Details
-
Question
-
Status: Open
-
Major
-
Resolution: Unresolved
-
0.9.1
-
None
-
None
Description
Working on android application using TThreadedServer protocol in our native code , observed crash within thrift autogenerated code for an RPC call process_client.
In 400 to 500 iterations it happens once, Frequency of occurrence is very low. otherwise code works fine most of the time it works properly.
Below are the details:
signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 7729f450
03-15 22:58:09.039 1600 1600 I DEBUG : r0 7729f458 r1 738a7c38 r2 00000002 r3 00000000
03-15 22:58:09.039 1600 1600 I DEBUG : r4 00000000 r5 738a7c38 r6 738a7c0c r7 7729f458
03-15 22:58:09.041 1600 1600 I DEBUG : r8 7721be60 r9 738a7c3c sl 7729f45c fp 738a7c14
03-15 22:58:09.041 1600 1600 I DEBUG : ip 7729f450 sp 738a7c00 lr 76f1fd7d pc 7729f450 cpsr 000f0010
03-15 22:58:09.042 1600 1600 I DEBUG : d0 0000000000000000 d1 0000000000000000
03-15 22:58:09.042 1600 1600 I DEBUG : d2 0000000000000000 d3 0000000000000000
03-15 22:58:09.043 1600 1600 I DEBUG : d4 6f4c3a3a72656761 d5 206f4e203e206461
03-15 22:58:09.044 1600 1600 I DEBUG : d6 72756769666e6f63 d7 4052c00000000000
03-15 22:58:09.045 1600 1600 I DEBUG : d8 0000000000000000 d9 0000000000000000
03-15 22:58:09.046 1600 1600 I DEBUG : d10 0000000000000000 d11 0000000000000000
03-15 22:58:09.047 1600 1600 I DEBUG : d12 0000000000000000 d13 0000000000000000
03-15 22:58:09.048 1600 1600 I DEBUG : d14 0000000000000000 d15 0000000000000000
03-15 22:58:09.049 1600 1600 I DEBUG : d16 00000000241f30a4 d17 00000000241f30a4
03-15 22:58:09.049 1600 1600 I DEBUG : d18 41cd063bbd000000 d19 0000000000000000
03-15 22:58:09.050 1600 1600 I DEBUG : d20 0000000000000000 d21 0000000000000000
03-15 22:58:09.051 1600 1600 I DEBUG : d22 0000000000000000 d23 0000000000000000
03-15 22:58:09.051 1600 1600 I DEBUG : d24 0000000000000000 d25 0000000000000000
03-15 22:58:09.051 1600 1600 I DEBUG : d26 0000000000000000 d27 0000000000000000
03-15 22:58:09.052 1600 1600 I DEBUG : d28 0000000000000000 d29 0000000000000000
03-15 22:58:09.053 1600 1600 I DEBUG : d30 0000000000000000 d31 0000000000000000
03-15 22:58:09.054 1600 1600 I DEBUG : scr 00000010
03-15 22:58:09.056 1600 1600 I DEBUG :
03-15 22:58:09.056 1600 1600 I DEBUG : backtrace:
03-15 22:58:09.057 1600 1600 I DEBUG : #00 pc 000ec450 [heap]
03-15 22:58:09.058 1600 1600 I DEBUG : #01 pc 00076d79 /system/lib/libmanager.so (canmanager::thrift::TManagerBackendProcessor::process_Client(int, apache::thrift::protocol::TProtocol*, apache::thrift::protocol::TProtocol*, void*)+244)
03-15 22:58:09.058 1600 1600 I DEBUG :
03-15 22:58:09.058 1600 1600 I DEBUG : stack:
03-15 22:58:09.059 1600 1600 I DEBUG : 738a7bc0 738a7c14 [stack:3867]
03-15 22:58:09.059 1600 1600 I DEBUG : 738a7bc4 76ce49b1 /vendor/lib/libc.so (malloc+12)
03-15 22:58:09.060 1600 1600 I DEBUG : 738a7bc8 3ffffffc
03-15 22:58:09.060 1600 1600 I DEBUG : 738a7bcc 0000000e
03-15 22:58:09.060 1600 1600 I DEBUG : 738a7bd0 76f388b2 /system/lib/libmanager.so
03-15 22:58:09.060 1600 1600 I DEBUG : 738a7bd4 772a0428 [heap]
03-15 22:58:09.060 1600 1600 I DEBUG : 738a7bd8 7729f458 [heap]
03-15 22:58:09.060 1600 1600 I DEBUG : 738a7bdc 76e504a7 /system/lib/libgnustl_shared.so (char* std::string::_S_construct<char const*>(char const*, char const*, std::allocator<char> const&, std::forward_iterator_tag)+62)
03-15 22:58:09.061 1600 1600 I DEBUG : 738a7be0 76f388b2 /system/lib/libmanager.so
03-15 22:58:09.061 1600 1600 I DEBUG : 738a7be4 738a7c38 [stack:3867]
03-15 22:58:09.061 1600 1600 I DEBUG : 738a7be8 738a7c0c [stack:3867]
03-15 22:58:09.062 1600 1600 I DEBUG : 738a7bec 76e507ab /system/lib/libgnustl_shared.so (std::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&)+34)
03-15 22:58:09.062 1600 1600 I DEBUG : 738a7bf0 00000000
03-15 22:58:09.062 1600 1600 I DEBUG : 738a7bf4 738a7c38 [stack:3867]
03-15 22:58:09.063 1600 1600 I DEBUG : 738a7bf8 df0027ad
03-15 22:58:09.063 1600 1600 I DEBUG : 738a7bfc 00000000
03-15 22:58:09.064 1600 1600 I DEBUG : #00 738a7c00 00000000
03-15 22:58:09.064 1600 1600 I DEBUG : ........ ........
03-15 22:58:09.064 1600 1600 I DEBUG : #01 738a7c00 00000000
03-15 22:58:09.065 1600 1600 I DEBUG : 738a7c04 76d221f4
03-15 22:58:09.065 1600 1600 I DEBUG : 738a7c08 76e6e368
03-15 22:58:09.065 1600 1600 I DEBUG : 738a7c0c 76e4f249 /system/lib/libgnustl_shared.so (std::string::_M_mutate(unsigned int, unsigned int, unsigned int)+60)
03-15 22:58:09.066 1600 1600 I DEBUG : 738a7c10 00000018
03-15 22:58:09.066 1600 1600 I DEBUG : 738a7c14 00000000
03-15 22:58:09.067 1600 1600 I DEBUG : 738a7c18 00000000
03-15 22:58:09.067 1600 1600 I DEBUG : 738a7c1c 76f3c091 /system/lib/libmanager.so
03-15 22:58:09.068 1600 1600 I DEBUG : 738a7c20 76f44808 /system/lib/libmanager.so
03-15 22:58:09.068 1600 1600 I DEBUG : 738a7c24 ffffffff
03-15 22:58:09.069 1600 1600 I DEBUG : 738a7c28 00000001
03-15 22:58:09.069 1600 1600 I DEBUG : 738a7c2c 76f44828 /system/lib/libmanager.so
03-15 22:58:09.070 1600 1600 I DEBUG : 738a7c30 0000472f
03-15 22:58:09.070 1600 1600 I DEBUG : 738a7c34 76e6e301
03-15 22:58:09.070 1600 1600 I DEBUG : 738a7c38 772a0434 [heap]
03-15 22:58:09.071 1600 1600 I DEBUG : 738a7c3c 772a0410 [heap]
void TManagerBackendProcessor::process_Client(int32_t seqid, ::apache::thrift::protocol::TProtocol* iprot, ::apache::thrift::protocol::TProtocol* oprot, void* callContext)
{
void* ctx = NULL;
if (this->eventHandler_.get() != NULL)
::apache::thrift::TProcessorContextFreer freer(this->eventHandler_.get(), ctx, "TManagerBackend.Client");
if (this->eventHandler_.get() != NULL)
{ this->eventHandler_->preRead(ctx, "TManagerBackend.Client"); } TManagerBackend_Client_args args;
args.read(iprot);
iprot->readMessageEnd();
uint32_t bytes = iprot->getTransport()->readEnd();
if (this->eventHandler_.get() != NULL)
{ this->eventHandler_->postRead(ctx, "TManagerBackend.Client", bytes); } TManagerBackend_Client_result result;
try
catch (const std::exception& e) {
if (this->eventHandler_.get() != NULL)
::apache::thrift::TApplicationException x(e.what());
oprot->writeMessageBegin("Client", ::apache::thrift::protocol::T_EXCEPTION, seqid);
x.write(oprot);
oprot->writeMessageEnd();
oprot->getTransport()->writeEnd();
oprot->getTransport()->flush();
return;
}
if (this->eventHandler_.get() != NULL)
{ this->eventHandler_->preWrite(ctx, "TManagerBackend.Client"); } oprot->writeMessageBegin("Client", ::apache::thrift::protocol::T_REPLY, seqid); //->line where crash observed (seems oprot is getting undesired value here, seems this is the first location of oprot getting used after its initialization in TthreadedServer, also first call made after TThreadedServer calls serve())
result.write(oprot);
oprot->writeMessageEnd();
bytes = oprot->getTransport()->writeEnd();
oprot->getTransport()->flush();
if (this->eventHandler_.get() != NULL)
{ this->eventHandler_->postWrite(ctx, "TManagerBackend.Client", bytes); }}
we are using TThreadedServer with TBufferedTransportFactory.
Checked everything in our code, not sure the crash is because of thrift code or not. Kindly help me to understand the significance of TProtocol oprot and possible root cause of the crash happening...