Bug #19311 Trigger on mysql.user crashes server on CREATE/DROP USER and GRANT/REVOKE
Submitted: 24 Apr 2006 20:32 Modified: 25 Apr 2006 7:01
Reporter: Kolbe Kegel Email Updates:
Status: Duplicate Impact on me:
None 
Category:MySQL Server Severity:S1 (Critical)
Version:5.0.20 OS:Linux (Linux)
Assigned to: CPU Architecture:Any

[24 Apr 2006 20:32] Kolbe Kegel
Description:
The server will crash if there is a trigger on mysql.user and a CREATE or DROP USER or any GRANT/REVOKE statement is issued.

How to repeat:
create user 'myuser';
create table test.t1 (user varchar(16));
create trigger `testtrig` after insert on mysql.user for each row insert into test.t1 values (new.user);
create user 'tester';
drop user 'myuser';

mysql 5.0.20-max-log (root) [mysql]> create user 'myuser';
Query OK, 0 rows affected (0.02 sec)

mysql 5.0.20-max-log (root) [mysql]> create table test.t1 (user varchar(16));
Query OK, 0 rows affected (0.02 sec)

mysql 5.0.20-max-log (root) [mysql]> create trigger `testtrig` after insert on mysql.user for each row insert into test.t1 values (new.user);
Query OK, 0 rows affected (0.00 sec)

mysql 5.0.20-max-log (root) [mysql]> create user 'tester';
ERROR 2013 (HY000): Lost connection to MySQL server during query
mysql 5.0.20-max-log (root) [mysql]>
Number of processes running now: 0
060424 13:14:24  mysqld restarted

mysql 5.0.20-max-log (root) [mysql]> drop user 'myuser';
ERROR 2006 (HY000): MySQL server has gone away
No connection. Trying to reconnect...
Connection id:    1
Current database: mysql

ERROR 2013 (HY000): Lost connection to MySQL server during query
mysql 5.0.20-max-log (root) [mysql]>
Number of processes running now: 0
060424 13:14:40  mysqld restarted

mysql 5.0.20-max-log (root) [mysql]> drop user 'nonexistent';
ERROR 2006 (HY000): MySQL server has gone away
No connection. Trying to reconnect...
Connection id:    1
Current database: mysql

ERROR 2013 (HY000): Lost connection to MySQL server during query
mysql 5.0.20-max-log (root) [mysql]>
Number of processes running now: 0
060424 13:15:23  mysqld restarted

0x818e082 handle_segfault + 426
0xffffe500 _end + -141827080
0x8209727 open_grant_tables__FP3THDP13st_table_list + 447
0x8209727 open_grant_tables__FP3THDP13st_table_list + 447
0x820a1a8 mysql_create_user__FP3THDRt4List1Z11st_lex_user + 112
0x81a2a7a mysql_execute_command__FP3THD + 12022
0x81a6c38 mysql_parse__FP3THDPcUi + 288
0x819e646 dispatch_command__F19enum_server_commandP3THDPcUi + 1894
0x819ded3 do_command__FP3THD + 195
0x819d414 handle_one_connection + 764
0x555a0927 _end + 1290143775
0x556d0e8e _end + 1291390342

Suggested fix:
Obvious.
[25 Apr 2006 7:01] Dmitry Lenev
Please do not submit the same bug more than once. An existing
bug report already describes this very problem. Even if you feel
that your issue is somewhat different, the resolution is likely
to be the same. Because of this, we hope you add your comments
to the original bug instead.

Thank you for your interest in MySQL.

Additional info:

This is duplicate of bug #18361 "Triggers on mysql.user table cause server crash".