Created attachment 1329295 [details] Patch aginst f26 fedpkg branch Description of problem: the libtcmalloc shipped does not support aligned_alloc so use of that function falls through to the libc implementation. A subsequent call to free will result in libtcmalloc reporting 'Invalid free' Version-Release number of selected component (if applicable): gperftools-libs-2.5.93-1.fc26.x86_64 How reproducible: 100% Steps to Reproduce: $ cat<<EOF>tc_aligned_alloc.c #include <stdlib.h> int main (int argc, char **argv) { void *p2 = aligned_alloc(1024, 1024*sizeof(p2)); free(p2); return 0; } EOF $ gcc -ggdb tc_aligned_alloc.c -o tc_aligned_alloc -ltcmalloc $ ./tc_aligned_alloc src/tcmalloc.cc:284] Attempt to free invalid pointer 0x2bfa400 Aborted $ gdb -q -batch -ex 'run' -ex 'bt' ./tc_aligned_alloc [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". src/tcmalloc.cc:284] Attempt to free invalid pointer 0xf02400 Program received signal SIGABRT, Aborted. 0x00007ffff764769b in raise () from /lib64/libc.so.6 #0 0x00007ffff764769b in raise () from /lib64/libc.so.6 #1 0x00007ffff76494a0 in abort () from /lib64/libc.so.6 #2 0x00007ffff7a03a29 in tcmalloc::Log(tcmalloc::LogMode, char const*, int, tcmalloc::LogItem, tcmalloc::LogItem, tcmalloc::LogItem, tcmalloc::LogItem) () from /lib64/libtcmalloc.so.4 #3 0x00007ffff79f83d9 in (anonymous namespace)::InvalidFree(void*) () from /lib64/libtcmalloc.so.4 #4 0x0000000000400645 in main (argc=1, argv=0x7fffffffdbe8) at tc_aligned_alloc.c:7 Additional info: When linked to libc there is no issue and valgrind and libasan report no memory issues obviously. I have created a test package that appears to resolve the issue. https://copr-be.cloud.fedoraproject.org/results/badone/misc/fedora-26-x86_64/00606401-gperftools/ It copies the upstream patch here. https://github.com/gperftools/gperftools/commit/d406f228 I'll attach the patch I used in case it is helpful.
The list of functions an interposing malloc should implement is documented here: https://www.gnu.org/software/libc/manual/html_node/Replacing-malloc.html
Bumping severity since this is stopping the ceph package building on >= f26
gperftools-2.6.1-5.fc27 has been submitted as an update to Fedora 27. https://bodhi.fedoraproject.org/updates/FEDORA-2017-d7884ae0b9
gperftools-2.6.1-5.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-236ad80b82
gperftools-2.6.1-5.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-236ad80b82
gperftools-2.6.1-5.fc27 has been pushed to the Fedora 27 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-d7884ae0b9
gperftools-2.6.1-5.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.
gperftools-2.6.1-5.fc27 has been pushed to the Fedora 27 stable repository. If problems still persist, please make note of it in this bug report.