10.1.x: Crash in HttpSM::setup_cache_write_transfer

[bneradt]

When testing 10.1.x on a production box, I'm seeing the following crash with some frequency:

#0  0x000000000058092d in HttpSM::setup_cache_write_transfer (name=0x8ded65 "cache write", skip_bytes=956, store_info=0x7fe896dfe180, source_vc=0x7fe896ecdd90, c_sm=0x7fe896e00878, this=0x7fe896dfe000) at /sd/workspace/src/git.ouryahoo.com/Edge/build/_scm/trafficserver10.1/src/proxy/http/HttpSM.cc:6838
#1  HttpSM::perform_cache_write_action (this=this@entry=0x7fe896dfe000) at /sd/workspace/src/git.ouryahoo.com/Edge/build/_scm/trafficserver10.1/src/proxy/http/HttpSM.cc:6490
#2  0x0000000000598879 in HttpSM::handle_api_return (this=0x7fe896dfe000) at /sd/workspace/src/git.ouryahoo.com/Edge/build/_scm/trafficserver10.1/src/proxy/http/HttpSM.cc:1650
#3  0x000000000058fd9e in HttpSM::state_api_callout (this=0x7fe896dfe000, event=<optimized out>) at /sd/workspace/src/git.ouryahoo.com/Edge/build/_scm/trafficserver10.1/src/proxy/http/HttpSM.cc:1511
#4  0x0000000000596ede in HttpSM::state_api_callback (this=this@entry=0x7fe896dfe000, event=event@entry=60000, data=data@entry=0x0) at /sd/workspace/src/git.ouryahoo.com/Edge/build/_scm/trafficserver10.1/src/proxy/http/HttpSM.cc:1311
#5  0x00007ff217303373 in TSHttpTxnReenable (txnp=0x7fe896dfe000, event=TS_EVENT_HTTP_CONTINUE) at /sd/workspace/src/git.ouryahoo.com/Edge/build/_scm/trafficserver10.1/src/api/InkAPI.cc:5045

The crash is a nullptr dereference:

#0  0x000000000058092d in HttpSM::setup_cache_write_transfer (name=0x8ded65 "cache write", skip_bytes=956, store_info=0x7fe896dfe180, source_vc=0x7fe896ecdd90, c_sm=0x7fe896e00878, this=0x7fe896dfe000) at /sd/workspace/src/git.ouryahoo.com/Edge/build/_scm/trafficserver10.1/src/proxy/http/HttpSM.cc:6838
6838      c_sm->cache_write_vc->set_http_info(store_info);
(gdb) p c_sm->cache_write_vc
$3 = (CacheVConnection *) 0x0

Reverting #11542 alleviates the crash.

For reference, I'm testing against 10.1.x commit:

commit 42f2920bce6df86e0e21a8de85e33a1795e9eff5
Author: Chris McFarlen <chris@mcfarlen.us>
Date:   Tue Mar 11 11:51:42 2025 -0500

    Move defaulting install prefix before layout setup (#12085)
    
    Co-authored-by: Chris McFarlen <cmcfarlen@apple.com>
    (cherry picked from commit 9a1ef119f3b7a017583c9aa5d088b2437101b92a)

[JosiahWI]

Is this triggered by something different than #11700? I would really like to reproduce this, but #11700 was too rare and too complex to get any reproduction with local testing.

[bneradt]

Is this triggered by something different than #11700? I would really like to reproduce this, but #11700 was too rare and too complex to get any reproduction with local testing.

Ah, thank you @JosiahWI. Good point. This is a duplicate of #11700 .