[jira] [Commented] (PROTON-2359) Segfault in pn_class_free, called from pn_connection_finalize

Fri, 16 Jul 2021 07:39:20 -0700 


    [ 
https://issues.apache.org/jira/browse/PROTON-2359?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17382111#comment-17382111
 ] 

Justin Ross commented on PROTON-2359:
-------------------------------------

How often are connections torn down in your app?  And what kinds of things is 
the app doing (multiple sessions, for instance?) inside the connection?  If you 
have any details like that, it will help us to write a reproducer.

> Segfault in pn_class_free, called from pn_connection_finalize
> -------------------------------------------------------------
>
>                 Key: PROTON-2359
>                 URL: https://issues.apache.org/jira/browse/PROTON-2359
>             Project: Qpid Proton
>          Issue Type: Bug
>          Components: proton-c
>    Affects Versions: proton-c-0.32.0, proton-c-0.33.0
>            Reporter: Nicolas Riebesel
>            Priority: Major
>
> Hello everyone,
> we are using the qpid-proton-c cpp-bindings together with the
> Qpid-C++ qpidd broker with AMQP 1.0. Since the upgrade to
> proton-c 0.32 we are experiencing segmentation faults inside
> {{pn_class_free}} called from {{pn_connection_finalize}}. It seems that
> the reify'ed {{clazz}} is corrupt.
> At first we thought that this is related to 
> [PROTON-2293|https://issues.apache.org/jira/projects/PROTON/issues/PROTON-2293]
>  which was
> supposed to be fixed in 0.33 but apparently we are still experiencing
> the crash.
> This is the stacktrace:
> {code:java}
> #0  0x00000000 in ?? ()
> #1  0xb634ed00 in pn_class_free (clazz=0x1e0490, object=0x1e0910) at 
> /usr/src/debug/qpid-proton/0.33.0-r0/qpid-proton-0.33.0/c/src/core/object/object.c:120
> #2  0xb634ed54 in pn_free (object=<optimized out>) at 
> /usr/src/debug/qpid-proton/0.33.0-r0/qpid-proton-0.33.0/c/src/core/object/object.c:266
> #3  0xb634edb8 in pni_free_children (children=0x1e0910, freed=0x1e0978) at 
> /usr/src/debug/qpid-proton/0.33.0-r0/qpid-proton-0.33.0/c/src/core/engine.c:476
> #4  0xb634f0fc in pn_connection_finalize (object=<optimized out>, 
> object=<optimized out>) at 
> /usr/src/debug/qpid-proton/0.33.0-r0/qpid-proton-0.33.0/c/src/core/engine.c:495
> #5  0xb634e900 in pn_class_decref (clazz=0xb636ee14 <clazz>, object=0x1e0870) 
> at 
> /usr/src/debug/qpid-proton/0.33.0-r0/qpid-proton-0.33.0/c/src/core/object/object.c:98
> #6  0xb634f814 in pn_event_finalize (event=0x1efd60) at 
> /usr/src/debug/qpid-proton/0.33.0-r0/qpid-proton-0.33.0/c/src/core/event.c:226
> #7  pn_event_finalize_cast (object=0x1efd60) at 
> /usr/src/debug/qpid-proton/0.33.0-r0/qpid-proton-0.33.0/c/src/core/event.c:271
> #8  0xb634e900 in pn_class_decref (clazz=0xb636ebd8 <pn_event.class>, 
> object=0x1efd60) at 
> /usr/src/debug/qpid-proton/0.33.0-r0/qpid-proton-0.33.0/c/src/core/object/object.c:98
> #9  0xb634ebd4 in pn_decref (object=<optimized out>) at 
> /usr/src/debug/qpid-proton/0.33.0-r0/qpid-proton-0.33.0/c/src/core/object/object.c:256
> #10 0xb634ec08 in pn_collector_next (collector=0x1efd20) at 
> /usr/src/debug/qpid-proton/0.33.0-r0/qpid-proton-0.33.0/c/src/core/event.c:197
> #11 0xb6351fd0 in batch_next (d=0x1efc5c) at 
> /usr/src/debug/qpid-proton/0.33.0-r0/qpid-proton-0.33.0/c/src/core/connection_driver.c:44
> #12 pn_connection_driver_next_event (d=0x1efc5c) at 
> /usr/src/debug/qpid-proton/0.33.0-r0/qpid-proton-0.33.0/c/src/core/connection_driver.c:137
> #13 0xb6377614 in pconnection_batch_next (batch=0x1efc58) at 
> /usr/src/debug/qpid-proton/0.33.0-r0/qpid-proton-0.33.0/c/src/proactor/epoll.c:879
> #14 0xb64da328 in proton::container::impl::thread() 
> (this=this@entry=0x1ceb68) at 
> /usr/src/debug/qpid-proton/0.33.0-r0/qpid-proton-0.33.0/cpp/src/proactor_container_impl.cpp:757
> #15 0xb64da930 in proton::container::impl::run(int) (this=0x1ceb68, 
> threads=threads@entry=1) at 
> /usr/src/debug/qpid-proton/0.33.0-r0/qpid-proton-0.33.0/cpp/src/proactor_container_impl.cpp:805
> #16 0xb64cbcec in proton::container::run() (this=<optimized out>) at 
> /usr/src/debug/qpid-proton/0.33.0-r0/qpid-proton-0.33.0/cpp/src/container.cpp:92
> {code}
> This is the {{clazz }}that was reify'ed inside frame 1 {{(pn_class_free):}} 
> {code:java}
> >>> frame 1
> #1  0xb634ed00 in pn_class_free (clazz=0x1e0490, object=0x1e0910) at 
> /usr/src/debug/qpid-proton/0.33.0-r0/qpid-proton-0.33.0/c/src/core/object/object.c:120
> 120      int rc = clazz->refcount(object);
> >>> p *clazz
> $2 = {
>   name = 0x48 <error: Cannot access memory at address 0x48>, 
>   cid = CID_pn_raw_connection, 
>   newinst = 0x1e0428, 
>   initialize = 0x0, 
>   incref = 0xb636e938 <PN_WEAKREF>, 
>   decref = 0x10, 
>   refcount = 0x0, 
>   finalize = 0x1e04b8, 
>   free = 0x0, 
>   reify = 0x49, 
>   hashcode = 0x1e0448, 
>   compare = 0x1e0540, 
>   inspect = 0x0
> }
> {code}
> I have a coredump of the crash, so it is quiet easy for me, to provide more 
> information, if you have any idea, where I can start. It takes quite a while 
> to get to this bug, normally the bug only surfaces if the service is running 
> > 12 hours. If you have any other idea what I can trace, to get this bug 
> fixed, please tell me.
> Thank you very much in advance.
>  
>  



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to