Uploaded image for project: 'MariaDB Server'
  1. MariaDB Server
  2. MDEV-31825

Server crashes when creating PS to show grants for unknown user after starting server with skip-grant-tables

    XMLWordPrintable

Details

    • Bug
    • Status: Open (View Workflow)
    • Major
    • Resolution: Unresolved
    • 10.4(EOL), 10.5, 10.6, 10.9(EOL), 10.10(EOL), 10.11, 11.0(EOL), 11.1(EOL), 11.2(EOL), 11.3(EOL), 11.4, 11.5(EOL), 11.6(EOL)
    • 10.5, 10.6, 10.11, 11.4
    • Prepared Statements

    Description

      # mysqld options required for replay:  --skip-grant-tables=1
      PREPARE s0 FROM 'SHOW GRANTS FOR unkown_user';
      

      Leads to

      10.4.31 922db0642b6321ece41adb3232c1616812143573 (Optimized)

      Core was generated by `/test/MD040723-mariadb-10.4.31-linux-x86_64-opt/bin/mariadbd --no-defaults --co'.
      Program terminated with signal SIGSEGV, Segmentation fault.
      #0  0x0000000000000000 in ?? ()
      [Current thread is 1 (Thread 0x14cbd435f700 (LWP 398885))]
      (gdb) bt
      #0  0x0000000000000000 in ?? ()
      #1  0x000055c8dbf7dbb2 in my_hash_first (hash=0x55c8dc8c3dc0 <acl_roles>, key=0x14cb70018d60 "unkown_user", length=11, current_record=current_record@entry=0x14cbd435bdec) at /test/10.4_opt/mysys/hash.c:262
      #2  0x000055c8dbf7dbe5 in my_hash_search (hash=<optimized out>, key=<optimized out>, length=<optimized out>) at /test/10.4_opt/mysys/hash.c:235
      #3  0x000055c8db81ad97 in get_current_user (lock=true, user=<optimized out>, thd=0x14cb70000c48) at /test/10.4_opt/sql/sql_acl.cc:12521
      #4  get_current_user (thd=0x14cb70000c48, user=<optimized out>, lock=<optimized out>) at /test/10.4_opt/sql/sql_acl.cc:12494
      #5  0x000055c8db81aec1 in get_show_user (rolename=0x14cbd435bef0, hostname=0x14cbd435bec8, username=0x14cbd435bec0, lex_user=<optimized out>, thd=0x14cb70000c48) at /test/10.4_opt/sql/sql_acl.cc:9203
      #6  get_show_user (thd=thd@entry=0x14cb70000c48, lex_user=<optimized out>, username=username@entry=0x14cbd435bec0, hostname=hostname@entry=0x14cbd435bec8, rolename=rolename@entry=0x14cbd435bef0) at /test/10.4_opt/sql/sql_acl.cc:9178
      #7  0x000055c8db8a8690 in mysql_test_show_grants (stmt=0x14cb70016d38) at /test/10.4_opt/sql/sql_prepare.cc:1988
      #8  check_prepared_statement (stmt=0x14cb70016d38) at /test/10.4_opt/sql/sql_prepare.cc:2468
      #9  Prepared_statement::prepare (this=0x14cb70016d38, packet=<optimized out>, packet_len=<optimized out>) at /test/10.4_opt/sql/sql_prepare.cc:4279
      #10 0x000055c8db8aa5a2 in mysql_sql_stmt_prepare (thd=thd@entry=0x14cb70000c48) at /test/10.4_opt/sql/sql_prepare.cc:2950
      #11 0x000055c8db890fc8 in mysql_execute_command (thd=0x14cb70000c48) at /test/10.4_opt/sql/sql_parse.cc:3987
      #12 0x000055c8db8975a2 in mysql_parse (thd=0x14cb70000c48, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>, is_com_multi=<optimized out>, is_next_command=<optimized out>) at /test/10.4_opt/sql/sql_parse.cc:8008
      #13 0x000055c8db89a055 in dispatch_command (command=COM_QUERY, thd=0x14cb70000c48, packet=<optimized out>, packet_length=<optimized out>, is_com_multi=<optimized out>, is_next_command=<optimized out>) at /test/10.4_opt/sql/sql_class.h:1231
      #14 0x000055c8db89b8af in do_command (thd=0x14cb70000c48) at /test/10.4_opt/sql/sql_parse.cc:1378
      #15 0x000055c8db988dae in do_handle_one_connection (connect=<optimized out>) at /test/10.4_opt/sql/sql_connect.cc:1420
      #16 0x000055c8db988e3d in handle_one_connection (arg=<optimized out>) at /test/10.4_opt/sql/sql_connect.cc:1324
      #17 0x000014cbd6d35609 in start_thread (arg=<optimized out>) at pthread_create.c:477
      #18 0x000014cbd6921133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
      

      11.2.0 e81fa345020ec6a067583db6a7019d6404b26f93 (Optimized)

      Core was generated by `/test/MD270723-mariadb-11.2.0-linux-x86_64-opt/bin/mariadbd --no-defaults --cor'.
      Program terminated with signal SIGSEGV, Segmentation fault.
      #0  0x0000000000000000 in ?? ()
      [Current thread is 1 (Thread 0x14fe5dbb4700 (LWP 228075))]
      (gdb) bt
      #0  0x0000000000000000 in ?? ()
      #1  0x000055b94d899a62 in my_hash_first (hash=hash@entry=0x55b94e38bd40 <acl_roles>, key=key@entry=0x14fe0801a9e0 "unkown_user", length=length@entry=11, current_record=current_record@entry=0x14fe5dbb208c) at /test/11.2_opt/mysys/hash.c:263
      #2  0x000055b94d899a95 in my_hash_search (hash=hash@entry=0x55b94e38bd40 <acl_roles>, key=key@entry=0x14fe0801a9e0 "unkown_user", length=length@entry=11) at /test/11.2_opt/mysys/hash.c:236
      #3  0x000055b94d1183b4 in find_acl_role (allow_public=false, role=0x14fe0801a9e0 "unkown_user") at /test/11.2_opt/sql/sql_acl.cc:4454
      #4  get_current_user (lock=true, user=<optimized out>, thd=<optimized out>) at /test/11.2_opt/sql/sql_acl.cc:13023
      #5  get_current_user (thd=<optimized out>, user=<optimized out>, lock=<optimized out>) at /test/11.2_opt/sql/sql_acl.cc:12990
      #6  0x000055b94d118705 in get_show_user (rolename=0x14fe5dbb21a0, hostname=0x14fe5dbb2178, username=0x14fe5dbb2170, lex_user=<optimized out>, thd=0x14fe08000c58) at /test/11.2_opt/sql/sql_acl.cc:9461
      #7  get_show_user (thd=thd@entry=0x14fe08000c58, lex_user=<optimized out>, username=username@entry=0x14fe5dbb2170, hostname=hostname@entry=0x14fe5dbb2178, rolename=rolename@entry=0x14fe5dbb21a0) at /test/11.2_opt/sql/sql_acl.cc:9436
      #8  0x000055b94d1c8945 in mysql_test_show_grants (stmt=0x14fe080167e8) at /test/11.2_opt/sql/sql_prepare.cc:1837
      #9  check_prepared_statement (stmt=0x14fe080167e8) at /test/11.2_opt/sql/sql_prepare.cc:2330
      #10 Prepared_statement::prepare (this=0x14fe080167e8, packet=<optimized out>, packet_len=<optimized out>) at /test/11.2_opt/sql/sql_prepare.cc:4216
      #11 0x000055b94d1cc6b4 in mysql_sql_stmt_prepare (thd=thd@entry=0x14fe08000c58) at /test/11.2_opt/sql/sql_prepare.cc:2807
      #12 0x000055b94d1aa24e in mysql_execute_command (thd=0x14fe08000c58, is_called_from_prepared_stmt=<optimized out>) at /test/11.2_opt/sql/sql_parse.cc:3955
      #13 0x000055b94d1991e5 in mysql_parse (rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>, thd=0x14fe08000c58) at /test/11.2_opt/sql/sql_parse.cc:7800
      #14 mysql_parse (thd=0x14fe08000c58, rawbuf=<optimized out>, length=<optimized out>, parser_state=<optimized out>) at /test/11.2_opt/sql/sql_parse.cc:7722
      #15 0x000055b94d1a5092 in dispatch_command (command=COM_QUERY, thd=0x14fe08000c58, packet=<optimized out>, packet_length=<optimized out>, blocking=<optimized out>) at /test/11.2_opt/sql/sql_class.h:1374
      #16 0x000055b94d1a6f7e in do_command (thd=0x14fe08000c58, blocking=blocking@entry=true) at /test/11.2_opt/sql/sql_parse.cc:1405
      #17 0x000055b94d2c66cf in do_handle_one_connection (connect=<optimized out>, connect@entry=0x55b94fe25e78, put_in_cache=put_in_cache@entry=true) at /test/11.2_opt/sql/sql_connect.cc:1445
      #18 0x000055b94d2c69bd in handle_one_connection (arg=0x55b94fe25e78) at /test/11.2_opt/sql/sql_connect.cc:1347
      #19 0x000014fe7ba15609 in start_thread (arg=<optimized out>) at pthread_create.c:477
      #20 0x000014fe7b601133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
      

      11.2.0 e81fa345020ec6a067583db6a7019d6404b26f93 (Debug)

      Core was generated by `/test/MD270723-mariadb-11.2.0-linux-x86_64-dbg/bin/mariadbd --no-defaults --cor'.
      Program terminated with signal SIGABRT, Aborted.
      #0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
      [Current thread is 1 (Thread 0x147084052700 (LWP 352556))]
      (gdb) bt
      #0  __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:50
      #1  0x000014709b61a859 in __GI_abort () at abort.c:79
      #2  0x000055880eb99af6 in safe_mutex_lock (mp=<optimized out>, my_flags=my_flags@entry=0, file=file@entry=0x55880ed590b5 "/test/11.2_dbg/sql/sql_acl.cc", line=line@entry=13022) at /test/11.2_dbg/mysys/thr_mutex.c:245
      #3  0x000055880e0e2924 in inline_mysql_mutex_lock (src_line=13022, src_file=0x55880ed590b5 "/test/11.2_dbg/sql/sql_acl.cc", that=<optimized out>) at /test/11.2_dbg/include/mysql/psi/mysql_thread.h:750
      #4  get_current_user (thd=thd@entry=0x14702c000d48, user=0x14702c01d418, lock=lock@entry=true) at /test/11.2_dbg/sql/sql_acl.cc:13022
      #5  0x000055880e0e29fc in get_show_user (thd=thd@entry=0x14702c000d48, lex_user=<optimized out>, username=username@entry=0x147084050040, hostname=hostname@entry=0x147084050048, rolename=rolename@entry=0x147084050070) at /test/11.2_dbg/sql/sql_acl.cc:9461
      #6  0x000055880e1afeec in mysql_test_show_grants (stmt=0x14702c0191d8) at /test/11.2_dbg/sql/sql_prepare.cc:1837
      #7  check_prepared_statement (stmt=0x14702c0191d8) at /test/11.2_dbg/sql/sql_prepare.cc:2330
      #8  Prepared_statement::prepare (this=this@entry=0x14702c0191d8, packet=<optimized out>, packet_len=<optimized out>) at /test/11.2_dbg/sql/sql_prepare.cc:4216
      #9  0x000055880e1b44e3 in mysql_sql_stmt_prepare (thd=thd@entry=0x14702c000d48) at /test/11.2_dbg/sql/sql_prepare.cc:2807
      #10 0x000055880e18a48b in mysql_execute_command (thd=thd@entry=0x14702c000d48, is_called_from_prepared_stmt=is_called_from_prepared_stmt@entry=false) at /test/11.2_dbg/sql/sql_parse.cc:3955
      #11 0x000055880e17873b in mysql_parse (thd=thd@entry=0x14702c000d48, rawbuf=<optimized out>, length=<optimized out>, parser_state=parser_state@entry=0x1470840512c0) at /test/11.2_dbg/sql/sql_parse.cc:7800
      #12 0x000055880e185c00 in dispatch_command (command=command@entry=COM_QUERY, thd=thd@entry=0x14702c000d48, packet=packet@entry=0x14702c00af49 "PREPARE s0 FROM 'SHOW GRANTS FOR unkown_user'", packet_length=packet_length@entry=45, blocking=blocking@entry=true) at /test/11.2_dbg/sql/sql_class.h:1374
      #13 0x000055880e1880b8 in do_command (thd=0x14702c000d48, blocking=blocking@entry=true) at /test/11.2_dbg/sql/sql_parse.cc:1405
      #14 0x000055880e2ed717 in do_handle_one_connection (connect=<optimized out>, connect@entry=0x558811106bb8, put_in_cache=put_in_cache@entry=true) at /test/11.2_dbg/sql/sql_connect.cc:1445
      #15 0x000055880e2edbe6 in handle_one_connection (arg=0x558811106bb8) at /test/11.2_dbg/sql/sql_connect.cc:1347
      #16 0x000014709bb2b609 in start_thread (arg=<optimized out>) at pthread_create.c:477
      #17 0x000014709b717133 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
      

      Bug confirmed present in:
      MariaDB: 10.4.31 (dbg), 10.4.31 (opt), 10.5.21 (dbg), 10.5.22 (dbg), 10.5.22 (opt), 10.6.15 (dbg), 10.6.15 (opt), 10.9.8 (dbg), 10.9.8 (opt), 10.10.6 (dbg), 10.10.6 (opt), 10.11.4 (opt), 10.11.5 (dbg), 10.11.5 (opt), 11.0.2 (dbg), 11.0.2 (opt), 11.0.3 (dbg), 11.0.3 (opt), 11.1.2 (dbg), 11.1.2 (opt), 11.2.0 (dbg), 11.2.0 (opt)

      Attachments

        Issue Links

          Activity

            People

              shulga Dmitry Shulga
              ramesh Ramesh Sivaraman
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:

                Git Integration

                  Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.