[ https://issues.apache.org/jira/browse/DISPATCH-2318?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17483391#comment-17483391 ]
ASF subversion and git services commented on DISPATCH-2318: ----------------------------------------------------------- Commit 199452ed1df7508a2dca9f5efbbdaf6d5aaf7682 in qpid-dispatch's branch refs/heads/main from Ken Giusti [ https://gitbox.apache.org/repos/asf?p=qpid-dispatch.git;h=199452e ] DISPATCH-2318: fix double-free of subscription on shutdown This closes #1498 > Double free of subscription on shutdown > --------------------------------------- > > Key: DISPATCH-2318 > URL: https://issues.apache.org/jira/browse/DISPATCH-2318 > Project: Qpid Dispatch > Issue Type: Bug > Components: Router Node > Affects Versions: 1.18.0 > Reporter: Ken Giusti > Assignee: Ken Giusti > Priority: Major > Fix For: 1.19.0 > > > qdr_subscribe_CT incorrectly frees the subscription passed in if the action > is being dicarded. > However qdr_subscribe_CT does not own the subscription - a pointer to the > subscription is held by the caller to qdr_core_subscribe(). The caller will > free it. > > 2022-01-26T20:38:30.4511421Z 75: ==3807==ERROR: AddressSanitizer: attempting > double-free on 0x60600000b0c0 in thread T3: > > 2022-01-26T20:38:30.5203414Z 75: #0 0x7f1b8b5a3627 in free > (/lib64/libasan.so.6+0xae627) > > 2022-01-26T20:38:30.5211345Z 75: #1 0x879ff3 in qdr_agent_free > /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/router_core/agent.c:153 > > 2022-01-26T20:38:30.5229424Z 75: #2 0x92fb3d in qdr_core_free > /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/router_core/router_core.c:329 > > 2022-01-26T20:38:30.5243461Z 75: #3 0x99f01d in qd_router_free > /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/router_node.c:2179 > > 2022-01-26T20:38:30.5249436Z 75: #4 0x7fccf2 in qd_dispatch_free > /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/dispatch.c:374 > > 2022-01-26T20:38:30.5752354Z 75: #5 0x5cefb2 in QDR::deinitialize(bool) > const > /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/tests/c_unittests/./helpers.hp\ > p:265 > > > 2022-01-26T20:38:30.5753828Z 75: #6 0x5ab4c5 in > check_amqp_listener_startup_log_message(qd_server_config_t, > std::__cxx11::basic_string<char, std::char_traits<char>, std\ > ::allocator<char> >, std::__cxx11::basic_string<char, std::char_traits<char>, > std::allocator<char> >) > /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/tests/c_un\ > ittests/test_listener_startup.cpp:58 > > > 2022-01-26T20:38:30.5755448Z 75: #7 0x5ae797 in operator() > /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/tests/c_unittests/test_listener_startup.cpp:129 > > 2022-01-26T20:38:30.5757874Z 75: #8 0x7f1b8ab7f5c3 in > execute_native_thread_routine (/lib64/libstdc++.so.6+0xd95c3) > > 2022-01-26T20:38:30.5758403Z 75: #9 0x7f1b89ec2a86 in start_thread > (/lib64/libc.so.6+0x8da86) > > 2022-01-26T20:38:30.5758836Z 75: #10 0x7f1b89f468d3 in __GI___clone > (/lib64/libc.so.6+0x1118d3) > > 2022-01-26T20:38:30.5759199Z 75: > > > 2022-01-26T20:38:30.5759801Z 75: 0x60600000b0c0 is located 0 bytes inside of > 56-byte region [0x60600000b0c0,0x60600000b0f8) > > 2022-01-26T20:38:30.5760226Z 75: freed by thread T4 here: > > > 2022-01-26T20:38:30.5760605Z 75: #0 0x7f1b8b5a3627 in free > (/lib64/libasan.so.6+0xae627) > > 2022-01-26T20:38:30.5767193Z 75: #1 0x9377b7 in qdr_subscribe_CT > /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/router_core/route_tables.c:675 > > 2022-01-26T20:38:30.5771793Z 75: #2 0x934a37 in router_core_thread > /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/router_core/router_core_thread.c:236 > > 2022-01-26T20:38:30.5774021Z 75: #3 0x7f1b89ec2a86 in start_thread > (/lib64/libc.so.6+0x8da86) > > 2022-01-26T20:38:30.5774306Z 75: > > > 2022-01-26T20:38:30.5774559Z 75: previously allocated by thread T3 here: > > > 2022-01-26T20:38:30.5776278Z 75: #0 0x7f1b8b5a391f in > __interceptor_malloc (/lib64/libasan.so.6+0xae91f) > > 2022-01-26T20:38:30.5777116Z 75: #1 0x93d83d in qd_malloc > /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/include/qpid/dispatch/ctools.h:234 > > 2022-01-26T20:38:30.5777838Z 75: #2 0x93d83d in qdr_core_subscribe > /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/router_core/route_tables.c:147 > > 2022-01-26T20:38:30.5780283Z 75: #3 0x87a159 in > qdr_agent_setup_subscriptions > /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/router_core/agent.c:168 > > 2022-01-26T20:38:30.5781122Z 75: #4 0x91a956 in qdr_core > /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/router_core/router_core.c:129 > > 2022-01-26T20:38:30.5781939Z 75: #5 0x99eb72 in qd_router_setup_late > /home/runner/work/qpid-dispatch/qpid-dispatch/qpid-dispatch/src/router_node.c:2142 > > 2022-01-26T20:38:30.5782488Z 75: #6 0x7f1b85d0cc03 in ffi_call_unix64 > (/lib64/libffi.so.6+0x6c03) > > 2022-01-26T20:38:30.5798156Z 75: #7 0x7f1b856fc98f (<unknown module>) -- This message was sent by Atlassian Jira (v8.20.1#820001) --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org For additional commands, e-mail: dev-h...@qpid.apache.org