[#MXS-658] Crash in embedded library when MariaDB 10.0 is used

When MaxScale is compiled against the 10.0 or 10.1 versions of MariaDB, MaxScale randomly crashes in my_malloc_size_cb_func. Valgrind output shows that this is due to a write into freed memory.

==775== Invalid write of size 8

==775==    at 0xD000B97: my_malloc_size_cb_func (in /home/markusjm/build/lib64/maxscale/libqc_mysqlembedded.so.1.0.0)

==775==    by 0xCFFDE4C: my_malloc (in /home/markusjm/build/lib64/maxscale/libqc_mysqlembedded.so.1.0.0)

==775==    by 0xD284C20: init_dynamic_array2 (in /home/markusjm/build/lib64/maxscale/libqc_mysqlembedded.so.1.0.0)

==775==    by 0xD12761E: Statement_map::Statement_map() (in /home/markusjm/build/lib64/maxscale/libqc_mysqlembedded.so.1.0.0)

==775==    by 0xD127FA1: THD::THD(bool) (in /home/markusjm/build/lib64/maxscale/libqc_mysqlembedded.so.1.0.0)

==775==    by 0xD0055A0: create_embedded_thd (in /home/markusjm/build/lib64/maxscale/libqc_mysqlembedded.so.1.0.0)

==775==    by 0xCFFB1F3: get_or_create_thd_for_parsing(st_mysql*, char*) (qc_mysqlembedded.cc:303)

==775==    by 0xCFFAF81: parse_query(gwbuf*) (qc_mysqlembedded.cc:232)

==775==    by 0xCFFAB41: ensure_query_is_parsed(gwbuf*) (qc_mysqlembedded.cc:116)

==775==    by 0xCFFAC1D: qc_get_type (qc_mysqlembedded.cc:149)

==775==    by 0x4E81F38: qc_get_type (query_classifier.c:102)

==775==    by 0xBB6616D: route_single_stmt (readwritesplit.c:2127)

==775==  Address 0x22b46b80 is 4,352 bytes inside a block of size 20,272 free'd

==775==    at 0x4C29CF0: free (vg_replace_malloc.c:530)

==775==    by 0xD005A19: emb_free_embedded_thd (in /home/markusjm/build/lib64/maxscale/libqc_mysqlembedded.so.1.0.0)

==775==    by 0xCFFD04B: parsing_info_done(void*) (qc_mysqlembedded.cc:1557)

==775==    by 0x4E5AFD5: gwbuf_remove_buffer_object (buffer.c:742)

==775==    by 0x4E59A3B: gwbuf_free_one (buffer.c:296)

==775==    by 0x4E5A6BF: gwbuf_consume (buffer.c:538)

==775==    by 0x4E69C94: dcb_drain_writeq (dcb.c:1535)

==775==    by 0x4E694CE: dcb_write (dcb.c:1317)

==775==    by 0x2243FBCF: backend_write_delayqueue (mysql_backend.c:1259)

==775==    by 0x2243D859: gw_read_backend_event (mysql_backend.c:433)

==775==    by 0x4E847BF: process_pollq (poll.c:999)

==775==    by 0x4E83DD7: poll_waitevents (poll.c:722)

==775==  Block was alloc'd at

==775==    at 0x4C28BF6: malloc (vg_replace_malloc.c:299)

==775==    by 0xCFFDE15: my_malloc (in /home/markusjm/build/lib64/maxscale/libqc_mysqlembedded.so.1.0.0)

==775==    by 0xD00558E: create_embedded_thd (in /home/markusjm/build/lib64/maxscale/libqc_mysqlembedded.so.1.0.0)

==775==    by 0xCFFB1F3: get_or_create_thd_for_parsing(st_mysql*, char*) (qc_mysqlembedded.cc:303)

==775==    by 0xCFFAF81: parse_query(gwbuf*) (qc_mysqlembedded.cc:232)

==775==    by 0xCFFAB41: ensure_query_is_parsed(gwbuf*) (qc_mysqlembedded.cc:116)

==775==    by 0xCFFAC1D: qc_get_type (qc_mysqlembedded.cc:149)

==775==    by 0x4E81F38: qc_get_type (query_classifier.c:102)

==775==    by 0xBB6616D: route_single_stmt (readwritesplit.c:2127)

==775==    by 0xBB659A8: routeQuery (readwritesplit.c:2016)

==775==    by 0x1F622EC0: route_by_statement (mysql_client.c:1526)

==775==    by 0x1F620B7C: gw_read_client_event (mysql_client.c:671)

[MXS-658] Crash in embedded library when MariaDB 10.0 is used Created: 2016-04-02 Updated: 2016-04-18 Resolved: 2016-04-18
Status:	Closed
Project:	MariaDB MaxScale
Component/s:	Core
Affects Version/s:	1.4.1
Fix Version/s:	2.0.0

[MXS-658] Crash in embedded library when MariaDB 10.0 is used Created: 2016-04-02 Updated: 2016-04-18 Resolved: 2016-04-18