[jira] [Commented] (ARROW-2023) [C++] Test opening IPC stream reader or file reader on an empty InputStream

Mon, 26 Feb 2018 12:50:12 -0800 

    [ 
https://issues.apache.org/jira/browse/ARROW-2023?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16377554#comment-16377554
 ] 

ASF GitHub Bot commented on ARROW-2023:
---------------------------------------

wesm commented on issue #1503: ARROW-2023: [C++] Fix ASAN failure on malformed 
/ empty stream input, enable ASAN builds, add more dev docs
URL: https://github.com/apache/arrow/pull/1503#issuecomment-368645019
 
 
   @xhochy @crepererum this is ready to go. note this only fixes one of the 
fuzzer failures, now it returns a Flatbuffers error:
   
   ```
   ==19598==The signal is caused by a READ memory access.
       #0 0x682c79 in int flatbuffers::ReadScalar<int>(void const*) 
/home/wesm/cpp-toolchain/include/flatbuffers/flatbuffers.h:198:23
       #1 0x682b6f in flatbuffers::Table::GetVTable() const 
/home/wesm/cpp-toolchain/include/flatbuffers/flatbuffers.h:1583:20
       #2 0x682a3a in flatbuffers::Table::GetOptionalFieldOffset(unsigned 
short) const /home/wesm/cpp-toolchain/include/flatbuffers/flatbuffers.h:1590:19
       #3 0x6b0e8e in long flatbuffers::Table::GetField<long>(unsigned short, 
long) const /home/wesm/cpp-toolchain/include/flatbuffers/flatbuffers.h:1599:25
       #4 0x783934 in org::apache::arrow::flatbuf::Message::bodyLength() const 
/home/wesm/code/arrow/cpp/build/src/arrow/ipc/Message_generated.h:294:12
       #5 0x77ced7 in 
arrow::ipc::Message::ReadFrom(std::shared_ptr<arrow::Buffer> const&, 
arrow::io::InputStream*, std::unique_ptr<arrow::ipc::Message, 
std::default_delete<arrow::ipc::Message> >*) 
/home/wesm/code/arrow/cpp/build/../src/arrow/ipc/message.cc:140:37
       #6 0x7824d9 in arrow::ipc::ReadMessage(arrow::io::InputStream*, 
std::unique_ptr<arrow::ipc::Message, std::default_delete<arrow::ipc::Message> 
>*) /home/wesm/code/arrow/cpp/build/../src/arrow/ipc/message.cc:236:10
       #7 0x784036 in 
arrow::ipc::InputStreamMessageReader::ReadNextMessage(std::unique_ptr<arrow::ipc::Message,
 std::default_delete<arrow::ipc::Message> >*) 
/home/wesm/code/arrow/cpp/build/../src/arrow/ipc/message.cc:255:12
       #8 0x67abb8 in 
arrow::ipc::ReadMessageAndValidate(arrow::ipc::MessageReader*, 
arrow::ipc::Message::Type, bool, std::unique_ptr<arrow::ipc::Message, 
std::default_delete<arrow::ipc::Message> >*) 
/home/wesm/code/arrow/cpp/build/../src/arrow/ipc/reader.cc:371:29
       #9 0x6b2e82 in 
arrow::ipc::RecordBatchStreamReader::RecordBatchStreamReaderImpl::ReadSchema() 
/home/wesm/code/arrow/cpp/build/../src/arrow/ipc/reader.cc:426:23
       #10 0x67d40f in 
arrow::ipc::RecordBatchStreamReader::RecordBatchStreamReaderImpl::Open(std::unique_ptr<arrow::ipc::MessageReader,
 std::default_delete<arrow::ipc::MessageReader> >) 
/home/wesm/code/arrow/cpp/build/../src/arrow/ipc/reader.cc:407:12
       #11 0x6724d2 in 
arrow::ipc::RecordBatchStreamReader::Open(std::unique_ptr<arrow::ipc::MessageReader,
 std::default_delete<arrow::ipc::MessageReader> >, 
std::shared_ptr<arrow::RecordBatchReader>*) 
/home/wesm/code/arrow/cpp/build/../src/arrow/ipc/reader.cc:477:36
       #12 0x672dc0 in 
arrow::ipc::RecordBatchStreamReader::Open(arrow::io::InputStream*, 
std::shared_ptr<arrow::RecordBatchReader>*) 
/home/wesm/code/arrow/cpp/build/../src/arrow/ipc/reader.cc:484:10
       #13 0x651842 in LLVMFuzzerTestOneInput 
/home/wesm/code/arrow/cpp/build/../src/arrow/ipc/ipc-fuzzing-test.cc:31:12
       #14 0x52a0ae in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, 
unsigned long) (/home/wesm/code/arrow/cpp/build/debug/ipc-fuzzing-test+0x52a0ae)
       #15 0x529a94 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned 
long, bool, fuzzer::InputInfo*) 
(/home/wesm/code/arrow/cpp/build/debug/ipc-fuzzing-test+0x529a94)
       #16 0x52ad51 in fuzzer::Fuzzer::MutateAndTestOne() 
(/home/wesm/code/arrow/cpp/build/debug/ipc-fuzzing-test+0x52ad51)
       #17 0x52af17 in fuzzer::Fuzzer::Loop() 
(/home/wesm/code/arrow/cpp/build/debug/ipc-fuzzing-test+0x52af17)
       #18 0x523415 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned 
char const*, unsigned long)) 
(/home/wesm/code/arrow/cpp/build/debug/ipc-fuzzing-test+0x523415)
       #19 0x51e280 in main 
(/home/wesm/code/arrow/cpp/build/debug/ipc-fuzzing-test+0x51e280)
       #20 0x7fdeb9619f44 in __libc_start_main 
/build/eglibc-ripdx6/eglibc-2.19/csu/libc-start.c:287
       #21 0x51e185 in _start 
(/home/wesm/code/arrow/cpp/build/debug/ipc-fuzzing-test+0x51e185)
   ```
   
   I created https://issues.apache.org/jira/browse/ARROW-2222 about adding an 
option to validate input messages

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> [C++] Test opening IPC stream reader or file reader on an empty InputStream
> ---------------------------------------------------------------------------
>
>                 Key: ARROW-2023
>                 URL: https://issues.apache.org/jira/browse/ARROW-2023
>             Project: Apache Arrow
>          Issue Type: Bug
>          Components: C++
>            Reporter: Wes McKinney
>            Assignee: Wes McKinney
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 0.9.0
>
>
> This was reported to segfault in ARROW-1589



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to