Skip to content

Crash on Value::releasePayload() #1196

New issue
New issue
Open
Open
Crash on Value::releasePayload()#1196
Labels
needs more info
@PredatorMF

Description

@PredatorMF
PredatorMF
opened on Jun 28, 2020

Describe the bug
Random crash when parsing a document. This happens once in a while on a dozens of remote clients. Almost exact stack trace can be seen with v.0.7.0

To Reproduce

  1. I couldn't reproduce with any json.

Expected behavior
No crash.

Desktop (please complete the following information):

  • OS: Windows 7
  • Visual Studio 2019

Additional context

Crash reason:  EXCEPTION_ACCESS_VIOLATION_READ
Crash address: 0xf56bfd4
Assertion: Unknown assertion type 0x00000000
Process uptime: 64714 seconds

Thread 9 (crashed)
 0  ntdll.dll + 0x51ffe
 1  ntdll.dll + 0x51faf
 2  ucrtbase.dll + 0x2ec4b
 3  ucrtbase.dll + 0x2ec18
 4  runner.exe!operator delete(void *,unsigned int) [delete_scalar_size.cpp : 31 + 0x8]
 5  runner.exe!std::_Tree_val<std::_Tree_simple_types<std::pair<Json::Value::CZString const ,Json::Value> > >::_Erase_tree<std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > >(std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > &,std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> *) [xtree : 745 + 0x27]
 6  runner.exe!std::_Tree_val<std::_Tree_simple_types<std::pair<Json::Value::CZString const ,Json::Value> > >::_Erase_tree<std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > >(std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > &,std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> *) [xtree : 744 + 0xb]
 7  runner.exe!std::_Tree_val<std::_Tree_simple_types<std::pair<Json::Value::CZString const ,Json::Value> > >::_Erase_tree<std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > >(std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > &,std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> *) [xtree : 744 + 0xb]
 8  runner.exe!Json::Value::releasePayload() [json_value.cpp : 1021 + 0x13]
 9  runner.exe!Json::Value::~Value() [json_value.cpp : 442 + 0x5]
10  runner.exe!std::_Tree_val<std::_Tree_simple_types<std::pair<Json::Value::CZString const ,Json::Value> > >::_Erase_tree<std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > >(std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > &,std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> *) [xtree : 745 + 0x17]
11  runner.exe!std::_Tree_val<std::_Tree_simple_types<std::pair<Json::Value::CZString const ,Json::Value> > >::_Erase_tree<std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > >(std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > &,std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> *) [xtree : 744 + 0xb]
12  runner.exe!std::_Tree_val<std::_Tree_simple_types<std::pair<Json::Value::CZString const ,Json::Value> > >::_Erase_tree<std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > >(std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > &,std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> *) [xtree : 744 + 0xb]
13  runner.exe!Json::Value::releasePayload() [json_value.cpp : 1021 + 0x13]
14  runner.exe!Json::Value::~Value() [json_value.cpp : 442 + 0x5]
15  runner.exe!std::_Tree_val<std::_Tree_simple_types<std::pair<Json::Value::CZString const ,Json::Value> > >::_Erase_tree<std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > >(std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > &,std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> *) [xtree : 745 + 0x17]
16  runner.exe!std::_Tree_val<std::_Tree_simple_types<std::pair<Json::Value::CZString const ,Json::Value> > >::_Erase_tree<std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > >(std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > &,std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> *) [xtree : 744 + 0xb]
17  runner.exe!std::_Tree_val<std::_Tree_simple_types<std::pair<Json::Value::CZString const ,Json::Value> > >::_Erase_tree<std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > >(std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > &,std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> *) [xtree : 744 + 0xb]
18  runner.exe!Json::Value::releasePayload() [json_value.cpp : 1021 + 0x13]
19  runner.exe!Json::Value::~Value() [json_value.cpp : 442 + 0x5]
20  runner.exe!std::_Tree_val<std::_Tree_simple_types<std::pair<Json::Value::CZString const ,Json::Value> > >::_Erase_tree<std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > >(std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > &,std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> *) [xtree : 745 + 0x17]
21  runner.exe!std::_Tree_val<std::_Tree_simple_types<std::pair<Json::Value::CZString const ,Json::Value> > >::_Erase_tree<std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > >(std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > &,std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> *) [xtree : 744 + 0xb]
22  runner.exe!Json::Value::releasePayload() [json_value.cpp : 1021 + 0x13]
23  runner.exe!Json::Value::~Value() [json_value.cpp : 442 + 0x5]
24  runner.exe!std::_Tree_val<std::_Tree_simple_types<std::pair<Json::Value::CZString const ,Json::Value> > >::_Erase_tree<std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > >(std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > &,std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> *) [xtree : 745 + 0x17]
25  runner.exe!Json::Value::releasePayload() [json_value.cpp : 1021 + 0x13]
26  runner.exe!Json::Value::~Value() [json_value.cpp : 442 + 0x5]
27  runner.exe!std::_Tree_val<std::_Tree_simple_types<std::pair<Json::Value::CZString const ,Json::Value> > >::_Erase_tree<std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > >(std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > &,std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> *) [xtree : 745 + 0x17]
28  runner.exe!std::_Tree_val<std::_Tree_simple_types<std::pair<Json::Value::CZString const ,Json::Value> > >::_Erase_tree<std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > >(std::allocator<std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> > &,std::_Tree_node<std::pair<Json::Value::CZString const ,Json::Value>,void *> *) [xtree : 744 + 0xb]
29  runner.exe!Json::Value::releasePayload() [json_value.cpp : 1021 + 0x13]
30  runner.exe!Json::Value::~Value() [json_value.cpp : 442 + 0x5]
31  runner.exe!Json::Reader::readObject(Json::Reader::Token &) [json_reader.cpp : 495 + 0x59]
32  runner.exe!Json::Reader::readValue() [json_reader.cpp : 170 + 0xb]
33  runner.exe!Json::Reader::parse(char const *,char const *,Json::Value &,bool) [json_reader.cpp : 130 + 0x7]
34  runner.exe!Json::Reader::parse(std::basic_string<char,std::char_traits<char>,std::allocator<char> > const &,Json::Value &,bool) [json_reader.cpp : 96 + 0x14]
35  runner.exe!DataInterface::ParseTask::DoWork() [DataProvider.cpp : 153 + 0x1e]
36  runner.exe!platform::Thread::ThreadMain() [thread_win.cpp : 108 + 0x8]
37  runner.exe!static unsigned long platform::ThreadFunc(void *) [platform_thread.cpp : 49 + 0xa]
38  kernel32.dll + 0x51174
39  ntdll.dll + 0x5b3f5
40  ntdll.dll + 0x5b3c8

Metadata

Metadata

Assignees

No one assigned

    Labels

    needs more info

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions