Description:
Server built with
-DCMAKE_BUILD_TYPE=Debug -DWITH_DEBUG=ON -DMYSQL_MAINTAINER_MODE=ON -DWITH_SYSTEM_LIBS=ON -DWITH_NDBCLUSTER_STORAGE_ENGINE=OFF -DDOWNLOAD_BOOST=ON -DWITH_BOOST=path -DCMAKE_CXX_FLAGS=-g -DCMAKE_CXX_FLAGS_DEBUG=-g -DCMAKE_CXX_FLAGS_RELEASE=-g -O2 -DNDEBUG -DWITH_ASAN=ON -DWITH_ASAN_SCOPE=ON -DWITH_UBSAN=ON -DCMAKE_C_COMPILER=/opt/homebrew/opt/llvm@14/bin/clang -DCMAKE_CXX_COMPILER=/opt/homebrew/opt/llvm@14/bin/clang++ -DCMAKE_AR=/opt/homebrew/opt/llvm@14/bin/llvm-ar
ASan ODR violation detection disabled or bug 116372 will hit instead:
$ ASAN_OPTIONS="detect_odr_violation=0" runtime_output_directory/routertest_harness_loader
...
[ RUN ] TestLoaderGood/LoaderReadTest.load_wrong_version/0
2025-05-13 17:29:56 main DEBUG [0x20b1a8c80] loading 'routertestplugin_bad_two'.
=================================================================
==81660==ERROR: AddressSanitizer: global-buffer-overflow on address 0x0001029aabd8 at pc 0x000103869ea0 bp 0x00016da60e60 sp 0x00016da60620
READ of size 33 at 0x0001029aabd8 thread T0
#0 0x103869e9c in wrap_strlen+0x150 (libclang_rt.asan_osx_dynamic.dylib:arm64+0x15e9c) (BuildId: fea39b20578131ff8068ab53696a7b5b32000000200000000100000000000b00)
#1 0x10325a268 in std::__1::char_traits<char>::length(char const*) __string:355
#2 0x10325ed88 in std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>::basic_string<std::nullptr_t>(char const*) string:820
#3 0x1032415d8 in std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>::basic_string<std::nullptr_t>(char const*) string:818
#4 0x10323f500 in mysql_harness::Loader::load_from(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&) loader.cc:421
#5 0x103241b40 in mysql_harness::Loader::load(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&) loader.cc:527
#6 0x1023a04b0 in TestLoader::load(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>> const&) test_loader.cc:67
#7 0x1023a19a0 in LoaderReadTest_load_wrong_version_Test::TestBody() test_loader.cc:122
#8 0x1024bb6fc in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) gtest.cc:2612
#9 0x102444b54 in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) gtest.cc:2648
#10 0x1024447b4 in testing::Test::Run() gtest.cc:2687
#11 0x102446d48 in testing::TestInfo::Run() gtest.cc:2836
#12 0x102449d44 in testing::TestSuite::Run() gtest.cc:3015
#13 0x10246a3dc in testing::internal::UnitTestImpl::RunAllTests() gtest.cc:5920
#14 0x1024ce2f0 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) gtest.cc:2612
#15 0x102469434 in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) gtest.cc:2648
#16 0x10246906c in testing::UnitTest::Run() gtest.cc:5484
#17 0x1023a91b8 in RUN_ALL_TESTS() gtest.h:2317
#18 0x1023a8f10 in main test_loader.cc:228
#19 0x19bf36b48 (<unknown module>)
0x0001029aabe1 is located 0 bytes to the right of global variable '<string literal>' defined in '/Users/laurynas/vilniusdb/mysql-8.0.42/router/src/harness/tests/plugins/bad_two.cc:33:5' (0x1029aabc0) of size 33
'<string literal>' is ascii string 'routertestplugin_magic (>>1.2.3)'
0x0001029aabe1 is located 0 bytes to the right of global variable '<string literal>' defined in '/Users/laurynas/vilniusdb/mysql-8.0.42/router/src/harness/tests/plugins/bad_two.cc:33:5' (0x1029aabc0) of size 33
'<string literal>' is ascii string 'routertestplugin_magic (>>1.2.3)'
0x0001029aabe1 is located 0 bytes to the right of global variable '<string literal>' defined in '/Users/laurynas/vilniusdb/mysql-8.0.42/router/src/harness/tests/plugins/bad_two.cc:33:5' (0x1029aabc0) of size 33
'<string literal>' is ascii string 'routertestplugin_magic (>>1.2.3)'
SUMMARY: AddressSanitizer: global-buffer-overflow (libclang_rt.asan_osx_dynamic.dylib:arm64+0x15e9c) (BuildId: fea39b20578131ff8068ab53696a7b5b32000000200000000100000000000b00) in wrap_strlen+0x150
Shadow bytes around the buggy address:
0x007020555520: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x007020555530: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x007020555540: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x007020555550: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x007020555560: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04
=>0x007020555570: f9 f9 f9 f9 00 05 f9 f9 00 00 00[f9]01 f9 f9 f9
0x007020555580: f9 f9 f9 f9 00 00 00 00 00 00 00 00 00 00 00 00
0x007020555590: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0070205555a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0070205555b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x0070205555c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==81660==ABORTING
[1] 81660 abort ASAN_OPTIONS="detect_odr_violation=0"
How to repeat:
See above
