[Quickfix-developers] Segfault in Message toString

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi,

We're using Quickfix in a python application through SWIG, and recently ran
into a segfault which we haven't been able to reproduce yet. We're running
two sessions, and what I think is a pretty basic configuration.

Here's the traceback that I was able to get from a crash file:

Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007fe472af6560 in FIX::FieldMap::calculateLength (
    this=this@entry=0x25063d0, beginStringField=beginStringField@entry=8,
    bodyLengthField=bodyLengthField@entry=9,
    checkSumField=checkSumField@entry=10) at FieldMap.cpp:249
249 FieldMap.cpp: No such file or directory.
[Current thread is 1 (Thread 0x7fe47841a700 (LWP 19582))]
(gdb) bt
#0  0x00007fe472af6560 in FIX::FieldMap::calculateLength (
    this=this@entry=0x25063d0, beginStringField=beginStringField@entry=8,
    bodyLengthField=bodyLengthField@entry=9,
    checkSumField=checkSumField@entry=10) at FieldMap.cpp:249
#1  0x00007fe472b005c8 in FIX::Message::bodyLength (checkSumField=10,
    bodyLengthField=9, beginStringField=8, this=0x2506360) at Message.h:215
#2  FIX::Message::toString (this=this@entry=0x2506360, str="",
    beginStringField=beginStringField@entry=8,
    bodyLengthField=bodyLengthField@entry=9,
    checkSumField=checkSumField@entry=10) at Message.cpp:252
#3  0x00007fe472b00bd5 in FIX::Message::toString[abi:cxx11](int, int, int)
const (this=this@entry=0x2506360, beginStringField=beginStringField@entry=8,
    bodyLengthField=bodyLengthField@entry=9,
    checkSumField=checkSumField@entry=10) at Message.cpp:243
#4  0x00007fe471a4b949 in FIX_Message___str__ (self=0x2506360)
    at QuickfixPython.cpp:7280
#5  _wrap_Message___str__ (args=<optimized out>) at QuickfixPython.cpp:28679

As far as I can tell, this is coming from a line in our Python code that's
logging a Message instance.

I'm not sure how much QuickFix/J has forked off from the C++
implementation, but this issue reported there seems very similar
(toString(), calculateLength() might not be thread safe?):
https://sourceforge.net/p/quickfixj/mailman/quickfixj-users/thread/CABWW-d2XGNM%3Dd5x%3DcG4Sb%3D0PGKVBffL2FoFkG-FPgt4FS2CyPw%40mail.gmail.com/#msg30532141

If it is a synchronization issue, I'm not really sure how, as our python
code is only running in a single thread (we use SocketInitiator which may
run in its own thread, but could that cause issues?)

The only other thought we had is that this segfault happened at a time
interval very close to when a heartbeat was expected. We are logging
messages in the toApp and fromApp callbacks. Could that cause issues for
any reason?

Any help would be very appreciated. Thanks!
- Alex Galonsky

-- 

This communication is intended only for the recipient to whom it is 
addressed.  It may contain information that is privileged and confidential. 
 Nothing contained in this email constitutes tax, legal, insurance or 
investment advice, nor does it constitute a solicitation or an offer to buy 
or sell any security or other financial instrument.  If you are not the 
intended recipient of this message, any use, dissemination, distribution, 
or copying of this communication is strictly prohibited.  If you have 
received this communication in error, please immediately notify the sender 
and permanently delete all copies that you may have.