[
https://issues.apache.org/jira/browse/DISPATCH-1259?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ken Giusti resolved DISPATCH-1259.
----------------------------------
Fix Version/s: 1.16.0
Resolution: Fixed
> delivery->link_work race condition
> ----------------------------------
>
> Key: DISPATCH-1259
> URL: https://issues.apache.org/jira/browse/DISPATCH-1259
> Project: Qpid Dispatch
> Issue Type: Bug
> Components: Router Node
> Affects Versions: 1.5.0
> Reporter: Ken Giusti
> Assignee: Ken Giusti
> Priority: Major
> Labels: memory-bug
> Fix For: 1.16.0
>
>
> [~chug] hit the following use-after-free error under valgrind:
> {code:java}
> kind = InvalidRead (count=1)
> Invalid read of size 1
> Stack:
> (qdr_deliver_continue_peers_CT)
> /home/chug/git/qpid-dispatch/src/router_core/transfer.c:1236
> (qdr_deliver_continue_CT)
> /home/chug/git/qpid-dispatch/src/router_core/transfer.c:1269
> (router_core_thread)
> /home/chug/git/qpid-dispatch/src/router_core/router_core_thread.c:148
> (start_thread)
> /usr/src/debug/glibc-2.28-60-g4d7af7815a/nptl/pthread_create.c:486
> (clone)
> /usr/src/debug/glibc-2.28-60-g4d7af7815a/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
> Address 0x143aaa79 is 41 bytes inside a block of size 48 free'd:
> (free)
> /builddir/build/BUILD/valgrind-3.14.0/coregrind/m_replacemalloc/vg_replace_malloc.c:540
> (free_qdr_link_work_t)
> /home/chug/git/qpid-dispatch/src/router_core/router_core.c:36
> (qdr_connection_process)
> /home/chug/git/qpid-dispatch/src/router_core/connections.c:341
> (AMQP_writable_conn_handler)
> /home/chug/git/qpid-dispatch/src/router_node.c:174
> (writable_handler) /home/chug/git/qpid-dispatch/src/container.c:332
> (qd_container_handle_event) /home/chug/git/qpid-dispatch/src/container.c:640
> (handle) /home/chug/git/qpid-dispatch/src/server.c:985
> (thread_run) /home/chug/git/qpid-dispatch/src/server.c:1010
> (qd_server_run) /home/chug/git/qpid-dispatch/src/server.c:1284
> (main_process) /home/chug/git/qpid-dispatch/router/src/main.c:112
> (main) /home/chug/git/qpid-dispatch/router/src/main.c:367
> Block was alloc'd at:
> (malloc)
> /builddir/build/BUILD/valgrind-3.14.0/coregrind/m_replacemalloc/vg_replace_malloc.c:309
> (new_qdr_link_work_t)
> /home/chug/git/qpid-dispatch/src/router_core/router_core.c:36
> (qdr_forward_deliver_CT)
> /home/chug/git/qpid-dispatch/src/router_core/forwarder.c:226
> (qdr_forward_multicast_CT)
> /home/chug/git/qpid-dispatch/src/router_core/forwarder.c:474
> (qdr_forward_message_CT)
> /home/chug/git/qpid-dispatch/src/router_core/forwarder.c:995
> (qdr_link_forward_CT)
> /home/chug/git/qpid-dispatch/src/router_core/transfer.c:918
> (qdr_link_deliver_CT)
> /home/chug/git/qpid-dispatch/src/router_core/transfer.c:1094
> (router_core_thread)
> /home/chug/git/qpid-dispatch/src/router_core/router_core_thread.c:148
> (start_thread)
> /usr/src/debug/glibc-2.28-60-g4d7af7815a/nptl/pthread_create.c:486
> (clone)
> /usr/src/debug/glibc-2.28-60-g4d7af7815a/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
> {code}
> The router core thread is accessing a link_work object after it was deleted
> by the I/O thread.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
