Details
-
Bug
-
Status: Open (View Workflow)
-
Major
-
Resolution: Unresolved
-
10.6, 10.11, 11.4, 11.8, 12.3, 13.0
-
None
-
Can result in unexpected behaviour
Description
CREATE TABLE t2 (c1 BIGINT UNSIGNED KEY) ENGINE=MYISAM ; |
CREATE TABLE t1 (c1 INT,c2 DATE,c3 DATE,PERIOD FOR app_time(c2,c3),PRIMARY KEY(c1,app_time WITHOUT OVERLAPS)) ENGINE=MRG_MYISAM WITH SYSTEM VERSIONING; |
DELETE a3,a1 FROM t1 AS a1 JOIN t1 AS a2 ON a1.c1=a2.c1 JOIN t2 AS a3 ON a2.c1=a3.c1; |
|
|
#clean up
|
DROP TABLE t1,t2; |
Leads to:
|
CS 12.3.2 4c33c5e48e31cdbf8c71a91e121eb65bf6ef285a (Debug, UBASAN, Clang 18.1.3-11) Build 21/05/2026 |
/test/12.3_dbg_san/storage/myisammrg/myrg_open.c:173:40: runtime error: applying zero offset to null pointer
|
#0 0x56292ab21992 in myrg_open /test/12.3_dbg_san/storage/myisammrg/myrg_open.c:173:40
|
#1 0x56292ab08e8c in ha_myisammrg::open(char const*, int, unsigned int) /test/12.3_dbg_san/storage/myisammrg/ha_myisammrg.cc:385:17
|
#2 0x56292794f803 in handler::ha_open(TABLE*, char const*, int, unsigned int, st_mem_root*, List<String>*) /test/12.3_dbg_san/sql/handler.cc:3930:7
|
#3 0x56292ab0e748 in ha_myisammrg::clone(char const*, st_mem_root*) /test/12.3_dbg_san/storage/myisammrg/ha_myisammrg.cc:745:20
|
#4 0x562927952190 in handler::create_lookup_handler() /test/12.3_dbg_san/sql/handler.cc:3705:14
|
#5 0x56292799b70a in handler::prepare_for_modify(bool, bool) /test/12.3_dbg_san/sql/handler.cc:8488:25
|
#6 0x5629288ff62c in multi_delete::initialize_tables(JOIN*) /test/12.3_dbg_san/sql/sql_delete.cc:1316:18
|
#7 0x562928c76286 in JOIN::optimize_stage2() /test/12.3_dbg_san/sql/sql_select.cc:2854:15
|
#8 0x562928c73250 in JOIN::optimize_inner() /test/12.3_dbg_san/sql/sql_select.cc:2789:9
|
#9 0x562928c6e8d1 in JOIN::optimize() /test/12.3_dbg_san/sql/sql_select.cc:2016:10
|
#10 0x562928dbae47 in Sql_cmd_dml::execute_inner(THD*) /test/12.3_dbg_san/sql/sql_select.cc:34911:13
|
#11 0x562928911302 in Sql_cmd_delete::execute_inner(THD*) /test/12.3_dbg_san/sql/sql_delete.cc:2169:39
|
#12 0x562928db9834 in Sql_cmd_dml::execute(THD*) /test/12.3_dbg_san/sql/sql_select.cc:34853:9
|
#13 0x562928aeb3ae in mysql_execute_command(THD*, bool) /test/12.3_dbg_san/sql/sql_parse.cc:4449:27
|
#14 0x562928ac8c68 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /test/12.3_dbg_san/sql/sql_parse.cc:7949:18
|
#15 0x562928ac1d2e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool) /test/12.3_dbg_san/sql/sql_parse.cc:1903:7
|
#16 0x562928acb68d in do_command(THD*, bool) /test/12.3_dbg_san/sql/sql_parse.cc:1437:17
|
#17 0x56292928b07c in do_handle_one_connection(CONNECT*, bool) /test/12.3_dbg_san/sql/sql_connect.cc:1503:11
|
#18 0x56292928a937 in handle_one_connection /test/12.3_dbg_san/sql/sql_connect.cc:1415:5
|
#19 0x5629277e26ac in asan_thread_start(void*) crtstuff.c
|
#20 0x75b01509caa3 in start_thread nptl/pthread_create.c:447:8
|
#21 0x75b015129c6b in clone3 misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:78
|
|
|
SUMMARY: UndefinedBehaviorSanitizer: nullptr-with-offset /test/12.3_dbg_san/storage/myisammrg/myrg_open.c:173:40
|
Setup:
grep: /test/UBASAN_EMD170226-mariadb-10.6.25-21-linux-x86_64-dbg/BUILD_CMD_CMAKE: No such file or directory
|
Compiled with a recent version of GCC (I used GCC 13.3.0) and:
|
-DWITH_ASAN=ON -DWITH_ASAN_SCOPE=ON -DWITH_UBSAN=ON -DWSREP_LIB_WITH_ASAN=ON
|
Set before execution:
|
export UBSAN_OPTIONS=print_stacktrace=1:report_error_type=1 # And you may also want to supress UBSAN startup issues using 'suppressions=UBSAN.filter' in UBSAN_OPTIONS. For an example of UBSAN.filter, which includes current startup issues see: https://github.com/mariadb-corporation/mariadb-qa/blob/master/UBSAN.filter
|
|
SAN Bug Detection Matrix |
Rel o/d Build Commit UniqueID observed
|
CS 10.6 dbg 050126 b64db51ad89d78e6a6f8bc238dd2e208b5f7aa92 UBSAN|applying zero offset to null pointer|storage/myisammrg/myrg_open.c|myrg_open|ha_myisammrg::open|handler::ha_open|ha_myisammrg::clone
|
CS 10.6 opt 050126 b64db51ad89d78e6a6f8bc238dd2e208b5f7aa92 UBSAN|applying zero offset to null pointer|storage/myisammrg/myrg_open.c|myrg_open|ha_myisammrg::open|handler::ha_open|ha_myisammrg::clone
|
CS 10.11 dbg 230426 c44f9c456f3b1761c8300d237ce6c139756a3fd9 UBSAN|applying zero offset to null pointer|storage/myisammrg/myrg_open.c|myrg_open|ha_myisammrg::open|handler::ha_open|ha_myisammrg::clone
|
CS 10.11 opt 230426 c44f9c456f3b1761c8300d237ce6c139756a3fd9 UBSAN|applying zero offset to null pointer|storage/myisammrg/myrg_open.c|myrg_open|ha_myisammrg::open|handler::ha_open|ha_myisammrg::clone
|
CS 11.4 dbg 230426 0d9db6bbcc5532e0bde0a63e5991cb5ebee060eb UBSAN|applying zero offset to null pointer|storage/myisammrg/myrg_open.c|myrg_open|ha_myisammrg::open|handler::ha_open|ha_myisammrg::clone
|
CS 11.4 opt 230426 0d9db6bbcc5532e0bde0a63e5991cb5ebee060eb UBSAN|applying zero offset to null pointer|storage/myisammrg/myrg_open.c|myrg_open|ha_myisammrg::open|handler::ha_open|ha_myisammrg::clone
|
CS 12.3 dbg 210526 4c33c5e48e31cdbf8c71a91e121eb65bf6ef285a UBSAN|applying zero offset to null pointer|storage/myisammrg/myrg_open.c|myrg_open|ha_myisammrg::open|handler::ha_open|ha_myisammrg::clone
|
CS 12.3 opt 210526 4c33c5e48e31cdbf8c71a91e121eb65bf6ef285a UBSAN|applying zero offset to null pointer|storage/myisammrg/myrg_open.c|myrg_open|ha_myisammrg::open|handler::ha_open|ha_myisammrg::clone
|
CS 13.0 dbg 210526 c8e8d33309606e682c98675d594dbd23ebc2ddf6 UBSAN|applying zero offset to null pointer|storage/myisammrg/myrg_open.c|myrg_open|ha_myisammrg::open|handler::ha_open|ha_myisammrg::clone
|
CS 13.0 opt 210526 c8e8d33309606e682c98675d594dbd23ebc2ddf6 UBSAN|applying zero offset to null pointer|storage/myisammrg/myrg_open.c|myrg_open|ha_myisammrg::open|handler::ha_open|ha_myisammrg::clone
|
ES 10.6 dbg 170226 22e626b9c17e9969925c54f14d30e39e25320b22 UBSAN|applying zero offset to null pointer|storage/myisammrg/myrg_open.c|myrg_open|ha_myisammrg::open|handler::ha_open|ha_myisammrg::clone
|
ES 10.6 opt 170226 22e626b9c17e9969925c54f14d30e39e25320b22 UBSAN|applying zero offset to null pointer|storage/myisammrg/myrg_open.c|myrg_open|ha_myisammrg::open|handler::ha_open|ha_myisammrg::clone
|
ES 11.4 dbg 170226 34f616d5fd2c649d0c79acb4e2423c90b8f10436 UBSAN|applying zero offset to null pointer|storage/myisammrg/myrg_open.c|myrg_open|ha_myisammrg::open|handler::ha_open|ha_myisammrg::clone
|
ES 11.4 opt 170226 34f616d5fd2c649d0c79acb4e2423c90b8f10436 UBSAN|applying zero offset to null pointer|storage/myisammrg/myrg_open.c|myrg_open|ha_myisammrg::open|handler::ha_open|ha_myisammrg::clone
|
ES 11.8 dbg 170226 405ee76b60c4ab82155f339136ed20d3b7363717 UBSAN|applying zero offset to null pointer|storage/myisammrg/myrg_open.c|myrg_open|ha_myisammrg::open|handler::ha_open|ha_myisammrg::clone
|
ES 11.8 opt 170226 405ee76b60c4ab82155f339136ed20d3b7363717 UBSAN|applying zero offset to null pointer|storage/myisammrg/myrg_open.c|myrg_open|ha_myisammrg::open|handler::ha_open|ha_myisammrg::clone
|