SIGSEGV in require_quotes | get_quote_char_for_identifier upon SHOW GRANTS FOR user

CREATE DATABASE `stress_sdb0`;

CREATE DATABASE `stress_sdb1`;

CREATE TABLE `stress_sdb1`.`t2` (id INT AUTO_INCREMENT PRIMARY KEY, val VARCHAR(50));

CREATE USER 'stress_su3'@'localhost';

GRANT SELECT ON `stress_sdb0`.* TO 'stress_su3'@'localhost';

GRANT SELECT ON `stress_sdb1`.`t2` TO 'stress_su3'@'localhost';

connect (con0, localhost, root,,);

connect (con1, localhost, root,,);

connection con0;

DENY EVENT, EXECUTE, CREATE ON `stress_sdb0`.* TO 'stress_su3'@'localhost';

connection con1;

DENY UPDATE (val) ON `stress_sdb1`.`t2` TO 'stress_su3'@'localhost';

connection con1;

REVOKE DENY CREATE, CREATE TEMPORARY TABLES, EXECUTE ON `stress_sdb0`.* FROM 'stress_su3'@'localhost';

connection con1;

# CRASH HERE

SHOW GRANTS FOR 'stress_su3'@'localhost';

disconnect con0;

disconnect con1;

connection default;

DROP USER 'stress_su3'@'localhost';

DROP DATABASE `stress_sdb0`;

DROP DATABASE `stress_sdb1`;

Core was generated by `/test/mtest/MDEV-14443/MD120626-mariadb-13.1.0-linux-x86_64-dbg/bin/mariadbd --'.

Program terminated with signal SIGSEGV, Segmentation fault.

#0  0x00005f561114a363 in require_quotes (name=0x8f8f8f8f8f8f8f8f <error: Cannot access memory at address 0x8f8f8f8f8f8f8f8f>, name_length=2408550287)at /test/mtest/MDEV-14443/MDEV-14443_dbg/sql/sql_show.cc:1657

1657	    uchar chr= (uchar) *name;

[Current thread is 1 (LWP 1208252)]

(gdb) bt

#0  0x00005f561114a363 in require_quotes (name=0x8f8f8f8f8f8f8f8f <error: Cannot access memory at address 0x8f8f8f8f8f8f8f8f>, name_length=2408550287)at /test/mtest/MDEV-14443/MDEV-14443_dbg/sql/sql_show.cc:1657

#1  0x00005f561114a1b5 in get_quote_char_for_identifier (thd=0x78fd68000d60, name=0x8f8f8f8f8f8f8f8f <error: Cannot access memory at address 0x8f8f8f8f8f8f8f8f>, length=2408550287)at /test/mtest/MDEV-14443/MDEV-14443_dbg/sql/sql_show.cc:1781

#2  0x00005f5611149f69 in append_identifier (thd=0x78fd68000d60, packet=0x79015acc6b58, name=0x8f8f8f8f8f8f8f8f <error: Cannot access memory at address 0x8f8f8f8f8f8f8f8f>, length=2408550287)at /test/mtest/MDEV-14443/MDEV-14443_dbg/sql/sql_show.cc:1688

#3  0x00005f5610f7a1e3 in show_table_and_column_privileges (thd=0x78fd68000d60, username=0x78fd68015ec0 "stress_su3", hostname=0x78fd68015f40 "localhost", is_deny=true, buff=0x79015acc6dc0 "DENY ", buffsize=1024)at /test/mtest/MDEV-14443/MDEV-14443_dbg/sql/sql_acl.cc:11805

#4  0x00005f5610f63372 in show_all_privileges (thd=0x78fd68000d60, acl_user=0x5f562696a548, username=0x78fd68015ec0 "stress_su3", hostname=0x78fd68015f40 "localhost", show_denies=true, buff=0x79015acc6dc0 "DENY ", buff_size=1024)at /test/mtest/MDEV-14443/MDEV-14443_dbg/sql/sql_acl.cc:11277

#5  0x00005f5610f62b62 in mysql_show_grants (thd=0x78fd68000d60, lex_user=0x78fd68015f10)at /test/mtest/MDEV-14443/MDEV-14443_dbg/sql/sql_acl.cc:11372

#6  0x00005f5611071e26 in mysql_execute_command (thd=0x78fd68000d60, is_called_from_prepared_stmt=false)at /test/mtest/MDEV-14443/MDEV-14443_dbg/sql/sql_parse.cc:5504

#7  0x00005f5611062ec4 in mysql_parse (thd=0x78fd68000d60, rawbuf=0x78fd68015df0 "SHOW GRANTS FOR 'stress_su3'@'localhost'", length=40, parser_state=0x79015acc89c0)at /test/mtest/MDEV-14443/MDEV-14443_dbg/sql/sql_parse.cc:7959

#8  0x00005f56110601ed in dispatch_command (command=COM_QUERY, thd=0x78fd68000d60, packet=0x78fd6800b6d1 "", packet_length=40, blocking=true)at /test/mtest/MDEV-14443/MDEV-14443_dbg/sql/sql_parse.cc:1903

#9  0x00005f5611063a73 in do_command (thd=0x78fd68000d60, blocking=true)at /test/mtest/MDEV-14443/MDEV-14443_dbg/sql/sql_parse.cc:1437

#10 0x00005f5611262489 in do_handle_one_connection (connect=0x5f5626929a30, put_in_cache=true)at /test/mtest/MDEV-14443/MDEV-14443_dbg/sql/sql_connect.cc:1503

#11 0x00005f561126222e in handle_one_connection (arg=0x5f5626929a30)at /test/mtest/MDEV-14443/MDEV-14443_dbg/sql/sql_connect.cc:1415

#12 0x000079015c69caa4 in start_thread (arg=<optimized out>)at ./nptl/pthread_create.c:447

#13 0x000079015c729c6c in clone3 ()at ../sysdeps/unix/sysv/linux/x86_64/clone3.S:78