ASAN: global-buffer-overflow in __interceptor_regcomp.part.0 and UBSAN: runtime error: applying non-zero offset -999 to null pointer in pcre/pcre_exec.c

--source include/have_innodb.inc

CREATE TABLE t (c TEXT) ENGINE=InnoDB;

XA BEGIN '0';

INSERT INTO t VALUES (b'');

SAVEPOINT sp0;

XA END '0';

XA PREPARE '0';

SHUTDOWN;

worker[1] mysql-test-run: WARNING: Check-testcase failed, this could also be caused by the previous test run by this worker thread

main.test 'innodb'                       [ fail ]

        Test ended at 2023-04-17 06:34:10

CURRENT_TEST: main.test

Could not execute 'check-testcase' before testcase 'main.test' (res: 1):

mysqltest: Logging to '/test/UBASAN_MD070423-mariadb-10.4.29-linux-x86_64-dbg/mysql-test/var/tmp/check-mysqld_1.log'.

mysqltest: Results saved in '/test/UBASAN_MD070423-mariadb-10.4.29-linux-x86_64-dbg/mysql-test/var/tmp/check-mysqld_1.result'.

=================================================================

==3322893==ERROR: AddressSanitizer: global-buffer-overflow on address 0x5593a30c3178 at pc 0x5593a1cd8db7 bp 0x7ffe08a7c320 sp 0x7ffe08a7bac8

WRITE of size 64 at 0x5593a30c3178 thread T0

    #0 0x5593a1cd8db6 in __interceptor_regcomp.part.0 (/test/UBASAN_MD070423-mariadb-10.4.29-linux-x86_64-dbg/bin/mysqltest+0x42fdb6)

    #1 0x5593a1d9500c in init_re_comp(regex_t*, char const*) /test/10.4_dbg_san/client/mysqltest.cc:9230

    #2 0x5593a1dba28d in init_re /test/10.4_dbg_san/client/mysqltest.cc:9312

    #3 0x5593a1dba28d in main /test/10.4_dbg_san/client/mysqltest.cc:9694

    #4 0x14998a962d8f in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

    #5 0x14998a962e3f in __libc_start_main_impl ../csu/libc-start.c:392

    #6 0x5593a1cabc44 in _start (/test/UBASAN_MD070423-mariadb-10.4.29-linux-x86_64-dbg/bin/mysqltest+0x402c44)

0x5593a30c3178 is located 40 bytes to the left of global variable 'overlay_dir_len' defined in '/test/10.4_dbg_san/client/mysqltest.cc:262:30' (0x5593a30c31a0) of size 8

0x5593a30c3178 is located 0 bytes to the right of global variable 'ps_re' defined in '/test/10.4_dbg_san/client/mysqltest.cc:265:16' (0x5593a30c3160) of size 24

SUMMARY: AddressSanitizer: global-buffer-overflow (/test/UBASAN_MD070423-mariadb-10.4.29-linux-x86_64-dbg/bin/mysqltest+0x42fdb6) in __interceptor_regcomp.part.0

Shadow bytes around the buggy address:

  0x0ab2f46105d0: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9

  0x0ab2f46105e0: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9

  0x0ab2f46105f0: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9

  0x0ab2f4610600: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00

  0x0ab2f4610610: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 00 00 00 f9

=>0x0ab2f4610620: f9 f9 f9 f9 00 00 00 f9 f9 f9 f9 f9 00 00 00[f9]

  0x0ab2f4610630: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9

  0x0ab2f4610640: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9

  0x0ab2f4610650: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9

  0x0ab2f4610660: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 00 00 00 00

  0x0ab2f4610670: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Shadow byte legend (one shadow byte represents 8 application bytes):

  Addressable:           00

  Partially addressable: 01 02 03 04 05 06 07 

  Heap left redzone:       fa

  Freed heap region:       fd

  Stack left redzone:      f1

  Stack mid redzone:       f2

  Stack right redzone:     f3

  Stack after return:      f5

  Stack use after scope:   f8

  Global redzone:          f9

  Global init order:       f6

  Poisoned by user:        f7

  Container overflow:      fc

  Array cookie:            ac

  Intra object redzone:    bb

  ASan internal:           fe

  Left alloca redzone:     ca

  Right alloca redzone:    cb

  Shadow gap:              cc

==3322893==ABORTING

mysqltest failed but provided no output