Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-26839

UBSAN: null pointer passed as argument 2, which is declared to never be null in maria/ma_key.c on ALTER

    XMLWordPrintable

Details

    Description

      CREATE TABLE t (a INT) ENGINE=Aria;
      INSERT INTO t VALUES();
      ALTER TABLE t ADD b GEOMETRY NOT NULL,ALGORITHM=copy;
      ALTER TABLE t ADD INDEX i (b(1));
      

      Leads to:

      10.7.1 8dd4794c4e11b8790fadf0c203bcd118e7b755e8 (Optimized)

      /test/10.7_opt_san/storage/maria/ma_key.c:279:7: runtime error: null pointer passed as argument 2, which is declared to never be null
      

      10.7.1 8dd4794c4e11b8790fadf0c203bcd118e7b755e8 (Optimized)

          #0 0x55fc8247b895 in _ma_make_key /test/10.7_opt_san/storage/maria/ma_key.c:279
          #1 0x55fc85714360 in maria_write /test/10.7_opt_san/storage/maria/ma_write.c:189
          #2 0x55fc84500414 in handler::ha_write_row(unsigned char const*) /test/10.7_opt_san/sql/handler.cc:7519
          #3 0x55fc835f94ea in copy_data_between_tables /test/10.7_opt_san/sql/sql_table.cc:11081
          #4 0x55fc836695c7 in mysql_alter_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, TABLE_LIST*, Alter_info*, unsigned int, st_order*, bool, bool) /test/10.7_opt_san/sql/sql_table.cc:10356
          #5 0x55fc83983423 in Sql_cmd_alter_table::execute(THD*) /test/10.7_opt_san/sql/sql_alter.cc:550
          #6 0x55fc830c2e75 in mysql_execute_command(THD*, bool) /test/10.7_opt_san/sql/sql_parse.cc:5989
          #7 0x55fc8304cfe8 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/10.7_opt_san/sql/sql_parse.cc:8028
          #8 0x55fc830a2655 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/10.7_opt_san/sql/sql_parse.cc:1894
          #9 0x55fc830ade52 in do_command(THD*, bool) /test/10.7_opt_san/sql/sql_parse.cc:1402
          #10 0x55fc839597bd in do_handle_one_connection(CONNECT*, bool) /test/10.7_opt_san/sql/sql_connect.cc:1418
          #11 0x55fc8395c2b4 in handle_one_connection /test/10.7_opt_san/sql/sql_connect.cc:1312
          #12 0x55fc85924ce1 in pfs_spawn_thread /test/10.7_opt_san/storage/perfschema/pfs.cc:2201
          #13 0x149631c47608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477
          #14 0x149630ebd292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)
      

      10.7.1 8dd4794c4e11b8790fadf0c203bcd118e7b755e8 (Debug)

          #0 0x55b47550c333 in _ma_make_key /test/10.7_dbg_san/storage/maria/ma_key.c:279
          #1 0x55b47558c582 in maria_write /test/10.7_dbg_san/storage/maria/ma_write.c:189
          #2 0x55b4753a7015 in ha_maria::write_row(unsigned char const*) /test/10.7_dbg_san/storage/maria/ha_maria.cc:1266
          #3 0x55b4740d2e4a in handler::ha_write_row(unsigned char const*) /test/10.7_dbg_san/sql/handler.cc:7519
          #4 0x55b472f520d9 in copy_data_between_tables /test/10.7_dbg_san/sql/sql_table.cc:11081
          #5 0x55b472fbc27c in mysql_alter_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, TABLE_LIST*, Alter_info*, unsigned int, st_order*, bool, bool) /test/10.7_dbg_san/sql/sql_table.cc:10356
          #6 0x55b473381b19 in Sql_cmd_alter_table::execute(THD*) /test/10.7_dbg_san/sql/sql_alter.cc:550
          #7 0x55b4728f7b1f in mysql_execute_command(THD*, bool) /test/10.7_dbg_san/sql/sql_parse.cc:5989
          #8 0x55b472834c94 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/10.7_dbg_san/sql/sql_parse.cc:8028
          #9 0x55b4728a967a in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/10.7_dbg_san/sql/sql_parse.cc:1894
          #10 0x55b4728c00c2 in do_command(THD*, bool) /test/10.7_dbg_san/sql/sql_parse.cc:1402
          #11 0x55b47334b2aa in do_handle_one_connection(CONNECT*, bool) /test/10.7_dbg_san/sql/sql_connect.cc:1418
          #12 0x55b47334e143 in handle_one_connection /test/10.7_dbg_san/sql/sql_connect.cc:1312
          #13 0x55b47576e4ee in pfs_spawn_thread /test/10.7_dbg_san/storage/perfschema/pfs.cc:2201
          #14 0x145b39153608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477
          #15 0x145b383c9292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)
      

      Setup:

      Compiled with GCC >=7.5.0 (I use GCC 9.3.0) and:
          -DWITH_ASAN=ON -DWITH_ASAN_SCOPE=ON -DWITH_UBSAN=ON -DWITH_RAPID=OFF -DWSREP_LIB_WITH_ASAN=ON
      Set before execution:
          export UBSAN_OPTIONS=print_stacktrace=1
      

      Bug confirmed present in:
      MariaDB: 10.2.41 (dbg), 10.2.41 (opt), 10.3.32 (dbg), 10.3.32 (opt), 10.4.22 (dbg), 10.4.22 (opt), 10.5.13 (dbg), 10.5.13 (opt), 10.6.5 (dbg), 10.6.5 (opt), 10.7.1 (dbg), 10.7.1 (opt)

      Attachments

        Issue Links

          Activity

            People

              monty Michael Widenius
              Roel Roel Van de Paar
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.