[MDEV-39127] UBSAN : downcast of address X which does not point to an object of type 'multi_update' in sql/sql_update.cc | Sql_cmd_update::update_single_table - Jira

XML

Word

Printable

Details

Type: Bug
Status: Open (View Workflow)
Priority: Critical
Resolution: Unresolved
Affects Version/s: 13.0
Fix Version/s: 13.0
Component/s: Data Manipulation - Update
Labels:
- UBSAN
- undefined-behavior

Bug Category:
Can result in unexpected behaviour

Description

--source include/have_innodb.inc

CREATE TABLE t1(a INT) ENGINE=INNODB;

UPDATE t1 SET a = 10 RETURNING a ;

Leads to

MDEV-5092 CS 13.0.0 f6ee14c3b3463a0f8a1265b3ce12333dff5f7eb2 (Optimized, UBASAN, Clang 18.1.3-11) Build 19/03/2026
/test/mtest/MDEV-5092/bb-13.0-MDEV-5092_opt_san/sql/sql_update.cc:1382:4: runtime error: downcast of address 0x52d00016ad88 which does not point to an object of type 'multi_update'
0x52d00016ad88: note: object is of type 'select_send'
00 00 00 00 50 03 34 8d ca 5e 00 00 18 52 16 00 b0 52 00 00 00 00 00 00 00 00 00 00 00 00 00 00
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'select_send'
#0 0x5eca8b459925 in Sql_cmd_update::update_single_table(THD*) /test/mtest/MDEV-5092/bb-13.0-MDEV-5092_opt_san/sql/sql_update.cc:1382:4
#1 0x5eca8b47fc23 in Sql_cmd_update::execute_inner(THD*) /test/mtest/MDEV-5092/bb-13.0-MDEV-5092_opt_san/sql/sql_update.cc:3288:10
#2 0x5eca8b1a3bb4 in Sql_cmd_dml::execute(THD*) /test/mtest/MDEV-5092/bb-13.0-MDEV-5092_opt_san/sql/sql_select.cc:34849:9
#3 0x5eca8aef0e42 in mysql_execute_command(THD*, bool) /test/mtest/MDEV-5092/bb-13.0-MDEV-5092_opt_san/sql/sql_parse.cc:4442:27
#4 0x5eca8aed2b40 in mysql_parse(THD, char, unsigned int, Parser_state*) /test/mtest/MDEV-5092/bb-13.0-MDEV-5092_opt_san/sql/sql_parse.cc:7937:18
#5 0x5eca8aec9ca2 in dispatch_command(enum_server_command, THD, char, unsigned int, bool) /test/mtest/MDEV-5092/bb-13.0-MDEV-5092_opt_san/sql/sql_parse.cc:1896:7
#6 0x5eca8aed4e06 in do_command(THD*, bool) /test/mtest/MDEV-5092/bb-13.0-MDEV-5092_opt_san/sql/sql_parse.cc:1432:17
#7 0x5eca8b65bfcc in do_handle_one_connection(CONNECT*, bool) /test/mtest/MDEV-5092/bb-13.0-MDEV-5092_opt_san/sql/sql_connect.cc:1503:11
#8 0x5eca8b65b826 in handle_one_connection /test/mtest/MDEV-5092/bb-13.0-MDEV-5092_opt_san/sql/sql_connect.cc:1415:5
#9 0x5eca89cca20c in asan_thread_start(void*) crtstuff.c
#10 0x7effa509caa3 in start_thread nptl/pthread_create.c:447:8
#11 0x7effa5129c6b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78

SUMMARY: UndefinedBehaviorSanitizer: dynamic-type-mismatch /test/mtest/MDEV-5092/bb-13.0-MDEV-5092_opt_san/sql/sql_update.cc:1382:4
/test/mtest/MDEV-5092/bb-13.0-MDEV-5092_opt_san/sql/sql_update.cc:1382:29: runtime error: member call on address 0x52d00016ad88 which does not point to an object of type 'multi_update'

Attachments

Issue Links

is caused by

MDEV-5092 Implement UPDATE with result set (UPDATE ... RETURNING)

In Testing

Activity

People

Assignee:: Rucha Deodhar

Reporter:: Ramesh Sivaraman

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 9 hours ago

Updated:: 6 hours ago

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.