Bhavik created THRIFT-4880:
------------------------------
Summary: Crash in
apache::thrift::protocol::TProtocol::writeMessageBegin(std::string const&,
apache::thrift::protocol::TMessageType, int)+3)
Key: THRIFT-4880
URL: https://issues.apache.org/jira/browse/THRIFT-4880
Project: Thrift
Issue Type: Question
Components: C++ - Library
Affects Versions: 0.9.1
Reporter: Bhavik
Working on android application using TThreadedServer protocol in our native
code , observed crash within thrift autogenerated code for an RPC call
process_client.
In 400 to 500 iterations it happens once, Frequency of occurrence is very low.
otherwise code works fine most of the time it works properly.
Below are the details:
signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 7729f450
03-15 22:58:09.039 1600 1600 I DEBUG : r0 7729f458 r1 738a7c38 r2
00000002 r3 00000000
03-15 22:58:09.039 1600 1600 I DEBUG : r4 00000000 r5 738a7c38 r6
738a7c0c r7 7729f458
03-15 22:58:09.041 1600 1600 I DEBUG : r8 7721be60 r9 738a7c3c sl
7729f45c fp 738a7c14
03-15 22:58:09.041 1600 1600 I DEBUG : ip 7729f450 sp 738a7c00 lr
76f1fd7d pc 7729f450 cpsr 000f0010
03-15 22:58:09.042 1600 1600 I DEBUG : d0 0000000000000000 d1
0000000000000000
03-15 22:58:09.042 1600 1600 I DEBUG : d2 0000000000000000 d3
0000000000000000
03-15 22:58:09.043 1600 1600 I DEBUG : d4 6f4c3a3a72656761 d5
206f4e203e206461
03-15 22:58:09.044 1600 1600 I DEBUG : d6 72756769666e6f63 d7
4052c00000000000
03-15 22:58:09.045 1600 1600 I DEBUG : d8 0000000000000000 d9
0000000000000000
03-15 22:58:09.046 1600 1600 I DEBUG : d10 0000000000000000 d11
0000000000000000
03-15 22:58:09.047 1600 1600 I DEBUG : d12 0000000000000000 d13
0000000000000000
03-15 22:58:09.048 1600 1600 I DEBUG : d14 0000000000000000 d15
0000000000000000
03-15 22:58:09.049 1600 1600 I DEBUG : d16 00000000241f30a4 d17
00000000241f30a4
03-15 22:58:09.049 1600 1600 I DEBUG : d18 41cd063bbd000000 d19
0000000000000000
03-15 22:58:09.050 1600 1600 I DEBUG : d20 0000000000000000 d21
0000000000000000
03-15 22:58:09.051 1600 1600 I DEBUG : d22 0000000000000000 d23
0000000000000000
03-15 22:58:09.051 1600 1600 I DEBUG : d24 0000000000000000 d25
0000000000000000
03-15 22:58:09.051 1600 1600 I DEBUG : d26 0000000000000000 d27
0000000000000000
03-15 22:58:09.052 1600 1600 I DEBUG : d28 0000000000000000 d29
0000000000000000
03-15 22:58:09.053 1600 1600 I DEBUG : d30 0000000000000000 d31
0000000000000000
03-15 22:58:09.054 1600 1600 I DEBUG : scr 00000010
03-15 22:58:09.056 1600 1600 I DEBUG :
03-15 22:58:09.056 1600 1600 I DEBUG : backtrace:
03-15 22:58:09.057 1600 1600 I DEBUG : #00 pc 000ec450 [heap]
03-15 22:58:09.058 1600 1600 I DEBUG : #01 pc 00076d79
/system/lib/libmanager.so
(canmanager::thrift::TManagerBackendProcessor::process_Client(int,
apache::thrift::protocol::TProtocol*, apache::thrift::protocol::TProtocol*,
void*)+244)
03-15 22:58:09.058 1600 1600 I DEBUG :
03-15 22:58:09.058 1600 1600 I DEBUG : stack:
03-15 22:58:09.059 1600 1600 I DEBUG : 738a7bc0 738a7c14
[stack:3867]
03-15 22:58:09.059 1600 1600 I DEBUG : 738a7bc4 76ce49b1
/vendor/lib/libc.so (malloc+12)
03-15 22:58:09.060 1600 1600 I DEBUG : 738a7bc8 3ffffffc
03-15 22:58:09.060 1600 1600 I DEBUG : 738a7bcc 0000000e
03-15 22:58:09.060 1600 1600 I DEBUG : 738a7bd0 76f388b2
/system/lib/libmanager.so
03-15 22:58:09.060 1600 1600 I DEBUG : 738a7bd4 772a0428 [heap]
03-15 22:58:09.060 1600 1600 I DEBUG : 738a7bd8 7729f458 [heap]
03-15 22:58:09.060 1600 1600 I DEBUG : 738a7bdc 76e504a7
/system/lib/libgnustl_shared.so (char* std::string::_S_construct<char
const*>(char const*, char const*, std::allocator<char> const&,
std::forward_iterator_tag)+62)
03-15 22:58:09.061 1600 1600 I DEBUG : 738a7be0 76f388b2
/system/lib/libmanager.so
03-15 22:58:09.061 1600 1600 I DEBUG : 738a7be4 738a7c38
[stack:3867]
03-15 22:58:09.061 1600 1600 I DEBUG : 738a7be8 738a7c0c
[stack:3867]
03-15 22:58:09.062 1600 1600 I DEBUG : 738a7bec 76e507ab
/system/lib/libgnustl_shared.so (std::basic_string<char,
std::char_traits<char>, std::allocator<char> >::basic_string(char const*,
std::allocator<char> const&)+34)
03-15 22:58:09.062 1600 1600 I DEBUG : 738a7bf0 00000000
03-15 22:58:09.062 1600 1600 I DEBUG : 738a7bf4 738a7c38
[stack:3867]
03-15 22:58:09.063 1600 1600 I DEBUG : 738a7bf8 df0027ad
03-15 22:58:09.063 1600 1600 I DEBUG : 738a7bfc 00000000
03-15 22:58:09.064 1600 1600 I DEBUG : #00 738a7c00 00000000
03-15 22:58:09.064 1600 1600 I DEBUG : ........ ........
03-15 22:58:09.064 1600 1600 I DEBUG : #01 738a7c00 00000000
03-15 22:58:09.065 1600 1600 I DEBUG : 738a7c04 76d221f4
03-15 22:58:09.065 1600 1600 I DEBUG : 738a7c08 76e6e368
03-15 22:58:09.065 1600 1600 I DEBUG : 738a7c0c 76e4f249
/system/lib/libgnustl_shared.so (std::string::_M_mutate(unsigned int, unsigned
int, unsigned int)+60)
03-15 22:58:09.066 1600 1600 I DEBUG : 738a7c10 00000018
03-15 22:58:09.066 1600 1600 I DEBUG : 738a7c14 00000000
03-15 22:58:09.067 1600 1600 I DEBUG : 738a7c18 00000000
03-15 22:58:09.067 1600 1600 I DEBUG : 738a7c1c 76f3c091
/system/lib/libmanager.so
03-15 22:58:09.068 1600 1600 I DEBUG : 738a7c20 76f44808
/system/lib/libmanager.so
03-15 22:58:09.068 1600 1600 I DEBUG : 738a7c24 ffffffff
03-15 22:58:09.069 1600 1600 I DEBUG : 738a7c28 00000001
03-15 22:58:09.069 1600 1600 I DEBUG : 738a7c2c 76f44828
/system/lib/libmanager.so
03-15 22:58:09.070 1600 1600 I DEBUG : 738a7c30 0000472f
03-15 22:58:09.070 1600 1600 I DEBUG : 738a7c34 76e6e301
03-15 22:58:09.070 1600 1600 I DEBUG : 738a7c38 772a0434 [heap]
03-15 22:58:09.071 1600 1600 I DEBUG : 738a7c3c 772a0410 [heap]
void TManagerBackendProcessor::process_Client(int32_t seqid,
::apache::thrift::protocol::TProtocol* iprot,
::apache::thrift::protocol::TProtocol* oprot, void* callContext)
{
void* ctx = NULL;
if (this->eventHandler_.get() != NULL) {
ctx = this->eventHandler_->getContext("TManagerBackend.Client",
callContext);
}
::apache::thrift::TProcessorContextFreer freer(this->eventHandler_.get(),
ctx, "TManagerBackend.Client");
if (this->eventHandler_.get() != NULL) {
this->eventHandler_->preRead(ctx, "TManagerBackend.Client");
}
TManagerBackend_Client_args args;
args.read(iprot);
iprot->readMessageEnd();
uint32_t bytes = iprot->getTransport()->readEnd();
if (this->eventHandler_.get() != NULL) {
this->eventHandler_->postRead(ctx, "TManagerBackend.Client", bytes);
}
TManagerBackend_Client_result result;
try {
result.success = iface_->Client(args.clientId);
result.__isset.success = true;
} catch (const std::exception& e) {
if (this->eventHandler_.get() != NULL) {
this->eventHandler_->handlerError(ctx, "TManagerBackend.Client");
}
::apache::thrift::TApplicationException x(e.what());
oprot->writeMessageBegin("Client", ::apache::thrift::protocol::T_EXCEPTION,
seqid);
x.write(oprot);
oprot->writeMessageEnd();
oprot->getTransport()->writeEnd();
oprot->getTransport()->flush();
return;
}
if (this->eventHandler_.get() != NULL) {
this->eventHandler_->preWrite(ctx, "TManagerBackend.Client");
}
{color:#FF0000} oprot->writeMessageBegin("Client",
::apache::thrift::protocol::T_REPLY, seqid); //->line where crash observed
(seems oprot is getting undesired value here, seems this is the first location
of oprot getting used after its initialization in TthreadedServer, also first
call made after TThreadedServer calls serve()){color}
result.write(oprot);
oprot->writeMessageEnd();
bytes = oprot->getTransport()->writeEnd();
oprot->getTransport()->flush();
if (this->eventHandler_.get() != NULL) {
this->eventHandler_->postWrite(ctx, "TManagerBackend.Client", bytes);
}
}
we are using TThreadedServer with TBufferedTransportFactory.
Checked everything in our code, not sure the crash is because of thrift code or
not. Kindly help me to understand the significance of TProtocol oprot and
possible root cause of the crash happening...
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
