Summary:ASTERISK-06477: astmm crash
Reporter:Roy Sigurd Karlsbakk (rkarlsba)Labels:
Date Opened:2006-03-05 10:00:55.000-0600Date Closed:2006-05-11 10:10:29
Versions:Frequency of
Environment:Attachments:( 0) bt.gz

with astmm enabled to debug ASTERISK-6476, i get coredumps on using the 'show memory allocations' command.


(gdb) bt
#0  0x0000000000487b36 in handle_show_memory (fd=330, argc=3, argv=0x40bff380) at astmm.c:299
#1  0x000000000045b907 in ast_cli_command (fd=330, s=0x40bff5c0 "show memory allocations") at cli.c:1364
#2  0x000000000047a6cc in netconsole (vconsole=0x611d00) at asterisk.c:553
#3  0x00002aaaaaccab55 in start_thread () from /lib/libpthread.so.0
#4  0x00002aaaab3d57f0 in clone () from /lib/libc.so.6
(gdb) bt full
#0  0x0000000000487b36 in handle_show_memory (fd=330, argc=3, argv=0x40bff380) at astmm.c:299
       fn = 0x0
       x = 264
       reg = (struct ast_region *) 0x2aaab62000b8
       len = 4016722
       count = 5255
       fence = (unsigned int *) 0x55556c408684
#1  0x000000000045b907 in ast_cli_command (fd=330, s=0x40bff5c0 "show memory allocations") at cli.c:1364
       argv = {0x94307c "show", 0x943081 "memory", 0x943088 "allocations", 0x0, 0x40bff7bf "", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0,
 0x78756e694c <Address 0x78756e694c out of bounds>, 0x0, 0x0, 0xffffffff <Address 0xffffffff out of bounds>, 0x0, 0x0, 0x0, 0x0,
 0x32776770697300 <Address 0x32776770697300 out of bounds>, 0x2aaaab525620 "", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x35312e362e320000 <Address 0x35312e362e320000 out of bounds>,
 0x342e <Address 0x342e out of bounds>, 0x0, 0x0, 0xffffffffffffffb8 <Address 0xffffffffffffffb8 out of bounds>, 0x2aaaaaccaaa0 "AWAVAUATUSH\201?\210", 0x0, 0x4003f730 "",
 0x611d10 "p??@", 0x2aaaab3554f5 "H\201??", 0x3000000030 <Address 0x3000000030 out of bounds>, 0x40bff5a0 "J\001", 0x40bff4e0 "", 0x0, 0x0, 0x0,
 0x5f36387800000000 <Address 0x5f36387800000000 out of bounds>, 0x40bff7c0 "sipgw2", 0x7b5e <Address 0x7b5e out of bounds>, 0x4d1f99 "SVN-branch-1.2-r11715M", 0x0, 0x0, 0x0,
 0x0, 0x6f6e280000000000 <Address 0x6f6e280000000000 out of bounds>, 0x29656e <Address 0x29656e out of bounds>, 0x0,
 0x2aaaaaccf9ed "H\213D$\bH\203?(H=\001???s\001?H\213\r?Q\020", 0x0, 0x25 <Address 0x25 out of bounds>, 0x40bff5c0 "show memory allocations",
 0x2aaaaaccfa7d "H\213D$\bH\203?(H=\001???s\001?H\213\rZQ\020", 0x0, 0x18 <Address 0x18 out of bounds>}
       e = (struct ast_cli_entry *) 0x5f36c0
       x = 3
       dup = 0x94307c "show"
       tws = 0
       __PRETTY_FUNCTION__ = "ast_cli_command"
#2  0x000000000047a6cc in netconsole (vconsole=0x611d00) at asterisk.c:553
       con = (struct console *) 0x611d00
       hostname = "sipgw2", '\0' <repeats 57 times>
       tmp = "show memory allocations\000\000tion\n\000715M\n", '\0' <repeats 44 times>, "???@\000\000\000\000???@\000\000\000\000???@\000\000\000\000?\000???*\000\000@q???*\000\000X?7??*\000\000??&ASTERISK-804;?*\000\000\215?&ASTERISK-804;?*", '\0' <repeats 26 times>, "??&ASTERISK-804;?*", '\0' <repeats 18 times>, "X??@\000\000\000\000`??@", '\0' <repeats 12 times>, "h??@", '\0' <repeats 12 times>, " \000???*\000\000\000\000\000\000\000\000\000\000Y?7??*\000\000\000\000\000\000\000\000"...
       res = 24
       fds = {{fd = 330, events = 1, revents = 1}, {fd = 331, events = 1, revents = 0}}
       __PRETTY_FUNCTION__ = "netconsole"
#3  0x00002aaaaaccab55 in start_thread () from /lib/libpthread.so.0
No symbol table info available.
#4  0x00002aaaab3d57f0 in clone () from /lib/libc.so.6
No symbol table info available.
Comments:By: Clod Patry (junky) 2006-03-05 23:23:26.000-0600

and a thread apply all bt ?
cant duplicate this here.

By: Roy Sigurd Karlsbakk (rkarlsba) 2006-03-06 05:44:10.000-0600

Thread 54 (process 31582):
#0  0x00002aaaaaccfa6f in __read_nocancel () from /lib/libpthread.so.0
#1  0x00000000004a3369 in read_char (el=0x615ee0, cp=0x7fffff9ff1f7 "") at read.c:301
#2  0x00000000004a340c in el_getc (el=0x615ee0, cp=0x7fffff9ff1f7 "") at read.c:347
#3  0x00000000004a3277 in read_getcmd (el=0x615ee0, cmdnum=0x7fffff9ff1f6 "", ch=0x7fffff9ff1f7 "") at read.c:243
#4  0x00000000004a356b in el_gets (el=0x615ee0, nread=0x7fffff9ff39c) at read.c:443
ASTERISK-1  0x000000000047f966 in main (argc=3, argv=0x7fffff9ff638) at asterisk.c:2421

Thread 53 (process 31609):
#0  0x00002aaaab3cda55 in poll () from /lib/libc.so.6
#1  0x000000000047a81a in listener (unused=0x0) at asterisk.c:592
#2  0x00002aaaaaccab55 in start_thread () from /lib/libpthread.so.0
#3  0x00002aaaab3d57f0 in clone () from /lib/libc.so.6


By: Clod Patry (junky) 2006-03-06 11:10:55.000-0600

could u complete the ... ?
please attach that file, that information is vital like said in the REAME.backtrace (backtrace.txt on the stable branch).

By: Roy Sigurd Karlsbakk (rkarlsba) 2006-03-11 13:01:46.000-0600

This crash is with 1.2.0 with a few memleak patches and the sip jb, but it behaves just as badly as 1.2.5, so i guess it's the same. to trigger it, i ran the following commands

asterisk -rx 'show memory summary' > logfile
asterisk -rx 'show memory allocations' > logfile


By: Russell Bryant (russell) 2006-03-14 13:16:19.000-0600

Do you think you could be running out of memory?

By: Roy Sigurd Karlsbakk (rkarlsba) 2006-03-14 13:54:17.000-0600

we have memory monitoring running constantly, and this bug is not related to uptime or free memory

By: Russell Bryant (russell) 2006-03-28 13:56:32.000-0600

What architecture is this?  I did some work on the trunk to make astmm work on sparc because of unaligned memory access.  The backtrace here looks exactly like that.

By: Roy Sigurd Karlsbakk (rkarlsba) 2006-03-29 04:25:40.000-0600

This is a dual Xeon64 box from IBM

By: Serge Vecher (serge-v) 2006-05-03 12:39:32

rkarlsba: is this still a problem with latest 1.2?

If so, please upload a back trace from non-optimized build. Thanks.

By: Serge Vecher (serge-v) 2006-05-11 10:10:29

please reopen with new bt if problem persists in latest 1.2 (rev > 26000) without any source modifications please.

thank you.