diff --git a/mysql-test/r/select.result b/mysql-test/r/select.result
index 83682d87504..0d5c1aed485 100644
--- a/mysql-test/r/select.result
+++ b/mysql-test/r/select.result
@@ -2875,6 +2875,16 @@ b	a	t1_val	t2_val
 1	1	1	1
 1	2	2	1
 drop table t1, t2, t3;
+DO IFNULL(NULL, NULL);
+SELECT CAST(IFNULL(NULL, NULL) AS DECIMAL);
+CAST(IFNULL(NULL, NULL) AS DECIMAL)
+NULL
+SELECT ABS(IFNULL(NULL, NULL));
+ABS(IFNULL(NULL, NULL))
+NULL
+SELECT IFNULL(NULL, NULL);
+IFNULL(NULL, NULL)
+NULL
 create table t1 (a char(1));
 create table t2 (a char(1));
 insert into t1 values ('a'),('b'),('c');
diff --git a/mysql-test/t/select.test b/mysql-test/t/select.test
index ebd382b1df1..fad01ac9acf 100644
--- a/mysql-test/t/select.test
+++ b/mysql-test/t/select.test
@@ -2445,6 +2445,15 @@ select * from t1 natural join t3 natural join t2;
 drop table t1, t2, t3;
 
 
+#
+# Bug #12841: Server crash on DO IFNULL(NULL,NULL)
+#
+# (testing returning of int, decimal, real, string)
+DO IFNULL(NULL, NULL);
+SELECT CAST(IFNULL(NULL, NULL) AS DECIMAL);
+SELECT ABS(IFNULL(NULL, NULL));
+SELECT IFNULL(NULL, NULL);
+
 #
 # Bug #6495 Illogical requirement for column qualification in NATURAL join
 #
diff --git a/sql/item_func.cc b/sql/item_func.cc
index 80808c0ac87..8125264ab15 100644
--- a/sql/item_func.cc
+++ b/sql/item_func.cc
@@ -734,11 +734,13 @@ longlong Item_func_numhybrid::val_int()
   case STRING_RESULT:
   {
     int err_not_used;
-    String *res= str_op(&str_value);
+    String *res;
+    if (!(res= str_op(&str_value)))
+      return 0;
+
     char *end= (char*) res->ptr() + res->length();
     CHARSET_INFO *cs= str_value.charset();
-    return (res ? (*(cs->cset->strtoll10))(cs, res->ptr(), &end,
-                                           &err_not_used) : 0);
+    return (*(cs->cset->strtoll10))(cs, res->ptr(), &end, &err_not_used);
   }
   default:
     DBUG_ASSERT(0);
@@ -769,7 +771,10 @@ my_decimal *Item_func_numhybrid::val_decimal(my_decimal *decimal_value)
   }
   case STRING_RESULT:
   {
-    String *res= str_op(&str_value);
+    String *res;
+    if (!(res= str_op(&str_value)))
+      return NULL;
+
     str2my_decimal(E_DEC_FATAL_ERROR, (char*) res->ptr(),
                    res->length(), res->charset(), decimal_value);
     break;