jiridanek commented on pull request #1052:
URL: https://github.com/apache/qpid-dispatch/pull/1052#issuecomment-1019505774
This really is crazy. Consider what may happen when both the subscribe and
unsubscribe actions get discarded:
```
==218518==ERROR: AddressSanitizer: attempting double-free on 0x6060000227c0
in thread T3:
#0 0x14d6627 in free (/lib64/libasan.so.6+0xae627)
#1 0x6f32e6 in qdr_unsubscribe_CT
/home/jdanek/repos/qpid/qpid-dispatch/src/router_core/route_tables.c:691
#2 0x6c8fe7 in qdr_core_free
/home/jdanek/repos/qpid/qpid-dispatch/src/router_core/router_core.c:270
#3 0x7634f3 in qd_router_free
/home/jdanek/repos/qpid/qpid-dispatch/src/router_node.c:2165
#4 0x5906bd in qd_dispatch_free
/home/jdanek/repos/qpid/qpid-dispatch/src/dispatch.c:375
#5 0x869b8d in QDR::deinitialize(bool) const
/home/jdanek/repos/qpid/qpid-dispatch/tests/c_unittests/./helpers.hpp:265
#6 0x858299 in
check_amqp_listener_startup_log_message(qd_server_config_t,
std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>
>, std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> >)
/home/jdanek/repos/qpid/qpid-dispatch/tests/c_unittests/test_listener_startup.cpp:58
#7 0x85cd25 in operator()
/home/jdanek/repos/qpid/qpid-dispatch/tests/c_unittests/test_listener_startup.cpp:129
#8 0x863eef in __invoke_impl<void, DOCTEST_ANON_FUNC_28()::<lambda()> >
/usr/include/c++/11/bits/invoke.h:61
#9 0x863cd7 in __invoke<DOCTEST_ANON_FUNC_28()::<lambda()> >
/usr/include/c++/11/bits/invoke.h:96
#10 0x8639de in _M_invoke<0> /usr/include/c++/11/bits/std_thread.h:253
#11 0x863817 in operator() /usr/include/c++/11/bits/std_thread.h:260
#12 0x863200 in _M_run /usr/include/c++/11/bits/std_thread.h:211
#13 0x7f0a01eac5c3 in execute_native_thread_routine
(/lib64/libstdc++.so.6+0xd95c3)
#14 0x440d10670a86 in start_thread (/lib64/libc.so.6+0x8da86)
#15 0x440d106f48d3 in __GI___clone (/lib64/libc.so.6+0x1118d3)
0x6060000227c0 is located 0 bytes inside of 56-byte region
[0x6060000227c0,0x6060000227f8)
freed by thread T3 here:
#0 0x14d6627 in free (/lib64/libasan.so.6+0xae627)
#1 0x6f26a9 in qdr_subscribe_CT
/home/jdanek/repos/qpid/qpid-dispatch/src/router_core/route_tables.c:675
#2 0x6c8fe7 in qdr_core_free
/home/jdanek/repos/qpid/qpid-dispatch/src/router_core/router_core.c:270
#3 0x7634f3 in qd_router_free
/home/jdanek/repos/qpid/qpid-dispatch/src/router_node.c:2165
#4 0x5906bd in qd_dispatch_free
/home/jdanek/repos/qpid/qpid-dispatch/src/dispatch.c:375
#5 0x869b8d in QDR::deinitialize(bool) const
/home/jdanek/repos/qpid/qpid-dispatch/tests/c_unittests/./helpers.hpp:265
#6 0x858299 in
check_amqp_listener_startup_log_message(qd_server_config_t,
std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>
>, std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> >)
/home/jdanek/repos/qpid/qpid-dispatch/tests/c_unittests/test_listener_startup.cpp:58
#7 0x85cd25 in operator()
/home/jdanek/repos/qpid/qpid-dispatch/tests/c_unittests/test_listener_startup.cpp:129
#8 0x863eef in __invoke_impl<void, DOCTEST_ANON_FUNC_28()::<lambda()> >
/usr/include/c++/11/bits/invoke.h:61
#9 0x863cd7 in __invoke<DOCTEST_ANON_FUNC_28()::<lambda()> >
/usr/include/c++/11/bits/invoke.h:96
#10 0x8639de in _M_invoke<0> /usr/include/c++/11/bits/std_thread.h:253
#11 0x863817 in operator() /usr/include/c++/11/bits/std_thread.h:260
#12 0x863200 in _M_run /usr/include/c++/11/bits/std_thread.h:211
#13 0x7f0a01eac5c3 in execute_native_thread_routine
(/lib64/libstdc++.so.6+0xd95c3)
previously allocated by thread T3 here:
#0 0x14d691f in __interceptor_malloc (/lib64/libasan.so.6+0xae91f)
#1 0x6e68c3 in qd_malloc
/home/jdanek/repos/qpid/qpid-dispatch/include/qpid/dispatch/ctools.h:234
#2 0x6e752c in qdr_core_subscribe
/home/jdanek/repos/qpid/qpid-dispatch/src/router_core/route_tables.c:147
#3 0x609db3 in IoAdapter_init
/home/jdanek/repos/qpid/qpid-dispatch/src/python_embedded.c:726
#4 0x716250fdc15a in type_call (/lib64/libpython3.10d.so.1.0+0x1c415a)
#5 0x716250f48139 in _PyObject_MakeTpCall
(/lib64/libpython3.10d.so.1.0+0x130139)
#6 0x7162510b3aed in _PyObject_VectorcallTstate.lto_priv.26
(/lib64/libpython3.10d.so.1.0+0x29baed)
#7 0x7162510b3b69 in PyObject_Vectorcall.lto_priv.1
(/lib64/libpython3.10d.so.1.0+0x29bb69)
#8 0x7162510ceb04 in call_function
(/lib64/libpython3.10d.so.1.0+0x2b6b04)
#9 0x7162510c83dd in _PyEval_EvalFrameDefault
(/lib64/libpython3.10d.so.1.0+0x2b03dd)
#10 0x7162510b3e1d in _PyEval_EvalFrame.lto_priv.1
(/lib64/libpython3.10d.so.1.0+0x29be1d)
#11 0x7162510cc8b5 in _PyEval_Vector
(/lib64/libpython3.10d.so.1.0+0x2b48b5)
#12 0x716250f487df in _PyFunction_Vectorcall
(/lib64/libpython3.10d.so.1.0+0x1307df)
#13 0x7162510b3b09 in _PyObject_VectorcallTstate.lto_priv.26
(/lib64/libpython3.10d.so.1.0+0x29bb09)
#14 0x7162510b3b69 in PyObject_Vectorcall.lto_priv.1
(/lib64/libpython3.10d.so.1.0+0x29bb69)
#15 0x7162510ceb04 in call_function
(/lib64/libpython3.10d.so.1.0+0x2b6b04)
#16 0x7162510c8208 in _PyEval_EvalFrameDefault
(/lib64/libpython3.10d.so.1.0+0x2b0208)
#17 0x7162510b3e1d in _PyEval_EvalFrame.lto_priv.1
(/lib64/libpython3.10d.so.1.0+0x29be1d)
#18 0x7162510cc8b5 in _PyEval_Vector
(/lib64/libpython3.10d.so.1.0+0x2b48b5)
#19 0x716250f487df in _PyFunction_Vectorcall
(/lib64/libpython3.10d.so.1.0+0x1307df)
#20 0x716250f47737 in _PyObject_VectorcallTstate.lto_priv.5
(/lib64/libpython3.10d.so.1.0+0x12f737)
#21 0x716250f48dd1 in _PyObject_CallFunctionVa
(/lib64/libpython3.10d.so.1.0+0x130dd1)
#22 0x716250f48f49 in PyObject_CallFunction
(/lib64/libpython3.10d.so.1.0+0x130f49)
#23 0x58deb7 in qd_dispatch_load_config
/home/jdanek/repos/qpid/qpid-dispatch/src/dispatch.c:130
#24 0x8689d4 in QDR::initialize(std::__cxx11::basic_string<char,
std::char_traits<char>, std::allocator<char> > const&)
/home/jdanek/repos/qpid/qpid-dispatch/tests/c_unittests/./helpers.hpp:215
#25 0x857d9d in
check_amqp_listener_startup_log_message(qd_server_config_t,
std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char>
>, std::__cxx11::basic_string<char, std::char_traits<char>,
std::allocator<char> >)
/home/jdanek/repos/qpid/qpid-dispatch/tests/c_unittests/test_listener_startup.cpp:44
#26 0x85cd25 in operator()
/home/jdanek/repos/qpid/qpid-dispatch/tests/c_unittests/test_listener_startup.cpp:129
#27 0x863eef in __invoke_impl<void, DOCTEST_ANON_FUNC_28()::<lambda()> >
/usr/include/c++/11/bits/invoke.h:61
#28 0x863cd7 in __invoke<DOCTEST_ANON_FUNC_28()::<lambda()> >
/usr/include/c++/11/bits/invoke.h:96
#29 0x8639de in _M_invoke<0> /usr/include/c++/11/bits/std_thread.h:253
Thread T3 created by T0 here:
#0 0x147e866 in pthread_create (/lib64/libasan.so.6+0x56866)
#1 0x7f0a01eac698 in
std::thread::_M_start_thread(std::unique_ptr<std::thread::_State,
std::default_delete<std::thread::_State> >, void (*)())
(/lib64/libstdc++.so.6+0xd9698)
#2 0x85cfad in DOCTEST_ANON_FUNC_28
/home/jdanek/repos/qpid/qpid-dispatch/tests/c_unittests/test_listener_startup.cpp:122
#3 0x7fe4a6 in doctest::Context::run()
/home/jdanek/repos/qpid/qpid-dispatch/tests/c_unittests/doctest.h:6656
#4 0x801ba8 in main
/home/jdanek/repos/qpid/qpid-dispatch/tests/c_unittests/doctest.h:6741
#5 0x440d1061055f in __libc_start_call_main (/lib64/libc.so.6+0x2d55f)
SUMMARY: AddressSanitizer: double-free (/lib64/libasan.so.6+0xae627) in free
==218518==ABORTING
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
