qpid-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DISPATCH-994) segfault in qdr_link_second_attach
Date Thu, 10 May 2018 15:53:00 GMT

    [ https://issues.apache.org/jira/browse/DISPATCH-994?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16470593#comment-16470593
] 

ASF GitHub Bot commented on DISPATCH-994:
-----------------------------------------

Github user ganeshmurthy commented on a diff in the pull request:

    https://github.com/apache/qpid-dispatch/pull/303#discussion_r187373563
  
    --- Diff: src/router_core/connections.c ---
    @@ -473,7 +474,8 @@ void qdr_link_second_attach(qdr_link_t *link, qdr_terminus_t *source,
qdr_termin
         action->args.connection.link   = link;
         action->args.connection.source = source;
         action->args.connection.target = target;
    -    qdr_action_enqueue(link->core, action);
    +    if (link)
    --- End diff --
    
    I added the null check in AMQP_link_attach_handler and in qdr_link_second_attach() just
to be doubly sure.


> segfault in qdr_link_second_attach
> ----------------------------------
>
>                 Key: DISPATCH-994
>                 URL: https://issues.apache.org/jira/browse/DISPATCH-994
>             Project: Qpid Dispatch
>          Issue Type: Bug
>    Affects Versions: 1.1.0
>            Reporter: Gordon Sim
>            Priority: Major
>         Attachments: router-a.conf, router-b.conf, router-c.conf, topic_test.py
>
>
> Link routing from router A through router B to a 'broker', and closing and opening two
receivers causes a segfault.
> {noformat}
> ==25674== Thread 4:
> ==25674== Invalid read of size 8
> ==25674==    at 0x4E77EEF: qdr_link_second_attach (connections.c:474)
> ==25674==    by 0x4E87142: AMQP_link_attach_handler (router_node.c:680)
> ==25674==    by 0x4E8BF2B: handle (server.c:940)
> ==25674==    by 0x4E8CBA7: thread_run (server.c:958)
> ==25674==    by 0x54FA739: start_thread (in /usr/lib64/libpthread-2.24.so)
> ==25674==    by 0x6288E7E: clone (in /usr/lib64/libc-2.24.so)
> ==25674==  Address 0x10 is not stack'd, malloc'd or (recently) free'd
> ==25674== 
> ==25674== 
> ==25674== Process terminating with default action of signal 11 (SIGSEGV): dumping core
> ==25674==  Access not within mapped region at address 0x10
> ==25674==    at 0x4E77EEF: qdr_link_second_attach (connections.c:474)
> ==25674==    by 0x4E87142: AMQP_link_attach_handler (router_node.c:680)
> ==25674==    by 0x4E8BF2B: handle (server.c:940)
> ==25674==    by 0x4E8CBA7: thread_run (server.c:958)
> ==25674==    by 0x54FA739: start_thread (in /usr/lib64/libpthread-2.24.so)
> ==25674==    by 0x6288E7E: clone (in /usr/lib64/libc-2.24.so)
> ==25674==  If you believe this happened as a result of a stack
> ==25674==  overflow in your program's main thread (unlikely but
> ==25674==  possible), you can try to increase the size of the
> ==25674==  main thread stack using the --main-stacksize= flag.
> ==25674==  The main thread stack size used in this run was 8388608
> {noformat}
> To reproduce, start three routers with the attached config files, then run the attached
python test program.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@qpid.apache.org
For additional commands, e-mail: dev-help@qpid.apache.org


Mime
View raw message