tokudb crashes in ubuntu packages

Bug #1510915 reported by Sergei Golubchik
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Percona Server moved to https://jira.percona.com/projects/PS
New
Undecided
Unassigned

Bug Description

TokuDB contains the following snippet:
==================
static int
toku_get_processor_frequency_cpuinfo(uint64_t *hzret) {
...
        while (getline(&buf, &n, fp) >= 0) {
...
            free(buf);
==================
When linked with the -Bsymbolic-functions flag this causes 'buf' to be allocated by getline() using glibc malloc(), but freed in tokudb using jemalloc free(). This causes a crash on startup. Unfortunately, -Bsymbolic-functions is used for packages on Ubuntu by default (see dpkg-buildflags).

While it is possible to tweak the rules file and strip -Bsymbolic-functions flag, this tokudb function seems to be the only problematic place in the code. It might be cleaner to fix it instead, replacing getline with an fgets() loop and a local buffer on the stack.

tags: added: tokudb
Revision history for this message
Alexander Barkov (abarkov) wrote :

Please find how-to-repeat instructions here:

https://mariadb.atlassian.net/browse/MDEV-7550

Revision history for this message
Alexander Barkov (abarkov) wrote :

A patch fixing this problem is available:
https://mariadb.atlassian.net/browse/MDEV-7550

It has been pushed into the MariaDB-10.0 code base.

tags: added: contribution
Revision history for this message
George Ormond Lorch III (gl-az) wrote :
Revision history for this message
Shahriyar Rzayev (rzayev-sehriyar) wrote :

Percona now uses JIRA for bug reports so this bug report is migrated to: https://jira.percona.com/browse/PS-3320

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers