[sr-dev] crash at f_malloc.c

Juha Heinanen jh at tutpro.com
Mon Sep 21 16:26:46 CEST 2015 

Daniel-Constantin Mierla writes:

> What is the level of optimization you set for compiler? Lots of local
> vars can't be retrieved.

i don't think i have set anything what is not in kamailio debian rules.
it has:

export DEB_BUILD_MAINT_OPTIONS = hardening=+all
DPKG_EXPORT_BUILDFLAGS = 1
include /usr/share/dpkg/buildflags.mk

> Let's see if we can get the qm via pointer:
> 
> frame 1
> p *((struct fm_block*)0x7f40f262f000)
> 
> frame 0
> p ((struct fm_block*)0x7f40f262f000)->free_hash[hash]

(gdb) frame 1
#1  fm_free (qmp=0x7f40f262f000, p=0x7f40f31d9d78) at mem/f_malloc.c:609
609	in mem/f_malloc.c
(gdb) p *((struct fm_block*)0x7f40f262f000)
$2 = {type = 0, size = 33554432, used = 6130440, real_used = 6996048, max_real_used = 8823136, ffrags = 421, 
  first_frag = 0x7f40f2637478, last_frag = 0x7f40f462efe8, free_bitmap = {171834903804, 723812902624044032, 
    2378468964866203673, 1152921576547560512, 65536, 142936511611136, 18014398509481984, 4398046511104, 35184372088832, 
    1024, 1168231104516, 140739635840512, 4323456466917785600, 2305843421532934272, 1729399849633316865, 1073741824, 
    268435464, 563018672898048, 0, 0, 140737488355328, 1100048498688, 0, 0, 67108864, 65536, 2199031644160, 
    81064930732703747, 2533825619951616, 3023660122144, 36028797622943744, 1155208505972506624, 2054}, free_hash = {{
      first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f2c6aad8, no = 2}, {first = 0x7f40f3211a88, no = 5}, {
      first = 0x7f40f3254fb0, no = 1}, {first = 0x7f40f2c6a8b8, no = 2}, {first = 0x7f40f2c654b0, no = 2}, {
      first = 0x7f40f2c6ac68, no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f2d77070, no = 3}, {
      first = 0x7f40f2ca42d0, no = 3}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
      first = 0x7f40f2d76f38, no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
      first = 0x7f40f2c6e970, no = 1}, {first = 0x0, no = 0}, {first = 0x7f40f3251dd8, no = 2}, {first = 0x0, no = 0}, {
      first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f2f64688, no = 1}, {first = 0x0, no = 0}, {first = 0x0, 
      no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, 
      no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f2f6b620, no = 1}, {first = 0x0, no = 0}, {
      first = 0x7f40f2f64768, no = 1}, {first = 0x0, no = 0} <repeats 36 times>, {first = 0x7f40f31720b0, no = 1}, {
      first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f3288b58, no = 5}, {first = 0x0, no = 0}, {first = 0x0, 
      no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, 
      no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f317a068, no = 7}, {first = 0x7f40f2d85aa8, no = 1}, {first = 0x0, 
      no = 0} <repeats 23 times>, {first = 0x7f40f2eb00b0, no = 2}, {first = 0x7f40f322ae80, no = 1}, {
      first = 0x7f40f30b9cf8, no = 1}, {first = 0x0, no = 0}, {first = 0x7f40f315b260, no = 1}, {first = 0x0, no = 0}, {
      first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f3047cf0, 
      no = 1}, {first = 0x0, no = 0}, {first = 0x7f40f2c967d8, no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
      first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f2ec6110, no = 1}, {first = 0x0, no = 0}, {first = 0x0, 
      no = 0}, {first = 0x7f40f2c96bc8, no = 1}, {first = 0x7f40f309eed8, no = 1}, {first = 0x0, no = 0}, {first = 0x0, 
      no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, 
      no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f30a45b8, no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
      first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f3295108, no = 6}, {first = 0x0, no = 0}, {first = 0x0, 
      no = 0}, {first = 0x7f40f2f8c410, no = 1}, {first = 0x0, no = 0} <repeats 12 times>, {first = 0x7f40f32955b0, 
      no = 13}, {first = 0x7f40f317abc8, no = 5}, {first = 0x0, no = 0}, {first = 0x7f40f2cef330, no = 2}, {
      first = 0x7f40f32b5560, no = 1}, {first = 0x7f40f2c6de58, no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
---Type <return> to continue, or q <return> to quit---
      first = 0x7f40f2fc7060, no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, 
      no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f31e2c88, no = 1}, {first = 0x0, no = 0}, {
      first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
      first = 0x7f40f308d4b0, no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, 
      no = 0}, {first = 0x7f40f30a3cf0, no = 5}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
      first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
      first = 0x7f40f30f3f98, no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
      first = 0x7f40f2e8bf50, no = 1}, {first = 0x7f40f3163008, no = 9}, {first = 0x0, no = 0}, {first = 0x7f40f30dbd70, 
      no = 1}, {first = 0x0, no = 0} <repeats 16 times>, {first = 0x7f40f3295ad8, no = 1}, {first = 0x7f40f315bdb8, 
      no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
      first = 0x7f40f30cefc0, no = 1}, {first = 0x0, no = 0} <repeats 23 times>, {first = 0x7f40f2eaf8b8, no = 2}, {
      first = 0x0, no = 0} <repeats 19 times>...}}
(gdb) frame 0
#0  fm_insert_free (frag=<optimized out>, qm=<optimized out>) at mem/f_malloc.c:221
221	in mem/f_malloc.c
(gdb) p ((struct fm_block*)0x7f40f262f000)->free_hash[hash]
$3 = {first = 0x7f40f2c9ebb0, no = 192}
(gdb) 

-- juha

More information about the sr-dev mailing list