UBSAN: applying zero offset to null pointer in strings/ctype-simple.c | my_casedn_8bit|Item_str_conv::val_str | Type_handler::Item_send_str

SET NAMES latin1;

SELECT lCASE ((EXTRACTVALUE ('a','a'))) a FROM (SELECT 1) dt;

/test/10.6_opt_san/strings/ctype-simple.c:268:24: runtime error: applying zero offset to null pointer

    #0 0x5b1f90607564 in my_casedn_8bit /test/10.6_opt_san/strings/ctype-simple.c:268:24

    #1 0x5b1f8e0c94a9 in Item_str_conv::val_str(String*) /test/10.6_opt_san/sql/item_strfunc.cc:1598:8

    #2 0x5b1f8f5a567e in Type_handler::Item_send_str(Item*, Protocol*, st_value*) const /test/10.6_opt_san/sql/sql_type.cc:7597:19

    #3 0x5b1f8e57c59e in Protocol::send_result_set_row(List<Item>*) /test/10.6_opt_san/sql/protocol.cc:1329:15

    #4 0x5b1f8e83d590 in select_send::send_data(List<Item>&) /test/10.6_opt_san/sql/sql_class.cc:3219:17

    #5 0x5b1f8edbdd7c in end_send(JOIN*, st_join_table*, bool) /test/10.6_opt_san/sql/sql_select.cc:23674:9

    #6 0x5b1f8edd78a0 in do_select(JOIN*, Procedure*) /test/10.6_opt_san/sql/sql_select.cc:21859:14

    #7 0x5b1f8edd479e in JOIN::exec_inner() /test/10.6_opt_san/sql/sql_select.cc:4939:50

    #8 0x5b1f8edd13d0 in JOIN::exec() /test/10.6_opt_san/sql/sql_select.cc:4717:3

    #9 0x5b1f8ed51604 in mysql_select(THD*, TABLE_LIST*, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /test/10.6_opt_san/sql/sql_select.cc:5196:9

    #10 0x5b1f8ed50400 in handle_select(THD*, LEX*, select_result*, unsigned long) /test/10.6_opt_san/sql/sql_select.cc:573:10

    #11 0x5b1f8ec363ef in execute_sqlcom_select(THD*, TABLE_LIST*) /test/10.6_opt_san/sql/sql_parse.cc:6422:12

    #12 0x5b1f8ec1459d in mysql_execute_command(THD*, bool) /test/10.6_opt_san/sql/sql_parse.cc:4013:12

    #13 0x5b1f8ebf6080 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/10.6_opt_san/sql/sql_parse.cc:8200:18

    #14 0x5b1f8ebed393 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/10.6_opt_san/sql/sql_parse.cc:1908:7

    #15 0x5b1f8ebf8346 in do_command(THD*, bool) /test/10.6_opt_san/sql/sql_parse.cc:1421:17

    #16 0x5b1f8f2efd2c in do_handle_one_connection(CONNECT*, bool) /test/10.6_opt_san/sql/sql_connect.cc:1386:11

    #17 0x5b1f8f2ef57a in handle_one_connection /test/10.6_opt_san/sql/sql_connect.cc:1298:5

    #18 0x5b1f8dbae2bc in asan_thread_start(void*) crtstuff.c

    #19 0x783b8ae9caa3 in start_thread nptl/pthread_create.c:447:8

    #20 0x783b8af29c3b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

SUMMARY: UndefinedBehaviorSanitizer: nullptr-with-offset /test/10.6_opt_san/strings/ctype-simple.c:268:24

Compiled with a recent version of Clang and LLVM. Ubuntu instructions for Clang/LLVM 18:

  # Note: It is strongly recommended to uninstall all old Clang & LLVM packages (ref  dpkg --list | grep -iE 'clang|llvm'  and use  apt purge  and  dpkg --purge  to remove the packages), before installing Clang/LLVM 18

     sudo apt install clang llvm-18 llvm-18-linker-tools llvm-18-runtime llvm-18-tools llvm-18-dev libstdc++-14-dev llvm-dev lld-18

Compiled with: "-DCMAKE_C_COMPILER=/usr/bin/clang -DCMAKE_CXX_COMPILER=/usr/bin/clang++ -DCMAKE_C{,XX}_FLAGS='-march=native -mtune=native'" and:

    -DWITH_ASAN=ON -DWITH_ASAN_SCOPE=ON -DWITH_UBSAN=ON -DWSREP_LIB_WITH_ASAN=ON

Set before execution:

    export UBSAN_OPTIONS=print_stacktrace=1:report_error_type=1   # And you may also want to supress UBSAN startup issues using 'suppressions=UBSAN.filter' in UBSAN_OPTIONS. For an example of UBSAN.filter, which includes current startup issues see: https://github.com/mariadb-corporation/mariadb-qa/blob/master/UBSAN.filter

    Rel    o/d  Build   Commit                                    UniqueID observed

CS  10.6   dbg  041125  e80998281aa1551f12a6b86cb3765796130d822d  UBSAN|applying zero offset to null pointer|strings/ctype-simple.c|my_casedn_8bit|Item_str_conv::val_str|Type_handler::Item_send_str|Protocol::send_result_set_row

CS  10.6   opt  041125  e80998281aa1551f12a6b86cb3765796130d822d  UBSAN|applying zero offset to null pointer|strings/ctype-simple.c|my_casedn_8bit|Item_str_conv::val_str|Type_handler::Item_send_str|Protocol::send_result_set_row

CS  10.11  dbg  110825  e46c9a01529687401b0f82b1427855535d38c0c0  UBSAN|applying zero offset to null pointer|strings/ctype-simple.c|my_casedn_8bit|Item_str_conv::val_str|Type_handler::Item_send_str|Protocol::send_result_set_row

CS  10.11  dbg  171025  aec79c5a7986ae9b3566cefdad429cc1dec55dea  UBSAN|applying zero offset to null pointer|strings/ctype-simple.c|my_casedn_8bit|Item_str_conv::val_str|Type_handler::Item_send_str|Protocol::send_result_set_row

CS  11.4   dbg  071025  5b72e95a8c6f8d11854472ada393d248c20e253b  No bug found

CS  11.4   opt  130825  03b31c0bd99390c1984f19a19f22dd6e77b7692e  No bug found

CS  11.8   dbg  071025  c779542840251ddd0bc0a252d0ffc1c5c042bc73  No bug found

CS  11.8   opt  130825  1a446ccc48528e88a3cd6cd1d1ec9e7492d342ca  No bug found

CS  12.1   dbg  130825  033471a367b4c60b7262e64f43f46b02e95b9d74  No bug found

CS  12.1   opt  130825  033471a367b4c60b7262e64f43f46b02e95b9d74  No bug found

CS  12.2   dbg  051125  101346c3dc174177faf5df109611bb4cb03efab5  No bug found

CS  12.2   opt  051125  101346c3dc174177faf5df109611bb4cb03efab5  No bug found

ES  10.6   opt  150525  6111fbaf7bdcb6f1170f556ffd05d6e1a4159f62  UBSAN|applying zero offset to null pointer|strings/ctype-simple.c|my_casedn_8bit|Item_str_conv::val_str|Type_handler::Item_send_str|Protocol::send_result_set_row

ES  11.4   dbg  150525  9cd12544ebfd0d52d2158af66b5aced58121cf1f  UBSAN|applying zero offset to null pointer|strings/ctype-simple.c|my_casedn_8bit|Item_str_conv::val_str|Type_handler::Item_send_str|Protocol::send_result_set_row

ES  11.4   opt  150525  9cd12544ebfd0d52d2158af66b5aced58121cf1f  UBSAN|applying zero offset to null pointer|strings/ctype-simple.c|my_casedn_8bit|Item_str_conv::val_str|Type_handler::Item_send_str|Protocol::send_result_set_row