[OpenSIPS-Users] segmentation fault when calling pkg_malloc
Dan Pascu
dan at ag-projects.com
Sun Mar 15 04:52:03 CET 2009
On Thursday 12 March 2009, Bogdan-Andrei Iancu wrote:
> Hi Chevio, Hi Kolev,
>
> That is true what Kolev says - most probably you have a memory
> overwrite somewhere and you are messing up the data structure of the
> memory manager. It cannot be a race as the pkg memory is per process,
> so it is not shared.
>
> To try to catch the bug, enable memory debugger - it will try to detect
> and report mem overflow, double free, etc...See:
> http://www.opensips.org/pmwiki.php?n=Resources.DocsTsMem
> "how to handle it" chapter
Bogdan,
If you remember we have seen this before. I had a similar issue with
segfaults in the memory allocator when using pkg_malloc. It happened in
various cases: when building a stateless reply to a REGISTER, when
processing a reply belonging to a transaction. It didn't seem to
originate from one particular part of the code, but it always ended in
f_malloc.c giving a segfault. If you remember we tried unsuccessfully to
trace it, but we came up empty handed. It still remains a mystery where
the memory allocator internal structures were overwritten, but the end
result was always the same: some internal pkg_malloc pointers were
containing remnants of ascii bytes from the processed SIP message and
trying to dereference them resulted in a segfault. As I said, this didn't
happen in some custom module, but all over the standard opensips code.
The only way to solve it was to switch to using the system memory
allocator for private memory. This leads me to believe that we have a
subtle bug in the memory allocator, that may have been dormant until now,
but recent changes in some other part of the code may have take it out of
its slumber.
--
Dan
More information about the Users
mailing list