[jira] [Created] (DISPATCH-1259) delivery->link_work race condition

Ken Giusti (JIRA) Thu, 31 Jan 2019 13:19:35 -0800

Ken Giusti created DISPATCH-1259:
------------------------------------

             Summary: delivery->link_work race condition
                 Key: DISPATCH-1259
                 URL: https://issues.apache.org/jira/browse/DISPATCH-1259
             Project: Qpid Dispatch
          Issue Type: Bug
          Components: Router Node
    Affects Versions: 1.5.0
            Reporter: Ken Giusti
            Assignee: Ken Giusti
             Fix For: 1.6.0



[~chug] hit the following use-after-free error under valgrind:


{code:java}
kind = InvalidRead  (count=1)
Invalid read of size 1
Stack:
  (qdr_deliver_continue_peers_CT) 
/home/chug/git/qpid-dispatch/src/router_core/transfer.c:1236
  (qdr_deliver_continue_CT) 
/home/chug/git/qpid-dispatch/src/router_core/transfer.c:1269
  (router_core_thread) 
/home/chug/git/qpid-dispatch/src/router_core/router_core_thread.c:148
  (start_thread) 
/usr/src/debug/glibc-2.28-60-g4d7af7815a/nptl/pthread_create.c:486
  (clone) 
/usr/src/debug/glibc-2.28-60-g4d7af7815a/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
Address 0x143aaa79 is 41 bytes inside a block of size 48 free'd:
  (free) 
/builddir/build/BUILD/valgrind-3.14.0/coregrind/m_replacemalloc/vg_replace_malloc.c:540
  (free_qdr_link_work_t) 
/home/chug/git/qpid-dispatch/src/router_core/router_core.c:36
  (qdr_connection_process) 
/home/chug/git/qpid-dispatch/src/router_core/connections.c:341
  (AMQP_writable_conn_handler) 
/home/chug/git/qpid-dispatch/src/router_node.c:174
  (writable_handler) /home/chug/git/qpid-dispatch/src/container.c:332
  (qd_container_handle_event) /home/chug/git/qpid-dispatch/src/container.c:640
  (handle) /home/chug/git/qpid-dispatch/src/server.c:985
  (thread_run) /home/chug/git/qpid-dispatch/src/server.c:1010
  (qd_server_run) /home/chug/git/qpid-dispatch/src/server.c:1284
  (main_process) /home/chug/git/qpid-dispatch/router/src/main.c:112
  (main) /home/chug/git/qpid-dispatch/router/src/main.c:367
Block was alloc'd at:
  (malloc) 
/builddir/build/BUILD/valgrind-3.14.0/coregrind/m_replacemalloc/vg_replace_malloc.c:309
  (new_qdr_link_work_t) 
/home/chug/git/qpid-dispatch/src/router_core/router_core.c:36
  (qdr_forward_deliver_CT) 
/home/chug/git/qpid-dispatch/src/router_core/forwarder.c:226
  (qdr_forward_multicast_CT) 
/home/chug/git/qpid-dispatch/src/router_core/forwarder.c:474
  (qdr_forward_message_CT) 
/home/chug/git/qpid-dispatch/src/router_core/forwarder.c:995
  (qdr_link_forward_CT) 
/home/chug/git/qpid-dispatch/src/router_core/transfer.c:918
  (qdr_link_deliver_CT) 
/home/chug/git/qpid-dispatch/src/router_core/transfer.c:1094
  (router_core_thread) 
/home/chug/git/qpid-dispatch/src/router_core/router_core_thread.c:148
  (start_thread) 
/usr/src/debug/glibc-2.28-60-g4d7af7815a/nptl/pthread_create.c:486
  (clone) 
/usr/src/debug/glibc-2.28-60-g4d7af7815a/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95

{code}

The router core thread is accessing a link_work object after it was deleted by 
the I/O thread.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org

[jira] [Created] (DISPATCH-1259) delivery->link_work race condition

Reply via email to