You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@qpid.apache.org by "Ganesh Murthy (JIRA)" <ji...@apache.org> on 2019/03/21 20:12:00 UTC
[jira] [Updated] (DISPATCH-1259) delivery->link_work race condition
[ https://issues.apache.org/jira/browse/DISPATCH-1259?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ganesh Murthy updated DISPATCH-1259:
------------------------------------
Fix Version/s: (was: 1.6.0)
> delivery->link_work race condition
> ----------------------------------
>
> Key: DISPATCH-1259
> URL: https://issues.apache.org/jira/browse/DISPATCH-1259
> Project: Qpid Dispatch
> Issue Type: Bug
> Components: Router Node
> Affects Versions: 1.5.0
> Reporter: Ken Giusti
> Assignee: Ken Giusti
> Priority: Major
>
> [~chug] hit the following use-after-free error under valgrind:
> {code:java}
> kind = InvalidRead (count=1)
> Invalid read of size 1
> Stack:
> (qdr_deliver_continue_peers_CT) /home/chug/git/qpid-dispatch/src/router_core/transfer.c:1236
> (qdr_deliver_continue_CT) /home/chug/git/qpid-dispatch/src/router_core/transfer.c:1269
> (router_core_thread) /home/chug/git/qpid-dispatch/src/router_core/router_core_thread.c:148
> (start_thread) /usr/src/debug/glibc-2.28-60-g4d7af7815a/nptl/pthread_create.c:486
> (clone) /usr/src/debug/glibc-2.28-60-g4d7af7815a/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
> Address 0x143aaa79 is 41 bytes inside a block of size 48 free'd:
> (free) /builddir/build/BUILD/valgrind-3.14.0/coregrind/m_replacemalloc/vg_replace_malloc.c:540
> (free_qdr_link_work_t) /home/chug/git/qpid-dispatch/src/router_core/router_core.c:36
> (qdr_connection_process) /home/chug/git/qpid-dispatch/src/router_core/connections.c:341
> (AMQP_writable_conn_handler) /home/chug/git/qpid-dispatch/src/router_node.c:174
> (writable_handler) /home/chug/git/qpid-dispatch/src/container.c:332
> (qd_container_handle_event) /home/chug/git/qpid-dispatch/src/container.c:640
> (handle) /home/chug/git/qpid-dispatch/src/server.c:985
> (thread_run) /home/chug/git/qpid-dispatch/src/server.c:1010
> (qd_server_run) /home/chug/git/qpid-dispatch/src/server.c:1284
> (main_process) /home/chug/git/qpid-dispatch/router/src/main.c:112
> (main) /home/chug/git/qpid-dispatch/router/src/main.c:367
> Block was alloc'd at:
> (malloc) /builddir/build/BUILD/valgrind-3.14.0/coregrind/m_replacemalloc/vg_replace_malloc.c:309
> (new_qdr_link_work_t) /home/chug/git/qpid-dispatch/src/router_core/router_core.c:36
> (qdr_forward_deliver_CT) /home/chug/git/qpid-dispatch/src/router_core/forwarder.c:226
> (qdr_forward_multicast_CT) /home/chug/git/qpid-dispatch/src/router_core/forwarder.c:474
> (qdr_forward_message_CT) /home/chug/git/qpid-dispatch/src/router_core/forwarder.c:995
> (qdr_link_forward_CT) /home/chug/git/qpid-dispatch/src/router_core/transfer.c:918
> (qdr_link_deliver_CT) /home/chug/git/qpid-dispatch/src/router_core/transfer.c:1094
> (router_core_thread) /home/chug/git/qpid-dispatch/src/router_core/router_core_thread.c:148
> (start_thread) /usr/src/debug/glibc-2.28-60-g4d7af7815a/nptl/pthread_create.c:486
> (clone) /usr/src/debug/glibc-2.28-60-g4d7af7815a/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
> {code}
> The router core thread is accessing a link_work object after it was deleted by the I/O thread.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org