[MDEV-34512] UBSAN system variable type mismatches for ha_myisam.cc and ha_maria.cc - Jira

Details

Type: Bug
Status: Confirmed (View Workflow)
Priority: Critical
Resolution: Unresolved
Affects Version/s: 10.5.25, 10.6, 11.8
Fix Version/s: 10.5, 10.6, 10.11
Component/s: Server, Storage Engine - MyISAM
Labels:
- UBSAN
- affects-tests

Description

/source/storage/myisam/ha_myisam.cc:1679:33: runtime error: call to function mysql_sys_var_longlong(THD*, int) through pointer to incorrect function type 'unsigned long long *(*)(THD *, int)'

SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /source/storage/myisam/ha_myisam.cc:1679:33

/source/storage/myisam/ha_myisam.cc:1344:11: runtime error: call to function mysql_sys_var_long(THD*, int) through pointer to incorrect function type 'unsigned long *(*)(THD *, int)'

SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior /source/storage/myisam/ha_myisam.cc:1344:11

Attachments

Issue Links

is part of

MDEV-25454 Make MariaDB server UBSAN safe

Confirmed

relates to

MDEV-33158 The macro MYSQL_THDVAR_ULONG leads to undefined behaviour, calling mysql_sys_var_long

Closed

MDEV-34348 MariaDB is violating clang-16 -Wcast-function-type-strict

Closed

Activity

Ascending order - Click to sort in descending order

View 4 older comments

Roel Van de Paar added a comment - 2024-12-02 08:00 - edited

Interesting, the following SQL:

INSTALL PLUGIN Spider SONAME 'ha_spider.so';

Will also produce this bug (in ha_myisam::enable_indexes and ha_myisam::repair):

CS 10.5.28 142851f1205d98270b917a98e1bdd483e1b8af0e (Optimized, UBASAN)
/test/10.5_opt_san/storage/myisam/ha_myisam.cc:1340:11: runtime error: call to function mysql_sys_var_long(THD, int) through pointer to incorrect function type 'unsigned long ()(THD , int)'
/test/10.5_opt_san/sql/sql_plugin.cc:3231: note: mysql_sys_var_long(THD*, int) defined here
#0 0x5590039efd33 in ha_myisam::repair(THD*, st_handler_check_param&, bool) /test/10.5_opt_san/storage/myisam/ha_myisam.cc:1340:11
#1 0x5590039f3897 in ha_myisam::enable_indexes(Bitmap<64u>, bool) /test/10.5_opt_san/storage/myisam/ha_myisam.cc:1685:18
#2 0x5590039f71be in ha_myisam::end_bulk_insert() /test/10.5_opt_san/storage/myisam/ha_myisam.cc:1873:26
#3 0x5590015cc333 in copy_data_between_tables(THD, TABLE, TABLE, bool, unsigned int, st_order, unsigned long long, unsigned long long, Alter_info, Alter_table_ctx) /test/10.5_opt_san/sql/sql_table.cc:12026:40
#4 0x5590015a461d in mysql_alter_table(THD, st_mysql_const_lex_string const, st_mysql_const_lex_string const, HA_CREATE_INFO, TABLE_LIST, Recreate_info, Alter_info, unsigned int, st_order, bool, bool) /test/10.5_opt_san/sql/sql_table.cc:11299:9
#5 0x5590018607c0 in Sql_cmd_alter_table::execute(THD*) /test/10.5_opt_san/sql/sql_alter.cc:601:11
#6 0x55900115fc0a in mysql_execute_command(THD*) /test/10.5_opt_san/sql/sql_parse.cc:6179:26
#7 0x5590012038b3 in execute_server_code(THD, char const, unsigned long) /test/10.5_opt_san/sql/sql_prepare.cc:3989:10
#8 0x559001237ab3 in loc_advanced_command(st_mysql, enum_server_command, unsigned char const, unsigned long, unsigned char const, unsigned long, char, st_mysql_stmt) /test/10.5_opt_san/sql/sql_prepare.cc:6138:13
#9 0x559001ee9e73 in server_mysql_send_query /test/10.5_opt_san/sql-common/client.c:3615:3
#10 0x559001ee9fd6 in server_mysql_real_query /test/10.5_opt_san/sql-common/client.c:3625:7
#11 0x152f9f7fd5ff in spider_init_system_tables() /test/10.5_opt_san/storage/spider/spd_table.cc:6165:9
#12 0x152f9f7ffb9f in spider_db_init(void*) /test/10.5_opt_san/storage/spider/spd_table.cc:6456:7
#13 0x55900203f7b7 in ha_initialize_handlerton(void*) /test/10.5_opt_san/sql/handler.cc:648:37
#14 0x5590011b8dd1 in plugin_do_initialize(st_plugin_int*, unsigned int&) /test/10.5_opt_san/sql/sql_plugin.cc:1452:18
#15 0x5590011b813a in plugin_initialize(st_mem_root, st_plugin_int, int, char*, bool) /test/10.5_opt_san/sql/sql_plugin.cc:1506:10
#16 0x5590011c2729 in finalize_install(THD, TABLE, st_mysql_const_lex_string const, int, char**) /test/10.5_opt_san/sql/sql_plugin.cc:2221:9
#17 0x5590011c0231 in mysql_install_plugin(THD, st_mysql_const_lex_string const, st_mysql_const_lex_string const*) /test/10.5_opt_san/sql/sql_plugin.cc:2320:12
#18 0x55900115cf07 in mysql_execute_command(THD*) /test/10.5_opt_san/sql/sql_parse.cc:6081:17
#19 0x559001130168 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /test/10.5_opt_san/sql/sql_parse.cc:8237:18
#20 0x559001123160 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /test/10.5_opt_san/sql/sql_parse.cc:1891:7
#21 0x559001132ba9 in do_command(THD*) /test/10.5_opt_san/sql/sql_parse.cc:1375:17
#22 0x559001838f72 in do_handle_one_connection(CONNECT*, bool) /test/10.5_opt_san/sql/sql_connect.cc:1386:11
#23 0x5590018383d4 in handle_one_connection /test/10.5_opt_san/sql/sql_connect.cc:1298:5
#24 0x559000b9910c in asan_thread_start(void*) asan_interceptors.cpp.o
#25 0x152fc8e9ca93 in start_thread nptl/pthread_create.c:447:8
#26 0x152fc8f29c3b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

SUMMARY: UndefinedBehaviorSanitizer: function-type-mismatch /test/10.5_opt_san/storage/myisam/ha_myisam.cc:1340:11

CS 10.5.28 142851f1205d98270b917a98e1bdd483e1b8af0e (Debug, UBASAN)
/test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1675:33: runtime error: call to function mysql_sys_var_longlong(THD, int) through pointer to incorrect function type 'unsigned long long ()(THD , int)'
/test/10.5_dbg_san/sql/sql_plugin.cc:3241: note: mysql_sys_var_longlong(THD*, int) defined here
#0 0x55f6a5d829dd in ha_myisam::enable_indexes(Bitmap<64u>, bool) /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1675:33
#1 0x55f6a5d897ed in ha_myisam::end_bulk_insert() /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1873:26
#2 0x55f6a243831f in handler::ha_end_bulk_insert() /test/10.5_dbg_san/sql/handler.cc:4806:3
#3 0x55f6a0c4d315 in copy_data_between_tables(THD, TABLE, TABLE, bool, unsigned int, st_order, unsigned long long, unsigned long long, Alter_info, Alter_table_ctx) /test/10.5_dbg_san/sql/sql_table.cc:12026:40
#4 0x55f6a0bf7e34 in mysql_alter_table(THD, st_mysql_const_lex_string const, st_mysql_const_lex_string const, HA_CREATE_INFO, TABLE_LIST, Recreate_info, Alter_info, unsigned int, st_order, bool, bool) /test/10.5_dbg_san/sql/sql_table.cc:11299:9
#5 0x55f6a12106c7 in Sql_cmd_alter_table::execute(THD*) /test/10.5_dbg_san/sql/sql_alter.cc:601:11
#6 0x55f6a02e3fb0 in mysql_execute_command(THD*) /test/10.5_dbg_san/sql/sql_parse.cc:6179:26
#7 0x55f6a040b08a in execute_server_code(THD, char const, unsigned long) /test/10.5_dbg_san/sql/sql_prepare.cc:3989:10
#8 0x55f6a047b971 in loc_advanced_command(st_mysql, enum_server_command, unsigned char const, unsigned long, unsigned char const, unsigned long, char, st_mysql_stmt) /test/10.5_dbg_san/sql/sql_prepare.cc:6138:13
#9 0x55f6a213352f in server_mysql_send_query /test/10.5_dbg_san/sql-common/client.c:3615:3
#10 0x55f6a213357b in server_mysql_real_query /test/10.5_dbg_san/sql-common/client.c:3625:7
#11 0x154669c0769d in spider_init_system_tables() /test/10.5_dbg_san/storage/spider/spd_table.cc:6165:9
#12 0x154669c0bc53 in spider_db_init(void*) /test/10.5_dbg_san/storage/spider/spd_table.cc:6456:7
#13 0x55f6a23bc033 in ha_initialize_handlerton(void*) /test/10.5_dbg_san/sql/handler.cc:648:37
#14 0x55f6a0370d3e in plugin_do_initialize(st_plugin_int*, unsigned int&) /test/10.5_dbg_san/sql/sql_plugin.cc:1452:18
#15 0x55f6a036f0b2 in plugin_initialize(st_mem_root, st_plugin_int, int, char*, bool) /test/10.5_dbg_san/sql/sql_plugin.cc:1506:10
#16 0x55f6a0382700 in finalize_install(THD, TABLE, st_mysql_const_lex_string const, int, char**) /test/10.5_dbg_san/sql/sql_plugin.cc:2221:9
#17 0x55f6a037d6bc in mysql_install_plugin(THD, st_mysql_const_lex_string const, st_mysql_const_lex_string const*) /test/10.5_dbg_san/sql/sql_plugin.cc:2320:12
#18 0x55f6a02e0b2b in mysql_execute_command(THD*) /test/10.5_dbg_san/sql/sql_parse.cc:6081:17
#19 0x55f6a02364e3 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /test/10.5_dbg_san/sql/sql_parse.cc:8237:18
#20 0x55f6a0216453 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /test/10.5_dbg_san/sql/sql_parse.cc:1891:7
#21 0x55f6a023ea19 in do_command(THD*) /test/10.5_dbg_san/sql/sql_parse.cc:1375:17
#22 0x55f6a11b8f30 in do_handle_one_connection(CONNECT*, bool) /test/10.5_dbg_san/sql/sql_connect.cc:1386:11
#23 0x55f6a11b76fd in handle_one_connection /test/10.5_dbg_san/sql/sql_connect.cc:1298:5
#24 0x55f69f6b2a8c in asan_thread_start(void*) asan_interceptors.cpp.o
#25 0x15469149ca93 in start_thread nptl/pthread_create.c:447:8
#26 0x154691529c3b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

SUMMARY: UndefinedBehaviorSanitizer: function-type-mismatch /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1675:33
/test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1340:11: runtime error: call to function mysql_sys_var_long(THD, int) through pointer to incorrect function type 'unsigned long ()(THD , int)'
/test/10.5_dbg_san/sql/sql_plugin.cc:3231: note: mysql_sys_var_long(THD*, int) defined here
#0 0x55f6a5d763d6 in ha_myisam::repair(THD*, st_handler_check_param&, bool) /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1340:11
#1 0x55f6a5d830e9 in ha_myisam::enable_indexes(Bitmap<64u>, bool) /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1685:18
#2 0x55f6a5d897ed in ha_myisam::end_bulk_insert() /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1873:26
#3 0x55f6a243831f in handler::ha_end_bulk_insert() /test/10.5_dbg_san/sql/handler.cc:4806:3
#4 0x55f6a0c4d315 in copy_data_between_tables(THD, TABLE, TABLE, bool, unsigned int, st_order, unsigned long long, unsigned long long, Alter_info, Alter_table_ctx) /test/10.5_dbg_san/sql/sql_table.cc:12026:40
#5 0x55f6a0bf7e34 in mysql_alter_table(THD, st_mysql_const_lex_string const, st_mysql_const_lex_string const, HA_CREATE_INFO, TABLE_LIST, Recreate_info, Alter_info, unsigned int, st_order, bool, bool) /test/10.5_dbg_san/sql/sql_table.cc:11299:9
#6 0x55f6a12106c7 in Sql_cmd_alter_table::execute(THD*) /test/10.5_dbg_san/sql/sql_alter.cc:601:11
#7 0x55f6a02e3fb0 in mysql_execute_command(THD*) /test/10.5_dbg_san/sql/sql_parse.cc:6179:26
#8 0x55f6a040b08a in execute_server_code(THD, char const, unsigned long) /test/10.5_dbg_san/sql/sql_prepare.cc:3989:10
#9 0x55f6a047b971 in loc_advanced_command(st_mysql, enum_server_command, unsigned char const, unsigned long, unsigned char const, unsigned long, char, st_mysql_stmt) /test/10.5_dbg_san/sql/sql_prepare.cc:6138:13
#10 0x55f6a213352f in server_mysql_send_query /test/10.5_dbg_san/sql-common/client.c:3615:3
#11 0x55f6a213357b in server_mysql_real_query /test/10.5_dbg_san/sql-common/client.c:3625:7
#12 0x154669c0769d in spider_init_system_tables() /test/10.5_dbg_san/storage/spider/spd_table.cc:6165:9
#13 0x154669c0bc53 in spider_db_init(void*) /test/10.5_dbg_san/storage/spider/spd_table.cc:6456:7
#14 0x55f6a23bc033 in ha_initialize_handlerton(void*) /test/10.5_dbg_san/sql/handler.cc:648:37
#15 0x55f6a0370d3e in plugin_do_initialize(st_plugin_int*, unsigned int&) /test/10.5_dbg_san/sql/sql_plugin.cc:1452:18
#16 0x55f6a036f0b2 in plugin_initialize(st_mem_root, st_plugin_int, int, char*, bool) /test/10.5_dbg_san/sql/sql_plugin.cc:1506:10
#17 0x55f6a0382700 in finalize_install(THD, TABLE, st_mysql_const_lex_string const, int, char**) /test/10.5_dbg_san/sql/sql_plugin.cc:2221:9
#18 0x55f6a037d6bc in mysql_install_plugin(THD, st_mysql_const_lex_string const, st_mysql_const_lex_string const*) /test/10.5_dbg_san/sql/sql_plugin.cc:2320:12
#19 0x55f6a02e0b2b in mysql_execute_command(THD*) /test/10.5_dbg_san/sql/sql_parse.cc:6081:17
#20 0x55f6a02364e3 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /test/10.5_dbg_san/sql/sql_parse.cc:8237:18
#21 0x55f6a0216453 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /test/10.5_dbg_san/sql/sql_parse.cc:1891:7
#22 0x55f6a023ea19 in do_command(THD*) /test/10.5_dbg_san/sql/sql_parse.cc:1375:17
#23 0x55f6a11b8f30 in do_handle_one_connection(CONNECT*, bool) /test/10.5_dbg_san/sql/sql_connect.cc:1386:11
#24 0x55f6a11b76fd in handle_one_connection /test/10.5_dbg_san/sql/sql_connect.cc:1298:5
#25 0x55f69f6b2a8c in asan_thread_start(void*) asan_interceptors.cpp.o
#26 0x15469149ca93 in start_thread nptl/pthread_create.c:447:8
#27 0x154691529c3b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

SUMMARY: UndefinedBehaviorSanitizer: function-type-mismatch /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1340:11

Also observed this slightly different codepath:

CS 10.5.28 142851f1205d98270b917a98e1bdd483e1b8af0e (Optimized, UBASAN)
/test/clang_new/10.5_opt_san/storage/myisam/ha_myisam.cc:1675:33: runtime error: call to function mysql_sys_var_longlong(THD, int) through pointer to incorrect function type 'unsigned long long ()(THD , int)'
/test/clang_new/10.5_opt_san/sql/sql_plugin.cc:3241: note: mysql_sys_var_longlong(THD*, int) defined here
#0 0x56515c4b9c43 in ha_myisam::enable_indexes(Bitmap<64u>, bool) /test/clang_new/10.5_opt_san/storage/myisam/ha_myisam.cc:1675:33
#1 0x56515c4bcd1e in ha_myisam::end_bulk_insert() /test/clang_new/10.5_opt_san/storage/myisam/ha_myisam.cc:1873:26
#2 0x56515a092333 in copy_data_between_tables(THD, TABLE, TABLE, bool, unsigned int, st_order, unsigned long long, unsigned long long, Alter_info, Alter_table_ctx) /test/clang_new/10.5_opt_san/sql/sql_table.cc:12026:40
#3 0x56515a06a61d in mysql_alter_table(THD, st_mysql_const_lex_string const, st_mysql_const_lex_string const, HA_CREATE_INFO, TABLE_LIST, Recreate_info, Alter_info, unsigned int, st_order, bool, bool) /test/clang_new/10.5_opt_san/sql/sql_table.cc:11299:9
#4 0x56515a326340 in Sql_cmd_alter_table::execute(THD*) /test/clang_new/10.5_opt_san/sql/sql_alter.cc:601:11
#5 0x565159c25c0a in mysql_execute_command(THD*) /test/clang_new/10.5_opt_san/sql/sql_parse.cc:6179:26
#6 0x565159cc98b3 in execute_server_code(THD, char const, unsigned long) /test/clang_new/10.5_opt_san/sql/sql_prepare.cc:3989:10
#7 0x565159cfdab3 in loc_advanced_command(st_mysql, enum_server_command, unsigned char const, unsigned long, unsigned char const, unsigned long, char, st_mysql_stmt) /test/clang_new/10.5_opt_san/sql/sql_prepare.cc:6138:13
#8 0x56515a9af9f3 in server_mysql_send_query /test/clang_new/10.5_opt_san/sql-common/client.c:3615:3
#9 0x56515a9afb56 in server_mysql_real_query /test/clang_new/10.5_opt_san/sql-common/client.c:3625:7
#10 0x14b1fc3fd5ff in spider_init_system_tables() /test/clang_new/10.5_opt_san/storage/spider/spd_table.cc:6165:9
#11 0x14b1fc3ffb9f in spider_db_init(void*) /test/clang_new/10.5_opt_san/storage/spider/spd_table.cc:6456:7
#12 0x56515ab05337 in ha_initialize_handlerton(void*) /test/clang_new/10.5_opt_san/sql/handler.cc:648:37
#13 0x565159c7edd1 in plugin_do_initialize(st_plugin_int*, unsigned int&) /test/clang_new/10.5_opt_san/sql/sql_plugin.cc:1452:18
#14 0x565159c7e13a in plugin_initialize(st_mem_root, st_plugin_int, int, char*, bool) /test/clang_new/10.5_opt_san/sql/sql_plugin.cc:1506:10
#15 0x565159c88729 in finalize_install(THD, TABLE, st_mysql_const_lex_string const, int, char**) /test/clang_new/10.5_opt_san/sql/sql_plugin.cc:2221:9
#16 0x565159c8637c in mysql_install_plugin(THD, st_mysql_const_lex_string const, st_mysql_const_lex_string const*) /test/clang_new/10.5_opt_san/sql/sql_plugin.cc:2329:11
#17 0x565159c22f07 in mysql_execute_command(THD*) /test/clang_new/10.5_opt_san/sql/sql_parse.cc:6081:17
#18 0x565159bf6168 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /test/clang_new/10.5_opt_san/sql/sql_parse.cc:8237:18
#19 0x565159be9160 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /test/clang_new/10.5_opt_san/sql/sql_parse.cc:1891:7
#20 0x565159bf8ba9 in do_command(THD*) /test/clang_new/10.5_opt_san/sql/sql_parse.cc:1375:17
#21 0x56515a2fef72 in do_handle_one_connection(CONNECT*, bool) /test/clang_new/10.5_opt_san/sql/sql_connect.cc:1386:11
#22 0x56515a2fe3d4 in handle_one_connection /test/clang_new/10.5_opt_san/sql/sql_connect.cc:1298:5
#23 0x56515965f10c in asan_thread_start(void*) asan_interceptors.cpp.o
#24 0x14b23789ca93 in start_thread nptl/pthread_create.c:447:8
#25 0x14b237929c3b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

SUMMARY: UndefinedBehaviorSanitizer: function-type-mismatch /test/clang_new/10.5_opt_san/storage/myisam/ha_myisam.cc:1675:33

ycp FYI (likely not a bug for you, but just FYI)

Roel Van de Paar added a comment - 2024-12-02 08:00 - edited Interesting, the following SQL: INSTALL PLUGIN Spider SONAME 'ha_spider.so' ; Will also produce this bug (in ha_myisam::enable_indexes and ha_myisam::repair ): CS 10.5.28 142851f1205d98270b917a98e1bdd483e1b8af0e (Optimized, UBASAN) /test/10.5_opt_san/storage/myisam/ha_myisam.cc:1340:11: runtime error: call to function mysql_sys_var_long(THD*, int) through pointer to incorrect function type 'unsigned long *(*)(THD *, int)' /test/10.5_opt_san/sql/sql_plugin.cc:3231: note: mysql_sys_var_long(THD*, int) defined here #0 0x5590039efd33 in ha_myisam::repair(THD*, st_handler_check_param&, bool) /test/10.5_opt_san/storage/myisam/ha_myisam.cc:1340:11 #1 0x5590039f3897 in ha_myisam::enable_indexes(Bitmap<64u>, bool) /test/10.5_opt_san/storage/myisam/ha_myisam.cc:1685:18 #2 0x5590039f71be in ha_myisam::end_bulk_insert() /test/10.5_opt_san/storage/myisam/ha_myisam.cc:1873:26 #3 0x5590015cc333 in copy_data_between_tables(THD*, TABLE*, TABLE*, bool, unsigned int, st_order*, unsigned long long*, unsigned long long*, Alter_info*, Alter_table_ctx*) /test/10.5_opt_san/sql/sql_table.cc:12026:40 #4 0x5590015a461d in mysql_alter_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, TABLE_LIST*, Recreate_info*, Alter_info*, unsigned int, st_order*, bool, bool) /test/10.5_opt_san/sql/sql_table.cc:11299:9 #5 0x5590018607c0 in Sql_cmd_alter_table::execute(THD*) /test/10.5_opt_san/sql/sql_alter.cc:601:11 #6 0x55900115fc0a in mysql_execute_command(THD*) /test/10.5_opt_san/sql/sql_parse.cc:6179:26 #7 0x5590012038b3 in execute_server_code(THD*, char const*, unsigned long) /test/10.5_opt_san/sql/sql_prepare.cc:3989:10 #8 0x559001237ab3 in loc_advanced_command(st_mysql*, enum_server_command, unsigned char const*, unsigned long, unsigned char const*, unsigned long, char, st_mysql_stmt*) /test/10.5_opt_san/sql/sql_prepare.cc:6138:13 #9 0x559001ee9e73 in server_mysql_send_query /test/10.5_opt_san/sql-common/client.c:3615:3 #10 0x559001ee9fd6 in server_mysql_real_query /test/10.5_opt_san/sql-common/client.c:3625:7 #11 0x152f9f7fd5ff in spider_init_system_tables() /test/10.5_opt_san/storage/spider/spd_table.cc:6165:9 #12 0x152f9f7ffb9f in spider_db_init(void*) /test/10.5_opt_san/storage/spider/spd_table.cc:6456:7 #13 0x55900203f7b7 in ha_initialize_handlerton(void*) /test/10.5_opt_san/sql/handler.cc:648:37 #14 0x5590011b8dd1 in plugin_do_initialize(st_plugin_int*, unsigned int&) /test/10.5_opt_san/sql/sql_plugin.cc:1452:18 #15 0x5590011b813a in plugin_initialize(st_mem_root*, st_plugin_int*, int*, char**, bool) /test/10.5_opt_san/sql/sql_plugin.cc:1506:10 #16 0x5590011c2729 in finalize_install(THD*, TABLE*, st_mysql_const_lex_string const*, int*, char**) /test/10.5_opt_san/sql/sql_plugin.cc:2221:9 #17 0x5590011c0231 in mysql_install_plugin(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*) /test/10.5_opt_san/sql/sql_plugin.cc:2320:12 #18 0x55900115cf07 in mysql_execute_command(THD*) /test/10.5_opt_san/sql/sql_parse.cc:6081:17 #19 0x559001130168 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /test/10.5_opt_san/sql/sql_parse.cc:8237:18 #20 0x559001123160 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /test/10.5_opt_san/sql/sql_parse.cc:1891:7 #21 0x559001132ba9 in do_command(THD*) /test/10.5_opt_san/sql/sql_parse.cc:1375:17 #22 0x559001838f72 in do_handle_one_connection(CONNECT*, bool) /test/10.5_opt_san/sql/sql_connect.cc:1386:11 #23 0x5590018383d4 in handle_one_connection /test/10.5_opt_san/sql/sql_connect.cc:1298:5 #24 0x559000b9910c in asan_thread_start(void*) asan_interceptors.cpp.o #25 0x152fc8e9ca93 in start_thread nptl/pthread_create.c:447:8 #26 0x152fc8f29c3b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78 SUMMARY: UndefinedBehaviorSanitizer: function-type-mismatch /test/10.5_opt_san/storage/myisam/ha_myisam.cc:1340:11 CS 10.5.28 142851f1205d98270b917a98e1bdd483e1b8af0e (Debug, UBASAN) /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1675:33: runtime error: call to function mysql_sys_var_longlong(THD*, int) through pointer to incorrect function type 'unsigned long long *(*)(THD *, int)' /test/10.5_dbg_san/sql/sql_plugin.cc:3241: note: mysql_sys_var_longlong(THD*, int) defined here #0 0x55f6a5d829dd in ha_myisam::enable_indexes(Bitmap<64u>, bool) /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1675:33 #1 0x55f6a5d897ed in ha_myisam::end_bulk_insert() /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1873:26 #2 0x55f6a243831f in handler::ha_end_bulk_insert() /test/10.5_dbg_san/sql/handler.cc:4806:3 #3 0x55f6a0c4d315 in copy_data_between_tables(THD*, TABLE*, TABLE*, bool, unsigned int, st_order*, unsigned long long*, unsigned long long*, Alter_info*, Alter_table_ctx*) /test/10.5_dbg_san/sql/sql_table.cc:12026:40 #4 0x55f6a0bf7e34 in mysql_alter_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, TABLE_LIST*, Recreate_info*, Alter_info*, unsigned int, st_order*, bool, bool) /test/10.5_dbg_san/sql/sql_table.cc:11299:9 #5 0x55f6a12106c7 in Sql_cmd_alter_table::execute(THD*) /test/10.5_dbg_san/sql/sql_alter.cc:601:11 #6 0x55f6a02e3fb0 in mysql_execute_command(THD*) /test/10.5_dbg_san/sql/sql_parse.cc:6179:26 #7 0x55f6a040b08a in execute_server_code(THD*, char const*, unsigned long) /test/10.5_dbg_san/sql/sql_prepare.cc:3989:10 #8 0x55f6a047b971 in loc_advanced_command(st_mysql*, enum_server_command, unsigned char const*, unsigned long, unsigned char const*, unsigned long, char, st_mysql_stmt*) /test/10.5_dbg_san/sql/sql_prepare.cc:6138:13 #9 0x55f6a213352f in server_mysql_send_query /test/10.5_dbg_san/sql-common/client.c:3615:3 #10 0x55f6a213357b in server_mysql_real_query /test/10.5_dbg_san/sql-common/client.c:3625:7 #11 0x154669c0769d in spider_init_system_tables() /test/10.5_dbg_san/storage/spider/spd_table.cc:6165:9 #12 0x154669c0bc53 in spider_db_init(void*) /test/10.5_dbg_san/storage/spider/spd_table.cc:6456:7 #13 0x55f6a23bc033 in ha_initialize_handlerton(void*) /test/10.5_dbg_san/sql/handler.cc:648:37 #14 0x55f6a0370d3e in plugin_do_initialize(st_plugin_int*, unsigned int&) /test/10.5_dbg_san/sql/sql_plugin.cc:1452:18 #15 0x55f6a036f0b2 in plugin_initialize(st_mem_root*, st_plugin_int*, int*, char**, bool) /test/10.5_dbg_san/sql/sql_plugin.cc:1506:10 #16 0x55f6a0382700 in finalize_install(THD*, TABLE*, st_mysql_const_lex_string const*, int*, char**) /test/10.5_dbg_san/sql/sql_plugin.cc:2221:9 #17 0x55f6a037d6bc in mysql_install_plugin(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*) /test/10.5_dbg_san/sql/sql_plugin.cc:2320:12 #18 0x55f6a02e0b2b in mysql_execute_command(THD*) /test/10.5_dbg_san/sql/sql_parse.cc:6081:17 #19 0x55f6a02364e3 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /test/10.5_dbg_san/sql/sql_parse.cc:8237:18 #20 0x55f6a0216453 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /test/10.5_dbg_san/sql/sql_parse.cc:1891:7 #21 0x55f6a023ea19 in do_command(THD*) /test/10.5_dbg_san/sql/sql_parse.cc:1375:17 #22 0x55f6a11b8f30 in do_handle_one_connection(CONNECT*, bool) /test/10.5_dbg_san/sql/sql_connect.cc:1386:11 #23 0x55f6a11b76fd in handle_one_connection /test/10.5_dbg_san/sql/sql_connect.cc:1298:5 #24 0x55f69f6b2a8c in asan_thread_start(void*) asan_interceptors.cpp.o #25 0x15469149ca93 in start_thread nptl/pthread_create.c:447:8 #26 0x154691529c3b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78 SUMMARY: UndefinedBehaviorSanitizer: function-type-mismatch /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1675:33 /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1340:11: runtime error: call to function mysql_sys_var_long(THD*, int) through pointer to incorrect function type 'unsigned long *(*)(THD *, int)' /test/10.5_dbg_san/sql/sql_plugin.cc:3231: note: mysql_sys_var_long(THD*, int) defined here #0 0x55f6a5d763d6 in ha_myisam::repair(THD*, st_handler_check_param&, bool) /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1340:11 #1 0x55f6a5d830e9 in ha_myisam::enable_indexes(Bitmap<64u>, bool) /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1685:18 #2 0x55f6a5d897ed in ha_myisam::end_bulk_insert() /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1873:26 #3 0x55f6a243831f in handler::ha_end_bulk_insert() /test/10.5_dbg_san/sql/handler.cc:4806:3 #4 0x55f6a0c4d315 in copy_data_between_tables(THD*, TABLE*, TABLE*, bool, unsigned int, st_order*, unsigned long long*, unsigned long long*, Alter_info*, Alter_table_ctx*) /test/10.5_dbg_san/sql/sql_table.cc:12026:40 #5 0x55f6a0bf7e34 in mysql_alter_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, TABLE_LIST*, Recreate_info*, Alter_info*, unsigned int, st_order*, bool, bool) /test/10.5_dbg_san/sql/sql_table.cc:11299:9 #6 0x55f6a12106c7 in Sql_cmd_alter_table::execute(THD*) /test/10.5_dbg_san/sql/sql_alter.cc:601:11 #7 0x55f6a02e3fb0 in mysql_execute_command(THD*) /test/10.5_dbg_san/sql/sql_parse.cc:6179:26 #8 0x55f6a040b08a in execute_server_code(THD*, char const*, unsigned long) /test/10.5_dbg_san/sql/sql_prepare.cc:3989:10 #9 0x55f6a047b971 in loc_advanced_command(st_mysql*, enum_server_command, unsigned char const*, unsigned long, unsigned char const*, unsigned long, char, st_mysql_stmt*) /test/10.5_dbg_san/sql/sql_prepare.cc:6138:13 #10 0x55f6a213352f in server_mysql_send_query /test/10.5_dbg_san/sql-common/client.c:3615:3 #11 0x55f6a213357b in server_mysql_real_query /test/10.5_dbg_san/sql-common/client.c:3625:7 #12 0x154669c0769d in spider_init_system_tables() /test/10.5_dbg_san/storage/spider/spd_table.cc:6165:9 #13 0x154669c0bc53 in spider_db_init(void*) /test/10.5_dbg_san/storage/spider/spd_table.cc:6456:7 #14 0x55f6a23bc033 in ha_initialize_handlerton(void*) /test/10.5_dbg_san/sql/handler.cc:648:37 #15 0x55f6a0370d3e in plugin_do_initialize(st_plugin_int*, unsigned int&) /test/10.5_dbg_san/sql/sql_plugin.cc:1452:18 #16 0x55f6a036f0b2 in plugin_initialize(st_mem_root*, st_plugin_int*, int*, char**, bool) /test/10.5_dbg_san/sql/sql_plugin.cc:1506:10 #17 0x55f6a0382700 in finalize_install(THD*, TABLE*, st_mysql_const_lex_string const*, int*, char**) /test/10.5_dbg_san/sql/sql_plugin.cc:2221:9 #18 0x55f6a037d6bc in mysql_install_plugin(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*) /test/10.5_dbg_san/sql/sql_plugin.cc:2320:12 #19 0x55f6a02e0b2b in mysql_execute_command(THD*) /test/10.5_dbg_san/sql/sql_parse.cc:6081:17 #20 0x55f6a02364e3 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /test/10.5_dbg_san/sql/sql_parse.cc:8237:18 #21 0x55f6a0216453 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /test/10.5_dbg_san/sql/sql_parse.cc:1891:7 #22 0x55f6a023ea19 in do_command(THD*) /test/10.5_dbg_san/sql/sql_parse.cc:1375:17 #23 0x55f6a11b8f30 in do_handle_one_connection(CONNECT*, bool) /test/10.5_dbg_san/sql/sql_connect.cc:1386:11 #24 0x55f6a11b76fd in handle_one_connection /test/10.5_dbg_san/sql/sql_connect.cc:1298:5 #25 0x55f69f6b2a8c in asan_thread_start(void*) asan_interceptors.cpp.o #26 0x15469149ca93 in start_thread nptl/pthread_create.c:447:8 #27 0x154691529c3b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78 SUMMARY: UndefinedBehaviorSanitizer: function-type-mismatch /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1340:11 Also observed this slightly different codepath: CS 10.5.28 142851f1205d98270b917a98e1bdd483e1b8af0e (Optimized, UBASAN) /test/clang_new/10.5_opt_san/storage/myisam/ha_myisam.cc:1675:33: runtime error: call to function mysql_sys_var_longlong(THD*, int) through pointer to incorrect function type 'unsigned long long *(*)(THD *, int)' /test/clang_new/10.5_opt_san/sql/sql_plugin.cc:3241: note: mysql_sys_var_longlong(THD*, int) defined here #0 0x56515c4b9c43 in ha_myisam::enable_indexes(Bitmap<64u>, bool) /test/clang_new/10.5_opt_san/storage/myisam/ha_myisam.cc:1675:33 #1 0x56515c4bcd1e in ha_myisam::end_bulk_insert() /test/clang_new/10.5_opt_san/storage/myisam/ha_myisam.cc:1873:26 #2 0x56515a092333 in copy_data_between_tables(THD*, TABLE*, TABLE*, bool, unsigned int, st_order*, unsigned long long*, unsigned long long*, Alter_info*, Alter_table_ctx*) /test/clang_new/10.5_opt_san/sql/sql_table.cc:12026:40 #3 0x56515a06a61d in mysql_alter_table(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*, HA_CREATE_INFO*, TABLE_LIST*, Recreate_info*, Alter_info*, unsigned int, st_order*, bool, bool) /test/clang_new/10.5_opt_san/sql/sql_table.cc:11299:9 #4 0x56515a326340 in Sql_cmd_alter_table::execute(THD*) /test/clang_new/10.5_opt_san/sql/sql_alter.cc:601:11 #5 0x565159c25c0a in mysql_execute_command(THD*) /test/clang_new/10.5_opt_san/sql/sql_parse.cc:6179:26 #6 0x565159cc98b3 in execute_server_code(THD*, char const*, unsigned long) /test/clang_new/10.5_opt_san/sql/sql_prepare.cc:3989:10 #7 0x565159cfdab3 in loc_advanced_command(st_mysql*, enum_server_command, unsigned char const*, unsigned long, unsigned char const*, unsigned long, char, st_mysql_stmt*) /test/clang_new/10.5_opt_san/sql/sql_prepare.cc:6138:13 #8 0x56515a9af9f3 in server_mysql_send_query /test/clang_new/10.5_opt_san/sql-common/client.c:3615:3 #9 0x56515a9afb56 in server_mysql_real_query /test/clang_new/10.5_opt_san/sql-common/client.c:3625:7 #10 0x14b1fc3fd5ff in spider_init_system_tables() /test/clang_new/10.5_opt_san/storage/spider/spd_table.cc:6165:9 #11 0x14b1fc3ffb9f in spider_db_init(void*) /test/clang_new/10.5_opt_san/storage/spider/spd_table.cc:6456:7 #12 0x56515ab05337 in ha_initialize_handlerton(void*) /test/clang_new/10.5_opt_san/sql/handler.cc:648:37 #13 0x565159c7edd1 in plugin_do_initialize(st_plugin_int*, unsigned int&) /test/clang_new/10.5_opt_san/sql/sql_plugin.cc:1452:18 #14 0x565159c7e13a in plugin_initialize(st_mem_root*, st_plugin_int*, int*, char**, bool) /test/clang_new/10.5_opt_san/sql/sql_plugin.cc:1506:10 #15 0x565159c88729 in finalize_install(THD*, TABLE*, st_mysql_const_lex_string const*, int*, char**) /test/clang_new/10.5_opt_san/sql/sql_plugin.cc:2221:9 #16 0x565159c8637c in mysql_install_plugin(THD*, st_mysql_const_lex_string const*, st_mysql_const_lex_string const*) /test/clang_new/10.5_opt_san/sql/sql_plugin.cc:2329:11 #17 0x565159c22f07 in mysql_execute_command(THD*) /test/clang_new/10.5_opt_san/sql/sql_parse.cc:6081:17 #18 0x565159bf6168 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /test/clang_new/10.5_opt_san/sql/sql_parse.cc:8237:18 #19 0x565159be9160 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /test/clang_new/10.5_opt_san/sql/sql_parse.cc:1891:7 #20 0x565159bf8ba9 in do_command(THD*) /test/clang_new/10.5_opt_san/sql/sql_parse.cc:1375:17 #21 0x56515a2fef72 in do_handle_one_connection(CONNECT*, bool) /test/clang_new/10.5_opt_san/sql/sql_connect.cc:1386:11 #22 0x56515a2fe3d4 in handle_one_connection /test/clang_new/10.5_opt_san/sql/sql_connect.cc:1298:5 #23 0x56515965f10c in asan_thread_start(void*) asan_interceptors.cpp.o #24 0x14b23789ca93 in start_thread nptl/pthread_create.c:447:8 #25 0x14b237929c3b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78 SUMMARY: UndefinedBehaviorSanitizer: function-type-mismatch /test/clang_new/10.5_opt_san/storage/myisam/ha_myisam.cc:1675:33 ycp FYI (likely not a bug for you, but just FYI)

Roel Van de Paar added a comment - 2024-12-02 19:25

Issue also present in 11.8, including after the merge that brought ~~MDEV-34348~~ to 11.8. Tested at commit f0961301c81c7f5b009c012c076abc326b203b4a (Debug, UBASAN, Clang).

Roel Van de Paar added a comment - 2024-12-02 19:25 Issue also present in 11.8, including after the merge that brought MDEV-34348 to 11.8. Tested at commit f0961301c81c7f5b009c012c076abc326b203b4a (Debug, UBASAN, Clang).

Roel Van de Paar added a comment - 2024-12-11 05:52 - edited

bnestere ycp Hi! The UBSAN call to function mysql_sys_var_long (THD*, int) through pointer to incorrect function type 'unsigned long *(*)(THD *, int)' will require urgent fixing, as this particular issue is not supressable using UBSAN supressions, and occurs on Spider Plugin load, resulting in all other Spider *SAN issues are masked. Thank you

Roel Van de Paar added a comment - 2024-12-11 05:52 - edited bnestere ycp Hi! The UBSAN call to function mysql_sys_var_long (THD*, int) through pointer to incorrect function type 'unsigned long *(*)(THD *, int)' will require urgent fixing, as this particular issue is not supressable using UBSAN supressions, and occurs on Spider Plugin load, resulting in all other Spider *SAN issues are masked. Thank you

Roel Van de Paar added a comment - 2024-12-20 06:00

Additional function-type-mismatch for ha_myisam::optimize with this testcase:

CREATE TABLE t1 (f1 VARCHAR(128), f2 VARCHAR(128), KEY(f2,f1) USING BTREE) ENGINE=MyISAM;

INSERT INTO diaries VALUES (1216, "2014-11-11");

OPTIMIZE TABLE t1;

SELECT SLEEP(2);

Leads to:

CS 10.5.28 a226f12675c6312ca7632b90261397e313e6a7ae (Debug, UBASAN, Clang)
/test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1256:31: runtime error: call to function mysql_sys_var_longlong(THD, int) through pointer to incorrect function type 'unsigned long long ()(THD , int)'
/test/10.5_dbg_san/sql/sql_plugin.cc:3241: note: mysql_sys_var_longlong(THD*, int) defined here
#0 0x563ae0a10df2 in ha_myisam::optimize(THD, st_ha_check_opt) /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1256:31
#1 0x563add0d162d in handler::ha_optimize(THD, st_ha_check_opt) /test/10.5_dbg_san/sql/handler.cc:4891:10
#2 0x563adbef861b in mysql_admin_table(THD, TABLE_LIST, st_ha_check_opt, char const, thr_lock_type, bool, bool, unsigned int, int ()(THD, TABLE_LIST, st_ha_check_opt), int (handler::)(THD, st_ha_check_opt), int ()(THD, TABLE_LIST, st_ha_check_opt*), bool) /test/10.5_dbg_san/sql/sql_admin.cc:875:21
#3 0x563adbf1235e in Sql_cmd_optimize_table::execute(THD*) /test/10.5_dbg_san/sql/sql_admin.cc:1517:5
#4 0x563adaf78140 in mysql_execute_command(THD*) /test/10.5_dbg_san/sql/sql_parse.cc:6193:26
#5 0x563adaeca673 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /test/10.5_dbg_san/sql/sql_parse.cc:8251:18
#6 0x563adaea9863 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /test/10.5_dbg_san/sql/sql_parse.cc:1891:7
#7 0x563adaed2ba9 in do_command(THD*) /test/10.5_dbg_san/sql/sql_parse.cc:1375:17
#8 0x563adbe4f0c0 in do_handle_one_connection(CONNECT*, bool) /test/10.5_dbg_san/sql/sql_connect.cc:1386:11
#9 0x563adbe4d88d in handle_one_connection /test/10.5_dbg_san/sql/sql_connect.cc:1298:5
#10 0x563ada346a8c in asan_thread_start(void*) asan_interceptors.cpp.o
#11 0x14d03f69ca93 in start_thread nptl/pthread_create.c:447:8
#12 0x14d03f729c3b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

SUMMARY: UndefinedBehaviorSanitizer: function-type-mismatch /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1256:31

Roel Van de Paar added a comment - 2024-12-20 06:00 Additional function-type-mismatch for ha_myisam::optimize with this testcase: CREATE TABLE t1 (f1 VARCHAR (128), f2 VARCHAR (128), KEY (f2,f1) USING BTREE) ENGINE=MyISAM; INSERT INTO diaries VALUES (1216, "2014-11-11" ); OPTIMIZE TABLE t1; SELECT SLEEP(2); Leads to: CS 10.5.28 a226f12675c6312ca7632b90261397e313e6a7ae (Debug, UBASAN, Clang) /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1256:31: runtime error: call to function mysql_sys_var_longlong(THD*, int) through pointer to incorrect function type 'unsigned long long *(*)(THD *, int)' /test/10.5_dbg_san/sql/sql_plugin.cc:3241: note: mysql_sys_var_longlong(THD*, int) defined here #0 0x563ae0a10df2 in ha_myisam::optimize(THD*, st_ha_check_opt*) /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1256:31 #1 0x563add0d162d in handler::ha_optimize(THD*, st_ha_check_opt*) /test/10.5_dbg_san/sql/handler.cc:4891:10 #2 0x563adbef861b in mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, char const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), bool) /test/10.5_dbg_san/sql/sql_admin.cc:875:21 #3 0x563adbf1235e in Sql_cmd_optimize_table::execute(THD*) /test/10.5_dbg_san/sql/sql_admin.cc:1517:5 #4 0x563adaf78140 in mysql_execute_command(THD*) /test/10.5_dbg_san/sql/sql_parse.cc:6193:26 #5 0x563adaeca673 in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /test/10.5_dbg_san/sql/sql_parse.cc:8251:18 #6 0x563adaea9863 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /test/10.5_dbg_san/sql/sql_parse.cc:1891:7 #7 0x563adaed2ba9 in do_command(THD*) /test/10.5_dbg_san/sql/sql_parse.cc:1375:17 #8 0x563adbe4f0c0 in do_handle_one_connection(CONNECT*, bool) /test/10.5_dbg_san/sql/sql_connect.cc:1386:11 #9 0x563adbe4d88d in handle_one_connection /test/10.5_dbg_san/sql/sql_connect.cc:1298:5 #10 0x563ada346a8c in asan_thread_start(void*) asan_interceptors.cpp.o #11 0x14d03f69ca93 in start_thread nptl/pthread_create.c:447:8 #12 0x14d03f729c3b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78 SUMMARY: UndefinedBehaviorSanitizer: function-type-mismatch /test/10.5_dbg_san/storage/myisam/ha_myisam.cc:1256:31

Roel Van de Paar added a comment - 2024-12-27 22:29

And finally in ha_maria::optimize:

CREATE TABLE t (c INT) ENGINE=Aria;

OPTIMIZE LOCAL TABLE t;

Leads to:

CS 11.8.0 7734c85c31c9e292ef1133115fba2f7edd71dd51 (Optimized, UBASAN, Clang)
/test/11.8_opt_san/storage/maria/ha_maria.cc:1571:35: runtime error: call to function mysql_sys_var_longlong(THD, int) through pointer to incorrect function type 'unsigned long long ()(THD , int)'
/test/11.8_opt_san/sql/sql_plugin.cc:3233: note: mysql_sys_var_longlong(THD*, int) defined here
#0 0x55cfe21af147 in ha_maria::optimize(THD, st_ha_check_opt) /test/11.8_opt_san/storage/maria/ha_maria.cc:1571:35
#1 0x55cfe0db5ea0 in mysql_admin_table(THD, TABLE_LIST, st_ha_check_opt, st_mysql_const_lex_string const, thr_lock_type, bool, bool, unsigned int, int ()(THD, TABLE_LIST, st_ha_check_opt), int (handler::)(THD, st_ha_check_opt), int ()(THD, TABLE_LIST, st_ha_check_opt*), bool) /test/11.8_opt_san/sql/sql_admin.cc:937:21
#2 0x55cfe0dbe19a in Sql_cmd_optimize_table::execute(THD*) /test/11.8_opt_san/sql/sql_admin.cc:1673:5
#3 0x55cfe05a5590 in mysql_execute_command(THD*, bool) /test/11.8_opt_san/sql/sql_parse.cc:5872:26
#4 0x55cfe0577c92 in mysql_parse(THD, char, unsigned int, Parser_state*) /test/11.8_opt_san/sql/sql_parse.cc:7901:18
#5 0x55cfe056cb9e in dispatch_command(enum_server_command, THD, char, unsigned int, bool) /test/11.8_opt_san/sql/sql_parse.cc:1903:7
#6 0x55cfe057aa6e in do_command(THD*, bool) /test/11.8_opt_san/sql/sql_parse.cc:1416:17
#7 0x55cfe0d5be38 in do_handle_one_connection(CONNECT*, bool) /test/11.8_opt_san/sql/sql_connect.cc:1415:11
#8 0x55cfe0d5b280 in handle_one_connection /test/11.8_opt_san/sql/sql_connect.cc:1327:5
#9 0x55cfdfea3b0c in asan_thread_start(void*) asan_interceptors.cpp.o
#10 0x15074269ca93 in start_thread nptl/pthread_create.c:447:8
#11 0x150742729c3b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

SUMMARY: UndefinedBehaviorSanitizer: function-type-mismatch /test/11.8_opt_san/storage/maria/ha_maria.cc:1571:35

Bug confirmed present in:
MariaDB: 10.5.28 (dbg), 10.5.28 (opt), 10.6.21 (dbg), 10.6.21 (opt), 10.11.11 (dbg), 10.11.11 (opt), 11.4.5 (dbg), 11.4.5 (opt), 11.7.1 (dbg), 11.7.1 (opt), 11.8.0 (dbg), 11.8.0 (opt)

Roel Van de Paar added a comment - 2024-12-27 22:29 And finally in ha_maria::optimize: CREATE TABLE t (c INT ) ENGINE=Aria; OPTIMIZE LOCAL TABLE t; Leads to: CS 11.8.0 7734c85c31c9e292ef1133115fba2f7edd71dd51 (Optimized, UBASAN, Clang) /test/11.8_opt_san/storage/maria/ha_maria.cc:1571:35: runtime error: call to function mysql_sys_var_longlong(THD*, int) through pointer to incorrect function type 'unsigned long long *(*)(THD *, int)' /test/11.8_opt_san/sql/sql_plugin.cc:3233: note: mysql_sys_var_longlong(THD*, int) defined here #0 0x55cfe21af147 in ha_maria::optimize(THD*, st_ha_check_opt*) /test/11.8_opt_san/storage/maria/ha_maria.cc:1571:35 #1 0x55cfe0db5ea0 in mysql_admin_table(THD*, TABLE_LIST*, st_ha_check_opt*, st_mysql_const_lex_string const*, thr_lock_type, bool, bool, unsigned int, int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), int (handler::*)(THD*, st_ha_check_opt*), int (*)(THD*, TABLE_LIST*, st_ha_check_opt*), bool) /test/11.8_opt_san/sql/sql_admin.cc:937:21 #2 0x55cfe0dbe19a in Sql_cmd_optimize_table::execute(THD*) /test/11.8_opt_san/sql/sql_admin.cc:1673:5 #3 0x55cfe05a5590 in mysql_execute_command(THD*, bool) /test/11.8_opt_san/sql/sql_parse.cc:5872:26 #4 0x55cfe0577c92 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/11.8_opt_san/sql/sql_parse.cc:7901:18 #5 0x55cfe056cb9e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/11.8_opt_san/sql/sql_parse.cc:1903:7 #6 0x55cfe057aa6e in do_command(THD*, bool) /test/11.8_opt_san/sql/sql_parse.cc:1416:17 #7 0x55cfe0d5be38 in do_handle_one_connection(CONNECT*, bool) /test/11.8_opt_san/sql/sql_connect.cc:1415:11 #8 0x55cfe0d5b280 in handle_one_connection /test/11.8_opt_san/sql/sql_connect.cc:1327:5 #9 0x55cfdfea3b0c in asan_thread_start(void*) asan_interceptors.cpp.o #10 0x15074269ca93 in start_thread nptl/pthread_create.c:447:8 #11 0x150742729c3b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78 SUMMARY: UndefinedBehaviorSanitizer: function-type-mismatch /test/11.8_opt_san/storage/maria/ha_maria.cc:1571:35 Bug confirmed present in: MariaDB: 10.5.28 (dbg), 10.5.28 (opt), 10.6.21 (dbg), 10.6.21 (opt), 10.11.11 (dbg), 10.11.11 (opt), 11.4.5 (dbg), 11.4.5 (opt), 11.7.1 (dbg), 11.7.1 (opt), 11.8.0 (dbg), 11.8.0 (opt)

MariaDB Server

UBSAN system variable type mismatches for ha_myisam.cc and ha_maria.cc

Details

Description

Attachments

Issue Links

Activity

People

Dates

Git Integration