Bug #58939 Invalid free() / delete / delete[] after flush privileges was run
Submitted: 15 Dec 2010 6:50 Modified: 11 Feb 2011 7:05
Reporter: Shane Bester (Platinum Quality Contributor) Email Updates:
Status: Can't repeat Impact on me:
None 
Category:MySQL Server: Security: Privileges Severity:S1 (Critical)
Version:5.5.9 OS:Any
Assigned to: CPU Architecture:Any

[15 Dec 2010 6:50] Shane Bester
Description:
5.5.9:

Invalid free() / delete / delete[]
at: free (vg_replace_malloc.c:325)
by: my_free (my_malloc.c:128)
by: delete_dynamic (array.c:308)
by: acl_reload (sql_acl.cc:1183)
by: reload_acl_and_cache (sql_reload.cc:74)
by: mysql_execute_command (sql_parse.cc:3533)
by: mysql_parse (sql_parse.cc:5496)
by: dispatch_command (sql_parse.cc:1032)
by: do_command (sql_parse.cc:772)
by: do_handle_one_connection (sql_connect.cc:745)
by: handle_one_connection (sql_connect.cc:684)
by: start_thread (pthread_create.c:301)
 Address 0x15c93f20 is 0 bytes inside a block of size 2,800 free'd
at: realloc (vg_replace_malloc.c:476)
by: my_realloc (my_malloc.c:101)
by: freeze_size (array.c:353)
by: acl_load) (sql_acl.cc:1030)
by: acl_reload (sql_acl.cc:1166)
by: reload_acl_and_cache (sql_reload.cc:74)
by: mysql_execute_command (sql_parse.cc:3533)
by: mysql_parse (sql_parse.cc:5496)
by: dispatch_command (sql_parse.cc:1032)
by: do_command (sql_parse.cc:772)
by: do_handle_one_connection (sql_connect.cc:745)
by: handle_one_connection (sql_connect.cc:684)
by: start_thread (pthread_create.c:301)

How to repeat:
not sure yet. happened when running "flush privileges" on a loaded system.