[sr-dev] crash at f_malloc.c

Daniel-Constantin Mierla miconda at gmail.com
Mon Sep 21 17:04:07 CEST 2015 

Can you try with latest master again?

I think the situation was when the fragment size to be freed was greater
than the one of last free fragment in the slot of big fragments.

Daniel

On 21/09/15 16:26, Juha Heinanen wrote:
> Daniel-Constantin Mierla writes:
>
>> What is the level of optimization you set for compiler? Lots of local
>> vars can't be retrieved.
> i don't think i have set anything what is not in kamailio debian rules.
> it has:
>
> export DEB_BUILD_MAINT_OPTIONS = hardening=+all
> DPKG_EXPORT_BUILDFLAGS = 1
> include /usr/share/dpkg/buildflags.mk
>
>> Let's see if we can get the qm via pointer:
>>
>> frame 1
>> p *((struct fm_block*)0x7f40f262f000)
>>
>> frame 0
>> p ((struct fm_block*)0x7f40f262f000)->free_hash[hash]
> (gdb) frame 1
> #1  fm_free (qmp=0x7f40f262f000, p=0x7f40f31d9d78) at mem/f_malloc.c:609
> 609	in mem/f_malloc.c
> (gdb) p *((struct fm_block*)0x7f40f262f000)
> $2 = {type = 0, size = 33554432, used = 6130440, real_used = 6996048, max_real_used = 8823136, ffrags = 421, 
>   first_frag = 0x7f40f2637478, last_frag = 0x7f40f462efe8, free_bitmap = {171834903804, 723812902624044032, 
>     2378468964866203673, 1152921576547560512, 65536, 142936511611136, 18014398509481984, 4398046511104, 35184372088832, 
>     1024, 1168231104516, 140739635840512, 4323456466917785600, 2305843421532934272, 1729399849633316865, 1073741824, 
>     268435464, 563018672898048, 0, 0, 140737488355328, 1100048498688, 0, 0, 67108864, 65536, 2199031644160, 
>     81064930732703747, 2533825619951616, 3023660122144, 36028797622943744, 1155208505972506624, 2054}, free_hash = {{
>       first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f2c6aad8, no = 2}, {first = 0x7f40f3211a88, no = 5}, {
>       first = 0x7f40f3254fb0, no = 1}, {first = 0x7f40f2c6a8b8, no = 2}, {first = 0x7f40f2c654b0, no = 2}, {
>       first = 0x7f40f2c6ac68, no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f2d77070, no = 3}, {
>       first = 0x7f40f2ca42d0, no = 3}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
>       first = 0x7f40f2d76f38, no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
>       first = 0x7f40f2c6e970, no = 1}, {first = 0x0, no = 0}, {first = 0x7f40f3251dd8, no = 2}, {first = 0x0, no = 0}, {
>       first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f2f64688, no = 1}, {first = 0x0, no = 0}, {first = 0x0, 
>       no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, 
>       no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f2f6b620, no = 1}, {first = 0x0, no = 0}, {
>       first = 0x7f40f2f64768, no = 1}, {first = 0x0, no = 0} <repeats 36 times>, {first = 0x7f40f31720b0, no = 1}, {
>       first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f3288b58, no = 5}, {first = 0x0, no = 0}, {first = 0x0, 
>       no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, 
>       no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f317a068, no = 7}, {first = 0x7f40f2d85aa8, no = 1}, {first = 0x0, 
>       no = 0} <repeats 23 times>, {first = 0x7f40f2eb00b0, no = 2}, {first = 0x7f40f322ae80, no = 1}, {
>       first = 0x7f40f30b9cf8, no = 1}, {first = 0x0, no = 0}, {first = 0x7f40f315b260, no = 1}, {first = 0x0, no = 0}, {
>       first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f3047cf0, 
>       no = 1}, {first = 0x0, no = 0}, {first = 0x7f40f2c967d8, no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
>       first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f2ec6110, no = 1}, {first = 0x0, no = 0}, {first = 0x0, 
>       no = 0}, {first = 0x7f40f2c96bc8, no = 1}, {first = 0x7f40f309eed8, no = 1}, {first = 0x0, no = 0}, {first = 0x0, 
>       no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, 
>       no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f30a45b8, no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
>       first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f3295108, no = 6}, {first = 0x0, no = 0}, {first = 0x0, 
>       no = 0}, {first = 0x7f40f2f8c410, no = 1}, {first = 0x0, no = 0} <repeats 12 times>, {first = 0x7f40f32955b0, 
>       no = 13}, {first = 0x7f40f317abc8, no = 5}, {first = 0x0, no = 0}, {first = 0x7f40f2cef330, no = 2}, {
>       first = 0x7f40f32b5560, no = 1}, {first = 0x7f40f2c6de58, no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
> ---Type <return> to continue, or q <return> to quit---
>       first = 0x7f40f2fc7060, no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, 
>       no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x7f40f31e2c88, no = 1}, {first = 0x0, no = 0}, {
>       first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
>       first = 0x7f40f308d4b0, no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, 
>       no = 0}, {first = 0x7f40f30a3cf0, no = 5}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
>       first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
>       first = 0x7f40f30f3f98, no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
>       first = 0x7f40f2e8bf50, no = 1}, {first = 0x7f40f3163008, no = 9}, {first = 0x0, no = 0}, {first = 0x7f40f30dbd70, 
>       no = 1}, {first = 0x0, no = 0} <repeats 16 times>, {first = 0x7f40f3295ad8, no = 1}, {first = 0x7f40f315bdb8, 
>       no = 1}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {first = 0x0, no = 0}, {
>       first = 0x7f40f30cefc0, no = 1}, {first = 0x0, no = 0} <repeats 23 times>, {first = 0x7f40f2eaf8b8, no = 2}, {
>       first = 0x0, no = 0} <repeats 19 times>...}}
> (gdb) frame 0
> #0  fm_insert_free (frag=<optimized out>, qm=<optimized out>) at mem/f_malloc.c:221
> 221	in mem/f_malloc.c
> (gdb) p ((struct fm_block*)0x7f40f262f000)->free_hash[hash]
> $3 = {first = 0x7f40f2c9ebb0, no = 192}
> (gdb) 
>
> -- juha

-- 
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Book: SIP Routing With Kamailio - http://www.asipto.com
Kamailio Advanced Training, Sep 28-30, 2015, in Berlin - http://asipto.com/u/kat

More information about the sr-dev mailing list