Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-23009

SIGSEGV in get_field from acl_load (on optimized builds)

    XMLWordPrintable

    Details

      Description

      10.5.4 4080e3acefd7e58d88c2f3539fb6a0fb359cf057

      Core was generated by `/test/MD150620-mariadb-10.5.4-linux-x86_64-opt/bin/mysqld --no-defaults --core-'.
      Program terminated with signal SIGSEGV, Segmentation fault.
      #0  __pthread_kill (threadid=<optimized out>, signo=signo@entry=11)
          at ../sysdeps/unix/sysv/linux/pthread_kill.c:57
      [Current thread is 1 (Thread 0x1545de40d700 (LWP 352005))]
      (gdb) bt
      #0  __pthread_kill (threadid=<optimized out>, signo=signo@entry=11) at ../sysdeps/unix/sysv/linux/pthread_kill.c:57
      #1  0x000055baff4e50b7 in my_write_core (sig=sig@entry=11) at /test/10.5_opt/mysys/stacktrace.c:518
      #2  0x000055bafeeaee4a in handle_fatal_signal (sig=11) at /test/10.5_opt/sql/signal_handler.cc:330
      #3  <signal handler called>
      #4  get_field (mem=mem@entry=0x55bb000544a0 <acl_memroot>, field=0x0, res=res@entry=0x1545de40b830) at /test/10.5_opt/sql/table.cc:4727
      #5  0x000055bafed7486c in get_field (mem=mem@entry=0x55bb000544a0 <acl_memroot>, field=<optimized out>) at /test/10.5_opt/sql/table.cc:4758
      #6  0x000055bafec35ffa in acl_load (tables=@0x1545de40bb50: {p_user_table = 0x1545de40bb58, m_user_table_json = {<User_table> = {<Grant_table_base> = {start_priv_columns = 0, end_priv_columns = 3, m_table = 0x1545c0b69418}, _vptr.User_table = 0x55baffe6c680 <vtable for User_table_json+16>}, static JSON_SIZE = 1024}, m_user_table_tabular = {<User_table> = {<Grant_table_base> = {start_priv_columns = 0, end_priv_columns = 0, m_table = 0x0}, _vptr.User_table = 0x55baffe6c540 <vtable for User_table_tabular+16>}, <No data fields>}, m_db_table = {<Grant_table_base> = {start_priv_columns = 3, end_priv_columns = 23, m_table = 0x1545c0b66a18}, <No data fields>}, m_tables_priv_table = {<Grant_table_base> = {start_priv_columns = 0, end_priv_columns = 0, m_table = 0x0}, <No data fields>}, m_columns_priv_table = {<Grant_table_base> = {start_priv_columns = 0, end_priv_columns = 0, m_table = 0x0}, <No data fields>}, m_host_table = {<Grant_table_base> = {start_priv_columns = 0, end_priv_columns = 1, m_table = 0x1545b9c7ce18}, <No data fields>}, m_procs_priv_table = {<Grant_table_base> = {start_priv_columns = 0, end_priv_columns = 0, m_table = 0x0}, <No data fields>}, m_proxies_priv_table = {<Grant_table_base> = {start_priv_columns = 0, end_priv_columns = 7, m_table = 0x1545c0b67818}, <No data fields>}, m_roles_mapping_table = {<Grant_table_base> = {start_priv_columns = 3, end_priv_columns = 4, m_table = 0x1545c0b68618}, <No data fields>}}, thd=0x1545b9c12018) at /test/10.5_opt/sql/sql_acl.cc:2454
      #7  acl_reload (thd=thd@entry=0x1545b9c12018) at /test/10.5_opt/sql/sql_acl.cc:2819
      #8  0x000055bafedc3eb2 in reload_acl_and_cache (thd=<optimized out>, thd@entry=0x1545b9c12018, options=1, tables=tables@entry=0x0, write_to_binlog=write_to_binlog@entry=0x1545de40c060) at /test/10.5_opt/sql/sql_reload.cc:86
      #9  0x000055bafecb6ba4 in mysql_execute_command (thd=thd@entry=0x1545b9c12018) at /test/10.5_opt/sql/sql_parse.cc:5423
      #10 0x000055bafecbe85c in mysql_parse (thd=0x1545b9c12018, rawbuf=<optimized out>, length=16, parser_state=0x1545de40c430, is_com_multi=<optimized out>, is_next_command=<optimized out>) at /test/10.5_opt/sql/sql_parse.cc:7993
      #11 0x000055bafecb3b65 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x1545b9c12018, packet=packet@entry=0x1545b9c3a019 "FLUSH PRIVILEGES", packet_length=packet_length@entry=16, is_com_multi=is_com_multi@entry=false, is_next_command=is_next_command@entry=false) at /test/10.5_opt/sql/sql_parse.cc:1874
      #12 0x000055bafecb1f74 in do_command (thd=0x1545b9c12018) at /test/10.5_opt/sql/sql_parse.cc:1355
      #13 0x000055bafeda7b51 in do_handle_one_connection (connect=<optimized out>, connect@entry=0x1545db033958, put_in_cache=put_in_cache@entry=true) at /test/10.5_opt/sql/sql_connect.cc:1411
      #14 0x000055bafeda7eb4 in handle_one_connection (arg=arg@entry=0x1545db033958) at /test/10.5_opt/sql/sql_connect.cc:1313
      #15 0x000055baff116bca in pfs_spawn_thread (arg=0x1545db04f218) at /test/10.5_opt/storage/perfschema/pfs.cc:2201
      #16 0x00001545dd3866db in start_thread (arg=0x1545de40d700) at pthread_create.c:463
      #17 0x00001545dc78488f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
      

      Bug confirmed present in:
      MariaDB: 10.4.14 (dbg), 10.4.14 (opt), 10.5.4 (dbg), 10.5.4 (opt)

      Bug confirmed not present in:
      MariaDB: 10.1.46 (dbg), 10.1.46 (opt), 10.2.33 (dbg), 10.2.33 (opt), 10.3.24 (dbg), 10.3.24 (opt)
      MySQL: 5.5.62 (dbg), 5.5.62 (opt), 5.6.47 (dbg), 5.6.47 (opt), 5.7.29 (dbg), 5.7.29 (opt), 8.0.19 (dbg), 8.0.19 (opt)

        Attachments

          Activity

            People

            Assignee:
            serg Sergei Golubchik
            Reporter:
            Roel Roel Van de Paar
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: