Details
-
Bug
-
Status: Confirmed (View Workflow)
-
Major
-
Resolution: Unresolved
-
11.4, 11.8, 12.0
Description
INSTALL PLUGIN Spider SONAME 'ha_spider.so'; |
CREATE SERVER srv FOREIGN DATA WRAPPER mysql OPTIONS (SOCKET '../socket.sock',DATABASE'',USER'',PASSWORD''); |
CREATE TABLE t (c INT) ENGINE=Spider COMMENT='WRAPPER "mysql",SRV "srv",TABLE "t1"'; |
SELECT * FROM t; |
Leads to:
|
CS 11.4.6 ef966af801afc2a07222b5df65dddd52c77431dd (Debug, UBASAN, Clang) Build 15/02/2025 |
/test/11.4_dbg_san/extra/wolfssl/wolfssl/src/ssl.c:17953:17: runtime error: call to function wolfSSL_X509_free through pointer to incorrect function type 'void (*)(void *)'
|
/test/11.4_dbg_san/extra/wolfssl/wolfssl/src/x509.c:3344: note: wolfSSL_X509_free defined here
|
#0 0x55cfb969e470 in wolfSSL_sk_pop_free /test/11.4_dbg_san/extra/wolfssl/wolfssl/src/ssl.c:17953:17
|
#1 0x55cfb9724f1e in wolfSSL_sk_X509_pop_free /test/11.4_dbg_san/extra/wolfssl/wolfssl/src/x509.c:4277:5
|
#2 0x55cfb9724f1e in wolfSSL_X509_STORE_CTX_free /test/11.4_dbg_san/extra/wolfssl/wolfssl/src/x509_str.c:103:13
|
#3 0x55cfb98fc405 in DoVerifyCallback /test/11.4_dbg_san/extra/wolfssl/wolfssl/src/internal.c:14344:9
|
#4 0x55cfb9901a75 in ProcessPeerCerts /test/11.4_dbg_san/extra/wolfssl/wolfssl/src/internal.c:16651:19
|
#5 0x55cfb97432b6 in DoTls13Certificate /test/11.4_dbg_san/extra/wolfssl/wolfssl/src/tls13.c:9810:15
|
#6 0x55cfb97409c6 in DoTls13HandShakeMsgType /test/11.4_dbg_san/extra/wolfssl/wolfssl/src/tls13.c:12727:15
|
#7 0x55cfb9746505 in DoTls13HandShakeMsg /test/11.4_dbg_san/extra/wolfssl/wolfssl/src/tls13.c:13014:15
|
#8 0x55cfb9925fb4 in DoProcessReplyEx /test/11.4_dbg_san/extra/wolfssl/wolfssl/src/internal.c:22426:31
|
#9 0x55cfb9747c2b in wolfSSL_connect_TLSv13 /test/11.4_dbg_san/extra/wolfssl/wolfssl/src/tls13.c:13305:35
|
#10 0x55cfb8387959 in ssl_handshake_loop /test/11.4_dbg_san/vio/viossl.c:284:16
|
#11 0x55cfb8387959 in ssl_do /test/11.4_dbg_san/vio/viossl.c:328:11
|
#12 0x55cfb7992e89 in send_client_reply_packet /test/11.4_dbg_san/sql-common/client.c:2159:9
|
#13 0x55cfb7986935 in client_mpvio_write_packet /test/11.4_dbg_san/sql-common/client.c:2354:12
|
#14 0x55cfb79906c4 in native_password_auth_client /test/11.4_dbg_san/sql-common/client.c:4200:9
|
#15 0x55cfb79842e5 in run_plugin_auth /test/11.4_dbg_san/sql-common/client.c:2486:8
|
#16 0x55cfb798a5e9 in server_mysql_real_connect /test/11.4_dbg_san/sql-common/client.c:3149:7
|
#17 0x14e905b10386 in spider_db_mbase::connect(char*, char*, char*, long, char*, char*, int, long long) /test/11.4_dbg_san/storage/spider/spd_db_mysql.cc:1982:8
|
#18 0x14e90588fb52 in spider_db_connect(st_spider_share const*, st_spider_conn*, int) /test/11.4_dbg_san/storage/spider/spd_db_conn.cc:130:35
|
#19 0x14e90589221b in spider_db_conn_queue_action(st_spider_conn*) /test/11.4_dbg_san/storage/spider/spd_db_conn.cc:242:22
|
#20 0x14e9058992ff in spider_db_before_query(st_spider_conn*, int*) /test/11.4_dbg_san/storage/spider/spd_db_conn.cc:556:20
|
#21 0x14e9058a4f95 in spider_db_set_names_internal(st_spider_transaction*, st_spider_share*, st_spider_conn*, int, int*) /test/11.4_dbg_san/storage/spider/spd_db_conn.cc:777:9
|
#22 0x14e905b8b010 in spider_mbase_handler::show_table_status(int, int, unsigned int) /test/11.4_dbg_san/storage/spider/spd_db_mysql.cc:12555:20
|
#23 0x14e9059aecc1 in spider_get_sts(st_spider_share*, int, long, ha_spider*, double, int, int, int, unsigned int) /test/11.4_dbg_san/storage/spider/spd_table.cc:7101:17
|
#24 0x14e9059ada3e in spider_share_get_sts_crd(THD*, ha_spider*, st_spider_share*, TABLE*, bool, bool, int*) /test/11.4_dbg_san/storage/spider/spd_table.cc:5354:23
|
#25 0x14e9059b20eb in spider_init_share(char const*, TABLE*, THD*, ha_spider*, int*, st_spider_share*, TABLE_SHARE*, bool) /test/11.4_dbg_san/storage/spider/spd_table.cc:5503:11
|
#26 0x14e9059b3b40 in spider_get_share(char const*, TABLE*, THD*, ha_spider*, int*) /test/11.4_dbg_san/storage/spider/spd_table.cc:5594:9
|
#27 0x14e905a3826e in ha_spider::open(char const*, int, unsigned int) /test/11.4_dbg_san/storage/spider/ha_spider.cc:273:20
|
#28 0x55cfb7adf963 in handler::ha_open(TABLE*, char const*, int, unsigned int, st_mem_root*, List<String>*) /test/11.4_dbg_san/sql/handler.cc:3592:7
|
#29 0x55cfb71e6c59 in open_table_from_share(THD*, TABLE_SHARE*, st_mysql_const_lex_string const*, unsigned int, unsigned int, unsigned int, TABLE*, bool, List<String>*) /test/11.4_dbg_san/sql/table.cc:4611:33
|
#30 0x55cfb69b01d9 in open_table(THD*, TABLE_LIST*, Open_table_context*) /test/11.4_dbg_san/sql/sql_base.cc:2263:12
|
#31 0x55cfb69c0202 in open_and_process_table(THD*, TABLE_LIST*, unsigned int*, unsigned int, Prelocking_strategy*, bool, Open_table_context*) /test/11.4_dbg_san/sql/sql_base.cc:4196:14
|
#32 0x55cfb69c0202 in open_tables(THD*, DDL_options_st const&, TABLE_LIST**, unsigned int*, unsigned int, Prelocking_strategy*) /test/11.4_dbg_san/sql/sql_base.cc:4682:14
|
#33 0x55cfb69caba4 in open_and_lock_tables(THD*, DDL_options_st const&, TABLE_LIST*, bool, unsigned int, Prelocking_strategy*) /test/11.4_dbg_san/sql/sql_base.cc:5656:7
|
#34 0x55cfb6b6877e in open_and_lock_tables(THD*, TABLE_LIST*, bool, unsigned int) /test/11.4_dbg_san/sql/sql_base.h:532:10
|
#35 0x55cfb6ca1824 in execute_sqlcom_select(THD*, TABLE_LIST*) /test/11.4_dbg_san/sql/sql_parse.cc:6104:14
|
#36 0x55cfb6c8e97c in mysql_execute_command(THD*, bool) /test/11.4_dbg_san/sql/sql_parse.cc:3975:12
|
#37 0x55cfb6c5e378 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/11.4_dbg_san/sql/sql_parse.cc:7907:18
|
#38 0x55cfb6c5255d in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/11.4_dbg_san/sql/sql_parse.cc:1904:7
|
#39 0x55cfb6c60d9d in do_command(THD*, bool) /test/11.4_dbg_san/sql/sql_parse.cc:1417:17
|
#40 0x55cfb732312c in do_handle_one_connection(CONNECT*, bool) /test/11.4_dbg_san/sql/sql_connect.cc:1408:11
|
#41 0x55cfb73229eb in handle_one_connection /test/11.4_dbg_san/sql/sql_connect.cc:1320:5
|
#42 0x55cfb666d31c in asan_thread_start(void*) asan_interceptors.cpp.o
|
#43 0x14e936e9ca93 in start_thread nptl/pthread_create.c:447:8
|
#44 0x14e936f29c3b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
|
|
SUMMARY: UndefinedBehaviorSanitizer: function-type-mismatch /test/11.4_dbg_san/extra/wolfssl/wolfssl/src/ssl.c:17953:17
|
Setup:
Compiled with a recent version of Clang (I used Clang 18.1.3) with LLVM 18. Ubuntu instructions:
|
# Note: It is strongly recommended to uninstall all old Clang & LLVM packages (ref dpkg --list | grep -iE 'clang|llvm' and use apt purge and dpkg --purge to remove the packages), before installing Clang/LLVM 18
|
sudo apt install clang llvm-18 llvm-18-linker-tools llvm-18-runtime llvm-18-tools llvm-18-dev libstdc++-14-dev llvm-dev
|
Compiled with: "-DCMAKE_C_COMPILER=/usr/bin/clang -DCMAKE_CXX_COMPILER=/usr/bin/clang++ -DCMAKE_C{,XX}_FLAGS='-march=native -mtune=native'" and:
|
-DWITH_ASAN=ON -DWITH_ASAN_SCOPE=ON -DWITH_UBSAN=ON -DWSREP_LIB_WITH_ASAN=ON
|
Set before execution:
|
export UBSAN_OPTIONS=print_stacktrace=1:report_error_type=1 # And you may also want to supress UBSAN startup issues using 'suppressions=UBSAN.filter' in UBSAN_OPTIONS. For an example of UBSAN.filter, which includes current startup issues see: https://github.com/mariadb-corporation/mariadb-qa/blob/master/UBSAN.filter
|
|
Bug Detection Matrix |
Rel o/d Build Commit UniqueID observed
|
CS 10.5 dbg 150225 c43d0a015f974c5a0142e6779332089a7a979853 No bug found
|
CS 10.5 opt 150225 c43d0a015f974c5a0142e6779332089a7a979853 No bug found
|
CS 10.6 dbg 150225 f1d7e0c17e33f77278e6226dd94aeb30fc856bf0 No bug found
|
CS 10.6 opt 150225 f1d7e0c17e33f77278e6226dd94aeb30fc856bf0 No bug found
|
CS 10.11 dbg 150225 43c5d1303f5c7c726db276815c459436110f342f No bug found
|
CS 10.11 opt 150225 43c5d1303f5c7c726db276815c459436110f342f No bug found
|
CS 11.4 dbg 150225 ef966af801afc2a07222b5df65dddd52c77431dd UBSAN|call to function wolfSSL_X509_free through pointer to incorrect function type 'void (*)(void *)'|extra/wolfssl/wolfssl/src/ssl.c|wolfSSL_sk_pop_free|wolfSSL_sk_X509_pop_free|wolfSSL_X509_STORE_CTX_free|DoVerifyCallback
|
CS 11.4 opt 150225 ef966af801afc2a07222b5df65dddd52c77431dd UBSAN|call to function wolfSSL_X509_free through pointer to incorrect function type 'void (*)(void *)'|extra/wolfssl/wolfssl/src/ssl.c|wolfSSL_sk_pop_free|wolfSSL_sk_X509_pop_free|wolfSSL_X509_STORE_CTX_free|DoVerifyCallback
|
CS 11.8 dbg 150225 33e0796e7a154e02a5e53c55cefc5d6feb4f5e6d UBSAN|call to function wolfSSL_X509_free through pointer to incorrect function type 'void (*)(void *)'|extra/wolfssl/wolfssl/src/ssl.c|wolfSSL_sk_pop_free|wolfSSL_sk_X509_pop_free|wolfSSL_X509_STORE_CTX_free|DoVerifyCallback
|
CS 11.8 opt 150225 33e0796e7a154e02a5e53c55cefc5d6feb4f5e6d UBSAN|call to function wolfSSL_X509_free through pointer to incorrect function type 'void (*)(void *)'|extra/wolfssl/wolfssl/src/ssl.c|wolfSSL_sk_pop_free|wolfSSL_sk_X509_pop_free|wolfSSL_X509_STORE_CTX_free|DoVerifyCallback
|
CS 12.0 dbg 150225 c92add291e636c797e6d6ddca605905541b2a441 UBSAN|call to function wolfSSL_X509_free through pointer to incorrect function type 'void (*)(void *)'|extra/wolfssl/wolfssl/src/ssl.c|wolfSSL_sk_pop_free|wolfSSL_sk_X509_pop_free|wolfSSL_X509_STORE_CTX_free|DoVerifyCallback
|
CS 12.0 opt 150225 c92add291e636c797e6d6ddca605905541b2a441 UBSAN|call to function wolfSSL_X509_free through pointer to incorrect function type 'void (*)(void *)'|extra/wolfssl/wolfssl/src/ssl.c|wolfSSL_sk_pop_free|wolfSSL_sk_X509_pop_free|wolfSSL_X509_STORE_CTX_free|DoVerifyCallback
|
ES 10.5 dbg 140325 6553c62369ab3606efc74295c902181f793fd6d1 No bug found
|
ES 10.5 opt 140325 6553c62369ab3606efc74295c902181f793fd6d1 No bug found
|
ES 10.6 dbg 140325 a99e9e4101f5d56a379577e6d81c829b7658df99 No bug found
|
ES 10.6 opt 140325 a99e9e4101f5d56a379577e6d81c829b7658df99 No bug found
|
ES 11.4 dbg 140325 26e39c99feaa4e6f9d3e1b13fd4a7d101059b7ba UBSAN|call to function wolfSSL_X509_free through pointer to incorrect function type 'void (*)(void *)'|extra/wolfssl/wolfssl/src/ssl.c|wolfSSL_sk_pop_free|wolfSSL_sk_X509_pop_free|wolfSSL_X509_STORE_CTX_free|DoVerifyCallback
|
ES 11.4 opt 140325 26e39c99feaa4e6f9d3e1b13fd4a7d101059b7ba UBSAN|call to function wolfSSL_X509_free through pointer to incorrect function type 'void (*)(void *)'|extra/wolfssl/wolfssl/src/ssl.c|wolfSSL_sk_pop_free|wolfSSL_sk_X509_pop_free|wolfSSL_X509_STORE_CTX_free|DoVerifyCallback
|
Attachments
Issue Links
- blocks
-
-
- Confirmed
-