Assertion `!__asan_region_is_poisoned((vo id*) dest,templ->mysql_col_len)' failed in void row_sel_field_store_in_mysql_format_func(byte *, const mysql_row_templ_t *, const byte *, ulint)

--source include/have_innodb.inc

SET sql_mode='';

CREATE TABLE t (a CHAR(205)) ENGINE=INNODB CHARACTER SET filename;

INSERT INTO t VALUES (1);

SELECT * FROM t;

mariadbd: /test/11.7_opt_san/storage/innobase/row/row0sel.cc:2808: void row_sel_field_store_in_mysql_format_func(byte *, const mysql_row_templ_t *, const byte *, ulint): Assertion `!__asan_region_is_poisoned((void*) dest,templ->mysql_col_len)' failed.

Core was generated by `/test/UBASAN_MD171024-mariadb-11.7.0-linux-x86_64-opt/bin/mariadbd --no-default'.

Program terminated with signal SIGABRT, Aborted.

#0  __pthread_kill (threadid=<optimized out>, signo=6)at ../sysdeps/unix/sysv/linux/pthread_kill.c:56

[Current thread is 1 (Thread 0x154344f8c700 (LWP 706604))]

(gdb) bt

#0  __pthread_kill (threadid=<optimized out>, signo=6) at ../sysdeps/unix/sysv/linux/pthread_kill.c:56

#1  0x00000000015a1356 in handle_fatal_signal (sig=<optimized out>) at signal_handler.cc:366

#2  <signal handler called>

#3  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50

#4  0x0000154367f0c859 in __GI_abort () at abort.c:79

#5  0x0000154367f0c729 in __assert_fail_base (fmt=0x1543680a2588 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=0x3120a00 <str> "!__asan_region_is_poisoned((void*) dest,templ->mysql_col_len)", file=0x3120740 <str> "/test/11.7_opt_san/storage/innobase/row/row0sel.cc", line=2808, function=<optimized out>) at assert.c:92

#6  0x0000154367f1dfd6 in __GI___assert_fail (assertion=0x3120a00 <str> "!__asan_region_is_poisoned((void*) dest,templ->mysql_col_len)", file=0x3120740 <str> "/test/11.7_opt_san/storage/innobase/row/row0sel.cc", line=2808, function=0x3120a60 <__PRETTY_FUNCTION__._Z40row_sel_field_store_in_mysql_format_funcPhPK17mysql_row_templ_tPKhm> "void row_sel_field_store_in_mysql_format_func(byte *, const mysql_row_templ_t *, const byte *, ulint)") at assert.c:101

#7  0x000000000224d1aa in row_sel_field_store_in_mysql_format_func (dest=0x61d0000636b9 "", templ=0x60d000006f90, data=0x1543526e8092 <error: Cannot access memory at address 0x1543526e8092>, len=1) at row/row0sel.cc:2808

#8  0x00000000022702a9 in row_sel_store_mysql_field (mysql_rec=<optimized out>, prebuilt=<optimized out>, rec=<optimized out>, index=<optimized out>, offsets=0x154344f878a0, field_no=3, templ=<optimized out>) at row/row0sel.cc:3100

#9  0x000000000225edd7 in row_sel_store_mysql_rec (mysql_rec=0x61d0000636b8 "\377", prebuilt=0x154344f86760, rec=0x1543526e807f <error: Cannot access memory at address 0x1543526e807f>, vrow=<optimized out>, rec_clust=false, index=0x6160000438f0, offsets=0x154344f878a0) at row/row0sel.cc:3236

#10 0x0000000002258b36 in row_search_mvcc (buf=<optimized out>, mode=PAGE_CUR_G, prebuilt=0x61f0000118f0, match_mode=<optimized out>, direction=<optimized out>) at row/row0sel.cc:5702

#11 0x0000000001f3e3ef in ha_innobase::index_read (this=0x61d000062cb8, buf=0x2 <error: Cannot access memory at address 0x2>, key_ptr=0x0, key_len=0, find_flag=<optimized out>) at handler/ha_innodb.cc:8989

#12 0x0000000001f3f5ed in ha_innobase::index_first (this=0x61d000062cb8, buf=0x61d0000636b8 "\377") at handler/ha_innodb.cc:9325

#13 ha_innobase::rnd_next (this=0x61d000062cb8, buf=0x61d0000636b8 "\377") at handler/ha_innodb.cc:9429

#14 0x00000000015b6070 in handler::ha_rnd_next (this=<optimized out>, buf=0x61d0000636b8 "\377") at handler.cc:3731

#15 0x0000000000906d01 in rr_sequential (info=0x6290000a3360) at records.cc:513

#16 0x0000000000ce2c59 in sub_select (join=<optimized out>, join_tab=0x6290000a3290, end_of_records=<optimized out>) at sql_select.cc:24058

#17 0x0000000000d5dc5d in do_select (join=0x6290000a1a00, procedure=<optimized out>) at sql_select.cc:23572

#18 JOIN::exec_inner (this=0x6290000a1a00) at sql_select.cc:5043

#19 0x0000000000d5a16c in JOIN::exec (this=0x6290000a1a00) at sql_select.cc:4826

#20 0x0000000000ce4f6c in mysql_select (thd=<optimized out>, tables=0x6290000a0938, fields=<optimized out>, conds=0x0, og_num=0, order=<optimized out>, group=0x0, having=0x0, proc_param=0x0, select_options=<optimized out>, result=0x6290000a19d0, unit=0x62b000162360, select_lex=0x6290000a02c0) at sql_select.cc:5359

#21 0x0000000000ce42b7 in handle_select (thd=0x62b00015e218, lex=0x62b000162280, result=0x6290000a19d0, setup_tables_done_option=0) at sql_select.cc:642

#22 0x0000000000c1d5b6 in execute_sqlcom_select (thd=0x62b00015e218, all_tables=<optimized out>) at sql_parse.cc:6167

#23 0x0000000000c0c9e1 in mysql_execute_command (thd=0x62b00015e218, is_called_from_prepared_stmt=<optimized out>) at sql_parse.cc:3954

#24 0x0000000000bf88b1 in mysql_parse (thd=0x62b00015e218, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at sql_parse.cc:7889

#25 0x0000000000bf212f in dispatch_command (command=<optimized out>, thd=0x62b00015e218, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at sql_parse.cc:1892

#26 0x0000000000bf958a in do_command (thd=0x62b00015e218, blocking=true) at sql_parse.cc:1405

#27 0x00000000010b3043 in do_handle_one_connection (connect=<optimized out>, put_in_cache=<optimized out>) at sql_connect.cc:1448

#28 0x00000000010b2668 in handle_one_connection (arg=0x608000002638) at sql_connect.cc:1350

#29 0x00001543682f3609 in start_thread (arg=<optimized out>) at pthread_create.c:477

#30 0x0000154368009133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95