Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-34187

On startup: UBSAN: runtime error: applying zero offset to null pointer in skip_trailing_space and my_hash_sort_utf8mb3_general1400_nopad_as_ci

Details

    Description

      When compiling 11.5 with Clang for an UB+ASAN build, on startup we see:

      11.5.0 e4afa610539ae01164485554e2de839bea9de816 (Optimized, UBASAN)

      /test/11.5_opt_san/strings/strings_def.h:83:25: runtime error: applying zero offset to null pointer
          #0 0x560775ce5cab in skip_trailing_space /test/11.5_opt_san/strings/strings_def.h:83:25
          #1 0x560775ce9de9 in my_hash_sort_utf8mb3_general1400_as_ci /test/11.5_opt_san/strings/ctype-utf8.c:567:19
          #2 0x560775b2038d in my_ci_hash_sort /test/11.5_opt_san/include/m_ctype.h:1413:3
          #3 0x560775b2038d in my_hash_sort /test/11.5_opt_san/mysys/hash.c:48:3
          #4 0x560775b21f2f in my_hash_insert /test/11.5_opt_san/mysys/hash.c:405:20
          #5 0x5607743c1c0b in Native_functions_hash::append(Native_func_registry const*, unsigned long) /test/11.5_opt_san/sql/item_create.cc:6516:9
          #6 0x5607743c1c0b in Native_functions_hash::replace(Native_func_registry const*, unsigned long) /test/11.5_opt_san/sql/item_create.h:331:5
          #7 0x5607743c1a3f in item_create_init() /test/11.5_opt_san/sql/item_create.cc:6632:34
          #8 0x56077291bdc5 in init_common_variables() /test/11.5_opt_san/sql/mysqld.cc:4145:7
          #9 0x5607729160cd in mysqld_main(int, char**) /test/11.5_opt_san/sql/mysqld.cc:5747:7
          #10 0x14bbe48280cf in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
          #11 0x14bbe4828188 in __libc_start_main csu/../csu/libc-start.c:360:3
          #12 0x560772833a74 in _start (/test/UBASAN_MD170524-mariadb-11.5.0-linux-x86_64-opt/bin/mariadbd+0x1eeaa74) (BuildId: 625cf9b723786356a41e5db3b224cfc14cafba37)
       
      SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /test/11.5_opt_san/strings/strings_def.h:83:25 in 
      /test/11.5_opt_san/strings/ctype-utf8.c:547:21: runtime error: applying zero offset to null pointer
          #0 0x560775cea26b in my_hash_sort_utf8mb3_general1400_nopad_as_ci /test/11.5_opt_san/strings/ctype-utf8.c:547:21
          #1 0x560775cea26b in my_hash_sort_utf8mb3_general1400_as_ci /test/11.5_opt_san/strings/ctype-utf8.c:568:3
          #2 0x560775b2038d in my_ci_hash_sort /test/11.5_opt_san/include/m_ctype.h:1413:3
          #3 0x560775b2038d in my_hash_sort /test/11.5_opt_san/mysys/hash.c:48:3
          #4 0x560775b21f2f in my_hash_insert /test/11.5_opt_san/mysys/hash.c:405:20
          #5 0x5607743c1c0b in Native_functions_hash::append(Native_func_registry const*, unsigned long) /test/11.5_opt_san/sql/item_create.cc:6516:9
          #6 0x5607743c1c0b in Native_functions_hash::replace(Native_func_registry const*, unsigned long) /test/11.5_opt_san/sql/item_create.h:331:5
          #7 0x5607743c1a3f in item_create_init() /test/11.5_opt_san/sql/item_create.cc:6632:34
          #8 0x56077291bdc5 in init_common_variables() /test/11.5_opt_san/sql/mysqld.cc:4145:7
          #9 0x5607729160cd in mysqld_main(int, char**) /test/11.5_opt_san/sql/mysqld.cc:5747:7
          #10 0x14bbe48280cf in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
          #11 0x14bbe4828188 in __libc_start_main csu/../csu/libc-start.c:360:3
          #12 0x560772833a74 in _start (/test/UBASAN_MD170524-mariadb-11.5.0-linux-x86_64-opt/bin/mariadbd+0x1eeaa74) (BuildId: 625cf9b723786356a41e5db3b224cfc14cafba37)
       
      SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /test/11.5_opt_san/strings/ctype-utf8.c:547:21 in 
      

      This blocks UBSAN testing using Clang-compiled builds.

      $ cat BUILD_CMD_CMAKE 
      cmake . -DCMAKE_C_COMPILER=/usr/bin/clang -DCMAKE_CXX_COMPILER=/usr/bin/clang++ -DWITH_SSL=bundled -DBUILD_CONFIG=mysql_release -DWITH_TOKUDB=0 -DWITH_JEMALLOC=no -DFEATURE_SET=community -DDEBUG_EXTNAME=OFF -DWITH_EMBEDDED_SERVER=0 -DENABLE_DOWNLOADS=1 -DDOWNLOAD_BOOST=1 -DWITH_BOOST=/tmp/boost_902208 -DENABLED_LOCAL_INFILE=1 -DENABLE_DTRACE=0 -DWITH_SAFEMALLOC=OFF -DPLUGIN_PERFSCHEMA=NO -DWITH_DBUG_TRACE=OFF -DWITH_ZLIB=bundled -DWITH_ROCKSDB=1 -DWITH_PAM=ON -DWITH_MARIABACKUP=0 -DFORCE_INSOURCE_BUILD=1 -DWITH_ASAN=ON -DWITH_ASAN_SCOPE=ON -DWITH_UBSAN=ON -DWSREP_LIB_WITH_ASAN=ON -DCMAKE_CXX_FLAGS=-fsanitize-coverage=trace-pc-guard -DMYSQL_MAINTAINER_MODE=OFF -DWARNING_AS_ERROR='' -DCMAKE_BUILD_TYPE=RelWithDebInfo
      

      export UBSAN_OPTIONS=print_stacktrace=1
      

      Attachments

        Issue Links

          Activity

            Roel Roel Van de Paar added a comment - danblack marko FYI

            In MTR:

            11.4.2 b86a2f03b6a9a0b5e222fb2f52b07c85c491479e (Optimized, UBASAN)

            /test/UBASAN_MD170524-mariadb-11.4.2-linux-x86_64-opt/mariadb-test$ ./mtr --start-and-exit
            Logging: ./mtr  --start-and-exit
            VS config: 
            vardir: /test/UBASAN_MD170524-mariadb-11.4.2-linux-x86_64-opt/mariadb-test/var
            Checking leftover processes...
            Removing old var directory...
             - WARNING: Using the 'mysql-test/var' symlink
            Creating var directory '/test/UBASAN_MD170524-mariadb-11.4.2-linux-x86_64-opt/mariadb-test/var'...
            Checking supported features...
            /test/11.4_opt_san/strings/strings_def.h:83:25: runtime error: applying zero offset to null pointer               <====================
            SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /test/11.4_opt_san/strings/strings_def.h:83:25 in 
            /test/11.4_opt_san/strings/ctype-utf8.c:699:20: runtime error: applying zero offset to null pointer               <====================
            SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /test/11.4_opt_san/strings/ctype-utf8.c:699:20 in 
            MariaDB Version 11.4.2-MariaDB
            

            Roel Roel Van de Paar added a comment - In MTR: 11.4.2 b86a2f03b6a9a0b5e222fb2f52b07c85c491479e (Optimized, UBASAN) /test/UBASAN_MD170524-mariadb-11.4.2-linux-x86_64-opt/mariadb-test$ ./mtr --start-and-exit Logging: ./mtr --start-and-exit VS config: vardir: /test/UBASAN_MD170524-mariadb-11.4.2-linux-x86_64-opt/mariadb-test/var Checking leftover processes... Removing old var directory... - WARNING: Using the 'mysql-test/var' symlink Creating var directory '/test/UBASAN_MD170524-mariadb-11.4.2-linux-x86_64-opt/mariadb-test/var'... Checking supported features... /test/11.4_opt_san/strings/strings_def.h:83:25: runtime error: applying zero offset to null pointer <==================== SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /test/11.4_opt_san/strings/strings_def.h:83:25 in /test/11.4_opt_san/strings/ctype-utf8.c:699:20: runtime error: applying zero offset to null pointer <==================== SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /test/11.4_opt_san/strings/ctype-utf8.c:699:20 in MariaDB Version 11.4.2-MariaDB

            For what it is worth, as noted in MDEV-26272 or related tickets, the -fsanitize=undefined in GCC does not flag this form of undefined behaviour. Clang does.

            marko Marko Mäkelä added a comment - For what it is worth, as noted in MDEV-26272 or related tickets, the -fsanitize=undefined in GCC does not flag this form of undefined behaviour. Clang does.
            Roel Roel Van de Paar added a comment - - edited

            Btw, the 10.5 stack was in same function (skip_trailing_space) but in my_hash_sort_utf8mb3 rather than in my_hash_sort_utf8mb3_general1400_as_ci.

            10.5.26 4911ec1a5bc07ef20c9018386a3a2671c59c4dca (Debug, UBASAN)

            /test/10.5_dbg_san/strings/strings_def.h:83:25: runtime error: applying zero offset to null pointer
                #0 0x55c1d12da98c in skip_trailing_space /test/10.5_dbg_san/strings/strings_def.h:83:25
                #1 0x55c1d12d81b8 in my_hash_sort_utf8mb3 /test/10.5_dbg_san/strings/ctype-utf8.c:4999:19
                #2 0x55c1d0f6ebd9 in my_ci_hash_sort /test/10.5_dbg_san/include/m_ctype.h:1173:3
                #3 0x55c1d0f6ea28 in my_hash_sort /test/10.5_dbg_san/mysys/hash.c:48:3
                #4 0x55c1d0f7145b in my_hash_insert /test/10.5_dbg_san/mysys/hash.c:398:20
                #5 0x55c1cd5f8728 in Native_functions_hash::append(Native_func_registry const*, unsigned long) /test/10.5_dbg_san/sql/item_create.cc:5728:9
                #6 0x55c1cd5f93b0 in Native_functions_hash::replace(Native_func_registry const*, unsigned long) /test/10.5_dbg_san/sql/item_create.h:331:5
                #7 0x55c1cd5f9252 in item_create_init() /test/10.5_dbg_san/sql/item_create.cc:5844:34
                #8 0x55c1ca4046f2 in init_common_variables() /test/10.5_dbg_san/sql/mysqld.cc:4020:7
                #9 0x55c1ca3fdfcf in mysqld_main(int, char**) /test/10.5_dbg_san/sql/mysqld.cc:5503:7
                #10 0x55c1ca3e8233 in main /test/10.5_dbg_san/sql/main.cc:25:10
                #11 0x14aa332280cf in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
                #12 0x14aa33228188 in __libc_start_main csu/../csu/libc-start.c:360:3
                #13 0x55c1ca30f624 in _start (/test/UBASAN_MD170524-mariadb-10.5.26-linux-x86_64-dbg/bin/mariadbd+0x3fee624) (BuildId: 0f6e00f6bcae859494659e11507070e5d8cfff5f)
             
            SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /test/10.5_dbg_san/strings/strings_def.h:83:25 in 
            /test/10.5_dbg_san/strings/ctype-utf8.c:4977:20: runtime error: applying zero offset to null pointer
                #0 0x55c1d12db12f in my_hash_sort_utf8mb3_nopad /test/10.5_dbg_san/strings/ctype-utf8.c:4977:20
                #1 0x55c1d12d81dc in my_hash_sort_utf8mb3 /test/10.5_dbg_san/strings/ctype-utf8.c:5000:3
                #2 0x55c1d0f6ebd9 in my_ci_hash_sort /test/10.5_dbg_san/include/m_ctype.h:1173:3
                #3 0x55c1d0f6ea28 in my_hash_sort /test/10.5_dbg_san/mysys/hash.c:48:3
                #4 0x55c1d0f7145b in my_hash_insert /test/10.5_dbg_san/mysys/hash.c:398:20
                #5 0x55c1cd5f8728 in Native_functions_hash::append(Native_func_registry const*, unsigned long) /test/10.5_dbg_san/sql/item_create.cc:5728:9
                #6 0x55c1cd5f93b0 in Native_functions_hash::replace(Native_func_registry const*, unsigned long) /test/10.5_dbg_san/sql/item_create.h:331:5
                #7 0x55c1cd5f9252 in item_create_init() /test/10.5_dbg_san/sql/item_create.cc:5844:34
                #8 0x55c1ca4046f2 in init_common_variables() /test/10.5_dbg_san/sql/mysqld.cc:4020:7
                #9 0x55c1ca3fdfcf in mysqld_main(int, char**) /test/10.5_dbg_san/sql/mysqld.cc:5503:7
                #10 0x55c1ca3e8233 in main /test/10.5_dbg_san/sql/main.cc:25:10
                #11 0x14aa332280cf in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
                #12 0x14aa33228188 in __libc_start_main csu/../csu/libc-start.c:360:3
                #13 0x55c1ca30f624 in _start (/test/UBASAN_MD170524-mariadb-10.5.26-linux-x86_64-dbg/bin/mariadbd+0x3fee624) (BuildId: 0f6e00f6bcae859494659e11507070e5d8cfff5f)
            

            Roel Roel Van de Paar added a comment - - edited Btw, the 10.5 stack was in same function ( skip_trailing_space ) but in my_hash_sort_utf8mb3 rather than in my_hash_sort_utf8mb3_general1400_as_ci . 10.5.26 4911ec1a5bc07ef20c9018386a3a2671c59c4dca (Debug, UBASAN) /test/10.5_dbg_san/strings/strings_def.h:83:25: runtime error: applying zero offset to null pointer #0 0x55c1d12da98c in skip_trailing_space /test/10.5_dbg_san/strings/strings_def.h:83:25 #1 0x55c1d12d81b8 in my_hash_sort_utf8mb3 /test/10.5_dbg_san/strings/ctype-utf8.c:4999:19 #2 0x55c1d0f6ebd9 in my_ci_hash_sort /test/10.5_dbg_san/include/m_ctype.h:1173:3 #3 0x55c1d0f6ea28 in my_hash_sort /test/10.5_dbg_san/mysys/hash.c:48:3 #4 0x55c1d0f7145b in my_hash_insert /test/10.5_dbg_san/mysys/hash.c:398:20 #5 0x55c1cd5f8728 in Native_functions_hash::append(Native_func_registry const*, unsigned long) /test/10.5_dbg_san/sql/item_create.cc:5728:9 #6 0x55c1cd5f93b0 in Native_functions_hash::replace(Native_func_registry const*, unsigned long) /test/10.5_dbg_san/sql/item_create.h:331:5 #7 0x55c1cd5f9252 in item_create_init() /test/10.5_dbg_san/sql/item_create.cc:5844:34 #8 0x55c1ca4046f2 in init_common_variables() /test/10.5_dbg_san/sql/mysqld.cc:4020:7 #9 0x55c1ca3fdfcf in mysqld_main(int, char**) /test/10.5_dbg_san/sql/mysqld.cc:5503:7 #10 0x55c1ca3e8233 in main /test/10.5_dbg_san/sql/main.cc:25:10 #11 0x14aa332280cf in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16 #12 0x14aa33228188 in __libc_start_main csu/../csu/libc-start.c:360:3 #13 0x55c1ca30f624 in _start (/test/UBASAN_MD170524-mariadb-10.5.26-linux-x86_64-dbg/bin/mariadbd+0x3fee624) (BuildId: 0f6e00f6bcae859494659e11507070e5d8cfff5f)   SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /test/10.5_dbg_san/strings/strings_def.h:83:25 in /test/10.5_dbg_san/strings/ctype-utf8.c:4977:20: runtime error: applying zero offset to null pointer #0 0x55c1d12db12f in my_hash_sort_utf8mb3_nopad /test/10.5_dbg_san/strings/ctype-utf8.c:4977:20 #1 0x55c1d12d81dc in my_hash_sort_utf8mb3 /test/10.5_dbg_san/strings/ctype-utf8.c:5000:3 #2 0x55c1d0f6ebd9 in my_ci_hash_sort /test/10.5_dbg_san/include/m_ctype.h:1173:3 #3 0x55c1d0f6ea28 in my_hash_sort /test/10.5_dbg_san/mysys/hash.c:48:3 #4 0x55c1d0f7145b in my_hash_insert /test/10.5_dbg_san/mysys/hash.c:398:20 #5 0x55c1cd5f8728 in Native_functions_hash::append(Native_func_registry const*, unsigned long) /test/10.5_dbg_san/sql/item_create.cc:5728:9 #6 0x55c1cd5f93b0 in Native_functions_hash::replace(Native_func_registry const*, unsigned long) /test/10.5_dbg_san/sql/item_create.h:331:5 #7 0x55c1cd5f9252 in item_create_init() /test/10.5_dbg_san/sql/item_create.cc:5844:34 #8 0x55c1ca4046f2 in init_common_variables() /test/10.5_dbg_san/sql/mysqld.cc:4020:7 #9 0x55c1ca3fdfcf in mysqld_main(int, char**) /test/10.5_dbg_san/sql/mysqld.cc:5503:7 #10 0x55c1ca3e8233 in main /test/10.5_dbg_san/sql/main.cc:25:10 #11 0x14aa332280cf in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16 #12 0x14aa33228188 in __libc_start_main csu/../csu/libc-start.c:360:3 #13 0x55c1ca30f624 in _start (/test/UBASAN_MD170524-mariadb-10.5.26-linux-x86_64-dbg/bin/mariadbd+0x3fee624) (BuildId: 0f6e00f6bcae859494659e11507070e5d8cfff5f)

            People

              bar Alexander Barkov
              Roel Roel Van de Paar
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.