SIGSEGV in __strlen_evex, UBSAN invalid-null-argument in strdup_root, both from parse_url, on CREATE TABLE ... FEDERATED

INSTALL SONAME 'ha_federated';

CREATE TABLE t (id INT) ENGINE=FEDERATED;

Core was generated by `/test/MDEV-37833_MD071125-mariadb-12.2.0-linux-x86_64-opt/bin/mariadbd --no-def'.

Program terminated with signal SIGSEGV, Segmentation fault.

#0  __strlen_evex () at ../sysdeps/x86_64/multiarch/strlen-evex-base.S:81

[Current thread is 1 (LWP 1764377)]

(gdb) bt

#0  __strlen_evex () at ../sysdeps/x86_64/multiarch/strlen-evex-base.S:81

#1  0x00006445ad4f6b48 in strdup_root (root=0x786598006d90, str=0x0)at /test/bb-12.2-serg_opt/mysys/my_alloc.c:670

#2  0x00007866c5a1548b in parse_url (mem_root=0x0, share=share@entry=0x7866c79a51a0, table=table@entry=0x7866c79a56b8, opt=0x786598018b60, table_create_flag=table_create_flag@entry=1)at /test/bb-12.2-serg_opt/storage/federated/ha_federated.cc:742

#3  0x00007866c5a153f4 in ha_federated::create (this=0x786598031058, name=<optimized out>, table_arg=0x7866c79a56b8, create_info=<optimized out>)at /test/bb-12.2-serg_opt/storage/federated/ha_federated.cc:3140

#4  0x00006445acc57cee in handler::ha_create (this=<optimized out>, name=name@entry=0x7866c79a75f0 "./test/t", form=form@entry=0x7866c79a56b8, info_arg=info_arg@entry=0x7866c79a7bc0)at /test/bb-12.2-serg_opt/sql/handler.cc:5971

#5  0x00006445acc59249 in ha_create_table_from_share (thd=thd@entry=0x786598000c68, share=share@entry=0x7866c79a6818, create_info=create_info@entry=0x7866c79a7bc0, ref_length=ref_length@entry=0x7866c79a5b1c)at /test/bb-12.2-serg_opt/sql/handler.cc:6424

#6  0x00006445acc58b35 in ha_create_table (thd=thd@entry=0x786598000c68, path=0x7866c79a75f0 "./test/t", db=0x7865980177e8 "test", table_name=0x7865980177b8 "t", create_info=0x7866c79a7bc0, frm=<optimized out>, skip_frm_file=<optimized out>)at /test/bb-12.2-serg_opt/sql/handler.cc:6491

#7  0x00006445acfeedda in create_table_impl (thd=thd@entry=0x786598000c68, ddl_log_state_create=ddl_log_state_create@entry=0x7866c79a78f0, ddl_log_state_rm=<optimized out>, ddl_log_state_rm@entry=0x7866c79a7910, orig_db=@0x786598017818: {<Lex_ident_fs> = {<Lex_ident<Compare_table_names>> = {<Lex_cstring> = {<st_mysql_const_lex_string> = {str = 0x7865980177e8 "test", length = 4}, <No data fields>}, <No data fields>}, <No data fields>}, <No data fields>}, orig_table_name=@0x786598017828: {<Lex_ident_fs> = {<Lex_ident<Compare_table_names>> = {<Lex_cstring> = {<st_mysql_const_lex_string> = {str = 0x7865980177b8 "t", length = 1}, <No data fields>}, <No data fields>}, <No data fields>}, <No data fields>}, db=@0x786598017818: {str = 0x7865980177e8 "test", length = 4}, table_name=@0x786598017828: {str = 0x7865980177b8 "t", length = 1}, path=@0x7866c79a7590: {str = 0x7866c79a75f0 "./test/t", length = 8}, options={m_options = DDL_options_st::OPT_NONE}, create_info=0x7866c79a7bc0, alter_info=0x7866c79a7a48, create_table_mode=0, is_trans=0x7866c79a7977, key_info=0x7866c79a7588, key_count=0x7866c79a75bc, frm=0x7866c79a75a0)at /test/bb-12.2-serg_opt/sql/sql_table.cc:4942

#8  0x00006445acfee514 in mysql_create_table_no_lock (thd=thd@entry=0x786598000c68, ddl_log_state_create=ddl_log_state_create@entry=0x7866c79a78f0, ddl_log_state_rm=ddl_log_state_rm@entry=0x7866c79a7910, create_info=create_info@entry=0x7866c79a7bc0, alter_info=alter_info@entry=0x7866c79a7a48, is_trans=is_trans@entry=0x7866c79a7977, create_table_mode=0, table_list=0x7865980177f8) at /test/bb-12.2-serg_opt/sql/sql_table.cc:5044

#9  0x00006445acfffca6 in mysql_create_table (thd=thd@entry=0x786598000c68, create_table=create_table@entry=0x7865980177f8, create_info=create_info@entry=0x7866c79a7bc0, alter_info=alter_info@entry=0x7866c79a7a48)at /test/bb-12.2-serg_opt/sql/sql_table.cc:5286

#10 0x00006445acffecc0 in Sql_cmd_create_table_like::execute (this=<optimized out>, thd=0x786598000c68)at /test/bb-12.2-serg_opt/sql/sql_table.cc:13775

#11 0x00006445acf2582c in mysql_execute_command (thd=thd@entry=0x786598000c68, is_called_from_prepared_stmt=false)at /test/bb-12.2-serg_opt/sql/sql_parse.cc:5861

#12 0x00006445acf20ad4 in mysql_parse (thd=thd@entry=0x786598000c68, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x7866c79a8420)at /test/bb-12.2-serg_opt/sql/sql_parse.cc:7887

#13 0x00006445acf1f27a in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x786598000c68, packet=packet@entry=0x786598008a29 "CREATE TABLE t (id INT) ENGINE=FEDERATED", packet_length=packet_length@entry=40, blocking=true)at /test/bb-12.2-serg_opt/sql/sql_parse.cc:1878

#14 0x00006445acf20f51 in do_command (thd=thd@entry=0x786598000c68, blocking=true) at /test/bb-12.2-serg_opt/sql/sql_parse.cc:1417

#15 0x00006445ad0744ed in do_handle_one_connection (connect=<optimized out>, connect@entry=0x6445b01cdf88, put_in_cache=true)at /test/bb-12.2-serg_opt/sql/sql_connect.cc:1503

#16 0x00006445ad0742af in handle_one_connection (arg=arg@entry=0x6445b01cdf88)at /test/bb-12.2-serg_opt/sql/sql_connect.cc:1415

#17 0x00006445ad238b49 in pfs_spawn_thread (arg=0x6445b017de28)at /test/bb-12.2-serg_opt/storage/perfschema/pfs.cc:2198

#18 0x00007866c889ca94 in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:447

#19 0x00007866c8929c3c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

Core was generated by `/test/MDEV-37833_MD071125-mariadb-12.2.0-linux-x86_64-dbg/bin/mariadbd --no-def'.

Program terminated with signal SIGSEGV, Segmentation fault.

#0  __strlen_evex () at ../sysdeps/x86_64/multiarch/strlen-evex-base.S:81

[Current thread is 1 (LWP 1213411)]

(gdb) bt

#0  __strlen_evex () at ../sysdeps/x86_64/multiarch/strlen-evex-base.S:81

#1  0x00005be68f376ff9 in strdup_root (root=0x7f3960006e58, str=0x0)at /test/bb-12.2-serg_dbg/mysys/my_alloc.c:670

#2  0x00007f3aaeb7ed00 in parse_url (mem_root=0x7f3960006e58, share=0x7f3aac5f8738, table=0x7f3aac5f8d80, opt=0x7f396001b360, table_create_flag=1)at /test/bb-12.2-serg_dbg/storage/federated/ha_federated.cc:742

#3  0x00007f3aaeb7ec7c in ha_federated::create (this=0x7f3960040a28, name=0x7f3aac5fb7d0 "./test/t", table_arg=0x7f3aac5f8d80, create_info=0x7f3aac5fbf58)at /test/bb-12.2-serg_dbg/storage/federated/ha_federated.cc:3140

#4  0x00005be68e55a5e2 in handler::ha_create (this=0x7f3960040a28, name=0x7f3aac5fb7d0 "./test/t", form=0x7f3aac5f8d80, info_arg=0x7f3aac5fbf58) at /test/bb-12.2-serg_dbg/sql/handler.cc:5971

#5  0x00005be68e55c480 in ha_create_table_from_share (thd=0x7f3960000d58, share=0x7f3aac5fa0f0, create_info=0x7f3aac5fbf58, ref_length=0x7f3aac5f9254) at /test/bb-12.2-serg_dbg/sql/handler.cc:6424

#6  0x00005be68e55bd95 in ha_create_table (thd=0x7f3960000d58, path=0x7f3aac5fb7d0 "./test/t", db=0x7f3960019fe8 "test", table_name=0x7f3960019fb8 "t", create_info=0x7f3aac5fbf58, frm=0x7f3aac5fb760, skip_frm_file=false)at /test/bb-12.2-serg_dbg/sql/handler.cc:6491

#7  0x00005be68eadf6d0 in create_table_impl (thd=0x7f3960000d58, ddl_log_state_create=0x7f3aac5fbb38, ddl_log_state_rm=0x7f3aac5fbb18, orig_db=@0x7f396001a018: {<Lex_ident_fs> = {<Lex_ident<Compare_table_names>> = {<Lex_cstring> = {<st_mysql_const_lex_string> = {str = 0x7f3960019fe8 "test", length = 4}, <No data fields>}, <No data fields>}, <No data fields>}, <No data fields>}, orig_table_name=@0x7f396001a028: {<Lex_ident_fs> = {<Lex_ident<Compare_table_names>> = {<Lex_cstring> = {<st_mysql_const_lex_string> = {str = 0x7f3960019fb8 "t", length = 1}, <No data fields>}, <No data fields>}, <No data fields>}, <No data fields>}, db=@0x7f396001a018: {str = 0x7f3960019fe8 "test", length = 4}, table_name=@0x7f396001a028: {str = 0x7f3960019fb8 "t", length = 1}, path=@0x7f3aac5fb748: {str = 0x7f3aac5fb7d0 "./test/t", length = 8}, options={m_options = DDL_options_st::OPT_NONE}, create_info=0x7f3aac5fbf58, alter_info=0x7f3aac5fbde0, create_table_mode=0, is_trans=0x7f3aac5fbb0f, key_info=0x7f3aac5fb790, key_count=0x7f3aac5fb78c, frm=0x7f3aac5fb760)at /test/bb-12.2-serg_dbg/sql/sql_table.cc:4942

#8  0x00005be68eade875 in mysql_create_table_no_lock (thd=0x7f3960000d58, ddl_log_state_create=0x7f3aac5fbb38, ddl_log_state_rm=0x7f3aac5fbb18, create_info=0x7f3aac5fbf58, alter_info=0x7f3aac5fbde0, is_trans=0x7f3aac5fbb0f, create_table_mode=0, table_list=0x7f3960019ff8)at /test/bb-12.2-serg_dbg/sql/sql_table.cc:5044

#9  0x00005be68eaf814d in mysql_create_table (thd=0x7f3960000d58, create_table=0x7f3960019ff8, create_info=0x7f3aac5fbf58, alter_info=0x7f3aac5fbde0) at /test/bb-12.2-serg_dbg/sql/sql_table.cc:5286

#10 0x00005be68eaf691e in Sql_cmd_create_table_like::execute (this=0x7f3960019f80, thd=0x7f3960000d58)at /test/bb-12.2-serg_dbg/sql/sql_table.cc:13775

#11 0x00005be68e9c26f0 in mysql_execute_command (thd=0x7f3960000d58, is_called_from_prepared_stmt=false)at /test/bb-12.2-serg_dbg/sql/sql_parse.cc:5861

#12 0x00005be68e9b3968 in mysql_parse (thd=0x7f3960000d58, rawbuf=0x7f3960019ed0 "CREATE TABLE t (id INT) ENGINE=FEDERATED", length=40, parser_state=0x7f3aac5fda00)at /test/bb-12.2-serg_dbg/sql/sql_parse.cc:7887

#13 0x00005be68e9b1149 in dispatch_command (command=COM_QUERY, thd=0x7f3960000d58, packet=0x7f396000b229 "CREATE TABLE t (id INT) ENGINE=FEDERATED", packet_length=40, blocking=true)at /test/bb-12.2-serg_dbg/sql/sql_parse.cc:1878

#14 0x00005be68e9b43ea in do_command (thd=0x7f3960000d58, blocking=true)at /test/bb-12.2-serg_dbg/sql/sql_parse.cc:1417

#15 0x00005be68eba709e in do_handle_one_connection (connect=0x5be691748cd8, put_in_cache=true) at /test/bb-12.2-serg_dbg/sql/sql_connect.cc:1503

#16 0x00005be68eba6e81 in handle_one_connection (arg=0x5be69167c888)at /test/bb-12.2-serg_dbg/sql/sql_connect.cc:1415

#17 0x00007f3aaf89ca94 in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:447

#18 0x00007f3aaf929c3c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

/test/bb-12.2-serg_opt_san/mysys/my_alloc.c:670:41: runtime error: null pointer passed as argument 1, which is declared to never be null

/usr/include/string.h:408:33: note: nonnull attribute specified here

    #0 0x5cdbcbdd4636 in strdup_root /test/bb-12.2-serg_opt_san/mysys/my_alloc.c:670:34

    #1 0x6d40b7f829b5 in parse_url(st_mem_root*, st_federated_share*, TABLE*, ha_table_option_struct*, unsigned int) /test/bb-12.2-serg_opt_san/storage/federated/ha_federated.cc:742:29

    #2 0x6d40b7f82426 in ha_federated::create(char const*, TABLE*, HA_CREATE_INFO*) /test/bb-12.2-serg_opt_san/storage/federated/ha_federated.cc:3140:11

    #3 0x5cdbc8f15ea8 in handler::ha_create(char const*, TABLE*, HA_CREATE_INFO*) /test/bb-12.2-serg_opt_san/sql/handler.cc:5971:14

    #4 0x5cdbc8f1efe2 in ha_create_table_from_share(THD*, TABLE_SHARE*, HA_CREATE_INFO*, unsigned int*) /test/bb-12.2-serg_opt_san/sql/handler.cc:6424:26

    #5 0x5cdbc8f1da08 in ha_create_table(THD*, char const*, char const*, char const*, HA_CREATE_INFO*, st_mysql_const_unsigned_lex_string*, bool) /test/bb-12.2-serg_opt_san/sql/handler.cc:6491:15

    #6 0x5cdbca3599cf in create_table_impl(THD*, st_ddl_log_state*, st_ddl_log_state*, Lex_ident_db const&, Lex_ident_table const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, DDL_options_st, HA_CREATE_INFO*, Alter_info*, int, bool*, st_key**, unsigned int*, st_mysql_const_unsigned_lex_string*) /test/bb-12.2-serg_opt_san/sql/sql_table.cc:4942:11

    #7 0x5cdbca356b0a in mysql_create_table_no_lock(THD*, st_ddl_log_state*, st_ddl_log_state*, Table_specification_st*, Alter_info*, bool*, int, TABLE_LIST*) /test/bb-12.2-serg_opt_san/sql/sql_table.cc:5044:8

    #8 0x5cdbca3d19c0 in mysql_create_table(THD*, TABLE_LIST*, Table_specification_st*, Alter_info*) /test/bb-12.2-serg_opt_san/sql/sql_table.cc:5286:7

    #9 0x5cdbca3cb9c1 in Sql_cmd_create_table_like::execute(THD*) /test/bb-12.2-serg_opt_san/sql/sql_table.cc:13775:12

    #10 0x5cdbc9e681ff in mysql_execute_command(THD*, bool) /test/bb-12.2-serg_opt_san/sql/sql_parse.cc:5861:26

    #11 0x5cdbc9e4b705 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/bb-12.2-serg_opt_san/sql/sql_parse.cc:7887:18

    #12 0x5cdbc9e438d0 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/bb-12.2-serg_opt_san/sql/sql_parse.cc:1878:7

    #13 0x5cdbc9e4d640 in do_command(THD*, bool) /test/bb-12.2-serg_opt_san/sql/sql_parse.cc:1417:17

    #14 0x5cdbca6795ec in do_handle_one_connection(CONNECT*, bool) /test/bb-12.2-serg_opt_san/sql/sql_connect.cc:1503:11

    #15 0x5cdbca679106 in handle_one_connection /test/bb-12.2-serg_opt_san/sql/sql_connect.cc:1415:5

    #16 0x5cdbc8de3aea in asan_thread_start(void*) crtstuff.c

    #17 0x7141a769ca93 in start_thread nptl/pthread_create.c:447:8

    #18 0x7141a7729c3b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

SUMMARY: UndefinedBehaviorSanitizer: invalid-null-argument /test/bb-12.2-serg_opt_san/mysys/my_alloc.c:670:41 

/test/bb-12.2-serg_dbg_san/mysys/my_alloc.c:670:41: runtime error: null pointer passed as argument 1, which is declared to never be null

/usr/include/string.h:408:33: note: nonnull attribute specified here

    #0 0x631ca6020f12 in strdup_root /test/bb-12.2-serg_dbg_san/mysys/my_alloc.c:670:34

    #1 0x73a88db83c26 in parse_url(st_mem_root*, st_federated_share*, TABLE*, ha_table_option_struct*, unsigned int) /test/bb-12.2-serg_dbg_san/storage/federated/ha_federated.cc:742:29

    #2 0x73a88db83780 in ha_federated::create(char const*, TABLE*, HA_CREATE_INFO*) /test/bb-12.2-serg_dbg_san/storage/federated/ha_federated.cc:3140:11

    #3 0x631ca2f52f2d in handler::ha_create(char const*, TABLE*, HA_CREATE_INFO*) /test/bb-12.2-serg_dbg_san/sql/handler.cc:5971:14

    #4 0x631ca2f5cd48 in ha_create_table_from_share(THD*, TABLE_SHARE*, HA_CREATE_INFO*, unsigned int*) /test/bb-12.2-serg_dbg_san/sql/handler.cc:6424:26

    #5 0x631ca2f5b656 in ha_create_table(THD*, char const*, char const*, char const*, HA_CREATE_INFO*, st_mysql_const_unsigned_lex_string*, bool) /test/bb-12.2-serg_dbg_san/sql/handler.cc:6491:15

    #6 0x631ca4394753 in create_table_impl(THD*, st_ddl_log_state*, st_ddl_log_state*, Lex_ident_db const&, Lex_ident_table const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, st_mysql_const_lex_string const&, DDL_options_st, HA_CREATE_INFO*, Alter_info*, int, bool*, st_key**, unsigned int*, st_mysql_const_unsigned_lex_string*) /test/bb-12.2-serg_dbg_san/sql/sql_table.cc:4942:11

    #7 0x631ca4391268 in mysql_create_table_no_lock(THD*, st_ddl_log_state*, st_ddl_log_state*, Table_specification_st*, Alter_info*, bool*, int, TABLE_LIST*) /test/bb-12.2-serg_dbg_san/sql/sql_table.cc:5044:8

    #8 0x631ca44057e6 in mysql_create_table(THD*, TABLE_LIST*, Table_specification_st*, Alter_info*) /test/bb-12.2-serg_dbg_san/sql/sql_table.cc:5286:7

    #9 0x631ca43fedfb in Sql_cmd_create_table_like::execute(THD*) /test/bb-12.2-serg_dbg_san/sql/sql_table.cc:13775:12

    #10 0x631ca3ec0b13 in mysql_execute_command(THD*, bool) /test/bb-12.2-serg_dbg_san/sql/sql_parse.cc:5861:26

    #11 0x631ca3ea3ce8 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/bb-12.2-serg_dbg_san/sql/sql_parse.cc:7887:18

    #12 0x631ca3e9d4a3 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/bb-12.2-serg_dbg_san/sql/sql_parse.cc:1878:7

    #13 0x631ca3ea611a in do_command(THD*, bool) /test/bb-12.2-serg_dbg_san/sql/sql_parse.cc:1417:17

    #14 0x631ca46aec8c in do_handle_one_connection(CONNECT*, bool) /test/bb-12.2-serg_dbg_san/sql/sql_connect.cc:1503:11

    #15 0x631ca46ae795 in handle_one_connection /test/bb-12.2-serg_dbg_san/sql/sql_connect.cc:1415:5

    #16 0x631ca2e04b9a in asan_thread_start(void*) crtstuff.c

    #17 0x77a97d09ca93 in start_thread nptl/pthread_create.c:447:8

    #18 0x77a97d129c3b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

SUMMARY: UndefinedBehaviorSanitizer: invalid-null-argument /test/bb-12.2-serg_dbg_san/mysys/my_alloc.c:670:41 

12.2.0-dbg>INSTALL SONAME 'ha_federated';

Query OK, 0 rows affected (0.010 sec)

12.2.0-dbg>CREATE TABLE t (id INT) ENGINE=FEDERATED;

ERROR 1 (HY000): server name: '' doesn't exist!