Bug 480295 - The broker crashes when a standard message is sent to a LVQ
Summary: The broker crashes when a standard message is sent to a LVQ
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise MRG
Classification: Red Hat
Component: qpid-cpp
Version: 1.1
Hardware: All
OS: Linux
urgent
high
Target Milestone: 1.1.1
: ---
Assignee: Carl Trieloff
QA Contact: Frantisek Reznicek
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2009-01-16 10:38 UTC by Arnaud Simon
Modified: 2015-11-16 00:06 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-04-21 16:16:16 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)
Reproducer (1.07 KB, text/plain)
2009-03-02 17:10 UTC, David Sommerseth 		no flags Details
View All


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2009:0434 0 normal SHIPPED_LIVE Red Hat Enterprise MRG Messaging and Grid Version 1.1.1 2009-04-21 16:15:50 UTC

Description Arnaud Simon 2009-01-16 10:38:26 UTC 
Description of problem: The broker crashes when a standard message is sent to a LVQ

Scenario to reproduce is:
- Create a LVQ queue with key foo  
- Send 10 messages with the key foo
- Send a message without a key ===> segfault

The backtrace is:
(gdb) backtrace
#0  std::_Rb_tree<std::string, std::pair<std::string const, boost::shared_ptr<qpid::framing::FieldValue> >, std::_Select1st<std::pair<std::string const, boost::shared_ptr<qpid::framing::FieldValue> > >, std::less<std::string>, std::allocator<std::pair<std::string const, boost::shared_ptr<qpid::framing::FieldValue> > > >::_M_begin ()
    at /usr/lib/gcc/i386-redhat-linux/4.3.2/../../../../include/c++/4.3.2/bits/stl_tree.h:459
#1  std::_Rb_tree<std::string, std::pair<std::string const, boost::shared_ptr<qpid::framing::FieldValue> >, std::_Select1st<std::pair<std::string const, boost::shared_ptr<qpid::framing::FieldValue> > >, std::less<std::string>, std::allocator<std::pair<std::string const, boost::shared_ptr<qpid::framing::FieldValue> > > >::find ()
    at /usr/lib/gcc/i386-redhat-linux/4.3.2/../../../../include/c++/4.3.2/bits/stl_tree.h:1405
#2  std::map<std::string, boost::shared_ptr<qpid::framing::FieldValue>, std::less<std::string>, std::allocator<std::pair<std::string const, boost::shared_ptr<qpid::framing::FieldValue> > > >::find ()
    at /usr/lib/gcc/i386-redhat-linux/4.3.2/../../../../include/c++/4.3.2/bits/stl_map.h:630
#3  qpid::framing::FieldTable::get (this=0x0, name=@0x2e5e24) at qpid/framing/FieldTable.cpp:122
#4  0x0047d713 in qpid::framing::FieldTable::getAsString (this=0x0, name=@0x2e5e24) at qpid/framing/FieldTable.cpp:144
#5  0x001de171 in qpid::broker::Queue::push (this=0xb4d00970, msg=@0xb58905cc) at qpid/broker/Queue.cpp:534
#6  0x001df37b in qpid::broker::Queue::deliver (this=0xb4d00970, msg=@0xb58905cc) at qpid/broker/Queue.cpp:163
#7  0x001f9d92 in qpid::broker::DeliverableMessage::deliverTo (this=0xb58905c4, queue=@0xb4d0117c)
    at qpid/broker/DeliverableMessage.cpp:31
#8  0x001fe6aa in qpid::broker::DirectExchange::route (this=0x8b5acc0, msg=@0xb58905c4, routingKey=@0xb5890564)
    at qpid/broker/DirectExchange.cpp:145
#9  0x0024fa54 in qpid::broker::SemanticState::route (this=0xb4d41de8, msg={p_ = 0xb4d42c68}, strategy=@0xb58905c4)
    at qpid/broker/SemanticState.cpp:387
#10 0x002503df in qpid::broker::SemanticState::handle (this=0xb4d41de8, msg={p_ = 0xb4d42c68}) at qpid/broker/SemanticState.cpp:344
#11 0x00262566 in qpid::broker::SessionState::handleContent (this=0xb4d41cc0, frame=@0xb5890d5c, id=@0xb5890704)
    at qpid/broker/SessionState.cpp:198
#12 0x0026520e in qpid::broker::SessionState::handleIn (this=0xb4d41cc0, frame=@0xb5890d5c) at qpid/broker/SessionState.cpp:230
#13 0x00265b6b in qpid::framing::Handler<qpid::framing::AMQFrame&>::MemFunRef<qpid::framing::Handler<qpid::framing::AMQFrame&>::InOutHandlerInterface, &(qpid::framing::Handler<qpid::framing::AMQFrame&>::InOutHandlerInterface::handleIn(qpid::framing::AMQFrame&))>::handle (
    this=0xb4d41dc0, t=@0xb5890d5c) at ./qpid/framing/Handler.h:67
#14 0x0046b4fe in qpid::amqp_0_10::SessionHandler::handleIn (this=0xb4d00618, f=@0xb5890d5c) at qpid/amqp_0_10/SessionHandler.cpp:92
#15 0x00265b6b in qpid::framing::Handler<qpid::framing::AMQFrame&>::MemFunRef<qpid::framing::Handler<qpid::framing::AMQFrame&>::InOutHandlerInterface, &(qpid::framing::Handler<qpid::framing::AMQFrame&>::InOutHandlerInterface::handleIn(qpid::framing::AMQFrame&))>::handle (
    this=0xb4d00620, t=@0xb5890d5c) at ./qpid/framing/Handler.h:67
#16 0x001ece77 in qpid::framing::Handler<qpid::framing::AMQFrame&>::operator() () at ./qpid/framing/Handler.h:42
#17 qpid::broker::Connection::received (this=0x8b9cfe0, frame=@0xb5890d5c) at qpid/broker/Connection.cpp:104
#18 0x001bb4d7 in qpid::amqp_0_10::Connection::decode (this=0x8b9d188, buffer=0xb4d31cb8 "\v\001", size=1327)
    at qpid/amqp_0_10/Connection.cpp:55
#19 0x00247404 in qpid::broker::SecureConnection::decode (this=0x8b5c528, buffer=0xb4d31cb8 "\v\001", size=4)
    at qpid/broker/SecureConnection.cpp:42
#20 0x00496ee6 in qpid::sys::AsynchIOHandler::readbuff (this=0xb4d00738, buff=0xb4d011a8) at qpid/sys/AsynchIOHandler.cpp:103
#21 0x00286cf9 in boost::_mfi::mf2<bool, qpid::sys::AsynchIOHandler, qpid::sys::AsynchIO&, qpid::sys::AsynchIOBufferBase*>::operator() ()
    at /usr/include/boost/bind/mem_fn_template.hpp:274
#22 operator()<bool, boost::_mfi::mf2<bool, qpid::sys::AsynchIOHandler, qpid::sys::AsynchIO&, qpid::sys::AsynchIOBufferBase*>, boost::_bi::list2<qpid::sys::AsynchIO&, qpid::sys::AsynchIOBufferBase*&> > () at /usr/include/boost/bind.hpp:337
#23 operator()<qpid::sys::AsynchIO, qpid::sys::AsynchIOBufferBase*> () at /usr/include/boost/bind/bind_template.hpp:61
#24 boost::detail::function::function_obj_invoker2<boost::_bi::bind_t<bool, boost::_mfi::mf2<bool, qpid::sys::AsynchIOHandler, qpid::sys::AsynchIO&, qpid::sys::AsynchIOBufferBase*>, boost::_bi::list3<boost::_bi::value<qpid::sys::AsynchIOHandler*>, boost::arg<1> (*)(), boost::ar
g<2> (*)()> >, bool, qpid::sys::AsynchIO&, qpid::sys::AsynchIOBufferBase*>::invoke (function_obj_ptr=@0xb4d0055c, a0=@0xb4d004d0, 
    a1=0xb4d011a8) at /usr/include/boost/function/function_template.hpp:134
#25 0x0043db9f in boost::function2<bool, qpid::sys::AsynchIO&, qpid::sys::AsynchIOBufferBase*, std::allocator<boost::function_base> >::operator() () at /usr/include/boost/function/function_template.hpp:692
#26 qpid::sys::posix::AsynchIO::readable (this=0xb4d004d0, h=@0xb4d004d4) at qpid/sys/posix/AsynchIO.cpp:441
#27 0x0043f342 in boost::_mfi::mf1<void, qpid::sys::posix::AsynchIO, qpid::sys::DispatchHandle&>::operator() ()
    at /usr/include/boost/bind/mem_fn_template.hpp:162
#28 operator()<boost::_mfi::mf1<void, qpid::sys::posix::AsynchIO, qpid::sys::DispatchHandle&>, boost::_bi::list1<qpid::sys::DispatchHandle&> > () at /usr/include/boost/bind.hpp:288
#29 operator()<qpid::sys::DispatchHandle> () at /usr/include/boost/bind/bind_template.hpp:32
#30 boost::detail::function::void_function_obj_invoker1<boost::_bi::bind_t<void, boost::_mfi::mf1<void, qpid::sys::posix::AsynchIO, qpid::sys::DispatchHandle&>, boost::_bi::list2<boost::_bi::value<qpid::sys::posix::AsynchIO*>, boost::arg<1> (*)()> >, void, qpid::sys::DispatchHandle&>::invoke (function_obj_ptr=@0xb4d004e0, a0=@0xb4d004d4) at /usr/include/boost/function/function_template.hpp:155
#31 0x0049add3 in boost::function1<void, qpid::sys::DispatchHandle&, std::allocator<boost::function_base> >::operator() (this=0xb4d004dc, 
    a0=@0xb4d004d4) at /usr/include/boost/function/function_template.hpp:692
#32 0x0049a834 in qpid::sys::DispatchHandle::processEvent (this=0xb4d004d4, type=qpid::sys::Poller::READABLE)
    at qpid/sys/DispatchHandle.cpp:361
#33 0x00450a03 in qpid::sys::Poller::Event::process () at ./qpid/sys/Poller.h:121
#34 qpid::sys::Poller::run (this=0x8b57878) at qpid/sys/epoll/EpollPoller.cpp:390
#35 0x00498774 in qpid::sys::Dispatcher::run (this=0xbfce7b84) at qpid/sys/Dispatcher.cpp:37
#36 0x00443ae1 in runRunnable (p=0xbfce7b84) at qpid/sys/posix/Thread.cpp:35
#37 0x00ad451f in start_thread () from /lib/libpthread.so.0
#38 0x00a0a01e in clone () from /lib/libc.so.6
Comment 1 Arnaud Simon 2009-01-16 10:46:26 UTC 
https://issues.apache.org/jira/browse/QPID-1586
Comment 2 Carl Trieloff 2009-01-19 19:27:02 UTC 
Transmitting file data ..
Committed revision 735776.

Messages that have no key, that are sent to a LVQ are placed into the queue in FIFO.

Test using bug reproduction instructions, unit test in QueueTest.cpp
Comment 4 David Sommerseth 2009-03-02 17:10:41 UTC 
Created attachment 333763 [details]
Reproducer

Tested with the attached reproducer against qpidd-0.4.744917-1.el5 and the MRG-1.1 stable packages.

Test routine:
- Install packages and start broker
- For MRG-1.1 -- run: qpid-config add queue foo --last-value-queue
- For MRG-1.1.1 candidate: run qpid-config add queue foo --order lvq
- run: python bz480295.py


On successful run, the reproducer should give this result:
----------------------------------------------------------
Broker: 127.0.0.1:5672
Message count: 10
Sending messages to routing_key: foo
Message 1 ...  Done
Message 2 ...  Done
Message 3 ...  Done
Message 4 ...  Done
Message 5 ...  Done
Message 6 ...  Done
Message 7 ...  Done
Message 8 ...  Done
Message 9 ...  Done
Message 10 ...  Done
Sending message without routing key
----------------------------------------------------------

This is the result from the MRG/M-1.1.1 candidate version tested.  

On the (buggy) MRG/M-1.1 stable packages the reproducer will not complete and will give a traceback and the broker will die.
Comment 6 errata-xmlrpc 2009-04-21 16:16:16 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2009-0434.html
Note You need to log in before you can comment on or make changes to this bug.