[
https://issues.apache.org/jira/browse/CELIX-334?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Bjoern Petri closed CELIX-334.
------------------------------
Resolution: Fixed
> Race Condition in Topology Manager causes spurious segfaults
> ------------------------------------------------------------
>
> Key: CELIX-334
> URL: https://issues.apache.org/jira/browse/CELIX-334
> Project: Celix
> Issue Type: Bug
> Reporter: Bjoern Petri
> Assignee: Bjoern Petri
>
> When adding imported/exported Services, the Topology Manager creates a copy
> of the rsaList. Although a comment mentioned that this is done to prevent
> threading issues, this is causing a race condition btwn topology manager and
> the remote service admin:
> {code}
> =================================================================
> ==6392== ERROR: AddressSanitizer: heap-use-after-free on address
> 0x601c00009fe8 at pc 0x2ab837b9c59a bp 0x2ab8370384d0 sp 0x2ab8370384c8
> READ of size 8 at 0x601c00009fe8 thread T72
> #0 0x2ab837b9c599 in remoteServiceAdmin_importService
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/src/remote_service_admin_impl.c:825:0
> #1 0x2ab8396f5a61 in topologyManager_addImportedService
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/topology_manager/private/src/topology_manager.c:549:0
> #2 0x2ab837ffead3 in discovery_informEndpointListeners
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/discovery/private/src/discovery.c:173:0
> #3 0x2ab837fff0d0 in discovery_addDiscoveredEndpoint
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/discovery/private/src/discovery.c:209:0
> #4 0x2ab838006cf5 in endpointDiscoveryPoller_poll
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/discovery/private/src/endpoint_discovery_poller.c:271:0
> #5 0x2ab838005fca in endpointDiscoveryPoller_addDiscoveryEndpoint
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/discovery/private/src/endpoint_discovery_poller.c:193:0
> #6 0x2ab837ff9c69 in discoveryShmWatcher_syncEndpoints
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/discovery_shm/private/src/discovery_shmWatcher.c:119:0
> #7 0x2ab837ffa554 in discoveryShmWatcher_run
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/discovery_shm/private/src/discovery_shmWatcher.c:168:0
> #8 0x2ab82af4db97 in __asan_describe_address ??:?
> #9 0x2ab82e42f181 in start_thread
> /build/buildd/eglibc-2.19/nptl/pthread_create.c:312 (discriminator 2)
> #10 0x2ab82ef5f47c in clone
> /build/buildd/eglibc-2.19/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:111
> 0x601c00009fe8 is located 104 bytes inside of 152-byte region
> [0x601c00009f80,0x601c0000a018)
> freed by thread T0 here:
> #0 0x2ab82af4a33a in __interceptor_free ??:?
> #1 0x2ab837b9339d in remoteServiceAdmin_destroy
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/src/remote_service_admin_impl.c:101:0
> #2 0x2ab837b9dff2 in bundleActivator_stop
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/src/remote_service_admin_activator.c:107:0
> #3 0x2ab82df1526c in fw_stopBundle
> /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/framework.c:875:0
> #4 0x2ab82def33d4 in bundle_stopWithOptions
> /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/bundle.c:325:0
> #5 0x2ab82def3166 in bundle_stop
> /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/bundle.c:313:0
> #6 0x41b2b3 in stopStartPermutation
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/test/rsa_client_server_tests.cpp:250:0
> #7 0x41e3c6 in testImport
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/test/rsa_client_server_tests.cpp:338:0
> #8 0x422e4e in
> _ZN44TEST_RsaShmClientServerTests_TestImport_Test8testBodyEv
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/test/rsa_client_server_tests.cpp:479:0
> #9 0x42fe00 in PlatformSpecificSetJmpImplementation
> /home/bjoern/Progs/cpputest/cpputest-3.7.1/src/Platforms/Gcc/UtestPlatform.cpp:144:0
> addr2line: '': No such file
> #10 0x601000007f9f in
> previously allocated by thread T0 here:
> #0 0x2ab82af4a4e5 in calloc ??:?
> #1 0x2ab837b929db in remoteServiceAdmin_create
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/src/remote_service_admin_impl.c:70
> #2 0x2ab837b9d9f2 in bundleActivator_start
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/src/remote_service_admin_activator.c:63
> #3 0x2ab82df1317f in fw_startBundle
> /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/framework.c:717
> (discriminator 1)
> #4 0x2ab82def2cd2 in bundle_startWithOptions
> /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/bundle.c:282
> #5 0x2ab82df63556 in celixLauncher_launchWithProperties
> /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/celix_launcher.c:130
> (discriminator 2)
> #6 0x2ab82df62b2b in celixLauncher_launchWithStream
> /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/celix_launcher.c:67
> #7 0x2ab82df62844 in celixLauncher_launch
> /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/celix_launcher.c:46
> #8 0x4144ee in setupFm
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/test/rsa_client_server_tests.cpp:68
> #9 0x42360e in
> _ZN47TEST_GROUP_CppUTestGroupRsaShmClientServerTests5setupEv
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/test/rsa_client_server_tests.cpp:465
> #10 0x42fe00 in PlatformSpecificSetJmpImplementation
> /home/bjoern/Progs/cpputest/cpputest-3.7.1/src/Platforms/Gcc/UtestPlatform.cpp:144
> #11 0x601000007f9f in
> Thread T72 created by T0 here:
> #0 0x2ab82af3fb5b in __interceptor_pthread_create ??:?
> #1 0x2ab82e1fdca8 in celixThread_create
> /home/bjoern/Development/celix/git/celix.current.plain/celix/utils/private/src/celix_threads.c:34
> #2 0x2ab837ffaaed in discoveryShmWatcher_create
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/discovery_shm/private/src/discovery_shmWatcher.c:212
> #3 0x2ab837ffba80 in discovery_start
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/discovery_shm/private/src/discovery_impl.c:122
> #4 0x2ab837ffcc18 in bundleActivator_start
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/discovery/private/src/discovery_activator.c:125
> #5 0x2ab82df1317f in fw_startBundle
> /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/framework.c:717
> (discriminator 1)
> #6 0x2ab82def2cd2 in bundle_startWithOptions
> /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/bundle.c:282
> #7 0x2ab82df63556 in celixLauncher_launchWithProperties
> /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/celix_launcher.c:130
> (discriminator 2)
> #8 0x2ab82df62b2b in celixLauncher_launchWithStream
> /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/celix_launcher.c:67
> #9 0x2ab82df62844 in celixLauncher_launch
> /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/celix_launcher.c:46
> #10 0x4144ee in setupFm
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/test/rsa_client_server_tests.cpp:68
> #11 0x42360e in
> _ZN47TEST_GROUP_CppUTestGroupRsaShmClientServerTests5setupEv
> /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/test/rsa_client_server_tests.cpp:465
> #12 0x42fe00 in PlatformSpecificSetJmpImplementation
> /home/bjoern/Progs/cpputest/cpputest-3.7.1/src/Platforms/Gcc/UtestPlatform.cpp:144
> #13 0x601000007f9f in
> Shadow bytes around the buggy address:
> 0x0c03ffff93a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
> 0x0c03ffff93b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
> 0x0c03ffff93c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
> 0x0c03ffff93d0: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fd
> 0x0c03ffff93e0: fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa
> =>0x0c03ffff93f0: fd fd fd fd fd fd fd fd fd fd fd fd fd[fd]fd fd
> 0x0c03ffff9400: fd fd fd fa fa fa fa fa fa fa fa fa 00 00 00 00
> 0x0c03ffff9410: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fa
> 0x0c03ffff9420: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
> 0x0c03ffff9430: fd fd fd fd fd fd fd fd fd fd fd fd fa fa fa fa
> 0x0c03ffff9440: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fd
> Shadow byte legend (one shadow byte represents 8 application bytes):
> Addressable: 00
> Partially addressable: 01 02 03 04 05 06 07
> Heap left redzone: fa
> Heap righ redzone: fb
> Freed Heap region: fd
> Stack left redzone: f1
> Stack mid redzone: f2
> Stack right redzone: f3
> Stack partial redzone: f4
> Stack after return: f5
> Stack use after scope: f8
> Global redzone: f9
> Global init order: f6
> Poisoned by user: f7
> ASan internal: fe
> ==6392== ABORTING
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
