.cnf` or `server.cnf` and restart the service.
- **Cloud/Managed**: Enable via your cloud provider console (e.g., AWS Parameter Group, GCP Flags).
- **Verification**: Run `SHOW VARIABLES LIKE 'performance_schema';` (should be `ON`).
### Environment/Lab Issues
- [x] **Laboratory Connection Failures**: Invalid credentials error `Attempted to use login credentials, but they were invalid` in targeted multi-version tests (mysql84, mysql80, mariadb1011, mariadb114).
- Impact: Integration tests failed to connect to the lab containers.
- Mitigation: Verified core logic via expanded unit tests (tests/core_logic_coverage.t) and cloud discovery tests (tests/cloud_discovery.t) while laboratory issues are investigated.
- [x] **MariaDB LTS Stability**: Verified clean for 11.4, 10.11, 10.6.
Pre-existing anomalies found in examples/ directory:
- SQL Execution Failure (return code 256) found in:
- examples/20260201_021412_mariadb118/Dumpdir/execution.log
- examples/20260201_021550_mysql84/Standard/execution.log
- examples/20260201_022737_mariadb118/Container/execution.log
- examples/20260201_021043_percona80/Standard/execution.log
- [x] **Perl Warnings (uninitialized value $opt{"colstat"})**: Fixed by normalizing CLI metadata key extraction in `%opt` hash.
- Found in: `examples/20260201_020318_mariadb1011/Standard/execution.log` etc.
- Fix: Stripped `Getopt::Long` modifiers (`!`, `+`, `=`, `:`) during `%opt` initialization and CLI parsing.
## [2026-02-02 Audit] Release v2.8.35/v2.8.36
### [v2.8.35] Logic Anomalies
- [x] **Perl Warning ($opt{"colstat"})**: `Use of uninitialized value $opt{"colstat"}` in MariaDB 10.11 and 10.6.
- Found in: `examples/20260202_231425_mariadb1011/Standard/execution.log`
- Fix: Normalized CLI primary key extraction to strip modifiers. Verified with `tests/cli_mod_keys.t`.
### [v2.8.35] Environment/Lab Issues
- [x] **SQL Execution Failure (return code 256)**: Persistent across MySQL 8.x, 9.6 and Percona 8.0.
- Found in: `examples/20260202_230352_mysql84/Standard/execution.log`, `examples/20260202_230050_mysql96/Standard/execution.log`.
- Fix: Issue #22 (Robust password column detection).
- Reproduce: `tests/repro_issue_22.t`.
## [2026-02-02 Audit] System Call & Core Perl Optimization
### Systemic Findings
The following external commands are currently used via `execute_system_command` but have native Core Perl equivalents (no external dependencies required). Migrating these will reduce fork overhead and improve portability.
#### High Priority Replacements (Low Complexity)
- [x] **Command**: `whoami` (line 701)
- **Replacement**: `(getpwuid($<))[0]` (Native core Perl used).
- [x] **Command**: `env` / `printenv` (lines 1673, 1890, 1955)
- **Replacement**: Access the `%ENV` hash directly.
- [x] **Command**: `hostname` (line 3051)
- **Replacement**: `use Sys::Hostname; hostname();` (Core since Perl 5.6).
- [x] **Command**: `grep ... /proc/meminfo` (lines 1399, 1414, 3099)
- **Replacement**: Open `/proc/meminfo` and parse line-by-line (Core file handles).
- [x] **Command**: `grep -c ^processor /proc/cpuinfo` (line 949)
- **Replacement**: Open `/proc/cpuinfo` and count lines starting with `processor`.
- [x] **Command**: `which` (lines 1552, 1576)
- **Replacement**: Iterate through `split(/:/, $ENV{PATH})` and check file existence with `-x`.
- [x] **Command**: `getconf PAGESIZE` (line 2718)
- **Replacement**: `use POSIX; POSIX::sysconf(POSIX::_SC_PAGESIZE);`
- [x] **Command**: `uname` (lines 1108, 1395, 3044, 3049, 3117)
- **Replacement**: `use POSIX; POSIX::uname();` or `$^O`.
#### Medium Priority Replacements (Environmental Specifics)
- [x] **Command**: `stty -echo` / `stty echo` (lines 1701, 1925)
- **Replacement**: Use `POSIX::Termios` for terminal attribute control (avoids `stty` binary dependency).
- [x] **Command**: `uptime` (line 3107)
- **Replacement**: Read `/proc/uptime` (Linux-only) or calculate via `$^T` (script start time) for script uptime. System uptime requires `POSIX` / `/proc`.
- [ ] **Command**: `df` (lines 2790, 2791)
- **Replacement**: No cross-platform Core Perl replacement. Keep for now or use `statvfs` where available.
- [x] **Command**: `grep -Ec '^flags.*\ hypervisor\ ' /proc/cpuinfo` (line 2981)
- **Replacement**: Native Perl parsing of `/proc/cpuinfo`.
- [x] **Command**: `sysctl -n vm.swappiness` (line 3052)
- **Replacement**: Native Perl parsing of `/proc/sys/vm/swappiness`.
## [2026-02-14 Audit] Release v2.8.38
### [v2.8.38] Environment/Lab Issues
- [x] **SQL Execution Failure (return code 256)**: Persistent across MySQL 8.x and 9.x in laboratory reports.
- Found in: `examples/20260214_224108_mysql96/`, `examples/20260214_224539_mysql84/`.
- Symptom: `✘ FAIL Execute SQL / return code: 256`.
- Fix: Added safety check for `performance_schema` before `TRUNCATE TABLE performance_schema.host_cache` in `mysqltuner.pl`.
- [x] **Container Startup Failure**: `mysql96` failed to start during `make test-all`.
- Found in: `examples/20260214_234142_mysql96/`.
- Fix: Remapped Traefik dashboard port from 8080 to 8081 in `docker-compose.yml` to resolve host port conflict (verified).
## [2026-02-15 Audit] Development v2.8.40
### [v2.8.40] Environment/Lab Issues
- [x] **SQL Execution Failure (return code 256)**: Persistent across MySQL 8.4 and 9.6 in laboratory reports.
- Found in: `examples/20260214_224108_mysql96/`, `examples/20260214_224539_mysql84/`.
- Symptom: `✘ FAIL Execute SQL / return code: 256`.
- Fix: Replaced brittle regex with `mysql_version_ge` for replication checks and corrected `FLUSH HOSTS` compatibility logic.
- [x] **Perl Warnings (uninitialized value in concatenation)**: Discovered during TDD for redo log logic improvements.
- Context: `mysql_innodb` uses `Innodb_log_write_requests` in `goodprint` strings.
- Mitigation: Refined test cases to mock essential stats and ensured logic handles undefined stats gracefully.
## [2026-02-15 Audit] SSL/TLS & Cloud Enhancements
### Logic Enhancements
- [x] **SSL/TLS Security**:
- Added explicit TLS 1.2+ requirements.
- Added local certificate expiration audit (requires `openssl` and `date`).
- Added remote user SSL enforcement check.
- Verified with `tests/ssl_tls_validation.t`.
- [x] **Cloud Discovery**:
- Enhanced granularity for AWS (RDS vs Aurora), GCP (Cloud SQL), and Azure (Flexible vs Managed).
- Verified with improved `mysql_cloud_discovery` logic.
### Quality Assurance
- [ ] **Multi-Version Validation**: Pending `make test-it` execution across all lab environments.
- [ ] **Full Coverage Audit**: Identified 95 subroutines currently missing direct unit test coverage.
## [2026-02-15 Audit] Session Update (v2.8.40)
### 2026-02-15 Environment/Lab Issues
- [ ] **Systemic Container Failure (Exit code 1)**: Consistent failure across all database versions in `--container` mode.
- Found in: `examples/20260215_*/Container/execution.log`.
- Symptom: `OCI runtime exec failed: exec failed: unable to start container process: exec: "sh": executable file not found in $PATH`.
- Context: `get_container_prefix` uses `sh -c` which seems to fail in current lab containers.
- [ ] **Audit Tool False Positives**: `build/audit_logs.pl` flags success messages containing the word "deprecated" as Perl warnings.
- Symptom: `✔ No users found using insecure or deprecated authentication plugins` is flagged.
- Fix Recommendation: Refine regex in `audit_logs.pl` to exclude lines starting with `✔`.
### 2026-02-15 Quality Assurance
- [x] **Unit Tests Stability**: 100% pass (53 files, 262 tests).
- [x] **Regression Cleanliness**: No new `uninitialized value` or `Syntax error` found in Standard, Dumpdir, or Schemadir scenarios.