[TS-4831] HTTP/2 update_read_request crash - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 7.0.0
Component/s: HTTP/2
Labels:
None

Backport to Version:

6.2.1

Description

Crash we have seen in production with our version of ATS.

gdb) bt
#0  0x000000000051579a in Mutex_lock (m=0x0, t=0x2ab3039f8010) at ../iocore/eventsystem/I_Lock.h:380
#1  0x000000000053d422 in MutexLock::MutexLock (this=0x2ab30a053500, am=0x0, t=0x2ab3039f8010) at ../iocore/eventsystem/I_Lock.h:447
#2  0x0000000000653f15 in Http2Stream::update_read_request (this=0x2ab448582c60, read_len=9223372036854775807, call_update=true) at Http2Stream.cc:420
#3  0x000000000064d579 in rcv_data_frame (cs=..., cstate=..., frame=...) at Http2ConnectionState.cc:145
#4  0x000000000064fd8f in Http2ConnectionState::main_event_handler (this=0x2ab47d30ae10, event=2253, edata=0x2ab30a055830)
    at Http2ConnectionState.cc:753
#5  0x0000000000515958 in Continuation::handleEvent (this=0x2ab47d30ae10, event=2253, data=0x2ab30a055830)
    at ../iocore/eventsystem/I_Continuation.h:150
#6  0x0000000000649f09 in send_connection_event (cont=0x2ab47d30ae10, event=2253, edata=0x2ab30a055830) at Http2ClientSession.cc:60
#7  0x000000000064c2a5 in Http2ClientSession::state_complete_frame_read (this=0x2ab47d30abd0, event=100, edata=0x2ab4dc3469e0)
    at Http2ClientSession.cc:478
#8  0x000000000064b03f in Http2ClientSession::main_event_handler (this=0x2ab47d30abd0, event=100, edata=0x2ab4dc3469e0) at Http2ClientSession.cc:292
#9  0x0000000000515958 in Continuation::handleEvent (this=0x2ab47d30abd0, event=100, data=0x2ab4dc3469e0) at ../iocore/eventsystem/I_Continuation.h:150
#10 0x000000000064bfed in Http2ClientSession::state_start_frame_read (this=0x2ab47d30abd0, event=100, edata=0x2ab4dc3469e0)
    at Http2ClientSession.cc:451
#11 0x000000000064b03f in Http2ClientSession::main_event_handler (this=0x2ab47d30abd0, event=100, edata=0x2ab4dc3469e0) at Http2ClientSession.cc:292
#12 0x0000000000515958 in Continuation::handleEvent (this=0x2ab47d30abd0, event=100, data=0x2ab4dc3469e0) at ../iocore/eventsystem/I_Continuation.h:150
#13 0x0000000000786a49 in read_signal_and_update (event=100, vc=0x2ab4dc3468c0) at UnixNetVConnection.cc:148
#14 0x0000000000789866 in UnixNetVConnection::readSignalAndUpdate (this=0x2ab4dc3468c0, event=100) at UnixNetVConnection.cc:1013
#15 0x000000000076e2bb in SSLNetVConnection::net_read_io (this=0x2ab4dc3468c0, nh=0x2ab3039fbe00, lthread=0x2ab3039f8010) at SSLNetVConnection.cc:576
#16 0x0000000000780465 in NetHandler::waitForActivity (this=0x2ab3039fbe00, timeout=60000000) at UnixNet.cc:546
#17 0x00000000007a7f6d in EThread::execute_regular (this=0x2ab3039f8010) at UnixEThread.cc:266
#18 0x00000000007a80b0 in EThread::execute (this=0x2ab3039f8010) at UnixEThread.cc:304
#19 0x00000000007a6c69 in spawn_thread_internal (a=0x157b530) at Thread.cc:85
#20 0x00002ab302293aa1 in start_thread () from /lib64/libpthread.so.0
#21 0x0000003ab7ee893d in clone () from /lib64/libc.so.6

The read_vio has a NULL mutex and all the other values are 0 as well. It looks as if do_io_read(NULL, 0, NULL) was called on the stream. Some places in Http2Stream we check that read_vio.mutex is NULL before trying to access it, but not all.

Should probably add similar NULL checks for write_vio.mutex.

Attachments

Issue Links

links to

GitHub Pull Request #994

Activity

People

Assignee:: Susan Hinrichs

Reporter:: Susan Hinrichs

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 08/Sep/16 20:11

Updated:: 01/Dec/16 22:29

Resolved:: 13/Sep/16 03:07

Time Tracking

Estimated:

Not Specified

Remaining:

Logged:

50m