trafficserver Event's null ethread pointer is sometimes dereferenced.

Event's null ethread pointer is sometimes dereferenced.

Open ywkaras opened this issue 2 years ago • 0 comments

In this call: https://github.com/apache/trafficserver/blob/3a4c3dbbe340fc5e1c88c5375e5ed826ed9a797c/iocore/eventsystem/P_UnixEventProcessor.h#L123

the ethread field of the event structure is sometimes null (which causes a crash).

Here is an example stack dump:

[ 00 ] libtscore.so.9.1.10  ink_atomiclist_push                        ( ink_queue.cc:530 )
[ 01 ] traffic_server       ProtectedQueue::enqueue(Event*)            ( ProtectedQueue.cc:52 )
[ 02 ] traffic_server       EventProcessor::schedule(Event*, int)      ( P_UnixEventProcessor.h:123 )
[ 03 ] traffic_server       TSContScheduleOnPool                       ( P_UnixEvent.h:31 )
[ 04 ] safetslua.so         statsHandler                               ( ts_lua.c:215 )
[ 05 ] traffic_server       INKContInternal::handle_event(int, void*)  ( InkAPI.cc:1138 )
[ 06 ] traffic_server       EThread::process_event(Event*, int)        ( I_Continuation.h:219 )
[ 07 ] traffic_server       EThread::execute_regular()                 ( UnixEThread.cc:273 )
[ 08 ] traffic_server       execute                                    ( UnixEThread.cc:364 )
[ 09 ] traffic_server       EThread::execute()                         ( UnixEThread.cc:342 )
[ 10 ] traffic_server       spawn_thread_internal                      ( Thread.cc:91 )
[ 11 ] libpthread-2.17.so   start_thread                               ( pthread_create.c:307 )

Jun 22 '22 16:06 ywkaras

trafficserver trafficserver copied to clipboard

Event's null ethread pointer is sometimes dereferenced.

trafficserver
trafficserver copied to clipboard