Uploaded image for project: 'Thrift'
  1. Thrift
  2. THRIFT-4880

Crash in apache::thrift::protocol::TProtocol::writeMessageBegin(std::string const&, apache::thrift::protocol::TMessageType, int)+3)

    XMLWordPrintableJSON

Details

    • Question
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 0.9.1
    • None
    • C++ - Library
    • None

    Description

      Working on android application using TThreadedServer protocol in our native code , observed crash within thrift autogenerated code for an RPC call process_client.

      In 400 to 500 iterations it happens once, Frequency of occurrence is very low. otherwise code works fine most of the time it works properly.

      Below are the details:

      signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 7729f450

      03-15 22:58:09.039  1600  1600 I DEBUG   :     r0 7729f458  r1 738a7c38  r2 00000002  r3 00000000  
      03-15 22:58:09.039  1600  1600 I DEBUG   :     r4 00000000  r5 738a7c38  r6 738a7c0c  r7 7729f458  
      03-15 22:58:09.041  1600  1600 I DEBUG   :     r8 7721be60  r9 738a7c3c  sl 7729f45c  fp 738a7c14  
      03-15 22:58:09.041  1600  1600 I DEBUG   :     ip 7729f450  sp 738a7c00  lr 76f1fd7d  pc 7729f450  cpsr 000f0010  
      03-15 22:58:09.042  1600  1600 I DEBUG   :     d0  0000000000000000  d1  0000000000000000  
      03-15 22:58:09.042  1600  1600 I DEBUG   :     d2  0000000000000000  d3  0000000000000000  
      03-15 22:58:09.043  1600  1600 I DEBUG   :     d4  6f4c3a3a72656761  d5  206f4e203e206461  
      03-15 22:58:09.044  1600  1600 I DEBUG   :     d6  72756769666e6f63  d7  4052c00000000000  
      03-15 22:58:09.045  1600  1600 I DEBUG   :     d8  0000000000000000  d9  0000000000000000  
      03-15 22:58:09.046  1600  1600 I DEBUG   :     d10 0000000000000000  d11 0000000000000000  
      03-15 22:58:09.047  1600  1600 I DEBUG   :     d12 0000000000000000  d13 0000000000000000  
      03-15 22:58:09.048  1600  1600 I DEBUG   :     d14 0000000000000000  d15 0000000000000000  
      03-15 22:58:09.049  1600  1600 I DEBUG   :     d16 00000000241f30a4  d17 00000000241f30a4  
      03-15 22:58:09.049  1600  1600 I DEBUG   :     d18 41cd063bbd000000  d19 0000000000000000  
      03-15 22:58:09.050  1600  1600 I DEBUG   :     d20 0000000000000000  d21 0000000000000000  
      03-15 22:58:09.051  1600  1600 I DEBUG   :     d22 0000000000000000  d23 0000000000000000  
      03-15 22:58:09.051  1600  1600 I DEBUG   :     d24 0000000000000000  d25 0000000000000000  
      03-15 22:58:09.051  1600  1600 I DEBUG   :     d26 0000000000000000  d27 0000000000000000  
      03-15 22:58:09.052  1600  1600 I DEBUG   :     d28 0000000000000000  d29 0000000000000000  
      03-15 22:58:09.053  1600  1600 I DEBUG   :     d30 0000000000000000  d31 0000000000000000  
      03-15 22:58:09.054  1600  1600 I DEBUG   :     scr 00000010  
      03-15 22:58:09.056  1600  1600 I DEBUG   :   
      03-15 22:58:09.056  1600  1600 I DEBUG   : backtrace:  
      03-15 22:58:09.057  1600  1600 I DEBUG   :     #00  pc 000ec450  [heap]  
      03-15 22:58:09.058  1600  1600 I DEBUG   :     #01  pc 00076d79  /system/lib/libmanager.so (canmanager::thrift::TManagerBackendProcessor::process_Client(int, apache::thrift::protocol::TProtocol*, apache::thrift::protocol::TProtocol*, void*)+244)  
      03-15 22:58:09.058  1600  1600 I DEBUG   :   
      03-15 22:58:09.058  1600  1600 I DEBUG   : stack:  
      03-15 22:58:09.059  1600  1600 I DEBUG   :          738a7bc0  738a7c14  [stack:3867]  
      03-15 22:58:09.059  1600  1600 I DEBUG   :          738a7bc4  76ce49b1  /vendor/lib/libc.so (malloc+12)  
      03-15 22:58:09.060  1600  1600 I DEBUG   :          738a7bc8  3ffffffc    
      03-15 22:58:09.060  1600  1600 I DEBUG   :          738a7bcc  0000000e    
      03-15 22:58:09.060  1600  1600 I DEBUG   :          738a7bd0  76f388b2  /system/lib/libmanager.so  
      03-15 22:58:09.060  1600  1600 I DEBUG   :          738a7bd4  772a0428  [heap]  
      03-15 22:58:09.060  1600  1600 I DEBUG   :          738a7bd8  7729f458  [heap]  
      03-15 22:58:09.060  1600  1600 I DEBUG   :          738a7bdc  76e504a7  /system/lib/libgnustl_shared.so (char* std::string::_S_construct<char const*>(char const*, char const*, std::allocator<char> const&, std::forward_iterator_tag)+62)  
      03-15 22:58:09.061  1600  1600 I DEBUG   :          738a7be0  76f388b2  /system/lib/libmanager.so  
      03-15 22:58:09.061  1600  1600 I DEBUG   :          738a7be4  738a7c38  [stack:3867]  
      03-15 22:58:09.061  1600  1600 I DEBUG   :          738a7be8  738a7c0c  [stack:3867]  
      03-15 22:58:09.062  1600  1600 I DEBUG   :          738a7bec  76e507ab  /system/lib/libgnustl_shared.so (std::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&)+34)  
      03-15 22:58:09.062  1600  1600 I DEBUG   :          738a7bf0  00000000    
      03-15 22:58:09.062  1600  1600 I DEBUG   :          738a7bf4  738a7c38  [stack:3867]  
      03-15 22:58:09.063  1600  1600 I DEBUG   :          738a7bf8  df0027ad    
      03-15 22:58:09.063  1600  1600 I DEBUG   :          738a7bfc  00000000    
      03-15 22:58:09.064  1600  1600 I DEBUG   :     #00  738a7c00  00000000    
      03-15 22:58:09.064  1600  1600 I DEBUG   :          ........  ........  
      03-15 22:58:09.064  1600  1600 I DEBUG   :     #01  738a7c00  00000000    
      03-15 22:58:09.065  1600  1600 I DEBUG   :          738a7c04  76d221f4    
      03-15 22:58:09.065  1600  1600 I DEBUG   :          738a7c08  76e6e368    
      03-15 22:58:09.065  1600  1600 I DEBUG   :          738a7c0c  76e4f249  /system/lib/libgnustl_shared.so (std::string::_M_mutate(unsigned int, unsigned int, unsigned int)+60)  
      03-15 22:58:09.066  1600  1600 I DEBUG   :          738a7c10  00000018    
      03-15 22:58:09.066  1600  1600 I DEBUG   :          738a7c14  00000000    
      03-15 22:58:09.067  1600  1600 I DEBUG   :          738a7c18  00000000    
      03-15 22:58:09.067  1600  1600 I DEBUG   :          738a7c1c  76f3c091  /system/lib/libmanager.so  
      03-15 22:58:09.068  1600  1600 I DEBUG   :          738a7c20  76f44808  /system/lib/libmanager.so  
      03-15 22:58:09.068  1600  1600 I DEBUG   :          738a7c24  ffffffff    
      03-15 22:58:09.069  1600  1600 I DEBUG   :          738a7c28  00000001    
      03-15 22:58:09.069  1600  1600 I DEBUG   :          738a7c2c  76f44828  /system/lib/libmanager.so  
      03-15 22:58:09.070  1600  1600 I DEBUG   :          738a7c30  0000472f    
      03-15 22:58:09.070  1600  1600 I DEBUG   :          738a7c34  76e6e301    
      03-15 22:58:09.070  1600  1600 I DEBUG   :          738a7c38  772a0434  [heap]  
      03-15 22:58:09.071  1600  1600 I DEBUG   :          738a7c3c  772a0410  [heap]

       

      void TManagerBackendProcessor::process_Client(int32_t seqid, ::apache::thrift::protocol::TProtocol* iprot, ::apache::thrift::protocol::TProtocol* oprot, void* callContext)
      {
        void* ctx = NULL;
        if (this->eventHandler_.get() != NULL)

      {     ctx = this->eventHandler_->getContext("TManagerBackend.Client", callContext);   }

        ::apache::thrift::TProcessorContextFreer freer(this->eventHandler_.get(), ctx, "TManagerBackend.Client");

        if (this->eventHandler_.get() != NULL)

      {     this->eventHandler_->preRead(ctx, "TManagerBackend.Client");   }

        TManagerBackend_Client_args args;
        args.read(iprot);
        iprot->readMessageEnd();
        uint32_t bytes = iprot->getTransport()->readEnd();

        if (this->eventHandler_.get() != NULL)

      {     this->eventHandler_->postRead(ctx, "TManagerBackend.Client", bytes);   }

        TManagerBackend_Client_result result;
        try

      {     result.success = iface_->Client(args.clientId);     result.__isset.success = true;   }

      catch (const std::exception& e) {
          if (this->eventHandler_.get() != NULL)

      {       this->eventHandler_->handlerError(ctx, "TManagerBackend.Client");     }

          ::apache::thrift::TApplicationException x(e.what());
          oprot->writeMessageBegin("Client", ::apache::thrift::protocol::T_EXCEPTION, seqid);
          x.write(oprot);
          oprot->writeMessageEnd();
          oprot->getTransport()->writeEnd();
          oprot->getTransport()->flush();
          return;
        }

        if (this->eventHandler_.get() != NULL)

      {     this->eventHandler_->preWrite(ctx, "TManagerBackend.Client");   }

        oprot->writeMessageBegin("Client", ::apache::thrift::protocol::T_REPLY, seqid); //->line where crash observed (seems oprot is getting undesired value here, seems this is the first location of oprot getting used after its initialization in TthreadedServer, also first call made after TThreadedServer calls serve())
        result.write(oprot);
        oprot->writeMessageEnd();
        bytes = oprot->getTransport()->writeEnd();
        oprot->getTransport()->flush();

        if (this->eventHandler_.get() != NULL)

      {     this->eventHandler_->postWrite(ctx, "TManagerBackend.Client", bytes);   }

      }

       

      we are using TThreadedServer with TBufferedTransportFactory.

      Checked everything in our code, not sure the crash is because of thrift code or not. Kindly help me to understand the significance of TProtocol oprot and possible root cause of the crash happening...

       

       

       

       

       

      Attachments

        Activity

          People

            Unassigned Unassigned
            bhthakke Bhavik
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: