Uploaded image for project: 'MariaDB MaxScale'
  1. MariaDB MaxScale
  2. MXS-328

Read-Write router frees buffer after write (which also frees)

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Fixed
    • 1.2.0
    • 1.2.1
    • readwritesplit
    • None
    • Any

    Description

      In the current develop branch at line 2603 is gwbuf_free(wbuf). This is on a return of zero (failure) from line 2589: if ((ret = target_dcb->func.write(target_dcb, wbuf)) == 1).

      This fails with an abort based on glibc double free detection. The free statement appears wrong, based on the principle that a DCB write always takes responsibility for the buffer, either freeing it or queueing it for later write.

      In the particular case, there was an authentication failure which prevented write, and the buffer was freed by the MySQL client protocol. Hence the double free.

      This is recorded as a bug because there could be other similar instances.

      Attachments

        Activity

          People

            markus makela markus makela
            martin brampton martin brampton (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Git Integration

                Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.