Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-31598

UBSAN: runtime error: null pointer passed as argument 2, which is declared to never be null in binlog_defragment

    XMLWordPrintable

Details

    • Bug
    • Status: Open (View Workflow)
    • Major
    • Resolution: Unresolved
    • 10.5, 10.6, 10.11, 11.1(EOL), 10.4(EOL), 10.9(EOL), 10.10(EOL), 11.0(EOL)
    • 10.5, 10.6, 10.11
    • Binary Protocol, Replication
    • None

    Description

      SET @a=NULL;
      		 
      BINLOG @a,@a;

      Leads to:

      11.0.2 368dd22a816f3b437bccd0b9ff28b9de9b1abf0a (Debug)

      		 
      /test/11.0_dbg_san/sql/sql_binlog.cc:160:11: runtime error: null pointer passed as argument 2, which is declared to never be null

      11.0.2 368dd22a816f3b437bccd0b9ff28b9de9b1abf0a (Debug)

      		 
          #0 0x56078f365bde in binlog_defragment(THD*) /test/11.0_dbg_san/sql/sql_binlog.cc:160
      		 
          #1 0x56078f368434 in mysql_client_binlog_statement(THD*) /test/11.0_dbg_san/sql/sql_binlog.cc:287
      		 
          #2 0x56078ea74061 in mysql_execute_command(THD*, bool) /test/11.0_dbg_san/sql/sql_parse.cc:5929
      		 
          #3 0x56078ea7e973 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/11.0_dbg_san/sql/sql_parse.cc:8014
      		 
          #4 0x56078ea8e707 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/11.0_dbg_san/sql/sql_parse.cc:1894
      		 
          #5 0x56078ea9c542 in do_command(THD*, bool) /test/11.0_dbg_san/sql/sql_parse.cc:1407
      		 
          #6 0x56078f4718b5 in do_handle_one_connection(CONNECT*, bool) /test/11.0_dbg_san/sql/sql_connect.cc:1416
      		 
          #7 0x56078f472dd0 in handle_one_connection /test/11.0_dbg_san/sql/sql_connect.cc:1318
      		 
          #8 0x14df32e94b42 in start_thread nptl/pthread_create.c:442
      		 
          #9 0x14df32f269ff  (/lib/x86_64-linux-gnu/libc.so.6+0x1269ff)

      Setup:

      Compiled with GCC >=7.5.0 (I use GCC 11.3.0) and:
      		 
          -DWITH_ASAN=ON -DWITH_ASAN_SCOPE=ON -DWITH_UBSAN=ON -DWITH_RAPID=OFF -DWSREP_LIB_WITH_ASAN=ON
      		 
      Set before execution:
      		 
          export UBSAN_OPTIONS=print_stacktrace=1

      Bug confirmed present in:
      MariaDB: 10.4.30 (dbg), 10.4.30 (opt), 10.5.21 (dbg), 10.5.21 (opt), 10.6.14 (dbg), 10.6.14 (opt), 10.9.7 (dbg), 10.9.7 (opt), 10.10.5 (dbg), 10.10.5 (opt), 10.11.4 (dbg), 10.11.4 (opt), 11.0.2 (dbg), 11.0.2 (opt), 11.1.0 (dbg), 11.1.0 (opt)

      Attachments

        Issue Links

          relates to

          Bug - A problem which impairs or prevents the functions of the product. MDEV-22520 Assertion `gathered_length == thd->lex->comment.length' failed in binlog_defragment

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            People

              Elkin Andrei Elkin
              Roel Roel Van de Paar
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.