[DISPATCH-1941] Crash in HTTP1 adaptor: member access within null pointer of type 'const struct qd_buffer_t' - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 1.15.0
Fix Version/s: 1.16.0
Component/s: Protocol Adaptors
Labels:
- crash

Description

https://github.com/jiridanek/qpid-dispatch/runs/1801886361?check_suite_focus=true#step:9:1844

../include/qpid/dispatch/buffer.h:83:44: runtime error: member access within null pointer of type 'const struct qd_buffer_t'
AddressSanitizer:DEADLYSIGNAL
=================================================================
==31711==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000010 (pc 0x7fb51d73dd10 bp 0x7fb50883e7b0 sp 0x7fb50883e790 T4)
==31711==The signal is caused by a READ memory access.
==31711==Hint: address points to the zero page.
    #0 0x7fb51d73dd10 in qd_buffer_cursor ../include/qpid/dispatch/buffer.h:83
    #1 0x7fb51d741af7 in ensure_outgoing_capacity ../src/adaptors/http1/http1_codec.c:346
    #2 0x7fb51d741bbd in write_string ../src/adaptors/http1/http1_codec.c:356
    #3 0x7fb51d753cf3 in h1_codec_tx_request ../src/adaptors/http1/http1_codec.c:1448
    #4 0x7fb51d79435a in _send_request_headers ../src/adaptors/http1/http1_server.c:1291
    #5 0x7fb51d795193 in _encode_request_message ../src/adaptors/http1/http1_server.c:1369
    #6 0x7fb51d79671b in _send_request_message ../src/adaptors/http1/http1_server.c:1431
    #7 0x7fb51d7973e7 in qdr_http1_server_core_link_deliver ../src/adaptors/http1/http1_server.c:1505
    #8 0x7fb51d761042 in _core_link_deliver ../src/adaptors/http1/http1_adaptor.c:569
    #9 0x7fb51d96fc71 in qdr_link_process_deliveries ../src/router_core/transfer.c:176
    #10 0x7fb51d760d1b in _core_link_push ../src/adaptors/http1/http1_adaptor.c:550
    #11 0x7fb51d8ab61e in qdr_connection_process ../src/router_core/connections.c:412
    #12 0x7fb51d786664 in _do_reconnect ../src/adaptors/http1/http1_server.c:417
    #13 0x7fb51d9f701a in qd_timer_visit ../src/timer.c:201
    #14 0x7fb51d9e59c5 in handle ../src/server.c:1008
    #15 0x7fb51d9e764d in thread_run ../src/server.c:1122
    #16 0x7fb51d87006f in _thread_init ../src/posix/threading.c:172
    #17 0x7fb51d18beac in start_thread (/nix/store/9df65igwjmf2wbw0gbrrgair6piqjgmi-glibc-2.31/lib/libpthread.so.0+0x7eac)
    #18 0x7fb51c327d2e in __GI___clone (/nix/store/9df65igwjmf2wbw0gbrrgair6piqjgmi-glibc-2.31/lib/libc.so.6+0xf7d2e)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV ../include/qpid/dispatch/buffer.h:83 in qd_buffer_cursor
Thread T4 created by T0 here:
    #0 0x7fb51e1a22a2 in __interceptor_pthread_create (/nix/store/9f76hk7scn4lll0rc7da0rixhgc8r28a-gcc-10.2.0-lib/lib/libasan.so.6+0x582a2)
    #1 0x7fb51d8701da in sys_thread ../src/posix/threading.c:181
    #2 0x7fb51d9ee89d in qd_server_run ../src/server.c:1482
    #3 0x4026e4 in main_process ../router/src/main.c:113
    #4 0x404564 in main ../router/src/main.c:367
    #5 0x7fb51c253c7c in __libc_start_main (/nix/store/9df65igwjmf2wbw0gbrrgair6piqjgmi-glibc-2.31/lib/libc.so.6+0x23c7c)

==31711==ABORTING
<<<<

Attachments

Activity

People

Assignee:: Ken Giusti

Reporter:: Jiri Daněk

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 31/Jan/21 17:48

Updated:: 14/May/21 14:10

Resolved:: 16/Feb/21 19:49