[MDEV-35538] UBSAN: nullptr-with-offset: runtime error: applying zero offset to null pointer in check_rules and in init_weight_level - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Critical
Resolution: Fixed
Affects Version/s: 11.7(EOL), 11.8
Fix Version/s: 10.11.11, 11.2.7, 11.4.5, 11.7.2, 11.8.1
Component/s: Character Sets
Labels:

Description

export UBSAN_OPTIONS=print_stacktrace=1:report_error_type=1

rm -Rf data tmp

mkdir tmp

./scripts/mariadb-install-db --no-defaults --force --auth-root-authentication-method=normal --basedir=${PWD} --tmpdir=${PWD}/tmp --datadir=${PWD}/data

Leads to:

CS 11.7.1 d4d5bce2da0d22b25485da3904f9f5fc11d7fcd4 (Debug, UBASAN)
/test/11.7_dbg_san/strings/ctype-uca.c:33746:43: runtime error: applying zero offset to null pointer
#0 0x55ab8028f70d in check_rules /test/11.7_dbg_san/strings/ctype-uca.c:33746:43
#1 0x55ab8028d7d6 in init_weight_level /test/11.7_dbg_san/strings/ctype-uca.c:34377:7
#2 0x55ab8028d402 in my_uca_init_levels /test/11.7_dbg_san/strings/ctype-uca.c:34573:9
#3 0x55ab80284ef2 in my_uca_info_init /test/11.7_dbg_san/strings/ctype-uca.c:34594:10
#4 0x55ab80284143 in create_tailoring /test/11.7_dbg_san/strings/ctype-uca.c:34675:13
#5 0x55ab80263752 in my_coll_init_uca /test/11.7_dbg_san/strings/ctype-uca.c:34492:10
#6 0x55ab80271ac4 in my_uca_coll_init_utf8mb4 /test/11.7_dbg_san/strings/ctype-uca.c:36579:7
#7 0x55ab7ffa246c in my_ci_init_collation /test/11.7_dbg_san/include/m_ctype.h:1388:10
#8 0x55ab7ff98604 in get_internal_charset /test/11.7_dbg_san/mysys/charset.c:902:13
#9 0x55ab7ff9892d in my_collation_get_by_name /test/11.7_dbg_san/mysys/charset.c:967:19
#10 0x55ab7b7975de in Charset_loader_mysys::get_exact_collation(char const*, unsigned long) /test/11.7_dbg_san/include/my_sys.h:1221:12
#11 0x55ab7b78d1a6 in Charset_loader_mysys::get_exact_collation_by_context_name(charset_info_st const, char const, unsigned long) /test/11.7_dbg_san/include/my_sys.h:1255:12
#12 0x55ab7b7977d6 in Charset_loader_mysys::get_context_collation(char const*, unsigned long) /test/11.7_dbg_san/include/my_sys.h:1236:12
#13 0x55ab7b79165f in Charset_loader_server::get_context_collation_or_error(char const*, unsigned long) /test/11.7_dbg_san/sql/lex_charset.h:91:23
#14 0x55ab7b7913b0 in Lex_extended_collation_st::set_by_name(char const*, unsigned long) /test/11.7_dbg_san/sql/lex_charset.cc:379:22
#15 0x55ab7b798fd9 in Charset_collation_map_st::insert_or_replace(st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, bool, unsigned long) /test/11.7_dbg_san/sql/charset_collations.cc:72:11
#16 0x55ab7b799433 in Charset_collation_map_st::from_text(st_mysql_const_lex_string const&, unsigned long) /test/11.7_dbg_san/sql/charset_collations.cc:106:11
#17 0x55ab7911bda4 in init_common_variables() /test/11.7_dbg_san/sql/mysqld.cc:4303:35
#18 0x55ab79115397 in mysqld_main(int, char**) /test/11.7_dbg_san/sql/mysqld.cc:5938:7
#19 0x55ab791004a3 in main /test/11.7_dbg_san/sql/main.cc:34:10
#20 0x14f77a02a1c9 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#21 0x14f77a02a28a in __libc_start_main csu/../csu/libc-start.c:360:3
#22 0x55ab79024c74 in _start (/test/UBASAN_MD271124-mariadb-11.7.1-linux-x86_64-dbg/bin/mariadbd+0x420ac74) (BuildId: 4ffc5d87b420973421d7e440cab2c81981d3640e)

SUMMARY: UndefinedBehaviorSanitizer: nullptr-with-offset /test/11.7_dbg_san/strings/ctype-uca.c:33746:43

And:

CS 11.7.1 d4d5bce2da0d22b25485da3904f9f5fc11d7fcd4 (Debug, UBASAN)
/test/11.7_dbg_san/strings/ctype-uca.c:34395:43: runtime error: applying zero offset to null pointer
#0 0x55ab8028dfe9 in init_weight_level /test/11.7_dbg_san/strings/ctype-uca.c:34395:43
#1 0x55ab8028d402 in my_uca_init_levels /test/11.7_dbg_san/strings/ctype-uca.c:34573:9
#2 0x55ab80284ef2 in my_uca_info_init /test/11.7_dbg_san/strings/ctype-uca.c:34594:10
#3 0x55ab80284143 in create_tailoring /test/11.7_dbg_san/strings/ctype-uca.c:34675:13
#4 0x55ab80263752 in my_coll_init_uca /test/11.7_dbg_san/strings/ctype-uca.c:34492:10
#5 0x55ab80271ac4 in my_uca_coll_init_utf8mb4 /test/11.7_dbg_san/strings/ctype-uca.c:36579:7
#6 0x55ab7ffa246c in my_ci_init_collation /test/11.7_dbg_san/include/m_ctype.h:1388:10
#7 0x55ab7ff98604 in get_internal_charset /test/11.7_dbg_san/mysys/charset.c:902:13
#8 0x55ab7ff9892d in my_collation_get_by_name /test/11.7_dbg_san/mysys/charset.c:967:19
#9 0x55ab7b7975de in Charset_loader_mysys::get_exact_collation(char const*, unsigned long) /test/11.7_dbg_san/include/my_sys.h:1221:12
#10 0x55ab7b78d1a6 in Charset_loader_mysys::get_exact_collation_by_context_name(charset_info_st const, char const, unsigned long) /test/11.7_dbg_san/include/my_sys.h:1255:12
#11 0x55ab7b7977d6 in Charset_loader_mysys::get_context_collation(char const*, unsigned long) /test/11.7_dbg_san/include/my_sys.h:1236:12
#12 0x55ab7b79165f in Charset_loader_server::get_context_collation_or_error(char const*, unsigned long) /test/11.7_dbg_san/sql/lex_charset.h:91:23
#13 0x55ab7b7913b0 in Lex_extended_collation_st::set_by_name(char const*, unsigned long) /test/11.7_dbg_san/sql/lex_charset.cc:379:22
#14 0x55ab7b798fd9 in Charset_collation_map_st::insert_or_replace(st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, bool, unsigned long) /test/11.7_dbg_san/sql/charset_collations.cc:72:11
#15 0x55ab7b799433 in Charset_collation_map_st::from_text(st_mysql_const_lex_string const&, unsigned long) /test/11.7_dbg_san/sql/charset_collations.cc:106:11
#16 0x55ab7911bda4 in init_common_variables() /test/11.7_dbg_san/sql/mysqld.cc:4303:35
#17 0x55ab79115397 in mysqld_main(int, char**) /test/11.7_dbg_san/sql/mysqld.cc:5938:7
#18 0x55ab791004a3 in main /test/11.7_dbg_san/sql/main.cc:34:10
#19 0x14f77a02a1c9 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16
#20 0x14f77a02a28a in __libc_start_main csu/../csu/libc-start.c:360:3
#21 0x55ab79024c74 in _start (/test/UBASAN_MD271124-mariadb-11.7.1-linux-x86_64-dbg/bin/mariadbd+0x420ac74) (BuildId: 4ffc5d87b420973421d7e440cab2c81981d3640e)

Observed using UBSAN with Clang and LLMV 18.1.3:

sudo apt install clang llvm-18 llvm-18-linker-tools llvm-18-runtime llvm-18-tools llvm-18-dev libstdc++-14-dev llvm-dev llvm-17-linker-tools  # llvm-17-linker-tools installs /usr/lib/llvm-17/lib/LLVMgold.so, which is needed for compilation, and LLVMgold.so is no longer included in LLVM 18

sudo ln -s /usr/lib/llvm-17/lib/LLVMgold.so /usr/lib/llvm-18/lib/LLVMgold.so

...

export UBSAN_OPTIONS=print_stacktrace=1:report_error_type=1

Attachments

Issue Links

is caused by

MDEV-27009 Add UCA-14.0.0 collations

Closed

Activity

People

Assignee:: Alexander Barkov

Reporter:: Roel Van de Paar

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2024-11-30 04:05

Updated:: 2025-01-23 14:44

Resolved:: 2025-01-23 14:44

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.