[
https://issues.apache.org/jira/browse/DISPATCH-2168?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17383578#comment-17383578
]
ASF GitHub Bot commented on DISPATCH-2168:
------------------------------------------
ganeshmurthy opened a new pull request #1304:
URL: https://github.com/apache/qpid-dispatch/pull/1304
…will make sure that the address object will not be freed prematurely
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> [http2] qdr_address_t use after free in system_tests_http2
> ----------------------------------------------------------
>
> Key: DISPATCH-2168
> URL: https://issues.apache.org/jira/browse/DISPATCH-2168
> Project: Qpid Dispatch
> Issue Type: Test
> Components: Protocol Adaptors
> Affects Versions: 1.16.0
> Reporter: Ganesh Murthy
> Assignee: Ganesh Murthy
> Priority: Major
> Labels: asan
>
> {noformat}
> 9:
> ======================================================================
> 69: ERROR: test_zzz_http_connector_delete
> (system_tests_http2.Http2TestOneInteriorRouter)
> 69:
> ----------------------------------------------------------------------
> 69: Traceback (most recent call last):
> 69: File
> "/home/travis/build/apache/qpid-dispatch/tests/system_test.py", line 1196, in
> __call__
> 69: p.teardown()
> 69: File
> "/home/travis/build/apache/qpid-dispatch/tests/system_test.py", line 311, in
> teardown
> 69: error("exit code %s, expected %s" % (status, self.expect))
> 69: File
> "/home/travis/build/apache/qpid-dispatch/tests/system_test.py", line 299, in
> error
> 69: raise RuntimeError("Process %s error: %s\n%s\n%s\n>>>>\n%s<<<<"
> % (
> 69: RuntimeError: Process 18299 error: exit code 1, expected 0
> 69: qdmanage QUERY --type=org.apache.qpid.dispatch.httpConnector --bus
> amqp://0.0.0.0:28091 --indent=-1 --timeout 300.0
> 69:
> /home/travis/build/apache/qpid-dispatch/build/tests/system_test.dir/system_tests_http2/Http2TestOneInteriorRouter/test_zzz_http_connector_delete/qdmanage-124.cmd
> 69: >>>>
> 69: <<<<
> 69:
> 69: During handling of the above exception, another exception occurred:
> 69:
> 69: Traceback (most recent call last):
> 69: File
> "/home/travis/build/apache/qpid-dispatch/tests/system_test.py", line 924, in
> wrap
> 69: return f(*args, **kwargs)
> 69: File
> "/home/travis/build/apache/qpid-dispatch/tests/system_tests_http2.py", line
> 450, in test_zzz_http_connector_delete
> 69:
> self.check_connector_delete(client_addr=self.router_qdra.http_addresses[0],
> 69: File
> "/home/travis/build/apache/qpid-dispatch/tests/system_tests_http2.py", line
> 247, in check_connector_delete
> 69: http_connectors =
> qd_manager.query('org.apache.qpid.dispatch.httpConnector')
> 69: File
> "/home/travis/build/apache/qpid-dispatch/tests/system_test.py", line 1228, in
> query
> 69: return json.loads(self('QUERY --type=%s' % long_type))
> 69: File
> "/home/travis/build/apache/qpid-dispatch/tests/system_test.py", line 1198, in
> __call__
> 69: raise Exception("%s\n%s" % (e, out))
> 69: Exception: Process 18299 error: exit code 1, expected 0
> 69: qdmanage QUERY --type=org.apache.qpid.dispatch.httpConnector --bus
> amqp://0.0.0.0:28091 --indent=-1 --timeout 300.0
> 69:
> /home/travis/build/apache/qpid-dispatch/build/tests/system_test.dir/system_tests_http2/Http2TestOneInteriorRouter/test_zzz_http_connector_delete/qdmanage-124.cmd
> 69: >>>>
> 69: <<<<
> 69: ConnectionException: Connection amqp://0.0.0.0:28091 disconnected:
> Condition('proton.pythonio', 'Connection refused to all addresses')
> 69:
> 69:
> 69:
> ======================================================================
> 69: ERROR: tearDownClass (system_tests_http2.Http2TestOneInteriorRouter)
> 69:
> ----------------------------------------------------------------------
> 69: Traceback (most recent call last):
> 69: File
> "/home/travis/build/apache/qpid-dispatch/tests/system_test.py", line 865, in
> tearDownClass
> 69: cls.tester.teardown()
> 69: File
> "/home/travis/build/apache/qpid-dispatch/tests/system_test.py", line 808, in
> teardown
> 69: raise RuntimeError("Errors during teardown: \n\n%s" %
> "\n\n".join([str(e) for e in errors]))
> 69: RuntimeError: Errors during teardown:
> 69:
> 69: Process 18274 error: exit code 1, expected -1
> 69: qdrouterd -c http2-test-router.conf -I
> /home/travis/build/apache/qpid-dispatch/python
> 69:
> /home/travis/build/apache/qpid-dispatch/build/tests/system_test.dir/system_tests_http2/Http2TestOneInteriorRouter/setUpClass/http2-test-router-47.cmd
> 69: >>>>
> 69: =================================================================
> 69: ==18274==ERROR: AddressSanitizer: use-after-poison on address
> 0x6160000db4e8 at pc 0x7fabfdcc70c1 bp 0x7fabf75151d0 sp 0x7fabf75151c8
> 69: READ of size 4 at 0x6160000db4e8 thread T1
> 69: #0 0x7fabfdcc70c0 in qdr_link_inbound_detach_CT
> /home/travis/build/apache/qpid-dispatch/src/router_core/connections.c:2046:24
> 69: #1 0x7fabfdd5761f in router_core_thread
> /home/travis/build/apache/qpid-dispatch/src/router_core/router_core_thread.c:239:13
> 69: #2 0x7fabfd833608 in start_thread
> (/lib/x86_64-linux-gnu/libpthread.so.0+0x9608)
> 69: #3 0x7fabfd05e292 in clone
> (/lib/x86_64-linux-gnu/libc.so.6+0x122292)
> 69:
> 69: 0x6160000db4e8 is located 360 bytes inside of 576-byte region
> [0x6160000db380,0x6160000db5c0)
> 69: allocated by thread T1 here:
> 69: #0 0x498177 in posix_memalign
> (/home/travis/build/apache/qpid-dispatch/build/router/qdrouterd+0x498177)
> 69: #1 0x7fabfdbc9b7e in qd_alloc
> /home/travis/build/apache/qpid-dispatch/src/alloc_pool.c:396:13
> 69: #2 0x7fabfdd491d8 in new_qdr_address_t
> /home/travis/build/apache/qpid-dispatch/src/router_core/router_core.c:31:1
> 69: #3 0x7fabfdd491d8 in qdr_address_CT
> /home/travis/build/apache/qpid-dispatch/src/router_core/router_core.c:469:27
> 69: #4 0x7fabfdd61133 in qdr_subscribe_CT
> /home/travis/build/apache/qpid-dispatch/src/router_core/route_tables.c:643:20
> 69: #5 0x7fabfdd5761f in router_core_thread
> /home/travis/build/apache/qpid-dispatch/src/router_core/router_core_thread.c:239:13
> 69: #6 0x7fabfd833608 in start_thread
> (/lib/x86_64-linux-gnu/libpthread.so.0+0x9608)
> 69:
> 69: Thread T1 created by T0 here:
> 69: #0 0x481a1c in pthread_create
> (/home/travis/build/apache/qpid-dispatch/build/router/qdrouterd+0x481a1c)
> 69: #1 0x7fabfdc817d9 in sys_thread
> /home/travis/build/apache/qpid-dispatch/src/posix/threading.c:181:5
> 69: #2 0x7fabfdd36520 in qdr_core
> /home/travis/build/apache/qpid-dispatch/src/router_core/router_core.c:124:20
> 69: #3 0x7fabfddc5858 in qd_router_setup_late
> /home/travis/build/apache/qpid-dispatch/src/router_node.c:2124:31
> 69: #4 0x7fabf9308ff4 (/lib/x86_64-linux-gnu/libffi.so.7+0x6ff4)
> 69: LLVMSymbolizer: error reading file: No such file or directory
> 69: #5 0x7fffd86b144f ([stack]+0x1f44f)
> 69:
> 69: SUMMARY: AddressSanitizer: use-after-poison
> /home/travis/build/apache/qpid-dispatch/src/router_core/connections.c:2046:24
> in qdr_link_inbound_detach_CT
> 69: Shadow bytes around the buggy address:
> 69: 0x0c2c80013640: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 69: 0x0c2c80013650: 00 00 00 00 00 00 00 00 fa fa fa fa fa fa fa fa
> 69: 0x0c2c80013660: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
> 69: 0x0c2c80013670: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 69: 0x0c2c80013680: 00 00 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7
> 69: =>0x0c2c80013690: f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7[f7]f7 f7
> 69: 0x0c2c800136a0: f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7 f7
> 69: 0x0c2c800136b0: f7 f7 f7 f7 f7 f7 00 00 fa fa fa fa fa fa fa fa
> 69: 0x0c2c800136c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
> 69: 0x0c2c800136d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 69: 0x0c2c800136e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> 69: Shadow byte legend (one shadow byte represents 8 application bytes):
> 69: Addressable: 00
> 69: Partially addressable: 01 02 03 04 05 06 07
> 69: Heap left redzone: fa
> 69: Freed heap region: fd
> 69: Stack left redzone: f1
> 69: Stack mid redzone: f2
> 69: Stack right redzone: f3
> 69: Stack after return: f5
> 69: Stack use after scope: f8
> 69: Global redzone: f9
> 69: Global init order: f6
> 69: Poisoned by user: f7
> 69: Container overflow: fc
> 69: Array cookie: ac
> 69: Intra object redzone: bb
> 69: ASan internal: fe
> 69: Left alloca redzone: ca
> 69: Right alloca redzone: cb
> 69: Shadow gap: cc
> 69: ==18274==ABORTING
> 69: <<<< {noformat}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@qpid.apache.org
For additional commands, e-mail: dev-h...@qpid.apache.org
