Release 2.2.1 #331
Merged
Release 2.2.1 #331
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Add AddressSanitizer and LeakSanitizer to ci/local dev * Removed spurious mbdirector reference. * Fixed uri detected leak. * Fixed uri detected leak.
* Add ThreadSanitizer support and fix data races - Added --enable-thread-sanitizer configure option - Added TSAN CI workflow with ASLR workaround for kernel 6.6+ - Fixed data race on m_finished flag using std::atomic<bool> - Fixed data race on m_last_error using std::atomic<int> - Added tsan_suppressions.txt for benign stats counter races - Updated README with TSAN build and test instructions * Update README.md Co-authored-by: Paulo Sousa <[email protected]> --------- Co-authored-by: Paulo Sousa <[email protected]>
* Signal Handling with Graceful Shutdown with metrics. * Fixes per PR review: Interrupt logic is now encapsulated in the client_group class where it belongs.
* Improve random data generation to avoid value repetition The previous implementation only incremented a single byte position in the value buffer, causing values to repeat after cycling through all bytes in all buffer positions. This change regenerates completely new random data when the mutation position wraps around, giving more guarantees of random values throughout the benchmark run while preventing hurting performance too much. * Separate buffer allocation from filling and fix random seed initialization - Extract buffer filling logic into new fill_value_buffer() method - Remove automatic buffer filling from alloc_value_buffer() - Call fill_value_buffer() explicitly after set_random_seed() in client setup - Simplify random data generation to use gaussian_noise::get_random() - Remove /dev/urandom file descriptor (m_random_fd) and XOR logic - Remove alloc_value_buffer(const char* copy_from) overload This ensures random data is generated with the correct per-client seed rather than using the default seed during initial buffer allocation (leading to repeated values). * Add null check for value buffer in `fill_value_buffer` function * Minor formatting cleanup in obj_gen.cpp
…#328) * Add crash handling/debugging support, and version metadata generation * fixed macos build errors due to crash handler code. * Include a link in the main README to the detailed Crash Handling and Debugging section in DEVELOPMENT.md * Include strings.h for strcasecmp() on POSIX systems * Update GitHub Actions to use macos-14 instead of retired macos-13 The macos-13 runner images have been retired as of December 2024. Update the workflow to use macos-14 for building with older OpenSSL versions (1.1 and 1.0.2). Also simplified the workflow by removing unnecessary matrix strategy. * Update GitHub Actions to use macos-14 instead of retired macos-13 * Add version and libevent verification step to macOS builds After building on macOS, verify that: - memtier_benchmark --version works correctly - The binary is linked against the expected libevent library * Enhance --version output to include detailed build information Update --version to display comprehensive build details in Redis-like format: - Version number (v=) - Git SHA and dirty status (sha=) - Architecture bits (bits=) - libevent version (libevent=) - OpenSSL version if TLS enabled (openssl=) Example output: v=255.255.255 sha=8985eb5a:1 bits=64 libevent=2.1.12-stable openssl=OpenSSL 3.0.13 30 Jan 2024 * Move detailed version info to first line of --version output Change --version output format to show all build information on the first line: memtier_benchmark v=255.255.255 sha=8985eb5a:1 bits=64 libevent=2.1.12-stable openssl=OpenSSL 3.0.13 30 Jan 2024 This makes it easier to parse and matches the Redis version output style. * Extra sanity check on CI by printing version and linked libs * Fixed ldd grep * only checking for ssl lib when built with tls
… command argument (#154) * Enable key placeholder to be combined with other data within the same command argument * Ensured tests cover key format with prefix/suffix * Fixes per PR review: added KEY_BUFFER_STACK_SIZE instead of constexpr --------- Co-authored-by: fcostaoliveira <[email protected]>
![jit-ci[bot]](https://avatars.githubusercontent.com/in/142441?s=60&v=4){kind=small}
There was a problem hiding this comment.
❌ Jit has detected 3 important findings in this PR that you should review.
The findings are detailed below as separate comments.
It’s highly recommended that you fix these security issues before merge.
Repository Risks:
- Database Integration: Connects to a database, often involving sensitive data that must be securely managed.
- Internally Accessible: Accessible only within the internal network, reducing exposure to external threats but still requiring proper controls.
- High Severity Findings: Indicates that the resource has high severity security findings that need attention.
Repository Context:
graph LR
GitHub$Repository_U23_RedisLabs/memtier_benchmark["GitHub Repository<br/>RedisLabs/memtier_benchmark"]:::GitHub$Repository
Team_U23_SecurityManagers["Team<br/>SecurityManagers"]:::Team
Team_U23_Owners_U2D_Admin["Team<br/>Owners-Admin"]:::Team
Team_U23_machine_U2D_users["Team<br/>machine-users"]:::Team
Team_U23_dev_U2D_team["Team<br/>dev-team"]:::Team
DBIntegration_U23_redis["DBIntegration<br/>redis"]:::DBIntegration
Docker$Image_U23_memtier_U2D_benchmark["Docker Image<br/>memtier-benchmark"]:::Docker$Image
Team_U23_SecurityManagers -- "Owns" --> GitHub$Repository_U23_RedisLabs/memtier_benchmark
Team_U23_Owners_U2D_Admin -- "Owns" --> GitHub$Repository_U23_RedisLabs/memtier_benchmark
Team_U23_machine_U2D_users -- "Owns" --> GitHub$Repository_U23_RedisLabs/memtier_benchmark
Team_U23_dev_U2D_team -- "Owns" --> GitHub$Repository_U23_RedisLabs/memtier_benchmark
GitHub$Repository_U23_RedisLabs/memtier_benchmark -- "Is accessible to" --> DBIntegration_U23_redis
GitHub$Repository_U23_RedisLabs/memtier_benchmark -- "Builds" --> Docker$Image_U23_memtier_U2D_benchmark
| apk add \ | ||
| make g++ autoconf automake libtool pkgconfig \ | ||
| pcre-dev libevent-dev zlib-dev openssl-dev | ||
| libevent-dev zlib-dev openssl-dev |
There was a problem hiding this comment.
Security control: Docker Scan
'Apk Add' Is Missing '--No-Cache'
You should use 'apk add' with '--no-cache' to clean package cached data and reduce image size.
Severity: HIGH
Jit Bot commands and options (e.g., ignore issue)
You can trigger Jit actions by commenting on this PR review:
#jit_ignore_fpIgnore and mark this specific single instance of finding as “False Positive”#jit_ignore_acceptIgnore and mark this specific single instance of finding as “Accept Risk”#jit_ignore_type_in_fileIgnore any finding of type "'apk add' is missing '--no-cache'" in Dockerfile.alpine; future occurrences will also be ignored.#jit_undo_ignoreUndo ignore command
| apt-get install -y \ | ||
| build-essential autoconf automake libpcre3-dev libevent-dev \ | ||
| build-essential autoconf automake libevent-dev \ | ||
| pkg-config zlib1g-dev libssl-dev libboost-all-dev cmake flex |
There was a problem hiding this comment.
Security control: Docker Scan
'Apt-Get' Missing '--No-Install-Recommends'
'apt-get' install should use '--no-install-recommends' to minimize image size.
Severity: HIGH
Jit Bot commands and options (e.g., ignore issue)
You can trigger Jit actions by commenting on this PR review:
#jit_ignore_fpIgnore and mark this specific single instance of finding as “False Positive”#jit_ignore_acceptIgnore and mark this specific single instance of finding as “Accept Risk”#jit_ignore_type_in_fileIgnore any finding of type "'apt-get' missing '--no-install-recommends'" in Dockerfile; future occurrences will also be ignored.#jit_undo_ignoreUndo ignore command
| COPY --from=builder /usr/local/bin/memtier_benchmark /usr/local/bin/memtier_benchmark | ||
| RUN \ | ||
| apk add libstdc++ pcre libevent zlib openssl | ||
| apk add libstdc++ libevent zlib openssl |
There was a problem hiding this comment.
Security control: Docker Scan
'Apk Add' Is Missing '--No-Cache'
You should use 'apk add' with '--no-cache' to clean package cached data and reduce image size.
Severity: HIGH
Jit Bot commands and options (e.g., ignore issue)
You can trigger Jit actions by commenting on this PR review:
#jit_ignore_fpIgnore and mark this specific single instance of finding as “False Positive”#jit_ignore_acceptIgnore and mark this specific single instance of finding as “Accept Risk”#jit_ignore_type_in_fileIgnore any finding of type "'apk add' is missing '--no-cache'" in Dockerfile.alpine; future occurrences will also be ignored.#jit_undo_ignoreUndo ignore command
paulorsousa
approved these changes
Jan 5, 2026
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.