You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Siddhesh Poyarekar (Created) (JIRA)" <ji...@apache.org> on 2011/10/22 11:30:32 UTC
[jira] [Created] (QPID-3553) C++ broker does not handle multiple
ConnectionTuneOk cleanly
C++ broker does not handle multiple ConnectionTuneOk cleanly
------------------------------------------------------------
Key: QPID-3553
URL: https://issues.apache.org/jira/browse/QPID-3553
Project: Qpid
Issue Type: Bug
Components: C++ Broker
Reporter: Siddhesh Poyarekar
If the C++ broker is sent ConnectionTuneOk more than once with heartbeat set, it creates that many timer tasks for the heartbeat. This will result in a case where a heartbeat task is triggered for a connection that has already been deleted.
Steps to reproduce:
1) Start broker:
MALLOC_MMAP_THRESHOLD_=8 qpidd
The MALLOC_MMAP_THRESHOLD_ is to catch the use-after-free immediately rather than having to depend on a heap corruption
2) Run the following python script:
import struct, time
from qpid.framing import OpEncoder, SegmentEncoder, FrameEncoder
from qpid.util import connect
from qpid.ops import *
def encode(op):
print "Sending:", op
op_enc = OpEncoder()
seg_enc = SegmentEncoder()
frame_enc = FrameEncoder()
op_enc.write(op)
seg_enc.write(*op_enc.read())
frame_enc.write(*seg_enc.read())
bytes = frame_enc.read()
print " bytes:", repr(bytes)
return bytes
conn = connect("127.0.0.1", 5672)
conn.send(struct.pack("!4s4B", "AMQP", 1, 1, 0, 10))
conn.send(encode(ConnectionTuneOk(heartbeat=1)))
conn.send(encode(ConnectionTuneOk(heartbeat=1)))
conn.send(encode(ConnectionOpen(virtual_host="vhost-blah",channel=0)))
time.sleep(3)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org
[jira] [Resolved] (QPID-3553) C++ broker does not handle multiple
ConnectionTuneOk cleanly
Posted by "Gordon Sim (Resolved) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3553?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Gordon Sim resolved QPID-3553.
------------------------------
Resolution: Fixed
Fix Version/s: 0.13
Assignee: Gordon Sim
Many thanks Siddhesh and Pavel!
> C++ broker does not handle multiple ConnectionTuneOk cleanly
> ------------------------------------------------------------
>
> Key: QPID-3553
> URL: https://issues.apache.org/jira/browse/QPID-3553
> Project: Qpid
> Issue Type: Bug
> Components: C++ Broker
> Reporter: Siddhesh Poyarekar
> Assignee: Gordon Sim
> Fix For: 0.13
>
> Attachments: multipleConnectionTuneOk.patch, qpid-duplicate-timer.patch
>
>
> If the C++ broker is sent ConnectionTuneOk more than once with heartbeat set, it creates that many timer tasks for the heartbeat. This will result in a case where a heartbeat task is triggered for a connection that has already been deleted.
> Steps to reproduce:
> 1) Start broker:
> MALLOC_MMAP_THRESHOLD_=8 qpidd
> The MALLOC_MMAP_THRESHOLD_ is to catch the use-after-free immediately rather than having to depend on a heap corruption
> 2) Run the following python script:
> import struct, time
> from qpid.framing import OpEncoder, SegmentEncoder, FrameEncoder
> from qpid.util import connect
> from qpid.ops import *
> def encode(op):
> print "Sending:", op
> op_enc = OpEncoder()
> seg_enc = SegmentEncoder()
> frame_enc = FrameEncoder()
> op_enc.write(op)
> seg_enc.write(*op_enc.read())
> frame_enc.write(*seg_enc.read())
> bytes = frame_enc.read()
> print " bytes:", repr(bytes)
> return bytes
> conn = connect("127.0.0.1", 5672)
> conn.send(struct.pack("!4s4B", "AMQP", 1, 1, 0, 10))
> conn.send(encode(ConnectionTuneOk(heartbeat=1)))
> conn.send(encode(ConnectionTuneOk(heartbeat=1)))
> conn.send(encode(ConnectionOpen(virtual_host="vhost-blah",channel=0)))
> time.sleep(3)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org
[jira] [Updated] (QPID-3553) C++ broker does not handle multiple
ConnectionTuneOk cleanly
Posted by "Pavel Moravec (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3553?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Pavel Moravec updated QPID-3553:
--------------------------------
Attachment: multipleConnectionTuneOk.patch
An improvement to Siddhesh's patch to explicitly && independently set
heartbeatTimer and timeoutTimer timers only if they are not set yet. Currently
it does not improve anything as both timers are either both set or none set,
but to prevent future issue if these timers could be set in other places
independently on each other.
> C++ broker does not handle multiple ConnectionTuneOk cleanly
> ------------------------------------------------------------
>
> Key: QPID-3553
> URL: https://issues.apache.org/jira/browse/QPID-3553
> Project: Qpid
> Issue Type: Bug
> Components: C++ Broker
> Reporter: Siddhesh Poyarekar
> Attachments: multipleConnectionTuneOk.patch, qpid-duplicate-timer.patch
>
>
> If the C++ broker is sent ConnectionTuneOk more than once with heartbeat set, it creates that many timer tasks for the heartbeat. This will result in a case where a heartbeat task is triggered for a connection that has already been deleted.
> Steps to reproduce:
> 1) Start broker:
> MALLOC_MMAP_THRESHOLD_=8 qpidd
> The MALLOC_MMAP_THRESHOLD_ is to catch the use-after-free immediately rather than having to depend on a heap corruption
> 2) Run the following python script:
> import struct, time
> from qpid.framing import OpEncoder, SegmentEncoder, FrameEncoder
> from qpid.util import connect
> from qpid.ops import *
> def encode(op):
> print "Sending:", op
> op_enc = OpEncoder()
> seg_enc = SegmentEncoder()
> frame_enc = FrameEncoder()
> op_enc.write(op)
> seg_enc.write(*op_enc.read())
> frame_enc.write(*seg_enc.read())
> bytes = frame_enc.read()
> print " bytes:", repr(bytes)
> return bytes
> conn = connect("127.0.0.1", 5672)
> conn.send(struct.pack("!4s4B", "AMQP", 1, 1, 0, 10))
> conn.send(encode(ConnectionTuneOk(heartbeat=1)))
> conn.send(encode(ConnectionTuneOk(heartbeat=1)))
> conn.send(encode(ConnectionOpen(virtual_host="vhost-blah",channel=0)))
> time.sleep(3)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org
[jira] [Updated] (QPID-3553) C++ broker does not handle multiple
ConnectionTuneOk cleanly
Posted by "Siddhesh Poyarekar (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/QPID-3553?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Siddhesh Poyarekar updated QPID-3553:
-------------------------------------
Attachment: qpid-duplicate-timer.patch
Do not add the heartbeat and timeout timers if the heartbeat timer already exists.
> C++ broker does not handle multiple ConnectionTuneOk cleanly
> ------------------------------------------------------------
>
> Key: QPID-3553
> URL: https://issues.apache.org/jira/browse/QPID-3553
> Project: Qpid
> Issue Type: Bug
> Components: C++ Broker
> Reporter: Siddhesh Poyarekar
> Attachments: qpid-duplicate-timer.patch
>
>
> If the C++ broker is sent ConnectionTuneOk more than once with heartbeat set, it creates that many timer tasks for the heartbeat. This will result in a case where a heartbeat task is triggered for a connection that has already been deleted.
> Steps to reproduce:
> 1) Start broker:
> MALLOC_MMAP_THRESHOLD_=8 qpidd
> The MALLOC_MMAP_THRESHOLD_ is to catch the use-after-free immediately rather than having to depend on a heap corruption
> 2) Run the following python script:
> import struct, time
> from qpid.framing import OpEncoder, SegmentEncoder, FrameEncoder
> from qpid.util import connect
> from qpid.ops import *
> def encode(op):
> print "Sending:", op
> op_enc = OpEncoder()
> seg_enc = SegmentEncoder()
> frame_enc = FrameEncoder()
> op_enc.write(op)
> seg_enc.write(*op_enc.read())
> frame_enc.write(*seg_enc.read())
> bytes = frame_enc.read()
> print " bytes:", repr(bytes)
> return bytes
> conn = connect("127.0.0.1", 5672)
> conn.send(struct.pack("!4s4B", "AMQP", 1, 1, 0, 10))
> conn.send(encode(ConnectionTuneOk(heartbeat=1)))
> conn.send(encode(ConnectionTuneOk(heartbeat=1)))
> conn.send(encode(ConnectionOpen(virtual_host="vhost-blah",channel=0)))
> time.sleep(3)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
Apache Qpid - AMQP Messaging Implementation
Project: http://qpid.apache.org
Use/Interact: mailto:dev-subscribe@qpid.apache.org