Merge branch 'master' into fix-metric-num_vertices_inserted

.github/Security.md

@@ -0,0 +1,30 @@
+# Vulnerability Assessment Reporting: Beginner's Guide
+
+NebulaGraph is dedicated to offering stable and secure data services. We recognize the importance of community contributions to our security posture and invite you to report any vulnerabilities you may discover.
+
+Should you identify a potential security vulnerability within NebulaGraph or encounter a security incident, we urge you to get in touch with our team.
+
+For efficient communication, please send your findings to ([email protected]) with the following details:
+
+* Vulnerability name (*): Provide a clear, concise title. Include a CVE identifier if available.
+* Description of the security issue (*): Elaborate on the security concern.
+* Impacted Components (*): Specify affected modules and their version numbers.
+* Reproduction Steps (*): Detail the process to verify the vulnerability.
+* Suggested Remediation: Offer potential solutions if possible.
+* Contact information (*):
+    * Name
+    * Email
+    * Organization
+    * Consent for Identity Disclosure
+
+ > Fields marked with an asterisk `(*)` are mandatory.
+
+## Response Protocol
+
+The NebulaGraph security team pledges to acknowledge receipt of your report via email within one working day.
+
+Post-resolution, we will promptly notify you and extend our gratitude for your invaluable assistance in enhancing NebulaGraph's security.
+
+Disclosure of the vulnerability will be withheld until an official patch is released. We appreciate your discretion and cooperation.
+
+We thank you for your attention to these guidelines and look forward to your participation in securing NebulaGraph.

README.md

@@ -69,7 +69,7 @@ See our [Roadmap](https://github.com/vesoft-inc/nebula/wiki/Nebula-Graph-Roadmap
 
 ## Quick start
 
-Read the [getting started](https://docs.nebula-graph.io/3.2.0/2.quick-start/1.quick-start-workflow/) article for a quick start.
+Read the [getting started](https://docs.nebula-graph.io/3.6.0/2.quick-start/1.quick-start-workflow/) docs for a quick start.
 
 ## Using NebulaGraph
 
@@ -82,13 +82,13 @@ NebulaGraph is a distributed graph database with multiple components. You can [d
 ## Getting help
 
 In case you encounter any problems playing around **NebulaGraph**, please reach out for help:
-* [FAQ](https://docs.nebula-graph.io/3.3.0/20.appendix/0.FAQ/)
+* [FAQ](https://docs.nebula-graph.io/3.6.0/20.appendix/0.FAQ/)
 * [Discussions](https://github.com/vesoft-inc/nebula/discussions)
 * [Documentation](https://docs.nebula-graph.io/)
 
 ## DevTools
 
-NebulaGraph comes with a set of tools to help you manage and monitor your graph database. See [Ecosystem](https://docs.nebula-graph.io/3.3.0/20.appendix/6.eco-tool-version/).
+NebulaGraph comes with a set of tools to help you manage and monitor your graph database. See [Ecosystem](https://docs.nebula-graph.io/3.6.0/20.appendix/6.eco-tool-version/).
 
 ## Contributing
 
@@ -100,10 +100,10 @@ Contributions are warmly welcomed and greatly appreciated. And here are a few wa
 ## Landscape
 
 <p align="left">
-<img src="https://landscape.cncf.io/images/left-logo.svg" width="150">&nbsp;&nbsp;<img src="https://landscape.cncf.io/images/right-logo.svg" width="200" />
+<img src="https://landscape.cncf.io/images/cncf-landscape-horizontal-color.svg" width="150">
 <br />
 
-[NebulaGraph](https://landscape.cncf.io/?selected=nebula-graph) enriches the [CNCF Database Landscape](https://landscape.cncf.io/card-mode?category=database&grouping=category).
+[NebulaGraph](https://landscape.cncf.io/?item=app-definition-and-development--database--nebulagraph) enriches the [CNCF Database Landscape](https://landscape.cncf.io/?group=projects-and-products&view-mode=card#app-definition-and-development--database).
 </p>
 
 ## Licensing
@@ -116,7 +116,7 @@ You can also freely deploy **NebulaGraph** as a back-end service to support your
 * [Community Chat](https://community-chat.nebula-graph.io/)
 * [Slack Channel](https://join.slack.com/t/nebulagraph/shared_invite/zt-7ybejuqa-NCZBroh~PCh66d9kOQj45g)
 * [Stack Overflow](https://stackoverflow.com/questions/tagged/nebula-graph)
-* Twitter: [@NebulaGraph](https://twitter.com/NebulaGraph)
+* X(Twitter): [@NebulaGraph](https://twitter.com/NebulaGraph)
 * [LinkedIn Page](https://www.linkedin.com/company/nebula-graph/)
 * Email: [email protected]
 

src/common/function/FunctionManager.cpp

@@ -584,7 +584,7 @@ FunctionManager::FunctionManager() {
         case Value::Type::FLOAT: {
           if (args.size() >= 2) {
             if (args[1].get().type() == Value::Type::INT) {
-              auto val = args[0].get().getFloat();
+              auto val = args[0].get().isInt() ? args[0].get().getInt() : args[0].get().getFloat();
               auto decimal = args[1].get().getInt();
               auto factor = pow(10.0, decimal);
 

src/common/memory/MemoryTracker.h

@@ -5,6 +5,7 @@
 #pragma once
 
 #include <atomic>
+#include <new>
 
 #include "common/base/Base.h"
 
@@ -29,7 +30,7 @@ static std::string ReadableSize(double size) {
 
 constexpr size_t
 #if defined(__cpp_lib_hardware_interference_size)
-    CACHE_LINE_SIZE = hardware_destructive_interference_size;
+    CACHE_LINE_SIZE = std::hardware_destructive_interference_size;
 #else
     CACHE_LINE_SIZE = 64;
 #endif

src/graph/executor/algo/AllPathsExecutor.cpp

@@ -102,19 +102,29 @@ folly::Future<Status> AllPathsExecutor::doAllPaths() {
       break;
     }
   }
-  return folly::collect(futures).via(runner()).thenValue([this](auto&& resps) {
-    memory::MemoryCheckGuard guard;
-    for (auto& resp : resps) {
-      if (!resp.ok()) {
-        return folly::makeFuture<Status>(std::move(resp));
-      }
-    }
-    if (leftSteps_ + rightSteps_ >= maxStep_ || leftNextStepVids_.empty() ||
-        rightNextStepVids_.empty()) {
-      return buildResult();
-    }
-    return doAllPaths();
-  });
+  return folly::collectAll(futures).via(runner()).thenValue(
+      [this](std::vector<folly::Try<Status>>&& resps) {
+        memory::MemoryCheckGuard guard;
+        for (auto& respVal : resps) {
+          if (respVal.hasException()) {
+            auto ex = respVal.exception().get_exception<std::bad_alloc>();
+            if (ex) {
+              throw std::bad_alloc();
+            } else {
+              throw std::runtime_error(respVal.exception().what().c_str());
+            }
+          }
+          auto resp = std::move(respVal).value();
+          if (!resp.ok()) {
+            return folly::makeFuture<Status>(std::move(resp));
+          }
+        }
+        if (leftSteps_ + rightSteps_ >= maxStep_ || leftNextStepVids_.empty() ||
+            rightNextStepVids_.empty()) {
+          return buildResult();
+        }
+        return doAllPaths();
+      });
 }
 
 folly::Future<Status> AllPathsExecutor::getNeighbors(bool reverse) {
@@ -273,6 +283,16 @@ folly::Future<Status> AllPathsExecutor::buildPathMultiJobs() {
       })
       .thenValue([this, conjunctPathTime](auto&& resps) {
         NG_RETURN_IF_ERROR(resps);
+        if (result_.rows.size() > limit_) {
+          result_.rows.resize(limit_);
+        }
+        if (offset_ != 0) {
+          if (result_.rows.size() <= offset_) {
+            result_.rows.clear();
+          } else {
+            result_.rows.erase(result_.rows.begin(), result_.rows.begin() + offset_);
+          }
+        }
         addState("conjunct_path_time", conjunctPathTime);
         return Status::OK();
       });
@@ -311,6 +331,11 @@ folly::Future<std::vector<AllPathsExecutor::NPath*>> AllPathsExecutor::doBuildPa
         continue;
       }
       for (auto& edge : adjEdges) {
+        if (noLoop_) {
+          if (edge.getEdge().dst == edge.getEdge().src) {
+            continue;
+          }
+        }
         threadLocalPtr_->emplace_back(NPath(src, edge));
         newPathsPtr->emplace_back(&threadLocalPtr_->back());
       }
@@ -451,8 +476,8 @@ void AllPathsExecutor::buildOneWayPath(std::vector<NPath*>& paths, bool reverse)
     auto iter = emptyPropVertices_.find(emptyPropVertex);
     if (iter == emptyPropVertices_.end()) {
       emptyPropVids_.emplace_back(dst);
-      emptyPropVertices_.emplace(emptyPropVertex);
     }
+    emptyPropVertices_.emplace(emptyPropVertex);
     result_.rows.emplace_back(std::move(row));
   }
 }
@@ -500,8 +525,8 @@ std::vector<Row> AllPathsExecutor::buildOneWayPathFromHashTable(bool reverse) {
     auto iter = emptyPropVertices_.find(emptyPropVertex);
     if (iter == emptyPropVertices_.end()) {
       emptyPropVids_.emplace_back(vid);
-      emptyPropVertices_.emplace(emptyPropVertex);
     }
+    emptyPropVertices_.emplace(emptyPropVertex);
   }
   return result;
 }
@@ -535,12 +560,22 @@ folly::Future<Status> AllPathsExecutor::conjunctPath(std::vector<NPath*>& leftPa
           runner(), [this, start, end, reverse]() { return probe(start, end, reverse); }));
     }
   }
-  return folly::collect(futures)
+  return folly::collectAll(futures)
       .via(runner())
-      .thenValue([this, path = std::move(oneWayPath)](std::vector<std::vector<Row>>&& resps) {
+      .thenValue([this,
+                  path = std::move(oneWayPath)](std::vector<folly::Try<std::vector<Row>>>&& resps) {
         memory::MemoryCheckGuard guard;
         result_.rows = std::move(path);
-        for (auto& rows : resps) {
+        for (auto& respVal : resps) {
+          if (respVal.hasException()) {
+            auto ex = respVal.exception().get_exception<std::bad_alloc>();
+            if (ex) {
+              throw std::bad_alloc();
+            } else {
+              throw std::runtime_error(respVal.exception().what().c_str());
+            }
+          }
+          auto rows = std::move(respVal).value();
           if (rows.empty()) {
             continue;
           }
@@ -557,12 +592,6 @@ folly::Future<Status> AllPathsExecutor::conjunctPath(std::vector<NPath*>& leftPa
                               std::make_move_iterator(rows.begin()),
                               std::make_move_iterator(rows.end()));
         }
-        if (result_.rows.size() > limit_) {
-          result_.rows.resize(limit_);
-        }
-        if (offset_ != 0) {
-          result_.rows.erase(result_.rows.begin(), result_.rows.begin() + offset_);
-        }
         return Status::OK();
       })
       .thenError(folly::tag_t<std::bad_alloc>{},

src/graph/executor/algo/BatchShortestPath.cpp

@@ -27,18 +27,28 @@ folly::Future<Status> BatchShortestPath::execute(const HashSet& startVids,
     resultDs_[rowNum].colNames = pathNode_->colNames();
     futures.emplace_back(shortestPath(rowNum, 1));
   }
-  return folly::collect(futures).via(runner()).thenValue([this, result](auto&& resps) {
-    // MemoryTrackerVerified
-    memory::MemoryCheckGuard guard;
-    for (auto& resp : resps) {
-      NG_RETURN_IF_ERROR(resp);
-    }
-    result->colNames = pathNode_->colNames();
-    for (auto& ds : resultDs_) {
-      result->append(std::move(ds));
-    }
-    return Status::OK();
-  });
+  return folly::collectAll(futures).via(runner()).thenValue(
+      [this, result](std::vector<folly::Try<Status>>&& resps) {
+        // MemoryTrackerVerified
+        memory::MemoryCheckGuard guard;
+        for (auto& respVal : resps) {
+          if (respVal.hasException()) {
+            auto ex = respVal.exception().get_exception<std::bad_alloc>();
+            if (ex) {
+              throw std::bad_alloc();
+            } else {
+              throw std::runtime_error(respVal.exception().what().c_str());
+            }
+          }
+          auto resp = std::move(respVal).value();
+          NG_RETURN_IF_ERROR(resp);
+        }
+        result->colNames = pathNode_->colNames();
+        for (auto& ds : resultDs_) {
+          result->append(std::move(ds));
+        }
+        return Status::OK();
+      });
 }
 
 size_t BatchShortestPath::init(const HashSet& startVids, const HashSet& endVids) {
@@ -100,12 +110,21 @@ folly::Future<Status> BatchShortestPath::shortestPath(size_t rowNum, size_t step
   std::vector<folly::Future<Status>> futures;
   futures.emplace_back(getNeighbors(rowNum, stepNum, false));
   futures.emplace_back(getNeighbors(rowNum, stepNum, true));
-  return folly::collect(futures)
+  return folly::collectAll(futures)
       .via(runner())
-      .thenValue([this, rowNum, stepNum](auto&& resps) {
+      .thenValue([this, rowNum, stepNum](std::vector<folly::Try<Status>>&& resps) {
         // MemoryTrackerVerified
         memory::MemoryCheckGuard guard;
-        for (auto& resp : resps) {
+        for (auto& respVal : resps) {
+          if (respVal.hasException()) {
+            auto ex = respVal.exception().get_exception<std::bad_alloc>();
+            if (ex) {
+              throw std::bad_alloc();
+            } else {
+              throw std::runtime_error(respVal.exception().what().c_str());
+            }
+          }
+          auto resp = std::move(respVal).value();
           if (!resp.ok()) {
             return folly::makeFuture<Status>(std::move(resp));
           }

src/graph/executor/algo/SingleShortestPath.cpp

@@ -25,17 +25,27 @@ folly::Future<Status> SingleShortestPath::execute(const HashSet& startVids,
     resultDs_[rowNum].colNames = pathNode_->colNames();
     futures.emplace_back(shortestPath(rowNum, 1));
   }
-  return folly::collect(futures).via(runner()).thenValue([this, result](auto&& resps) {
-    memory::MemoryCheckGuard guard;
-    for (auto& resp : resps) {
-      NG_RETURN_IF_ERROR(resp);
-    }
-    result->colNames = pathNode_->colNames();
-    for (auto& ds : resultDs_) {
-      result->append(std::move(ds));
-    }
-    return Status::OK();
-  });
+  return folly::collectAll(futures).via(runner()).thenValue(
+      [this, result](std::vector<folly::Try<Status>>&& resps) {
+        memory::MemoryCheckGuard guard;
+        for (auto& respVal : resps) {
+          if (respVal.hasException()) {
+            auto ex = respVal.exception().get_exception<std::bad_alloc>();
+            if (ex) {
+              throw std::bad_alloc();
+            } else {
+              throw std::runtime_error(respVal.exception().what().c_str());
+            }
+          }
+          auto resp = std::move(respVal).value();
+          NG_RETURN_IF_ERROR(resp);
+        }
+        result->colNames = pathNode_->colNames();
+        for (auto& ds : resultDs_) {
+          result->append(std::move(ds));
+        }
+        return Status::OK();
+      });
 }
 
 void SingleShortestPath::init(const HashSet& startVids, const HashSet& endVids, size_t rowSize) {
@@ -69,11 +79,20 @@ folly::Future<Status> SingleShortestPath::shortestPath(size_t rowNum, size_t ste
   futures.reserve(2);
   futures.emplace_back(getNeighbors(rowNum, stepNum, false));
   futures.emplace_back(getNeighbors(rowNum, stepNum, true));
-  return folly::collect(futures)
+  return folly::collectAll(futures)
       .via(runner())
-      .thenValue([this, rowNum, stepNum](auto&& resps) {
+      .thenValue([this, rowNum, stepNum](std::vector<folly::Try<Status>>&& resps) {
         memory::MemoryCheckGuard guard;
-        for (auto& resp : resps) {
+        for (auto& respVal : resps) {
+          if (respVal.hasException()) {
+            auto ex = respVal.exception().get_exception<std::bad_alloc>();
+            if (ex) {
+              throw std::bad_alloc();
+            } else {
+              throw std::runtime_error(respVal.exception().what().c_str());
+            }
+          }
+          auto resp = std::move(respVal).value();
           if (!resp.ok()) {
             return folly::makeFuture<Status>(std::move(resp));
           }

src/graph/optimizer/Optimizer.cpp

@@ -35,8 +35,10 @@ StatusOr<const PlanNode *> Optimizer::findBestPlan(QueryContext *qctx) {
   auto optCtx = std::make_unique<OptContext>(qctx);
 
   auto root = qctx->plan()->root();
-  auto spaceID = qctx->rctx()->session()->space().id;
-
+  auto spaceID = nebula::graph::kInvalidSpaceID;
+  if (qctx->vctx()->spaceChosen()) {
+    spaceID = qctx->vctx()->whichSpace().id;
+  }
   NG_RETURN_IF_ERROR(checkPlanDepth(root));
   auto ret = prepare(optCtx.get(), root);
   NG_RETURN_IF_ERROR(ret);

src/graph/service/GraphFlags.cpp

@@ -54,6 +54,9 @@ DEFINE_string(cloud_http_url, "", "cloud http url including ip, port, url path")
 DEFINE_uint32(max_allowed_statements, 512, "Max allowed sequential statements");
 DEFINE_uint32(max_allowed_query_size, 4194304, "Max allowed sequential query size");
 
+DEFINE_uint32(max_statements,
+              1024,
+              "threshold for maximun number of statements that can be validate");
 DEFINE_int64(max_allowed_connections,
              std::numeric_limits<int64_t>::max(),
              "Max connections of the whole cluster");
@@ -65,7 +68,7 @@ DEFINE_uint32(ft_request_retry_times, 3, "Retry times if fulltext request failed
 DEFINE_bool(enable_client_white_list, true, "Turn on/off the client white list.");
 DEFINE_string(client_white_list,
               nebula::getOriginVersion() + ":3.0.0",
-              "A white list for different client versions, separate with colon.");
+              "A white list for different client handshakeKey, separate with colon.");
 
 #endif