rmw_fastrtps: Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr , dynamic_cast Fail

Bug report

11149 11149 F libc : Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x70 in tid 11149 06-01 19:19:03.665 11194 11194 F DEBUG : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** 06-01 19:19:03.665 11194 11194 F DEBUG : Revision: ‘0’ 06-01 19:19:03.665 11194 11194 F DEBUG : ABI: ‘arm64’ 06-01 19:19:03.665 11194 11194 F DEBUG : Timestamp: 2023-06-01 19:19:03+0800 06-01 19:19:03.665 11194 11194 F DEBUG : uid: 10148 06-01 19:19:03.665 11194 11194 F DEBUG : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x70 06-01 19:19:03.665 11194 11194 F DEBUG : Cause: null pointer dereference 06-01 19:19:03.665 11194 11194 F DEBUG : x0 000000705a8a42e8 x1 0000000000000068 x2 0000007fd0efc0c0 x3 00000070fa842f48 06-01 19:19:03.665 11194 11194 F DEBUG : x4 0000007fd0efc0a0 x5 0000007fd0efc0a9 x6 726574746168632f x7 726574746168632f 06-01 19:19:03.665 11194 11194 F DEBUG : x8 0000000000000000 x9 0000000000000000 x10 0000000000000001 x11 0000000000000000 06-01 19:19:03.665 11194 11194 F DEBUG : x12 7fffffffffffffff x13 fffffffffc000000 x14 0000000000000060 x15 0000000000400000 06-01 19:19:03.665 11194 11194 F DEBUG : x16 00000070666a6c08 x17 000000706638afc4 x18 00000070fb1fc000 x19 000000705a8a4300 06-01 19:19:03.665 11194 11194 F DEBUG : x20 0000007fd0efbe58 x21 000000705a8a3c00 x22 0000000000000068 x23 00000070fa842f48 06-01 19:19:03.665 11194 11194 F DEBUG : x24 0000007fd0efc0c0 x25 00000070faa9b020 x26 0000000000000001 x27 000000706af5f2c8 06-01 19:19:03.665 11194 11194 F DEBUG : x28 00000070fa780fe0 x29 0000007fd0efbdb0

—> [initial analysis]

// src/eProsima/Fast-DDS/src/cpp/fastdds/publisher/PublisherImpl.cpp
06-07 17:59:33.769  9481  9481 F DEBUG   :       #00 pc 000000000037bd90  /system/lib64/libfastrtps.so (eprosima::fastdds::dds::PublisherImpl::create_datawriter(eprosima::fastdds::dds::Topic*, eprosima::fastdds::dds::DataWriterQos const&, eprosima::fastdds::dds::DataWriterListener*, eprosima::fastdds::dds::StatusMask const&)+72) (BuildId: c3a0357250be636d9f8bc7567eee9ef117a559bd)

// src/ros2/rmw_fastrtps/rmw_fastrtps_cpp/src/publisher.cpp
06-07 17:59:33.769  9481  9481 F DEBUG   :       #01 pc 000000000005780c  /system/lib64/librmw_fastrtps_cpp.so (rmw_fastrtps_cpp::create_publisher(CustomParticipantInfo const*, rosidl_message_type_support_t const*, char const*, rmw_qos_profile_s const*, rmw_publisher_options_s const*, bool, bool)+4640) (BuildId: f8b6c59566cd01cfdeaf9606c9b0b7fba029844a)

// src/ros2/rmw_fastrtps/rmw_fastrtps_cpp/src/rmw_publisher.cpp
06-07 17:59:33.769  9481  9481 F DEBUG   :       #02 pc 000000000007fb1c  /system/lib64/librmw_fastrtps_cpp.so (rmw_create_publisher+568) (BuildId: f8b6c59566cd01cfdeaf9606c9b0b7fba029844a)

// src/ros2/rmw_implementation/rmw_implementation/src/functions.cpp
06-07 17:59:33.769  9481  9481 F DEBUG   :       #03 pc 000000000000a174  /system/lib64/librmw_implementation.so (rmw_create_publisher+132) (BuildId: d9a02bcc7c31dffb595d460d46d870e2260cfc19)

// src/ros2/rcl/rcl/src/rcl/publisher.c
06-07 17:59:33.770  9481  9481 F DEBUG   :       #04 pc 0000000000036174  /system/lib64/librcl.so (rcl_publisher_init+2328) (BuildId: c87cc37825a97de3aa60a6311dd5f638bcaffa10)

// org_ros2_rcljava_node_NodeImpl.cpp
06-07 17:59:33.770  9481  9481 F DEBUG   :       #05 pc 0000000000006dc8  /system/lib64/liborg_ros2_rcljava_node__node_impl__jni.so (Java_org_ros2_rcljava_node_NodeImpl_nativeCreatePublisherHandle+296) (BuildId: d2d9fe467c1c5c8af99b768d5dbfabe188227a14
```)

via addr2line backtrace, the code segment where NE occurs is as follows：

https://github.com/eProsima/Fast-DDS/blob/2.8.x/src/cpp/fastdds/publisher/PublisherImpl.cpp DataWriter* PublisherImpl::create_datawriter( Topic* topic, const DataWriterQos& qos, DataWriterListener* listener, const StatusMask& mask) { logInfo(PUBLISHER, "CREATING WRITER IN TOPIC: " << topic->get_name()); // topic is null //Look for the correct type registration TypeSupport type_support = participant_->find_type(topic->get_type_name()); … }

the topic pointer is null，**because the topic pointer is not obtained through the following code** :

bool cast_or_create_topic( eprosima::fastdds::dds::DomainParticipant * participant, eprosima::fastdds::dds::TopicDescription * desc, const std::string & topic_name, const std::string & type_name, const eprosima::fastdds::dds::TopicQos & topic_qos, bool is_writer_topic, TopicHolder * topic_holder) { …

if (is_writer_topic) {
  topic_holder->topic = dynamic_cast<eprosima::fastdds::dds::Topic *>(desc); // **dynamic_cast fail**
  assert(nullptr != topic_holder->topic);
}

… }

**The "desc" type I printed out by adding the following log is "N8eprosima7fastdds3dds5TopicE"**
`LOGE("utils.cpp#cast_or_create_topic, ready to dynamic_cast , desc type is %s", typeid(*desc).name());`


1. Operating System
   (1) Compilation environment：22.04.1-Ubuntu
   (2) Runtime environment：Android 10

2. Version or commit hash
commit ade3e9bb00c9e0cbf98f642cfc828aab81cece08

3.  Fast-DDS: https://github.com/eProsima/Fast-DDS/tree/2.8.x  
（commit 3b7e618de63c7de00715de570ad041fc6efed94f）

4. Steps to reproduce issue
(1) Compile rmw_fastrtps source code  into librmw_fastrtps_shared_cpp.so, push librmw_fastrtps_shared_cpp.so to Android platform(system/lib64)；
(2) Refer to the [demo](https://github.com/YasuChiba/ros2-android-test-app/blob/main/app/src/main/java/com/example/ros2_android_test_app/MainActivity.java) to develop an apk. But the so that the apk depends on is under system/lib64, not in the apk project like the demo;
(3) **If Create subscriber first, then create publisher, the above NE will appear; If Create publisher first, then create subscriber , apk can run stably.**

5. Expected behavior：No Exception.

6. Actual behavior：NE crash