[#MDEV-28934] UBSAN runtime error: downcast of address which does not point to an object of type 'Item

CREATE TABLE t (a INT NOT NULL);

INSERT INTO t VALUES (1),(2); # Optional, fails either way

SELECT * FROM t WHERE (a = 1 OR a = 5) AND (a IS NULL OR a = 1);

# Cleanup

DROP TABLE t;

10.5 35f2cdcb
/data/src/10.5/sql/sql_select.cc:17728:9: runtime error: downcast of address 0x7fe4c00178f8 which does not point to an object of type 'Item_cond'
0x7fe4c00178f8: note: object is of type 'Item_equal'
a5 a5 a5 a5 28 f6 dd 5d 94 55 00 00 15 00 00 00 00 00 00 00 00 a5 a5 a5 a5 a5 a5 a5 20 fc 33 60
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'Item_equal'
/data/src/10.5/sql/sql_select.cc:17728:42: runtime error: member call on address 0x7fe4c00178f8 which does not point to an object of type 'Item_cond'
0x7fe4c00178f8: note: object is of type 'Item_equal'
a5 a5 a5 a5 28 f6 dd 5d 94 55 00 00 15 00 00 00 00 00 00 00 00 a5 a5 a5 a5 a5 a5 a5 20 fc 33 60
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'Item_equal'
/data/src/10.5/sql/sql_select.cc:17731:8: runtime error: downcast of address 0x7fe4c00178f8 which does not point to an object of type 'Item_cond'
0x7fe4c00178f8: note: object is of type 'Item_equal'
a5 a5 a5 a5 28 f6 dd 5d 94 55 00 00 15 00 00 00 00 00 00 00 00 a5 a5 a5 a5 a5 a5 a5 20 fc 33 60
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'Item_equal'
/data/src/10.5/sql/sql_select.cc:17731:41: runtime error: member call on address 0x7fe4c00178f8 which does not point to an object of type 'Item_cond'
0x7fe4c00178f8: note: object is of type 'Item_equal'
a5 a5 a5 a5 28 f6 dd 5d 94 55 00 00 15 00 00 00 00 00 00 00 00 a5 a5 a5 a5 a5 a5 a5 20 fc 33 60
^~~~~~~~~~~~~~~~~~~~~~~
vptr for 'Item_equal'

Probably 10.3-10.4 are affected too, but we don't consider them properly UBSAN-able.

[MDEV-28934] UBSAN runtime error: downcast of address which does not point to an object of type 'Item_cond' Created: 2022-06-23 Updated: 2023-11-28
Status:	Open
Project:	MariaDB Server
Component/s:	Optimizer
Affects Version/s:	10.5, 10.6, 10.7, 10.8, 10.9, 10.10
Fix Version/s:	10.5, 10.6