Patch for BUG#31111: --read-only crashes MySQL (events fail to load).

There actually were several problems here: - WRITE-lock is required to load events from the mysql.event table, but in the read-only mode an ordinary user can not acquire it; - Security_context::master_access attribute was not properly initialized in Security_context::init(), which led to differences in behavior with and without debug configure options. - if the server failed to load events from mysql.event, it forgot to close the mysql.event table, that led to the coredump, described in the bug report. The patch is to fix all these problems: - Use the super-user to acquire WRITE-lock on the mysql.even table; - The WRITE-lock is acquired by the event scheduler in two cases: - on initial loading of events from the database; - when an event has been executed, so its attributes should be updated. Other cases when WRITE-lock is needed for the mysql.event table happen under the user account. So, nothing should be changed there for the read-only mode. The user is able to create/update/drop an event only if he is a super-user. - Initialize Security_context::master_access; - Close the mysql.event table in case something went wrong. mysql-test/r/events_bugs.result: Update result file. mysql-test/t/events_bugs.test: A test case for BUG#31111: --read-only crashes MySQL (events fail to load). sql/event_data_objects.cc: When the worker thread is going to drop event after the execution we should do it under the super-user privileges in order to be able to lock the mysql.event table for writing in the read-only mode. This is a system operation, where user SQL can not be executed. So, there is no risk in compromising security by dropping an event under the super-user privileges. sql/event_db_repository.cc: 1. Close tables if something went wrong in simple_open_n_lock_tables(); 2. As soon as the system event scheduler thread is running under the super-user privileges, we should always be able to acquire WRITE-lock on the mysql.event table. However, let's have an assert to check this. sql/event_scheduler.cc: Run the system event scheduler thread under the super-user privileges. In particular, this is needed to be able to lock the mysql.event table for writing when the server is running in the read-only mode. The event scheduler executes only system operations and does not execute user SQL (this is what the worker threads for). So, there is no risk in compromising security by running the event scheduler under the super-user privileges. sql/events.cc: Open the mysql.event table as the super user to be able to acquire WRITE-lock in the read-only mode. sql/sql_class.cc: Initialize Security_context::master_acces.
2025-07-29 05:21:33 +03:00 · 2007-10-19 19:57:08 +04:00
parent b0488a3203
commit 66cd6d0c8f
7 changed files with 360 additions and 16 deletions
--- a/mysql-test/r/events_bugs.result
+++ b/mysql-test/r/events_bugs.result
@ -610,7 +610,6 @@ id	ev_nm	ev_cnt
 6	ev_sched_1823	6
 DROP TABLE event_log;
 SET GLOBAL event_scheduler = OFF;
-DROP DATABASE events_test;
 SET GLOBAL event_scheduler= ON;
 CREATE EVENT bug28641 ON SCHEDULE AT '2038.01.18 03:00:00'
            DO BEGIN
@ -618,3 +617,105 @@ SELECT 1;
 END;|
 SET GLOBAL event_scheduler= OFF;
 DROP EVENT bug28641;
+
+#####################################################################
+#
+# BUG#31111: --read-only crashes MySQL (events fail to load).
+#
+#####################################################################
+
+DROP USER mysqltest_u1@localhost;
+DROP EVENT IF EXISTS e1;
+DROP EVENT IF EXISTS e2;
+
+GRANT EVENT ON *.* TO mysqltest_u1@localhost;
+
+SET GLOBAL READ_ONLY = 1;
+
+#
+# Connection: u1_con (mysqltest_u1@localhost/events_test).
+#
+
+CREATE EVENT e1 ON SCHEDULE AT '2020-01-01 00:00:00' DO SET @a = 1;
+ERROR HY000: The MySQL server is running with the --read-only option so it cannot execute this statement
+
+ALTER EVENT e1 COMMENT 'comment';
+ERROR HY000: The MySQL server is running with the --read-only option so it cannot execute this statement
+
+DROP EVENT e1;
+ERROR HY000: The MySQL server is running with the --read-only option so it cannot execute this statement
+
+#
+# Connection: root_con (root@localhost/events_test).
+#
+
+CREATE EVENT e1 ON SCHEDULE AT '2020-01-01 00:00:00' DO SET @a = 1;
+
+ALTER EVENT e1 COMMENT 'comment';
+
+DROP EVENT e1;
+
+SET GLOBAL READ_ONLY = 0;
+
+#
+# Connection: u1_con (mysqltest_u1@localhost/test).
+#
+
+CREATE EVENT e1 ON SCHEDULE AT CURRENT_TIMESTAMP + INTERVAL 1 SECOND DO SET @a = 1;
+CREATE EVENT e2 ON SCHEDULE EVERY 1 SECOND DO SET @a = 1;
+
+SELECT
+event_name,
+last_executed IS NULL,
+definer
+FROM INFORMATION_SCHEMA.EVENTS
+WHERE event_schema = 'events_test';
+event_name	last_executed IS NULL	definer
+e1	1	mysqltest_u1@localhost
+e2	1	mysqltest_u1@localhost
+
+#
+# Connection: root_con (root@localhost/events_test).
+#
+
+SET GLOBAL READ_ONLY = 1;
+
+SET GLOBAL EVENT_SCHEDULER = ON;
+
+# Waiting for the event scheduler to execute and drop event e1...
+
+# Waiting for the event scheduler to execute and update event e2...
+
+SET GLOBAL EVENT_SCHEDULER = OFF;
+
+SELECT
+event_name,
+last_executed IS NULL,
+definer
+FROM INFORMATION_SCHEMA.EVENTS
+WHERE event_schema = 'events_test';
+event_name	last_executed IS NULL	definer
+e2	0	mysqltest_u1@localhost
+
+DROP EVENT e1;
+ERROR HY000: Unknown event 'e1'
+
+# Cleanup.
+
+DROP EVENT e2;
+
+SET GLOBAL READ_ONLY = 0;
+
+#
+# Connection: default
+#
+
+DROP USER mysqltest_u1@localhost;
+
+#####################################################################
+#
+# End of BUG#31111.
+#
+#####################################################################
+
+DROP DATABASE events_test;