celix-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bjoern Petri (JIRA)" <j...@apache.org>
Subject [jira] [Closed] (CELIX-334) Race Condition in Topology Manager causes spurious segfaults
Date Mon, 11 Jan 2016 10:12:39 GMT

     [ https://issues.apache.org/jira/browse/CELIX-334?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Bjoern Petri closed CELIX-334.
------------------------------
    Resolution: Fixed

> Race Condition in Topology Manager causes spurious segfaults
> ------------------------------------------------------------
>
>                 Key: CELIX-334
>                 URL: https://issues.apache.org/jira/browse/CELIX-334
>             Project: Celix
>          Issue Type: Bug
>            Reporter: Bjoern Petri
>            Assignee: Bjoern Petri
>
> When adding imported/exported Services, the Topology Manager creates a copy of the rsaList.
Although a comment mentioned that this is done to prevent threading issues, this is causing
a race condition btwn topology manager and the remote service admin:
> {code}
> =================================================================
> ==6392== ERROR: AddressSanitizer: heap-use-after-free on address 0x601c00009fe8 at pc
0x2ab837b9c59a bp 0x2ab8370384d0 sp 0x2ab8370384c8
> READ of size 8 at 0x601c00009fe8 thread T72
>     #0 0x2ab837b9c599 in remoteServiceAdmin_importService /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/src/remote_service_admin_impl.c:825:0
>     #1 0x2ab8396f5a61 in topologyManager_addImportedService /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/topology_manager/private/src/topology_manager.c:549:0
>     #2 0x2ab837ffead3 in discovery_informEndpointListeners /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/discovery/private/src/discovery.c:173:0
>     #3 0x2ab837fff0d0 in discovery_addDiscoveredEndpoint /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/discovery/private/src/discovery.c:209:0
>     #4 0x2ab838006cf5 in endpointDiscoveryPoller_poll /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/discovery/private/src/endpoint_discovery_poller.c:271:0
>     #5 0x2ab838005fca in endpointDiscoveryPoller_addDiscoveryEndpoint /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/discovery/private/src/endpoint_discovery_poller.c:193:0
>     #6 0x2ab837ff9c69 in discoveryShmWatcher_syncEndpoints /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/discovery_shm/private/src/discovery_shmWatcher.c:119:0
>     #7 0x2ab837ffa554 in discoveryShmWatcher_run /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/discovery_shm/private/src/discovery_shmWatcher.c:168:0
>     #8 0x2ab82af4db97 in __asan_describe_address ??:?
>     #9 0x2ab82e42f181 in start_thread /build/buildd/eglibc-2.19/nptl/pthread_create.c:312
(discriminator 2)
>     #10 0x2ab82ef5f47c in clone /build/buildd/eglibc-2.19/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:111
> 0x601c00009fe8 is located 104 bytes inside of 152-byte region [0x601c00009f80,0x601c0000a018)
> freed by thread T0 here:
>     #0 0x2ab82af4a33a in __interceptor_free ??:?
>     #1 0x2ab837b9339d in remoteServiceAdmin_destroy /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/src/remote_service_admin_impl.c:101:0
>     #2 0x2ab837b9dff2 in bundleActivator_stop /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/src/remote_service_admin_activator.c:107:0
>     #3 0x2ab82df1526c in fw_stopBundle /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/framework.c:875:0
>     #4 0x2ab82def33d4 in bundle_stopWithOptions /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/bundle.c:325:0
>     #5 0x2ab82def3166 in bundle_stop /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/bundle.c:313:0
>     #6 0x41b2b3 in stopStartPermutation /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/test/rsa_client_server_tests.cpp:250:0
>     #7 0x41e3c6 in testImport /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/test/rsa_client_server_tests.cpp:338:0
>     #8 0x422e4e in _ZN44TEST_RsaShmClientServerTests_TestImport_Test8testBodyEv /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/test/rsa_client_server_tests.cpp:479:0
>     #9 0x42fe00 in PlatformSpecificSetJmpImplementation /home/bjoern/Progs/cpputest/cpputest-3.7.1/src/Platforms/Gcc/UtestPlatform.cpp:144:0
> addr2line: '': No such file
>     #10 0x601000007f9f in
> previously allocated by thread T0 here:
>     #0 0x2ab82af4a4e5 in calloc ??:?
>     #1 0x2ab837b929db in remoteServiceAdmin_create /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/src/remote_service_admin_impl.c:70
>     #2 0x2ab837b9d9f2 in bundleActivator_start /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/src/remote_service_admin_activator.c:63
>     #3 0x2ab82df1317f in fw_startBundle /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/framework.c:717
(discriminator 1)
>     #4 0x2ab82def2cd2 in bundle_startWithOptions /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/bundle.c:282
>     #5 0x2ab82df63556 in celixLauncher_launchWithProperties /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/celix_launcher.c:130
(discriminator 2)
>     #6 0x2ab82df62b2b in celixLauncher_launchWithStream /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/celix_launcher.c:67
>     #7 0x2ab82df62844 in celixLauncher_launch /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/celix_launcher.c:46
>     #8 0x4144ee in setupFm /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/test/rsa_client_server_tests.cpp:68
>     #9 0x42360e in _ZN47TEST_GROUP_CppUTestGroupRsaShmClientServerTests5setupEv /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/test/rsa_client_server_tests.cpp:465
>     #10 0x42fe00 in PlatformSpecificSetJmpImplementation /home/bjoern/Progs/cpputest/cpputest-3.7.1/src/Platforms/Gcc/UtestPlatform.cpp:144
>     #11 0x601000007f9f in
> Thread T72 created by T0 here:
>     #0 0x2ab82af3fb5b in __interceptor_pthread_create ??:?
>     #1 0x2ab82e1fdca8 in celixThread_create /home/bjoern/Development/celix/git/celix.current.plain/celix/utils/private/src/celix_threads.c:34
>     #2 0x2ab837ffaaed in discoveryShmWatcher_create /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/discovery_shm/private/src/discovery_shmWatcher.c:212
>     #3 0x2ab837ffba80 in discovery_start /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/discovery_shm/private/src/discovery_impl.c:122
>     #4 0x2ab837ffcc18 in bundleActivator_start /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/discovery/private/src/discovery_activator.c:125
>     #5 0x2ab82df1317f in fw_startBundle /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/framework.c:717
(discriminator 1)
>     #6 0x2ab82def2cd2 in bundle_startWithOptions /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/bundle.c:282
>     #7 0x2ab82df63556 in celixLauncher_launchWithProperties /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/celix_launcher.c:130
(discriminator 2)
>     #8 0x2ab82df62b2b in celixLauncher_launchWithStream /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/celix_launcher.c:67
>     #9 0x2ab82df62844 in celixLauncher_launch /home/bjoern/Development/celix/git/celix.current.plain/celix/framework/private/src/celix_launcher.c:46
>     #10 0x4144ee in setupFm /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/test/rsa_client_server_tests.cpp:68
>     #11 0x42360e in _ZN47TEST_GROUP_CppUTestGroupRsaShmClientServerTests5setupEv /home/bjoern/Development/celix/git/celix.current.plain/celix/remote_services/remote_service_admin_shm/private/test/rsa_client_server_tests.cpp:465
>     #12 0x42fe00 in PlatformSpecificSetJmpImplementation /home/bjoern/Progs/cpputest/cpputest-3.7.1/src/Platforms/Gcc/UtestPlatform.cpp:144
>     #13 0x601000007f9f in
> Shadow bytes around the buggy address:
>   0x0c03ffff93a0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
>   0x0c03ffff93b0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
>   0x0c03ffff93c0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
>   0x0c03ffff93d0: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fd
>   0x0c03ffff93e0: fd fd fd fd fd fd fd fd fa fa fa fa fa fa fa fa
> =>0x0c03ffff93f0: fd fd fd fd fd fd fd fd fd fd fd fd fd[fd]fd fd
>   0x0c03ffff9400: fd fd fd fa fa fa fa fa fa fa fa fa 00 00 00 00
>   0x0c03ffff9410: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fa
>   0x0c03ffff9420: fa fa fa fa fa fa fa fa fd fd fd fd fd fd fd fd
>   0x0c03ffff9430: fd fd fd fd fd fd fd fd fd fd fd fd fa fa fa fa
>   0x0c03ffff9440: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fd fd
> Shadow byte legend (one shadow byte represents 8 application bytes):
>   Addressable:           00
>   Partially addressable: 01 02 03 04 05 06 07
>   Heap left redzone:     fa
>   Heap righ redzone:     fb
>   Freed Heap region:     fd
>   Stack left redzone:    f1
>   Stack mid redzone:     f2
>   Stack right redzone:   f3
>   Stack partial redzone: f4
>   Stack after return:    f5
>   Stack use after scope: f8
>   Global redzone:        f9
>   Global init order:     f6
>   Poisoned by user:      f7
>   ASan internal:         fe
> ==6392== ABORTING
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message