Details
Major Description
SET NAMES tis620; |
DO CHAR((WEIGHT_STRING (EXTRACTVALUE ((0),('t')) LEVEL 7 DESC)) USING cp852); |
Leads to:
|
10.8.0 5566cbadb03856aba9c236b131f544490cd2bee4 (Debug) |
/test/10.8_dbg_san/strings/ctype-tis620.c:613:3: runtime error: null pointer passed as argument 2, which is declared to never be null
|
|
10.8.0 5566cbadb03856aba9c236b131f544490cd2bee4 (Debug) |
#0 0x55d20db82193 in my_strnxfrm_tis620 /test/10.8_dbg_san/strings/ctype-tis620.c:613
|
#1 0x55d20b4df5d7 in charset_info_st::strnxfrm(char*, unsigned long, unsigned int, char const*, unsigned long, unsigned int) const /test/10.8_dbg_san/include/m_ctype.h:816
|
#2 0x55d20b4df5d7 in Item_func_weight_string::val_str(String*) /test/10.8_dbg_san/sql/item_strfunc.cc:3859
|
#3 0x55d20b50dc22 in Item_str_func::val_int() /test/10.8_dbg_san/sql/item_strfunc.cc:160
|
#4 0x55d20b525e2c in Item_func_char::val_str(String*) /test/10.8_dbg_san/sql/item_strfunc.cc:3095
|
#5 0x55d20a2c6328 in Type_handler_string_result::Item_update_null_value(Item*) const /test/10.8_dbg_san/sql/sql_type.cc:4269
|
#6 0x55d20899e69b in Item::update_null_value() /test/10.8_dbg_san/sql/item.h:2055
|
#7 0x55d208b00328 in Item_func::is_null() /test/10.8_dbg_san/sql/item_func.h:176
|
#8 0x55d20bd2b902 in mysql_do(THD*, List<Item>&) /test/10.8_dbg_san/sql/sql_do.cc:35
|
#9 0x55d20939966b in mysql_execute_command(THD*, bool) /test/10.8_dbg_san/sql/sql_parse.cc:3973
|
#10 0x55d2092fb9f6 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/10.8_dbg_san/sql/sql_parse.cc:8028
|
#11 0x55d209370fd8 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/10.8_dbg_san/sql/sql_parse.cc:1894
|
#12 0x55d209387a3c in do_command(THD*, bool) /test/10.8_dbg_san/sql/sql_parse.cc:1402
|
#13 0x55d209e424f5 in do_handle_one_connection(CONNECT*, bool) /test/10.8_dbg_san/sql/sql_connect.cc:1418
|
#14 0x55d209e4538f in handle_one_connection /test/10.8_dbg_san/sql/sql_connect.cc:1312
|
#15 0x55d20c331990 in pfs_spawn_thread /test/10.8_dbg_san/storage/perfschema/pfs.cc:2201
|
#16 0x147aa4d65608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477
|
#17 0x147aa3fdb292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)
|
|
10.8.0 5566cbadb03856aba9c236b131f544490cd2bee4 (Optimized, UBASAN) |
/test/10.8_opt_san/strings/ctype-tis620.c:613:3: runtime error: null pointer passed as argument 2, which is declared to never be null
|
|
10.8.0 5566cbadb03856aba9c236b131f544490cd2bee4 (Optimized) |
#0 0x558d8e653c6a in my_strnxfrm_tis620 /test/10.8_opt_san/strings/ctype-tis620.c:613
|
#1 0x558d90dae166 in charset_info_st::strnxfrm(char*, unsigned long, unsigned int, char const*, unsigned long, unsigned int) const /test/10.8_opt_san/include/m_ctype.h:816
|
#2 0x558d90dae166 in Item_func_weight_string::val_str(String*) /test/10.8_opt_san/sql/item_strfunc.cc:3859
|
#3 0x558d90d94a75 in Item_str_func::val_int() /test/10.8_opt_san/sql/item_strfunc.cc:160
|
#4 0x558d90dc2560 in Item_func_char::val_str(String*) /test/10.8_opt_san/sql/item_strfunc.cc:3095
|
#5 0x558d8fe278b3 in Type_handler_string_result::Item_update_null_value(Item*) const /test/10.8_opt_san/sql/sql_type.cc:4269
|
#6 0x558d8ea810a2 in Item_func::is_null() /test/10.8_opt_san/sql/item_func.h:176
|
#7 0x558d9149d81a in mysql_do(THD*, List<Item>&) /test/10.8_opt_san/sql/sql_do.cc:35
|
#8 0x558d8f19b579 in mysql_execute_command(THD*, bool) /test/10.8_opt_san/sql/sql_parse.cc:3973
|
#9 0x558d8f120e28 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/10.8_opt_san/sql/sql_parse.cc:8028
|
#10 0x558d8f176bb9 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/10.8_opt_san/sql/sql_parse.cc:1894
|
#11 0x558d8f182412 in do_command(THD*, bool) /test/10.8_opt_san/sql/sql_parse.cc:1402
|
#12 0x558d8fa4e5ed in do_handle_one_connection(CONNECT*, bool) /test/10.8_opt_san/sql/sql_connect.cc:1418
|
#13 0x558d8fa510e4 in handle_one_connection /test/10.8_opt_san/sql/sql_connect.cc:1312
|
#14 0x558d91ace461 in pfs_spawn_thread /test/10.8_opt_san/storage/perfschema/pfs.cc:2201
|
#15 0x14f116fe0608 in start_thread /build/glibc-eX1tMB/glibc-2.31/nptl/pthread_create.c:477
|
#16 0x14f116256292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)
|
Setup:
Compiled with GCC >=7.5.0 (I use GCC 9.3.0) and:
|
-DWITH_ASAN=ON -DWITH_ASAN_SCOPE=ON -DWITH_UBSAN=ON -DWITH_RAPID=OFF -DWSREP_LIB_WITH_ASAN=ON
|
Set before execution:
|
export UBSAN_OPTIONS=print_stacktrace=1
|
Bug confirmed present in:
MariaDB: 10.2.42 (dbg), 10.2.42 (opt), 10.3.33 (dbg), 10.3.33 (opt), 10.4.23 (dbg), 10.4.23 (opt), 10.5.14 (dbg), 10.5.14 (opt), 10.6.6 (dbg), 10.6.6 (opt), 10.7.2 (dbg), 10.7.2 (opt), 10.8.0 (dbg), 10.8.0 (opt)
Attachments
Issue Links
- relates to
-
MDEV-24901 SIGSEGV in fts_get_table_name, SIGSEGV in ib_vector_size, SIGSEGV in row_merge_fts_doc_tokenize, stack smashing
-
- Closed
-