Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-18882

ASAN heap-use-after-free in Binary_string::copy or String::copy upon MAKE_SET

    XMLWordPrintable

Details

    • Bug
    • Status: Confirmed (View Workflow)
    • Major
    • Resolution: Unresolved
    • 10.1, 10.2, 10.3, 10.4, 10.5, 10.6
    • 10.4, 10.5, 10.6
    • Data types
    • None

    Description

      --source include/have_innodb.inc
      		 
       
      		 
      CREATE TABLE t1 (a INT) ENGINE=InnoDB;
      		 
      INSERT INTO t1 VALUES (1),(2);
      		 
      SELECT COUNT(*) FROM t1 ORDER BY MAKE_SET('1974-05-06', b'1', CONVERT(0.0, CHAR(6)), 1);
      		 
       
      		 
      # Cleanup
      		 
      DROP TABLE t1;

      10.4 ASAN 5a796f1f

      		 
      ==28679==ERROR: AddressSanitizer: heap-use-after-free on address 0x60c0000453b0 at pc 0x555c3f2a6277 bp 0x7f4a2687e9c0 sp 0x7f4a2687e9b8
      		 
      READ of size 3 at 0x60c0000453b0 thread T27
      		 
          #0 0x555c3f2a6276 in Binary_string::copy(Binary_string const&) /data/src/10.4/sql/sql_string.cc:230
      		 
          #1 0x555c3efc948d in String::copy(String const&) /data/src/10.4/sql/sql_string.h:816
      		 
          #2 0x555c3fa0f418 in Item_func_make_set::val_str(String*) /data/src/10.4/sql/item_strfunc.cc:2851
      		 
          #3 0x555c3f8ad3a4 in Item_copy_string::copy() /data/src/10.4/sql/item.cc:4777
      		 
          #4 0x555c3f1f24e4 in copy_fields(TMP_TABLE_PARAM*) /data/src/10.4/sql/sql_select.cc:24614
      		 
          #5 0x555c3f1dc9c7 in end_send_group(JOIN*, st_join_table*, bool) /data/src/10.4/sql/sql_select.cc:21411
      		 
          #6 0x555c3f1d2dff in evaluate_join_record /data/src/10.4/sql/sql_select.cc:20238
      		 
          #7 0x555c3f1d19d9 in sub_select(JOIN*, st_join_table*, bool) /data/src/10.4/sql/sql_select.cc:20018
      		 
          #8 0x555c3f1cfce4 in do_select /data/src/10.4/sql/sql_select.cc:19556
      		 
          #9 0x555c3f168f6c in JOIN::exec_inner() /data/src/10.4/sql/sql_select.cc:4371
      		 
          #10 0x555c3f166867 in JOIN::exec() /data/src/10.4/sql/sql_select.cc:4153
      		 
          #11 0x555c3f16a344 in mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.4/sql/sql_select.cc:4585
      		 
          #12 0x555c3f14092a in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.4/sql/sql_select.cc:424
      		 
          #13 0x555c3f0c16e7 in execute_sqlcom_select /data/src/10.4/sql/sql_parse.cc:6651
      		 
          #14 0x555c3f0ae2ae in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:3888
      		 
          #15 0x555c3f0c9f8a in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:8204
      		 
          #16 0x555c3f0a1f07 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1829
      		 
          #17 0x555c3f09ed58 in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1358
      		 
          #18 0x555c3f432921 in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1399
      		 
          #19 0x555c3f43231a in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1302
      		 
          #20 0x555c3fff9888 in pfs_spawn_thread /data/src/10.4/storage/perfschema/pfs.cc:1862
      		 
          #21 0x7f4a32258493 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7493)
      		 
          #22 0x7f4a3063e93e in __clone (/lib/x86_64-linux-gnu/libc.so.6+0xe893e)
      		 
       
      		 
      0x60c0000453b0 is located 112 bytes inside of 124-byte region [0x60c000045340,0x60c0000453bc)
      		 
      freed by thread T27 here:
      		 
          #0 0x7f4a324c2527 in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x54527)
      		 
          #1 0x555c409aaa69 in free_memory /data/src/10.4/mysys/safemalloc.c:279
      		 
          #2 0x555c409aa06f in sf_free /data/src/10.4/mysys/safemalloc.c:197
      		 
          #3 0x555c4097aab8 in my_free /data/src/10.4/mysys/my_malloc.c:222
      		 
          #4 0x555c3ee0cce7 in Binary_string::free() /data/src/10.4/sql/sql_string.h:604
      		 
          #5 0x555c3f2a4eaa in Binary_string::real_alloc(unsigned long) /data/src/10.4/sql/sql_string.cc:43
      		 
          #6 0x555c3ee2cb29 in Binary_string::alloc(unsigned long) /data/src/10.4/sql/sql_string.h:613
      		 
          #7 0x555c3f2a56ea in String::set_int(long long, bool, charset_info_st const*) /data/src/10.4/sql/sql_string.cc:126
      		 
          #8 0x555c3f8a34b3 in Item_int::val_str(String*) /data/src/10.4/sql/item.cc:3465
      		 
          #9 0x555c3fa0f2df in Item_func_make_set::val_str(String*) /data/src/10.4/sql/item_strfunc.cc:2831
      		 
          #10 0x555c3f8ad3a4 in Item_copy_string::copy() /data/src/10.4/sql/item.cc:4777
      		 
          #11 0x555c3f1f24e4 in copy_fields(TMP_TABLE_PARAM*) /data/src/10.4/sql/sql_select.cc:24614
      		 
          #12 0x555c3f1dc9c7 in end_send_group(JOIN*, st_join_table*, bool) /data/src/10.4/sql/sql_select.cc:21411
      		 
          #13 0x555c3f1d2dff in evaluate_join_record /data/src/10.4/sql/sql_select.cc:20238
      		 
          #14 0x555c3f1d19d9 in sub_select(JOIN*, st_join_table*, bool) /data/src/10.4/sql/sql_select.cc:20018
      		 
          #15 0x555c3f1cfce4 in do_select /data/src/10.4/sql/sql_select.cc:19556
      		 
          #16 0x555c3f168f6c in JOIN::exec_inner() /data/src/10.4/sql/sql_select.cc:4371
      		 
          #17 0x555c3f166867 in JOIN::exec() /data/src/10.4/sql/sql_select.cc:4153
      		 
          #18 0x555c3f16a344 in mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.4/sql/sql_select.cc:4585
      		 
          #19 0x555c3f14092a in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.4/sql/sql_select.cc:424
      		 
          #20 0x555c3f0c16e7 in execute_sqlcom_select /data/src/10.4/sql/sql_parse.cc:6651
      		 
          #21 0x555c3f0ae2ae in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:3888
      		 
          #22 0x555c3f0c9f8a in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:8204
      		 
          #23 0x555c3f0a1f07 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1829
      		 
          #24 0x555c3f09ed58 in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1358
      		 
          #25 0x555c3f432921 in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1399
      		 
          #26 0x555c3f43231a in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1302
      		 
          #27 0x555c3fff9888 in pfs_spawn_thread /data/src/10.4/storage/perfschema/pfs.cc:1862
      		 
          #28 0x7f4a32258493 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7493)
      		 
       
      		 
      previously allocated by thread T27 here:
      		 
          #0 0x7f4a324c273f in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x5473f)
      		 
          #1 0x555c409a97df in sf_malloc /data/src/10.4/mysys/safemalloc.c:118
      		 
          #2 0x555c4097a0da in my_malloc /data/src/10.4/mysys/my_malloc.c:101
      		 
          #3 0x555c3f2a4f09 in Binary_string::real_alloc(unsigned long) /data/src/10.4/sql/sql_string.cc:46
      		 
          #4 0x555c3ee2cb29 in Binary_string::alloc(unsigned long) /data/src/10.4/sql/sql_string.h:613
      		 
          #5 0x555c3fb9bac1 in my_decimal::to_string_native(String*, unsigned int, unsigned int, char, unsigned int) const /data/src/10.4/sql/my_decimal.cc:118
      		 
          #6 0x555c3ee2de0e in my_decimal::to_string(String*, unsigned int, unsigned int, char) const /data/src/10.4/sql/my_decimal.h:204
      		 
          #7 0x555c3ee2de4f in my_decimal::to_string(String*) const /data/src/10.4/sql/my_decimal.h:208
      		 
          #8 0x555c3f8e0213 in Item_decimal::val_str(String*) /data/src/10.4/sql/item.h:4163
      		 
          #9 0x555c3fabb312 in Item_char_typecast::val_str(String*) /data/src/10.4/sql/item_timefunc.cc:2338
      		 
          #10 0x555c3fa0f2df in Item_func_make_set::val_str(String*) /data/src/10.4/sql/item_strfunc.cc:2831
      		 
          #11 0x555c3f8ad3a4 in Item_copy_string::copy() /data/src/10.4/sql/item.cc:4777
      		 
          #12 0x555c3f1f24e4 in copy_fields(TMP_TABLE_PARAM*) /data/src/10.4/sql/sql_select.cc:24614
      		 
          #13 0x555c3f1dc9c7 in end_send_group(JOIN*, st_join_table*, bool) /data/src/10.4/sql/sql_select.cc:21411
      		 
          #14 0x555c3f1d2dff in evaluate_join_record /data/src/10.4/sql/sql_select.cc:20238
      		 
          #15 0x555c3f1d19d9 in sub_select(JOIN*, st_join_table*, bool) /data/src/10.4/sql/sql_select.cc:20018
      		 
          #16 0x555c3f1cfce4 in do_select /data/src/10.4/sql/sql_select.cc:19556
      		 
          #17 0x555c3f168f6c in JOIN::exec_inner() /data/src/10.4/sql/sql_select.cc:4371
      		 
          #18 0x555c3f166867 in JOIN::exec() /data/src/10.4/sql/sql_select.cc:4153
      		 
          #19 0x555c3f16a344 in mysql_select(THD*, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.4/sql/sql_select.cc:4585
      		 
          #20 0x555c3f14092a in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.4/sql/sql_select.cc:424
      		 
          #21 0x555c3f0c16e7 in execute_sqlcom_select /data/src/10.4/sql/sql_parse.cc:6651
      		 
          #22 0x555c3f0ae2ae in mysql_execute_command(THD*) /data/src/10.4/sql/sql_parse.cc:3888
      		 
          #23 0x555c3f0c9f8a in mysql_parse(THD*, char*, unsigned int, Parser_state*, bool, bool) /data/src/10.4/sql/sql_parse.cc:8204
      		 
          #24 0x555c3f0a1f07 in dispatch_command(enum_server_command, THD*, char*, unsigned int, bool, bool) /data/src/10.4/sql/sql_parse.cc:1829
      		 
          #25 0x555c3f09ed58 in do_command(THD*) /data/src/10.4/sql/sql_parse.cc:1358
      		 
          #26 0x555c3f432921 in do_handle_one_connection(CONNECT*) /data/src/10.4/sql/sql_connect.cc:1399
      		 
          #27 0x555c3f43231a in handle_one_connection /data/src/10.4/sql/sql_connect.cc:1302
      		 
          #28 0x555c3fff9888 in pfs_spawn_thread /data/src/10.4/storage/perfschema/pfs.cc:1862
      		 
          #29 0x7f4a32258493 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7493)
      		 
       
      		 
      Thread T27 created by T0 here:
      		 
          #0 0x7f4a32491bba in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x23bba)
      		 
          #1 0x555c3fff9e50 in spawn_thread_v1 /data/src/10.4/storage/perfschema/pfs.cc:1912
      		 
          #2 0x555c3edea476 in inline_mysql_thread_create /data/src/10.4/include/mysql/psi/mysql_thread.h:1268
      		 
          #3 0x555c3edff6ed in create_thread_to_handle_connection(CONNECT*) /data/src/10.4/sql/mysqld.cc:6141
      		 
          #4 0x555c3edffdf2 in create_new_thread(CONNECT*) /data/src/10.4/sql/mysqld.cc:6211
      		 
          #5 0x555c3ee00182 in handle_accepted_socket(st_mysql_socket, st_mysql_socket) /data/src/10.4/sql/mysqld.cc:6309
      		 
          #6 0x555c3ee00dce in handle_connections_sockets() /data/src/10.4/sql/mysqld.cc:6467
      		 
          #7 0x555c3edfef28 in mysqld_main(int, char**) /data/src/10.4/sql/mysqld.cc:5799
      		 
          #8 0x555c3ede82ff in main /data/src/10.4/sql/main.cc:25
      		 
          #9 0x7f4a305762b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)
      		 
       
      		 
      SUMMARY: AddressSanitizer: heap-use-after-free /data/src/10.4/sql/sql_string.cc:230 Binary_string::copy(Binary_string const&)
      		 
      Shadow bytes around the buggy address:
      		 
        0x0c1880000a20: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
      		 
        0x0c1880000a30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
      		 
        0x0c1880000a40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
      		 
        0x0c1880000a50: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04
      		 
        0x0c1880000a60: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
      		 
      =>0x0c1880000a70: fd fd fd fd fd fd[fd]fd fa fa fa fa fa fa fa fa
      		 
        0x0c1880000a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04
      		 
        0x0c1880000a90: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
      		 
        0x0c1880000aa0: fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa
      		 
        0x0c1880000ab0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04
      		 
        0x0c1880000ac0: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
      		 
      Shadow byte legend (one shadow byte represents 8 application bytes):
      		 
        Addressable:           00
      		 
        Partially addressable: 01 02 03 04 05 06 07 
        Heap left redzone:       fa
      		 
        Heap right redzone:      fb
      		 
        Freed heap region:       fd
      		 
        Stack left redzone:      f1
      		 
        Stack mid redzone:       f2
      		 
        Stack right redzone:     f3
      		 
        Stack partial redzone:   f4
      		 
        Stack after return:      f5
      		 
        Stack use after scope:   f8
      		 
        Global redzone:          f9
      		 
        Global init order:       f6
      		 
        Poisoned by user:        f7
      		 
        Contiguous container OOB:fc
      		 
        ASan internal:           fe
      		 
      ==28679==ABORTING

      10.1 ASAN 6567636b

      		 
      ==30187==ERROR: AddressSanitizer: heap-use-after-free on address 0x60c0000b04b0 at pc 0x55c96a066818 bp 0x7f5c974026b0 sp 0x7f5c974026a8
      		 
      READ of size 3 at 0x60c0000b04b0 thread T23
      		 
          #0 0x55c96a066817 in String::copy(String const&) /data/src/10.1/sql/sql_string.cc:176
      		 
          #1 0x55c96a57d5c7 in Item_func_make_set::val_str(String*) /data/src/10.1/sql/item_strfunc.cc:2785
      		 
          #2 0x55c96a425c97 in Item_copy_string::copy() /data/src/10.1/sql/item.cc:4063
      		 
          #3 0x55c969fb0cfb in copy_fields(TMP_TABLE_PARAM*) /data/src/10.1/sql/sql_select.cc:23163
      		 
          #4 0x55c969fbee35 in end_send_group(JOIN*, st_join_table*, bool) /data/src/10.1/sql/sql_select.cc:19816
      		 
          #5 0x55c969f544d2 in evaluate_join_record /data/src/10.1/sql/sql_select.cc:18702
      		 
          #6 0x55c969f7011d in sub_select(JOIN*, st_join_table*, bool) /data/src/10.1/sql/sql_select.cc:18479
      		 
          #7 0x55c969fa96f0 in do_select /data/src/10.1/sql/sql_select.cc:18134
      		 
          #8 0x55c969fee26e in JOIN::exec_inner() /data/src/10.1/sql/sql_select.cc:3275
      		 
          #9 0x55c969fef556 in JOIN::exec() /data/src/10.1/sql/sql_select.cc:2562
      		 
          #10 0x55c969fe3da9 in mysql_select(THD*, Item***, TABLE_LIST*, unsigned int, List<Item>&, Item*, unsigned int, st_order*, st_order*, Item*, st_order*, unsigned long long, select_result*, st_select_lex_unit*, st_select_lex*) /data/src/10.1/sql/sql_select.cc:3499
      		 
          #11 0x55c969fe4597 in handle_select(THD*, LEX*, select_result*, unsigned long) /data/src/10.1/sql/sql_select.cc:388
      		 
          #12 0x55c969eb3603 in execute_sqlcom_select /data/src/10.1/sql/sql_parse.cc:5991
      		 
          #13 0x55c969ecd94d in mysql_execute_command(THD*) /data/src/10.1/sql/sql_parse.cc:3042
      		 
          #14 0x55c969ee5af0 in mysql_parse(THD*, char*, unsigned int, Parser_state*) /data/src/10.1/sql/sql_parse.cc:7509
      		 
          #15 0x55c969eec8a2 in dispatch_command(enum_server_command, THD*, char*, unsigned int) /data/src/10.1/sql/sql_parse.cc:1496
      		 
          #16 0x55c969ef3074 in do_command(THD*) /data/src/10.1/sql/sql_parse.cc:1124
      		 
          #17 0x55c96a19b5e7 in do_handle_one_connection(THD*) /data/src/10.1/sql/sql_connect.cc:1330
      		 
          #18 0x55c96a19baf8 in handle_one_connection /data/src/10.1/sql/sql_connect.cc:1242
      		 
          #19 0x55c96aa6b24e in pfs_spawn_thread /data/src/10.1/storage/perfschema/pfs.cc:1861
      		 
          #20 0x7f5cb068b493 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7493)
      		 
          #21 0x7f5caea4493e in __clone (/lib/x86_64-linux-gnu/libc.so.6+0xe893e)
      		 
       
      		 
      0x60c0000b04b0 is located 112 bytes inside of 124-byte region [0x60c0000b0440,0x60c0000b04bc)
      		 
      freed by thread T23 here:
      		 
          #0 0x7f5cb08f5527 in __interceptor_free (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x54527)
      		 
          #1 0x55c96b2377cf in free_memory /data/src/10.1/mysys/safemalloc.c:276
      		 
       
      		 
      previously allocated by thread T23 here:
      		 
          #0 0x7f5cb08f573f in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x5473f)
      		 
          #1 0x55c96b2378a0 in sf_malloc /data/src/10.1/mysys/safemalloc.c:115
      		 
          #2 0x55c96b3302da (/data/bld/10.1-asan/bin/mysqld+0x1da02da)
      		 
       
      		 
      Thread T23 created by T0 here:
      		 
          #0 0x7f5cb08c4bba in pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.1+0x23bba)
      		 
          #1 0x55c96aa76aa5 in spawn_thread_v1 /data/src/10.1/storage/perfschema/pfs.cc:1911
      		 
       
      		 
      SUMMARY: AddressSanitizer: heap-use-after-free /data/src/10.1/sql/sql_string.cc:176 String::copy(String const&)
      		 
      Shadow bytes around the buggy address:
      		 
        0x0c188000e040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
      		 
        0x0c188000e050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
      		 
        0x0c188000e060: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
      		 
        0x0c188000e070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04
      		 
        0x0c188000e080: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
      		 
      =>0x0c188000e090: fd fd fd fd fd fd[fd]fd fa fa fa fa fa fa fa fa
      		 
        0x0c188000e0a0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04
      		 
        0x0c188000e0b0: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
      		 
        0x0c188000e0c0: fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa
      		 
        0x0c188000e0d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 04
      		 
        0x0c188000e0e0: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
      		 
      Shadow byte legend (one shadow byte represents 8 application bytes):
      		 
        Addressable:           00
      		 
        Partially addressable: 01 02 03 04 05 06 07 
        Heap left redzone:       fa
      		 
        Heap right redzone:      fb
      		 
        Freed heap region:       fd
      		 
        Stack left redzone:      f1
      		 
        Stack mid redzone:       f2
      		 
        Stack right redzone:     f3
      		 
        Stack partial redzone:   f4
      		 
        Stack after return:      f5
      		 
        Stack use after scope:   f8
      		 
        Global redzone:          f9
      		 
        Global init order:       f6
      		 
        Poisoned by user:        f7
      		 
        Contiguous container OOB:fc
      		 
        ASan internal:           fe
      		 
      ==30187==ABORTING

      No obvious problems on non-ASAN builds, only the warning

      Warnings:
      		 
      Warning	1292	Truncated incorrect INTEGER value: '1974-05-06'

      but it might be expected.

      Attachments

        Activity

          People

            bar Alexander Barkov
            elenst Elena Stepanova
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.