[
https://issues.apache.org/jira/browse/DISPATCH-2318?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ken Giusti resolved DISPATCH-2318.
----------------------------------
Resolution: Fixed
> Double free of subscription on shutdown
> ---------------------------------------
>
> Key: DISPATCH-2318
> URL: https://issues.apache.org/jira/browse/DISPATCH-2318
> Project: Qpid Dispatch
> Issue Type: Bug
> Components: Router Node
> Affects Versions: 1.18.0
> Reporter: Ken Giusti
> Assignee: Ken Giusti
> Priority: Major
> Fix For: 1.19.0
>
>
> qdr_subscribe_CT incorrectly frees the subscription passed in if the action
> is being dicarded.
> However qdr_subscribe_CT does not own the subscription - a pointer to the
> subscription is held by the caller to qdr_core_subscribe(). The caller will
> free it.
>
> 2022-01-26T20:38:30.4511421Z 75: ==3807==ERROR: AddressSanitizer: attempting
> double-free on 0x60600000b0c0 in thread T3:
>
> 2022-01-26T20:38:30.5203414Z 75: #0 0x7f1b8b5a3627 in free
> (/lib64/libasan.so.6+0xae627)
>
> 2022-01-26T20:38:30.5211345Z 75: #1 0x879ff3 in qdr_agent_free
> /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/router_core/agent.c:153
>
> 2022-01-26T20:38:30.5229424Z 75: #2 0x92fb3d in qdr_core_free
> /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/router_core/router_core.c:329
>
> 2022-01-26T20:38:30.5243461Z 75: #3 0x99f01d in qd_router_free
> /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/router_node.c:2179
>
> 2022-01-26T20:38:30.5249436Z 75: #4 0x7fccf2 in qd_dispatch_free
> /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/dispatch.c:374
>
> 2022-01-26T20:38:30.5752354Z 75: #5 0x5cefb2 in QDR::deinitialize(bool)
> const
> /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/tests/c_unittests/./helpers.hp\
> p:265
>
>
> 2022-01-26T20:38:30.5753828Z 75: #6 0x5ab4c5 in
> check_amqp_listener_startup_log_message(qd_server_config_t,
> std::__cxx11::basic_string<char, std::char_traits<char>, std\
> ::allocator<char> >, std::__cxx11::basic_string<char, std::char_traits<char>,
> std::allocator<char> >)
> /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/tests/c_un\
> ittests/test_listener_startup.cpp:58
>
>
> 2022-01-26T20:38:30.5755448Z 75: #7 0x5ae797 in operator()
> /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/tests/c_unittests/test_listener_startup.cpp:129
>
> 2022-01-26T20:38:30.5757874Z 75: #8 0x7f1b8ab7f5c3 in
> execute_native_thread_routine (/lib64/libstdc++.so.6+0xd95c3)
>
> 2022-01-26T20:38:30.5758403Z 75: #9 0x7f1b89ec2a86 in start_thread
> (/lib64/libc.so.6+0x8da86)
>
> 2022-01-26T20:38:30.5758836Z 75: #10 0x7f1b89f468d3 in __GI___clone
> (/lib64/libc.so.6+0x1118d3)
>
> 2022-01-26T20:38:30.5759199Z 75:
>
>
> 2022-01-26T20:38:30.5759801Z 75: 0x60600000b0c0 is located 0 bytes inside of
> 56-byte region [0x60600000b0c0,0x60600000b0f8)
>
> 2022-01-26T20:38:30.5760226Z 75: freed by thread T4 here:
>
>
> 2022-01-26T20:38:30.5760605Z 75: #0 0x7f1b8b5a3627 in free
> (/lib64/libasan.so.6+0xae627)
>
> 2022-01-26T20:38:30.5767193Z 75: #1 0x9377b7 in qdr_subscribe_CT
> /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/router_core/route_tables.c:675
>
> 2022-01-26T20:38:30.5771793Z 75: #2 0x934a37 in router_core_thread
> /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/router_core/router_core_thread.c:236
>
> 2022-01-26T20:38:30.5774021Z 75: #3 0x7f1b89ec2a86 in start_thread
> (/lib64/libc.so.6+0x8da86)
>
> 2022-01-26T20:38:30.5774306Z 75:
>
>
> 2022-01-26T20:38:30.5774559Z 75: previously allocated by thread T3 here:
>
>
> 2022-01-26T20:38:30.5776278Z 75: #0 0x7f1b8b5a391f in
> __interceptor_malloc (/lib64/libasan.so.6+0xae91f)
>
> 2022-01-26T20:38:30.5777116Z 75: #1 0x93d83d in qd_malloc
> /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/include/qpid/dispatch/ctools.h:234
>
> 2022-01-26T20:38:30.5777838Z 75: #2 0x93d83d in qdr_core_subscribe
> /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/router_core/route_tables.c:147
>
> 2022-01-26T20:38:30.5780283Z 75: #3 0x87a159 in
> qdr_agent_setup_subscriptions
> /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/router_core/agent.c:168
>
> 2022-01-26T20:38:30.5781122Z 75: #4 0x91a956 in qdr_core
> /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/router_core/router_core.c:129
>
> 2022-01-26T20:38:30.5781939Z 75: #5 0x99eb72 in qd_router_setup_late
> /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/router_node.c:2142
>
> 2022-01-26T20:38:30.5782488Z 75: #6 0x7f1b85d0cc03 in ffi_call_unix64
> (/lib64/libffi.so.6+0x6c03)
>
> 2022-01-26T20:38:30.5798156Z 75: #7 0x7f1b856fc98f (<unknown module>)
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
