Details
-
Bug
-
Status: Closed
-
Blocker
-
Resolution: Fixed
-
qpid-cpp-0.34
-
None
Description
Crashes consistently on certain systems, like RHEL6 or Fedora 21. Appears to be a race that leaves stale pointers to pn_delivery_t objects after a link has been closed.
delivery passed to pni_add_tpwork has a null link ptr. likely that the delivery has already been freed.
Backtrace:
Thread 1 (Thread 0x7fb832b44700 (LWP 15941)):
#0 0x00007fb838f34c65 in pni_add_tpwork (delivery=0x7fb80c046290) at /home/chug/git/qpid-proton/proton-c/src/engine/engine.c:704
#1 0x00007fb838f38359 in pn_delivery_update (delivery=0x7fb80c046290, state=36) at /home/chug/git/qpid-proton/proton-c/src/engine/engine.c:1981
--Type <return> to continue, or q <return> to quit--
#2 0x00007fb839269e41 in qpid::broker::amqp::Session::accepted (this=0x7fb80c00f470, delivery=0x7fb80c046290, sync=true)
at /home/chug/git/qpid/qpid/cpp/src/qpid/broker/amqp/Session.cpp:621
#3 0x00007fb83926a72b in qpid::broker::amqp::Session::dispatch (this=0x7fb80c00f470) at /home/chug/git/qpid/qpid/cpp/src/qpid/broker/amqp/Session.cpp:693
#4 0x00007fb839211927 in qpid::broker::amqp::Connection::dispatch (this=0x7fb80c0108a8) at /home/chug/git/qpid/qpid/cpp/src/qpid/broker/amqp/Connection.cpp:286
#5 0x00007fb839211a3c in qpid::broker::amqp::Connection::canEncode (this=0x7fb80c0108a8) at /home/chug/git/qpid/qpid/cpp/src/qpid/broker/amqp/Connection.cpp:301
#6 0x00007fb83925fa24 in qpid::broker::amqp::Sasl::canEncode (this=0x7fb80c010840) at /home/chug/git/qpid/qpid/cpp/src/qpid/broker/amqp/Sasl.cpp:94
#7 0x00007fb83cb4d170 in qpid::sys::AsynchIOHandler::idle (this=0x7fb80c032a00) at /home/chug/git/qpid/qpid/cpp/src/qpid/sys/AsynchIOHandler.cpp:215
#8 0x00007fb83d397e88 in boost::_mfi::mf1<void, qpid::sys::AsynchIOHandler, qpid::sys::AsynchIO&>::operator() (this=0x7fb80c0447d0, p=0x7fb80c032a00, a1=...)
at /usr/include/boost/bind/mem_fn_template.hpp:165
#9 0x00007fb83d396bb1 in boost::_bi::list2<boost::_bi::value<qpid::sys::AsynchIOHandler*>, boost::arg<1> >::operator()<boost::_mfi::mf1<void, qpid::sys::AsynchIOHandler, qpid::sys::AsynchIO&>, boost::_bi::list1<qpid::sys::AsynchIO&> > (this=0x7fb80c0447e0, f=..., a=...) at /usr/include/boost/bind/bind.hpp:313
#10 0x00007fb83d396060 in boost::_bi::bind_t<void, boost::_mfi::mf1<void, qpid::sys::AsynchIOHandler, qpid::sys::AsynchIO&>, boost::_bi::list2<boost::_bi::value<qpid::sys::AsynchIOHandler*>, boost::arg<1> > >::operator()<qpid::sys::AsynchIO> (this=0x7fb80c0447d0, a1=...) at /usr/include/boost/bind/bind_template.hpp:32
#11 0x00007fb83d395412 in boost::detail::function::void_function_obj_invoker1<boost::_bi::bind_t<void, boost::_mfi::mf1<void, qpid::sys::AsynchIOHandler, qpid::sys::AsynchIO&>, boost::_bi::list2<boost::_bi::value<qpid::sys::AsynchIOHandler*>, boost::arg<1> > >, void, qpid::sys::AsynchIO&>::invoke (function_obj_ptr=..., a0=...)
at /usr/include/boost/function/function_template.hpp:153
#12 0x00007fb83caae137 in boost::function1<void, qpid::sys::AsynchIO&>::operator() (this=0x7fb80c0447c8, a0=...) at /usr/include/boost/function/function_template.hpp:767
#13 0x00007fb83caabd90 in qpid::sys::posix::AsynchIO::writeable (this=0x7fb80c0445d0, h=...) at /home/chug/git/qpid/qpid/cpp/src/qpid/sys/posix/AsynchIO.cpp:582
#14 0x00007fb83cab31d4 in boost::_mfi::mf1<void, qpid::sys::posix::AsynchIO, qpid::sys::DispatchHandle&>::operator() (this=0x7fb80c044610, p=0x7fb80c0445d0, a1=...)
at /usr/include/boost/bind/mem_fn_template.hpp:165
#15 0x00007fb83cab2507 in boost::_bi::list2<boost::_bi::value<qpid::sys::posix::AsynchIO*>, boost::arg<1> >::operator()<boost::_mfi::mf1<void, qpid::sys::posix::AsynchIO, qpid::sys::DispatchHandle&>, boost::_bi::list1<qpid::sys::DispatchHandle&> > (this=0x7fb80c044620, f=..., a=...) at /usr/include/boost/bind/bind.hpp:313
#16 0x00007fb83cab17d4 in boost::_bi::bind_t<void, boost::_mfi::mf1<void, qpid::sys::posix::AsynchIO, qpid::sys::DispatchHandle&>, boost::_bi::list2<boost::_bi::value<qpid::sys::posix::AsynchIO*>, boost::arg<1> > >::operator()<qpid::sys::DispatchHandle> (this=0x7fb80c044610, a1=...) at /usr/include/boost/bind/bind_template.hpp:32
#17 0x00007fb83cab07da in boost::detail::function::void_function_obj_invoker1<boost::_bi::bind_t<void, boost::_mfi::mf1<void, qpid::sys::posix::AsynchIO, qpid::sys::DispatchHandle&>, boost::_bi::list2<boost::_bi::value<qpid::sys::posix::AsynchIO*>, boost::arg<1> > >, void, qpid::sys::DispatchHandle&>::invoke (function_obj_ptr=..., a0=...)
at /usr/include/boost/function/function_template.hpp:153
#18 0x00007fb83cb500e3 in boost::function1<void, qpid::sys::DispatchHandle&>::operator() (this=0x7fb80c044608, a0=...) at /usr/include/boost/function/function_template.hpp:767
#19 0x00007fb83cb4f765 in qpid::sys::DispatchHandle::processEvent (this=0x7fb80c0445d8, type=qpid::sys::Poller::WRITABLE)
at /home/chug/git/qpid/qpid/cpp/src/qpid/sys/DispatchHandle.cpp:283
#20 0x00007fb83cad509a in qpid::sys::Poller::Event::process (this=0x7fb832b43cb0) at /home/chug/git/qpid/qpid/cpp/src/qpid/sys/Poller.h:131
#21 0x00007fb83cad4480 in qpid::sys::Poller::run (this=0x232c420) at /home/chug/git/qpid/qpid/cpp/src/qpid/sys/epoll/EpollPoller.cpp:522
#22 0x00007fb83cb4e473 in qpid::sys::Dispatcher::run (this=0x7ffcb83a9ae0) at /home/chug/git/qpid/qpid/cpp/src/qpid/sys/Dispatcher.cpp:37
#23 0x00007fb83cac87cd in qpid::sys::(anonymous namespace)::runRunnable (p=0x7ffcb83a9ae0) at /home/chug/git/qpid/qpid/cpp/src/qpid/sys/posix/Thread.cpp:35
#24 0x00007fb83be5852a in start_thread () from /lib64/libpthread.so.0
#25 0x00007fb83bb9422d in clone () from /lib64/libc.so.6