[#MDEV-29933] ASAN use-after-poison in _ma_pack_key or _mi_pack_key / handler::ha_index_read

10.3 7d96cb47
==2054553==ERROR: AddressSanitizer: use-after-poison on address 0x629000080e50 at pc 0x7f097de78983 bp 0x7f0972852580 sp 0x7f0972851d30
READ of size 254 at 0x629000080e50 thread T5
#0 0x7f097de78982 in __interceptor_memcpy ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:806
#1 0x55a3960bc4c0 in _ma_pack_key /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/storage/maria/ma_key.c:427
#2 0x55a396092a98 in maria_rkey /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/storage/maria/ma_rkey.c:72
#3 0x55a395fcc3f7 in ha_maria::index_read_map(unsigned char, unsigned char const, unsigned long, ha_rkey_function) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/storage/maria/ha_maria.cc:2294
#4 0x55a3951b0665 in handler::ha_index_read_map(unsigned char, unsigned char const, unsigned long, ha_rkey_function) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/handler.cc:2915
#5 0x55a394b7e907 in join_read_always_key /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:20696
#6 0x55a394b790e8 in sub_select(JOIN, st_join_table, bool) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:19929
#7 0x55a394b772f1 in do_select /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:19470
#8 0x55a394b0b391 in JOIN::exec_inner() /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:4171
#9 0x55a394b08d62 in JOIN::exec() /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:3965
#10 0x55a394b0c6c4 in mysql_select(THD, TABLE_LIST, unsigned int, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:4374
#11 0x55a39498ac00 in mysql_derived_fill(THD, LEX, TABLE_LIST*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_derived.cc:1179
#12 0x55a394984583 in mysql_handle_single_derived(LEX, TABLE_LIST, unsigned int) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_derived.cc:193
#13 0x55a394b49d6f in st_join_table::preread_init() /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:12962
#14 0x55a394b78ce5 in sub_select(JOIN, st_join_table, bool) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:19900
#15 0x55a394b7a95b in evaluate_join_record /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:20159
#16 0x55a394b792a4 in sub_select(JOIN, st_join_table, bool) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:19932
#17 0x55a394b772f1 in do_select /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:19470
#18 0x55a394b0b391 in JOIN::exec_inner() /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:4171
#19 0x55a394b08d62 in JOIN::exec() /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:3965
#20 0x55a394b0c6c4 in mysql_select(THD, TABLE_LIST, unsigned int, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:4374
#21 0x55a394ae2efa in handle_select(THD, LEX, select_result*, unsigned long) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:372
#22 0x55a394a57d68 in execute_sqlcom_select /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_parse.cc:6340
#23 0x55a394a45e39 in mysql_execute_command(THD*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_parse.cc:3871
#24 0x55a394a61665 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_parse.cc:7855
#25 0x55a394a38cb3 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_parse.cc:1852
#26 0x55a394a3586b in do_command(THD*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_parse.cc:1398
#27 0x55a394df9159 in do_handle_one_connection(CONNECT*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_connect.cc:1403
#28 0x55a394df8a55 in handle_one_connection /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_connect.cc:1308
#29 0x55a3963a61ae in pfs_spawn_thread /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/storage/perfschema/pfs.cc:1869
#30 0x7f097d5e2ea6 in start_thread nptl/pthread_create.c:477
#31 0x7f097d502aee in __clone (/lib/x86_64-linux-gnu/libc.so.6+0xfcaee)

0x629000080e50 is located 15440 bytes inside of 16352-byte region [0x62900007d200,0x6290000811e0)
allocated by thread T5 here:
#0 0x7f097dee8e8f in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:145
#1 0x55a3964ba4ca in my_malloc /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/mysys/my_malloc.c:101
#2 0x55a396497289 in alloc_root /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/mysys/my_alloc.c:251
#3 0x55a396497a3a in multi_alloc_root /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/mysys/my_alloc.c:325
#4 0x55a394b0d9cf in make_join_statistics /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:4557
#5 0x55a394af3cbe in JOIN::optimize_inner() /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:1992
#6 0x55a394aef1c0 in JOIN::optimize() /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:1534
#7 0x55a39498918e in mysql_derived_optimize(THD, LEX, TABLE_LIST*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_derived.cc:962
#8 0x55a394984583 in mysql_handle_single_derived(LEX, TABLE_LIST, unsigned int) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_derived.cc:193
#9 0x55a394af203a in JOIN::optimize_inner() /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:1815
#10 0x55a394aef1c0 in JOIN::optimize() /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:1534
#11 0x55a394b0c4d4 in mysql_select(THD, TABLE_LIST, unsigned int, List<Item>&, Item, unsigned int, st_order, st_order, Item, st_order, unsigned long long, select_result, st_select_lex_unit, st_select_lex) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:4360
#12 0x55a394ae2efa in handle_select(THD, LEX, select_result*, unsigned long) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_select.cc:372
#13 0x55a394a57d68 in execute_sqlcom_select /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_parse.cc:6340
#14 0x55a394a45e39 in mysql_execute_command(THD*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_parse.cc:3871
#15 0x55a394a61665 in mysql_parse(THD, char, unsigned int, Parser_state*, bool, bool) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_parse.cc:7855
#16 0x55a394a38cb3 in dispatch_command(enum_server_command, THD, char, unsigned int, bool, bool) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_parse.cc:1852
#17 0x55a394a3586b in do_command(THD*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_parse.cc:1398
#18 0x55a394df9159 in do_handle_one_connection(CONNECT*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_connect.cc:1403
#19 0x55a394df8a55 in handle_one_connection /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/sql_connect.cc:1308
#20 0x55a3963a61ae in pfs_spawn_thread /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/storage/perfschema/pfs.cc:1869
#21 0x7f097d5e2ea6 in start_thread nptl/pthread_create.c:477

Thread T5 created by T0 here:
#0 0x7f097de942a2 in __interceptor_pthread_create ../../../../src/libsanitizer/asan/asan_interceptors.cpp:214
#1 0x55a3963a659b in spawn_thread_v1 /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/storage/perfschema/pfs.cc:1919
#2 0x55a39476dd86 in inline_mysql_thread_create /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/include/mysql/psi/mysql_thread.h:1275
#3 0x55a394785f63 in create_thread_to_handle_connection(CONNECT*) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/mysqld.cc:6677
#4 0x55a3947866c3 in create_new_thread /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/mysqld.cc:6747
#5 0x55a39478782d in handle_connections_sockets() /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/mysqld.cc:7005
#6 0x55a3947852e3 in mysqld_main(int, char**) /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/mysqld.cc:6299
#7 0x55a39476c614 in main /home/jenkins/workspace/sandbox-elenst/Nightly-Build-CS/src/sql/main.cc:25
#8 0x7f097d429d09 in __libc_start_main ../csu/libc-start.c:308

SUMMARY: AddressSanitizer: use-after-poison ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:806 in __interceptor_memcpy
Shadow bytes around the buggy address:
0x0c5280008170: f7 00 00 00 00 00 00 00 00 00 00 f7 00 00 f7 00
0x0c5280008180: f7 00 f7 00 02 f7 00 00 00 00 00 00 00 00 00 00
0x0c5280008190: 00 00 00 00 00 00 00 00 00 00 00 f7 00 00 00 00
0x0c52800081a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c52800081b0: 00 00 00 00 00 00 00 00 00 f7 00 00 f7 00 00 f7
=>0x0c52800081c0: 00 00 00 00 00 00 00 00 00 00[f7]00 00 f7 00 f7
0x0c52800081d0: 00 f7 00 02 f7 00 00 00 00 00 00 00 00 00 00 00
0x0c52800081e0: 00 00 00 00 00 00 00 00 00 00 f7 00 00 00 00 00
0x0c52800081f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0c5280008200: 00 00 00 00 00 00 00 00 f7 00 00 00 00 00 00 00
0x0c5280008210: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
Shadow gap: cc
==2054553==ABORTING

10.3 01199901

==1852314==ERROR: AddressSanitizer: use-after-poison on address 0x62900004ee88 at pc 0x7f603204814b bp 0x7f6028b05610 sp 0x7f6028b04dc0

READ of size 254 at 0x62900004ee88 thread T5

    #0 0x7f603204814a in __interceptor_memcpy ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:827

    #1 0x557ef6655117 in _mi_pack_key /data/src/10.3/storage/myisam/mi_key.c:284

    #2 0x557ef66f8e03 in mi_rkey /data/src/10.3/storage/myisam/mi_rkey.c:62

    #3 0x557ef65ef5c0 in ha_myisam::index_read_map(unsigned char*, unsigned char const*, unsigned long, ha_rkey_function) /data/src/10.3/storage/myisam/ha_myisam.cc:1892

    #4 0x557ef55769bd in handler::ha_index_read_map(unsigned char*, unsigned char const*, unsigned long, ha_rkey_function) /data/src/10.3/sql/handler.cc:2915

    #5 0x557ef4f3a613 in join_read_always_key /data/src/10.3/sql/sql_select.cc:20716

    #6 0x557ef4f34db1 in sub_select(JOIN*, st_join_table*, bool) /data/src/10.3/sql/sql_select.cc:19949

    #7 0x557ef4f32f88 in do_select /data/src/10.3/sql/sql_select.cc:19490

    #8 0x557ef4ec6d44 in JOIN::exec_inner() /data/src/10.3/sql/sql_select.cc:4190

    #9 0x557ef4ec46ef in JOIN::exec() /data/src/10.3/sql/sql_select.cc:3984

    #10 0x557ef4ec8081 in mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.3/sql/sql_select.cc:4393

    #11 0x557ef4d43b66 in mysql_derived_fill(THD*, LEX*, TABLE_LIST*) /data/src/10.3/sql/sql_derived.cc:1182

    #12 0x557ef4d3d392 in mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) /data/src/10.3/sql/sql_derived.cc:193

    #13 0x557ef4f05795 in st_join_table::preread_init() /data/src/10.3/sql/sql_select.cc:12982

    #14 0x557ef4f349af in sub_select(JOIN*, st_join_table*, bool) /data/src/10.3/sql/sql_select.cc:19920

    #15 0x557ef4f36646 in evaluate_join_record /data/src/10.3/sql/sql_select.cc:20179

    #16 0x557ef4f34f6a in sub_select(JOIN*, st_join_table*, bool) /data/src/10.3/sql/sql_select.cc:19952

    #17 0x557ef4f32f88 in do_select /data/src/10.3/sql/sql_select.cc:19490

    #18 0x557ef4ec6d44 in JOIN::exec_inner() /data/src/10.3/sql/sql_select.cc:4190

    #19 0x557ef4ec46ef in JOIN::exec() /data/src/10.3/sql/sql_select.cc:3984

    #20 0x557ef4ec8081 in mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.3/sql/sql_select.cc:4393

    #21 0x557ef4e9dffa in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.3/sql/sql_select.cc:372

    #22 0x557ef4e12685 in execute_sqlcom_select /data/src/10.3/sql/sql_parse.cc:6340

    #23 0x557ef4e00456 in mysql_execute_command(THD*) /data/src/10.3/sql/sql_parse.cc:3871

    #24 0x557ef4e1c11f in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.3/sql/sql_parse.cc:7855

    #25 0x557ef4df2f4e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.3/sql/sql_parse.cc:1852

    #26 0x557ef4defae6 in do_command(THD*) /data/src/10.3/sql/sql_parse.cc:1398

    #27 0x557ef51b7efb in do_handle_one_connection(CONNECT*) /data/src/10.3/sql/sql_connect.cc:1404

    #28 0x557ef51b7828 in handle_one_connection /data/src/10.3/sql/sql_connect.cc:1309

    #29 0x557ef679e6b0 in pfs_spawn_thread /data/src/10.3/storage/perfschema/pfs.cc:1869

    #30 0x7f6031aa7fd3 in start_thread nptl/pthread_create.c:442

    #31 0x7f6031b285bb in clone3 ../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

0x62900004ee88 is located 15496 bytes inside of 16352-byte region [0x62900004b200,0x62900004f1e0)

allocated by thread T5 here:

    #0 0x7f60320b89cf in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cpp:69

    #1 0x557ef69744e2 in my_malloc /data/src/10.3/mysys/my_malloc.c:101

    #2 0x557ef6950f63 in alloc_root /data/src/10.3/mysys/my_alloc.c:251

    #3 0x557ef6951722 in multi_alloc_root /data/src/10.3/mysys/my_alloc.c:325

    #4 0x557ef4ec938b in make_join_statistics /data/src/10.3/sql/sql_select.cc:4576

    #5 0x557ef4eaf373 in JOIN::optimize_inner() /data/src/10.3/sql/sql_select.cc:2000

    #6 0x557ef4eaa825 in JOIN::optimize() /data/src/10.3/sql/sql_select.cc:1542

    #7 0x557ef4d420cb in mysql_derived_optimize(THD*, LEX*, TABLE_LIST*) /data/src/10.3/sql/sql_derived.cc:965

    #8 0x557ef4d3d392 in mysql_handle_single_derived(LEX*, TABLE_LIST*, unsigned int) /data/src/10.3/sql/sql_derived.cc:193

    #9 0x557ef4ead68e in JOIN::optimize_inner() /data/src/10.3/sql/sql_select.cc:1823

    #10 0x557ef4eaa825 in JOIN::optimize() /data/src/10.3/sql/sql_select.cc:1542

    #11 0x557ef4ec7e90 in mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.3/sql/sql_select.cc:4379

    #12 0x557ef4e9dffa in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.3/sql/sql_select.cc:372

    #13 0x557ef4e12685 in execute_sqlcom_select /data/src/10.3/sql/sql_parse.cc:6340

    #14 0x557ef4e00456 in mysql_execute_command(THD*) /data/src/10.3/sql/sql_parse.cc:3871

    #15 0x557ef4e1c11f in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.3/sql/sql_parse.cc:7855

    #16 0x557ef4df2f4e in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.3/sql/sql_parse.cc:1852

    #17 0x557ef4defae6 in do_command(THD*) /data/src/10.3/sql/sql_parse.cc:1398

    #18 0x557ef51b7efb in do_handle_one_connection(CONNECT*) /data/src/10.3/sql/sql_connect.cc:1404

    #19 0x557ef51b7828 in handle_one_connection /data/src/10.3/sql/sql_connect.cc:1309

    #20 0x557ef679e6b0 in pfs_spawn_thread /data/src/10.3/storage/perfschema/pfs.cc:1869

    #21 0x7f6031aa7fd3 in start_thread nptl/pthread_create.c:442

Thread T5 created by T0 here:

    #0 0x7f6032049726 in __interceptor_pthread_create ../../../../src/libsanitizer/asan/asan_interceptors.cpp:207

    #1 0x557ef679ea9d in spawn_thread_v1 /data/src/10.3/storage/perfschema/pfs.cc:1919

    #2 0x557ef4b238bb in inline_mysql_thread_create /data/src/10.3/include/mysql/psi/mysql_thread.h:1275

    #3 0x557ef4b3bb22 in create_thread_to_handle_connection(CONNECT*) /data/src/10.3/sql/mysqld.cc:6675

    #4 0x557ef4b3c26d in create_new_thread /data/src/10.3/sql/mysqld.cc:6745

    #5 0x557ef4b3d3df in handle_connections_sockets() /data/src/10.3/sql/mysqld.cc:7003

    #6 0x557ef4b3ae74 in mysqld_main(int, char**) /data/src/10.3/sql/mysqld.cc:6297

    #7 0x557ef4b21f88 in main /data/src/10.3/sql/main.cc:25

    #8 0x7f6031a46189 in __libc_start_call_main ../sysdeps/nptl/libc_start_call_main.h:58

SUMMARY: AddressSanitizer: use-after-poison ../../../../src/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc:827 in __interceptor_memcpy

Shadow bytes around the buggy address:

  0x0c5280001d80: 00 00 f7 00 00 f7 00 f7 00 f7 00 00 00 00 00 00

  0x0c5280001d90: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f7

  0x0c5280001da0: 00 02 f7 00 00 00 00 00 00 00 00 00 00 00 00 00

  0x0c5280001db0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

  0x0c5280001dc0: f7 00 00 f7 00 00 f7 00 00 00 00 00 00 00 00 00

=>0x0c5280001dd0: 00[f7]00 00 f7 00 f7 00 f7 00 00 00 00 00 00 00

  0x0c5280001de0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f7 00

  0x0c5280001df0: 02 f7 00 00 00 00 00 00 00 00 00 00 00 00 00 00

  0x0c5280001e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f7

  0x0c5280001e10: 00 00 f7 00 00 00 00 00 00 00 00 00 00 00 00 00

  0x0c5280001e20: 00 00 00 00 00 00 00 00 00 00 00 00 f7 f7 f7 f7

Shadow byte legend (one shadow byte represents 8 application bytes):

  Addressable:           00

  Partially addressable: 01 02 03 04 05 06 07

  Heap left redzone:       fa

  Freed heap region:       fd

  Stack left redzone:      f1

  Stack mid redzone:       f2

  Stack right redzone:     f3

  Stack after return:      f5

  Stack use after scope:   f8

  Global redzone:          f9

  Global init order:       f6

  Poisoned by user:        f7

  Container overflow:      fc

  Array cookie:            ac

  Intra object redzone:    bb

  ASan internal:           fe

  Left alloca redzone:     ca

  Right alloca redzone:    cb

==1852314==ABORTING

[MDEV-29933] ASAN use-after-poison in _ma_pack_key or _mi_pack_key / handler::ha_index_read_map Created: 2022-11-01 Updated: 2023-11-28
Status:	Open
Project:	MariaDB Server
Component/s:	Server
Affects Version/s:	10.3, 10.4, 10.5, 10.6, 10.7, 10.8, 10.9, 10.10
Fix Version/s:	10.4, 10.5, 10.6

[MDEV-29933] ASAN use-after-poison in _ma_pack_key or _mi_pack_key / handler::ha_index_read_map Created: 2022-11-01 Updated: 2023-11-28