[asterisk-dev] How to find crashing problems (cause maybe double free) in my own module?

Holger Wirtz wirtz at dfn.de
Fri May 22 03:13:09 CDT 2009 

Hi all,

I am writing on an own conference bridge which should be used for a real
radio simulation for the open source flight simulation FlightGear
(current Asterisk module code can be found at
https://sourceforge.net/projects/appfgcom/). The basic idea behind is
taken from app_conference: Every caller has its own member thread where
frames are put onto a member-in-queue. A conference thread than mixes
the frames from every member-in-queue together in every meber-out-queues
(currently not based on their virtual distance). From
themember-out-queue the meber-threads picks the frames and sends them to
the channel and frees them.

Because this is my first development for Asterisk it seems that have
some problems of understanding some basic technology. At the current
state the conference bridge works - I can place several calls and mix
them in slinear together.

But I get crashes like the following when running two or three calls for
some time:

--- cut here ---
...
    -- Hungup 'IAX2/193.174.1.6:4569-11496'
*** glibc detected *** asterisk: double free or corruption (out):
0xb5b75778 ***
======= Backtrace: =========
/lib/libc.so.6[0xb7d9b215]
/lib/libc.so.6(cfree+0x9c)[0xb7d9caec]
asterisk(ast_frame_free+0x3d)[0x809c39d]
/usr/lib/asterisk/modules/app_fgcom.so(member_exec+0x3e4)[0xb66dac54]
/usr/lib/asterisk/modules/app_fgcom.so[0xb66da049]
asterisk(pbx_exec+0x6b)[0x80b8c7b]
asterisk[0x80b9992]
/usr/lib/asterisk/modules/app_macro.so[0xb649dd50]
asterisk(pbx_exec+0x6b)[0x80b8c7b]
asterisk[0x80b9992]
asterisk[0x80bab15]
asterisk[0x80bb5ae]
asterisk[0x80e3ac7]
/lib/libpthread.so.0[0xb7ee5f50]
/lib/libc.so.6(clone+0x5e)[0xb7dfd69e]
...
--- cut here ---

Sometimes I geta simple "Segmentation fault"...

I know what this means - but I don't know why this happens... Before
every call to free() (or ast_frfree()) I check the pointer against NULL
but it seems that frames are freed and the pointer isn't set to NULL.

What I found out is that I had a dynamic sleep time at the start of
every conference-mixing-loop. This was about 20000 usec (with usleep).
It seems that decreasing this time to 1000 usec helps a little bit - the
crash is not after 2 minutes or so but after 10 or 15 minutes...

Has anyone an idea what I can do to find this problem?
Are there helpful tools for this kind of problem?

TIA, Holger
-- 
#####  #### ##  ##   Holger Wirtz         Phone : (+49 30) 884299-40
##  ## ##   ### ##   DFN-Verein           Fax   : (+49 30) 884299-70
##  ## #### ######   Alexanderplatz 1     E-Mail: wirtz at dfn.de
##  ## ##   ## ###   10178 Berlin
#####  ##   ##  ##   GERMANY              WWW   : http://www.dfn.de
GPG-Fingerprint: ABFA 1F51 DD8D 503C 85DC  0C51 E961 79E2 6685 9BCF

More information about the asterisk-dev mailing list