Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-38433

UBSAN: null pointer passed as argument 2, which is declared to never be null in include/m_ctype.h | charset_info_st::opt_casedn | Identifier_chain2::make_sep_name_casedn_part1

    XMLWordPrintable

Details

    • Can result in unexpected behaviour

    Description

      CREATE PROCEDURE p0() SELECT 0 ;
      		 
      call p0();
      		 
      CREATE DATABASE a;
      		 
      USE a;
      		 
      DROP DATABASE a;
      		 
      --ERROR ER_SP_DOES_NOT_EXIST
      		 
      CALL foo();

      Leads to

      MDEV-34391 CS 12.3.0 a57c3210d7a9d9351c53af6190bafa466044f397 (Optimized, UBASAN, Clang 18.1.3-11) Build 23/12/2025

      		 
      /test/mtest/MDEV-34391/12.3_opt_san/include/m_ctype.h:907:17: runtime error: null pointer passed as argument 2, which is declared to never be null
      		 
      /usr/include/string.h:44:28: note: nonnull attribute specified here
      		 
          #0 0x5ef6fc6d5da2 in charset_info_st::opt_casedn(char const*, unsigned long, char*, unsigned long, char) const /test/mtest/MDEV-34391/12.3_opt_san/include/m_ctype.h:907:5
      		 
          #1 0x5ef6fc6d5da2 in Identifier_chain2::make_sep_name_casedn_part1(char*, unsigned long, int) const /test/mtest/MDEV-34391/12.3_opt_san/sql/lex_ident.h:571:15
      		 
          #2 0x5ef6fc6d520a in Identifier_chain2::make_qname_casedn_part1(char*, unsigned long) const /test/mtest/MDEV-34391/12.3_opt_san/sql/lex_ident.h:643:12
      		 
          #3 0x5ef6fc6d520a in sp_cache_lookup(sp_cache**, Database_qualified_name const*) /test/mtest/MDEV-34391/12.3_opt_san/sql/sp_cache.cc:198:27
      		 
          #4 0x5ef6fc6c99a5 in Sp_handler::sp_find_routine(THD*, Database_qualified_name const*, bool) const /test/mtest/MDEV-34391/12.3_opt_san/sql/sp.cc:2254:12
      		 
          #5 0x5ef6fccf4a22 in Sql_cmd_call::execute(THD*) /test/mtest/MDEV-34391/12.3_opt_san/sql/sql_parse.cc:3241:24
      		 
          #6 0x5ef6fccfe539 in mysql_execute_command(THD*, bool) /test/mtest/MDEV-34391/12.3_opt_san/sql/sql_parse.cc:5861:26
      		 
          #7 0x5ef6fcce0780 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/mtest/MDEV-34391/12.3_opt_san/sql/sql_parse.cc:7895:18
      		 
          #8 0x5ef6fccd7ad0 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/mtest/MDEV-34391/12.3_opt_san/sql/sql_parse.cc:1878:7
      		 
          #9 0x5ef6fcce2a46 in do_command(THD*, bool) /test/mtest/MDEV-34391/12.3_opt_san/sql/sql_parse.cc:1417:17
      		 
          #10 0x5ef6fd446a9c in do_handle_one_connection(CONNECT*, bool) /test/mtest/MDEV-34391/12.3_opt_san/sql/sql_connect.cc:1503:11
      		 
          #11 0x5ef6fd4462f6 in handle_one_connection /test/mtest/MDEV-34391/12.3_opt_san/sql/sql_connect.cc:1415:5
      		 
          #12 0x5ef6fbb2a68c in asan_thread_start(void*) crtstuff.c
      		 
          #13 0x770e9989caa3 in start_thread nptl/pthread_create.c:447:8
      		 
          #14 0x770e99929c6b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
      		 
       
      		 
      SUMMARY: UndefinedBehaviorSanitizer: invalid-null-argument /test/mtest/MDEV-34391/12.3_opt_san/include/m_ctype.h:907:17

      Attachments

        Issue Links

          is caused by

          New Feature - A new feature of the product, which has yet to be developed. MDEV-34391 SET PATH statement

          • Critical - Crashes, loss of data, severe memory leak.
          • In Testing

          Activity

            People

              serg Sergei Golubchik
              ramesh Ramesh Sivaraman
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.