thrift-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bhavik (JIRA)" <j...@apache.org>
Subject [jira] [Created] (THRIFT-4880) Crash in apache::thrift::protocol::TProtocol::writeMessageBegin(std::string const&, apache::thrift::protocol::TMessageType, int)+3)
Date Thu, 06 Jun 2019 11:00:00 GMT
Bhavik created THRIFT-4880:
------------------------------

             Summary: Crash in apache::thrift::protocol::TProtocol::writeMessageBegin(std::string
const&, apache::thrift::protocol::TMessageType, int)+3)
                 Key: THRIFT-4880
                 URL: https://issues.apache.org/jira/browse/THRIFT-4880
             Project: Thrift
          Issue Type: Question
          Components: C++ - Library
    Affects Versions: 0.9.1
            Reporter: Bhavik


Working on android application using TThreadedServer protocol in our native code , observed
crash within thrift autogenerated code for an RPC call process_client.

In 400 to 500 iterations it happens once, Frequency of occurrence is very low. otherwise code
works fine most of the time it works properly.

Below are the details:

signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 7729f450

03-15 22:58:09.039  1600  1600 I DEBUG   :     r0 7729f458  r1 738a7c38  r2 00000002 
r3 00000000  
03-15 22:58:09.039  1600  1600 I DEBUG   :     r4 00000000  r5 738a7c38  r6 738a7c0c 
r7 7729f458  
03-15 22:58:09.041  1600  1600 I DEBUG   :     r8 7721be60  r9 738a7c3c  sl 7729f45c 
fp 738a7c14  
03-15 22:58:09.041  1600  1600 I DEBUG   :     ip 7729f450  sp 738a7c00  lr 76f1fd7d 
pc 7729f450  cpsr 000f0010  
03-15 22:58:09.042  1600  1600 I DEBUG   :     d0  0000000000000000  d1  0000000000000000
 
03-15 22:58:09.042  1600  1600 I DEBUG   :     d2  0000000000000000  d3  0000000000000000
 
03-15 22:58:09.043  1600  1600 I DEBUG   :     d4  6f4c3a3a72656761  d5  206f4e203e206461
 
03-15 22:58:09.044  1600  1600 I DEBUG   :     d6  72756769666e6f63  d7  4052c00000000000
 
03-15 22:58:09.045  1600  1600 I DEBUG   :     d8  0000000000000000  d9  0000000000000000
 
03-15 22:58:09.046  1600  1600 I DEBUG   :     d10 0000000000000000  d11 0000000000000000
 
03-15 22:58:09.047  1600  1600 I DEBUG   :     d12 0000000000000000  d13 0000000000000000
 
03-15 22:58:09.048  1600  1600 I DEBUG   :     d14 0000000000000000  d15 0000000000000000
 
03-15 22:58:09.049  1600  1600 I DEBUG   :     d16 00000000241f30a4  d17 00000000241f30a4
 
03-15 22:58:09.049  1600  1600 I DEBUG   :     d18 41cd063bbd000000  d19 0000000000000000
 
03-15 22:58:09.050  1600  1600 I DEBUG   :     d20 0000000000000000  d21 0000000000000000
 
03-15 22:58:09.051  1600  1600 I DEBUG   :     d22 0000000000000000  d23 0000000000000000
 
03-15 22:58:09.051  1600  1600 I DEBUG   :     d24 0000000000000000  d25 0000000000000000
 
03-15 22:58:09.051  1600  1600 I DEBUG   :     d26 0000000000000000  d27 0000000000000000
 
03-15 22:58:09.052  1600  1600 I DEBUG   :     d28 0000000000000000  d29 0000000000000000
 
03-15 22:58:09.053  1600  1600 I DEBUG   :     d30 0000000000000000  d31 0000000000000000
 
03-15 22:58:09.054  1600  1600 I DEBUG   :     scr 00000010  
03-15 22:58:09.056  1600  1600 I DEBUG   :   
03-15 22:58:09.056  1600  1600 I DEBUG   : backtrace:  
03-15 22:58:09.057  1600  1600 I DEBUG   :     #00  pc 000ec450  [heap]  
03-15 22:58:09.058  1600  1600 I DEBUG   :     #01  pc 00076d79  /system/lib/libmanager.so
(canmanager::thrift::TManagerBackendProcessor::process_Client(int, apache::thrift::protocol::TProtocol*,
apache::thrift::protocol::TProtocol*, void*)+244)  
03-15 22:58:09.058  1600  1600 I DEBUG   :   
03-15 22:58:09.058  1600  1600 I DEBUG   : stack:  
03-15 22:58:09.059  1600  1600 I DEBUG   :          738a7bc0  738a7c14  [stack:3867]
 
03-15 22:58:09.059  1600  1600 I DEBUG   :          738a7bc4  76ce49b1  /vendor/lib/libc.so
(malloc+12)  
03-15 22:58:09.060  1600  1600 I DEBUG   :          738a7bc8  3ffffffc    
03-15 22:58:09.060  1600  1600 I DEBUG   :          738a7bcc  0000000e    
03-15 22:58:09.060  1600  1600 I DEBUG   :          738a7bd0  76f388b2  /system/lib/libmanager.so
 
03-15 22:58:09.060  1600  1600 I DEBUG   :          738a7bd4  772a0428  [heap]
 
03-15 22:58:09.060  1600  1600 I DEBUG   :          738a7bd8  7729f458  [heap]
 
03-15 22:58:09.060  1600  1600 I DEBUG   :          738a7bdc  76e504a7  /system/lib/libgnustl_shared.so
(char* std::string::_S_construct<char const*>(char const*, char const*, std::allocator<char>
const&, std::forward_iterator_tag)+62)  
03-15 22:58:09.061  1600  1600 I DEBUG   :          738a7be0  76f388b2  /system/lib/libmanager.so
 
03-15 22:58:09.061  1600  1600 I DEBUG   :          738a7be4  738a7c38  [stack:3867]
 
03-15 22:58:09.061  1600  1600 I DEBUG   :          738a7be8  738a7c0c  [stack:3867]
 
03-15 22:58:09.062  1600  1600 I DEBUG   :          738a7bec  76e507ab  /system/lib/libgnustl_shared.so
(std::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char
const*, std::allocator<char> const&)+34)  
03-15 22:58:09.062  1600  1600 I DEBUG   :          738a7bf0  00000000    
03-15 22:58:09.062  1600  1600 I DEBUG   :          738a7bf4  738a7c38  [stack:3867]
 
03-15 22:58:09.063  1600  1600 I DEBUG   :          738a7bf8  df0027ad    
03-15 22:58:09.063  1600  1600 I DEBUG   :          738a7bfc  00000000    
03-15 22:58:09.064  1600  1600 I DEBUG   :     #00  738a7c00  00000000    
03-15 22:58:09.064  1600  1600 I DEBUG   :          ........  ........  
03-15 22:58:09.064  1600  1600 I DEBUG   :     #01  738a7c00  00000000    
03-15 22:58:09.065  1600  1600 I DEBUG   :          738a7c04  76d221f4    
03-15 22:58:09.065  1600  1600 I DEBUG   :          738a7c08  76e6e368    
03-15 22:58:09.065  1600  1600 I DEBUG   :          738a7c0c  76e4f249  /system/lib/libgnustl_shared.so
(std::string::_M_mutate(unsigned int, unsigned int, unsigned int)+60)  
03-15 22:58:09.066  1600  1600 I DEBUG   :          738a7c10  00000018    
03-15 22:58:09.066  1600  1600 I DEBUG   :          738a7c14  00000000    
03-15 22:58:09.067  1600  1600 I DEBUG   :          738a7c18  00000000    
03-15 22:58:09.067  1600  1600 I DEBUG   :          738a7c1c  76f3c091  /system/lib/libmanager.so
 
03-15 22:58:09.068  1600  1600 I DEBUG   :          738a7c20  76f44808  /system/lib/libmanager.so
 
03-15 22:58:09.068  1600  1600 I DEBUG   :          738a7c24  ffffffff    
03-15 22:58:09.069  1600  1600 I DEBUG   :          738a7c28  00000001    
03-15 22:58:09.069  1600  1600 I DEBUG   :          738a7c2c  76f44828  /system/lib/libmanager.so
 
03-15 22:58:09.070  1600  1600 I DEBUG   :          738a7c30  0000472f    
03-15 22:58:09.070  1600  1600 I DEBUG   :          738a7c34  76e6e301    
03-15 22:58:09.070  1600  1600 I DEBUG   :          738a7c38  772a0434  [heap]
 
03-15 22:58:09.071  1600  1600 I DEBUG   :          738a7c3c  772a0410  [heap]

 

void TManagerBackendProcessor::process_Client(int32_t seqid, ::apache::thrift::protocol::TProtocol*
iprot, ::apache::thrift::protocol::TProtocol* oprot, void* callContext)
{
  void* ctx = NULL;
  if (this->eventHandler_.get() != NULL) {
    ctx = this->eventHandler_->getContext("TManagerBackend.Client", callContext);
  }
  ::apache::thrift::TProcessorContextFreer freer(this->eventHandler_.get(), ctx, "TManagerBackend.Client");

  if (this->eventHandler_.get() != NULL) {
    this->eventHandler_->preRead(ctx, "TManagerBackend.Client");
  }

  TManagerBackend_Client_args args;
  args.read(iprot);
  iprot->readMessageEnd();
  uint32_t bytes = iprot->getTransport()->readEnd();

  if (this->eventHandler_.get() != NULL) {
    this->eventHandler_->postRead(ctx, "TManagerBackend.Client", bytes);
  }

  TManagerBackend_Client_result result;
  try {
    result.success = iface_->Client(args.clientId);
    result.__isset.success = true;
  } catch (const std::exception& e) {
    if (this->eventHandler_.get() != NULL) {
      this->eventHandler_->handlerError(ctx, "TManagerBackend.Client");
    }

    ::apache::thrift::TApplicationException x(e.what());
    oprot->writeMessageBegin("Client", ::apache::thrift::protocol::T_EXCEPTION, seqid);
    x.write(oprot);
    oprot->writeMessageEnd();
    oprot->getTransport()->writeEnd();
    oprot->getTransport()->flush();
    return;
  }

  if (this->eventHandler_.get() != NULL) {
    this->eventHandler_->preWrite(ctx, "TManagerBackend.Client");
  }

{color:#FF0000}  oprot->writeMessageBegin("Client", ::apache::thrift::protocol::T_REPLY,
seqid); //->line where crash observed (seems oprot is getting undesired value here, seems
this is the first location of oprot getting used after its initialization in TthreadedServer,
also first call made after TThreadedServer calls serve()){color}
  result.write(oprot);
  oprot->writeMessageEnd();
  bytes = oprot->getTransport()->writeEnd();
  oprot->getTransport()->flush();

  if (this->eventHandler_.get() != NULL) {
    this->eventHandler_->postWrite(ctx, "TManagerBackend.Client", bytes);
  }
}

 

we are using TThreadedServer with TBufferedTransportFactory.

Checked everything in our code, not sure the crash is because of thrift code or not. Kindly
help me to understand the significance of TProtocol oprot and possible root cause of the crash
happening...

 

 

 

 

 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message