Skip to content

[nav2_smoother] nullptr bug during smooth_plan() #4538

New issue
New issue
Closed
Closed
[nav2_smoother] nullptr bug during smooth_plan()#4538
@GoesM

Description

@GoesM
GoesM
opened on Jul 16, 2024

Bug report

Required Info:

  • Operating System:
    • ubuntu 22.04
  • ROS2 Version:
    • humble
  • Version or commit hash:
    • the latest
  • DDS implementation:
    • the defaulted

Steps to reproduce issue

during my normal usage

#!/bin/bash
export ASAN_OPTIONS=halt_on_error=0:new_delete_type_mismatch=0:detect_leaks=0:log_pah=asan
source install/setup.bash
export TURTLEBOT3_MODEL=waffle
export GAZEBO_MODEL_PATH=$GAZEBO_MODEL_PATH:/opt/ros/humble/share/turtlebot3_gazebo/models
ros2 launch nav2_bringup tb3_simulation_launch.py headless:=True use_rviz:=False use_composition:=False

Expected behavior

no NullPtr bug occured.

Actual behavior

the Asan report of this NullPtr bug is as following:

 =================================================================
==166818==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x7187e491e19a bp 0x7187d75fc2d0 sp 0x7187d75f86a0 T13)
==166818==The signal is caused by a READ memory access.
==166818==Hint: address points to the zero page.
    #0 0x7187e491e19a in nav2_smoother::SmootherServer::smoothPlan() (/home/***/nav2_ws/install/nav2_smoother/lib/libsmoother_server_core.so+0x11e19a) (BuildId: 80891eed01337a00457782ceae8a233ce28b113c)
    #1 0x7187e49f0a93 in nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::work() (/home/***/nav2_ws/install/nav2_smoother/lib/libsmoother_server_core.so+0x1f0a93) (BuildId: 80891eed01337a00457782ceae8a233ce28b113c)
    #2 0x7187e49efe04 in std::__future_base::_Task_setter<std::unique_ptr<std::__future_base::_Result<void>, std::__future_base::_Result_base::_Deleter>, std::thread::_Invoker<std::tuple<nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::handle_accepted(std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >)::'lambda'()> >, void>::operator()() const (/home/***/nav2_ws/install/nav2_smoother/lib/libsmoother_server_core.so+0x1efe04) (BuildId: 80891eed01337a00457782ceae8a233ce28b113c)
    #3 0x7187e49efb17 in std::enable_if<is_invocable_r_v<std::unique_ptr<std::__future_base::_Result_base, std::__future_base::_Result_base::_Deleter>, std::__future_base::_Task_setter<std::unique_ptr<std::__future_base::_Result<void>, std::__future_base::_Result_base::_Deleter>, std::thread::_Invoker<std::tuple<nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::handle_accepted(std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >)::'lambda'()> >, void>&>, std::unique_ptr<std::__future_base::_Result_base, std::__future_base::_Result_base::_Deleter> >::type std::__invoke_r<std::unique_ptr<std::__future_base::_Result_base, std::__future_base::_Result_base::_Deleter>, std::__future_base::_Task_setter<std::unique_ptr<std::__future_base::_Result<void>, std::__future_base::_Result_base::_Deleter>, std::thread::_Invoker<std::tuple<nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::handle_accepted(std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >)::'lambda'()> >, void>&>(std::__future_base::_Task_setter<std::unique_ptr<std::__future_base::_Result<void>, std::__future_base::_Result_base::_Deleter>, std::thread::_Invoker<std::tuple<nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::handle_accepted(std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >)::'lambda'()> >, void>&) (/home/***/nav2_ws/install/nav2_smoother/lib/libsmoother_server_core.so+0x1efb17) (BuildId: 80891eed01337a00457782ceae8a233ce28b113c)
    #4 0x7187e49ef958 in std::_Function_handler<std::unique_ptr<std::__future_base::_Result_base, std::__future_base::_Result_base::_Deleter> (), std::__future_base::_Task_setter<std::unique_ptr<std::__future_base::_Result<void>, std::__future_base::_Result_base::_Deleter>, std::thread::_Invoker<std::tuple<nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::handle_accepted(std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >)::'lambda'()> >, void> >::_M_invoke(std::_Any_data const&) (/home/***/nav2_ws/install/nav2_smoother/lib/libsmoother_server_core.so+0x1ef958) (BuildId: 80891eed01337a00457782ceae8a233ce28b113c)
    #5 0x7187e5cf5b96 in std::__future_base::_State_baseV2::_M_do_set(std::function<std::unique_ptr<std::__future_base::_Result_base, std::__future_base::_Result_base::_Deleter> ()>*, bool*) (/home/***/nav2_ws/install/nav2_util/lib/libnav2_util_core.so+0x7fb96) (BuildId: 1d6c0d5217ab4e048e9a7919e1f2eabd3bac7da1)
    #6 0x7187e3e99ee7 in __pthread_once_slow nptl/./nptl/pthread_once.c:116:7
    #7 0x7187e49ed521 in std::__future_base::_Async_state_impl<std::thread::_Invoker<std::tuple<nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::handle_accepted(std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >)::'lambda'()> >, void>::_M_run() (/home/***/nav2_ws/install/nav2_smoother/lib/libsmoother_server_core.so+0x1ed521) (BuildId: 80891eed01337a00457782ceae8a233ce28b113c)
    #8 0x7187e42dc252  (/lib/x86_64-linux-gnu/libstdc++.so.6+0xdc252) (BuildId: e37fe1a879783838de78cbc8c80621fa685d58a2)
    #9 0x7187e3e94ac2 in start_thread nptl/./nptl/pthread_create.c:442:8
    #10 0x7187e3f2684f  misc/../sysdeps/unix/sysv/linux/x86_64/clone3.S:81

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/home/***/nav2_ws/install/nav2_smoother/lib/libsmoother_server_core.so+0x11e19a) (BuildId: 80891eed01337a00457782ceae8a233ce28b113c) in nav2_smoother::SmootherServer::smoothPlan()
Thread T13 created by T12 here:
    #0 0x5ce319b8a87c in __interceptor_pthread_create (/home/***/nav2_ws/install/nav2_smoother/lib/nav2_smoother/smoother_server+0x9387c) (BuildId: 5647db61db99952a548142c13b8b84d860f54c3b)
    #1 0x7187e42dc328 in std::thread::_M_start_thread(std::unique_ptr<std::thread::_State, std::default_delete<std::thread::_State> >, void (*)()) (/lib/x86_64-linux-gnu/libstdc++.so.6+0xdc328) (BuildId: e37fe1a879783838de78cbc8c80621fa685d58a2)
    #2 0x7187e49ece82 in std::__future_base::_Async_state_impl<std::thread::_Invoker<std::tuple<nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::handle_accepted(std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >)::'lambda'()> >, void>::_Async_state_impl<nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::handle_accepted(std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >)::'lambda'()>(nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::handle_accepted(std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >)::'lambda'()&&) (/home/***/nav2_ws/install/nav2_smoother/lib/libsmoother_server_core.so+0x1ece82) (BuildId: 80891eed01337a00457782ceae8a233ce28b113c)
    #3 0x7187e49ec628 in std::__shared_count<(__gnu_cxx::_Lock_policy)2>::__shared_count<std::__future_base::_Async_state_impl<std::thread::_Invoker<std::tuple<nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::handle_accepted(std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >)::'lambda'()> >, void>, std::allocator<void>, nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::handle_accepted(std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >)::'lambda'()>(std::__future_base::_Async_state_impl<std::thread::_Invoker<std::tuple<nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::handle_accepted(std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >)::'lambda'()> >, void>*&, std::_Sp_alloc_shared_tag<std::allocator<void> >, nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::handle_accepted(std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >)::'lambda'()&&) (/home/***/nav2_ws/install/nav2_smoother/lib/libsmoother_server_core.so+0x1ec628) (BuildId: 80891eed01337a00457782ceae8a233ce28b113c)
    #4 0x7187e49ea833 in std::future<std::__invoke_result<std::decay<nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::handle_accepted(std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >)::'lambda'()>::type>::type> std::async<nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::handle_accepted(std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >)::'lambda'()>(std::launch, nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::handle_accepted(std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >)::'lambda'()&&) (/home/***/nav2_ws/install/nav2_smoother/lib/libsmoother_server_core.so+0x1ea833) (BuildId: 80891eed01337a00457782ceae8a233ce28b113c)
    #5 0x7187e49d3359 in nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::handle_accepted(std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >) (/home/***/nav2_ws/install/nav2_smoother/lib/libsmoother_server_core.so+0x1d3359) (BuildId: 80891eed01337a00457782ceae8a233ce28b113c)
    #6 0x7187e49f5b27 in void std::__invoke_impl<void, void (nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::*&)(std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >), nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>*&, std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> > >(std::__invoke_memfun_deref, void (nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::*&)(std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >), nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>*&, std::shared_ptr<rclcpp_action::ServerGoalHandle<nav2_msgs::action::SmoothPath> >&&) (/home/***/nav2_ws/install/nav2_smoother/lib/libsmoother_server_core.so+0x1f5b27) (BuildId: 80891eed01337a00457782ceae8a233ce28b113c)
    #7 0x7187e49daf36 in rclcpp_action::Server<nav2_msgs::action::SmoothPath>::call_goal_accepted_callback(std::shared_ptr<rcl_action_goal_handle_s>, std::array<unsigned char, 16ul>, std::shared_ptr<void>) (/home/***/nav2_ws/install/nav2_smoother/lib/libsmoother_server_core.so+0x1daf36) (BuildId: 80891eed01337a00457782ceae8a233ce28b113c)
    #8 0x7187e59f2246 in rclcpp_action::ServerBase::execute_goal_request_received(std::shared_ptr<void>&) (/opt/ros/humble/lib/librclcpp_action.so+0x13246) (BuildId: 4dfcc4cee7010878193255b3a622d5194654caa8)

Thread T12 created by T0 here:
    #0 0x5ce319b8a87c in __interceptor_pthread_create (/home/***/nav2_ws/install/nav2_smoother/lib/nav2_smoother/smoother_server+0x9387c) (BuildId: 5647db61db99952a548142c13b8b84d860f54c3b)
    #1 0x7187e42dc328 in std::thread::_M_start_thread(std::unique_ptr<std::thread::_State, std::default_delete<std::thread::_State> >, void (*)()) (/lib/x86_64-linux-gnu/libstdc++.so.6+0xdc328) (BuildId: e37fe1a879783838de78cbc8c80621fa685d58a2)
    #2 0x7187e49cc7d5 in nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>::SimpleActionServer<std::shared_ptr<nav2_util::LifecycleNode> >(std::shared_ptr<nav2_util::LifecycleNode>, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::function<void ()>, std::function<void ()>, std::chrono::duration<long, std::ratio<1l, 1000l> >, bool, rcl_action_server_options_s const&) (/home/***/nav2_ws/install/nav2_smoother/lib/libsmoother_server_core.so+0x1cc7d5) (BuildId: 80891eed01337a00457782ceae8a233ce28b113c)
    #3 0x7187e491d488 in std::__detail::_MakeUniq<nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath> >::__single_object std::make_unique<nav2_util::SimpleActionServer<nav2_msgs::action::SmoothPath>, std::shared_ptr<nav2_util::LifecycleNode>, char const (&) [12], std::_Bind<void (nav2_smoother::SmootherServer::* (nav2_smoother::SmootherServer*))()>, std::nullptr_t, std::chrono::duration<long, std::ratio<1l, 1000l> >, bool>(std::shared_ptr<nav2_util::LifecycleNode>&&, char const (&) [12], std::_Bind<void (nav2_smoother::SmootherServer::* (nav2_smoother::SmootherServer*))()>&&, std::nullptr_t&&, std::chrono::duration<long, std::ratio<1l, 1000l> >&&, bool&&) (/home/***/nav2_ws/install/nav2_smoother/lib/libsmoother_server_core.so+0x11d488) (BuildId: 80891eed01337a00457782ceae8a233ce28b113c)
    #4 0x7187e4917f72 in nav2_smoother::SmootherServer::on_configure(rclcpp_lifecycle::State const&) (/home/***/nav2_ws/install/nav2_smoother/lib/libsmoother_server_core.so+0x117f72) (BuildId: 80891eed01337a00457782ceae8a233ce28b113c)
    #5 0x7187e57f38ec  (/opt/ros/humble/lib/librclcpp_lifecycle.so+0x288ec) (BuildId: 97f6428dc1ee45fd402b522b3b8e6b4fcfeabe76)

==166818==ABORTING

Additional information

stable reproduction for the bug:

step 1. insert delay in smoothPlan() as following:

void SmootherServer::smoothPlan()
{
  auto start_time = this->now();

  RCLCPP_INFO(get_logger(), "Received a path to smooth.");

  auto result = std::make_shared<Action::Result>();
  try {
    std::string c_name = action_server_->get_current_goal()->smoother_id;
    std::string current_smoother;
    if (findSmootherId(c_name, current_smoother)) {
      current_smoother_ = current_smoother;
    } else {
      action_server_->terminate_current();
      return;
    }
// insert
{
  RCLCPP_INFO(get_logger(), " smoothPlan() start------------------------------------------------" );
  std::this_thread::sleep_for(std::chrono::seconds(3));
  RCLCPP_INFO(get_logger(), " smoothPlan() still working------------------------------------------------" );
//
    // Perform smoothing
    auto goal = action_server_->get_current_goal();
    result->path = goal->path;
    result->was_completed = smoothers_[current_smoother_]->smooth(
      result->path, goal->max_smoothing_duration);
    result->smoothing_duration = this->now() - start_time;

    if (!result->was_completed) {
      RCLCPP_INFO(
        get_logger(),
        "Smoother %s did not complete smoothing in specified time limit"
        "(%lf seconds) and was interrupted after %lf seconds",
        current_smoother_.c_str(),
        rclcpp::Duration(goal->max_smoothing_duration).seconds(),
        rclcpp::Duration(result->smoothing_duration).seconds());
    }
    plan_publisher_->publish(result->path);

}

step 2. launch and send the goal:

 ros2 action send_goal /smooth_path nav2_msgs/action/SmoothPath " 
check_for_collisions: true
max_smoothing_duration:
  nanosec: 66586634
  sec: 2818050
path:
  header:
    frame_id: map
  poses:
    - header:
        frame_id: map
        stamp:
          nanosec: 18186267
          sec: 1711025911
      pose:
        orientation:
          w: 0.714039336254295
          x: 0.0
          y: 0.000000
          z: 0.7001055822385119
        position:
          x: -1.4124970436096191
          y: 0.7968802452087402
          z: 0.0
    - header:
        frame_id: map
        stamp:
          nanosec: 986243672
          sec: -837341456
      pose:
        orientation:
          w: 0.7725104999765416
          x: 0.0
          y: 0.0
          z: -0.6350019900960892
        position:
          x: 1.6625025272369385
          y: 0.6656188368797302
          z: 0.0
    - header:
        frame_id: map
        stamp:
          nanosec: 690214053
          sec: 1711026163
      pose:
        orientation:
          w: 0.5592876984531523
          x: 0.0
          y: 0.0
          z: -0.8289736246461499
        position:
          x: 0.6187454462051392
          y: -1.2281272411346436
          z: 0.0
smoother_id: simple_smoother"

step 3. Then Ctrl+C to let the nav2_smoother automatically execute deactivate() -> cleanup(), and then ASAN will appear.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions