Home Explore Help
Sign In
Kamailio
/
kamailio
mirror of https://github.com/kamailio/kamailio.git
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

- fixed free hash table bug
- added even more debug support to qm_malloc (-DDBG_QM_MALLOC)

Andrei Pelinescu-Onciul 24 years ago
parent
7f9625006e
commit
2c65bd8b0f
6 changed files with 70 additions and 6 deletions
Split View Show Diff Stats
  1. 2 2
      Makefile.defs
  2. 1 1
      main.c
  3. 1 1
      modules/tm/h_table.c
  4. 1 1
      modules/tm/t_funcs.c
  5. 60 1
      q_malloc.c
  6. 5 0
      q_malloc.h

+ 2 - 2
Makefile.defs
View File 

@@ -45,8 +45,8 @@ ARCH = $(shell uname -s)
 
 #		twice, trying to free a pointer alloc'ed with a different
 
 #		malloc etc.)
 
 DEFS= -DNAME='"$(NAME)"' -DVERSION='"$(RELEASE)"' -DARCH='"$(ARCH)"' \
 
-	 -DDNS_IP_HACK  -DSHM_MEM -DSHM_MMAP\
 
-	 -DPKG_MALLOC #-DNO_DEBUG #-DDBG_QM_MALLOC
 
+	 -DDNS_IP_HACK  -DPKG_MALLOC -DSHM_MEM  -DSHM_MMAP \
 
+	 -DNO_DEBUG -DDBG_QM_MALLOC 
 #-DEXTRA_DEBUG
 
 # -DUSE_SHM_MEM
 
 #-DNO_DEBUG

+ 1 - 1
main.c
View File 

@@ -345,7 +345,7 @@ static void sig_usr(int signo)
 
 		if (is_main)
 
 			shm_mem_destroy();
 
 #endif
 
-		DPrint("Thank you for flying " NAME "\n");
 
+		dprint("Thank you for flying " NAME "\n");
 
 		exit(0);
 
 	} else if (signo==SIGUSR1) { /* statistic */
 
 #ifdef STATS

+ 1 - 1
modules/tm/h_table.c
View File 

@@ -107,7 +107,7 @@ struct s_table* init_hash_table()
 
    int       i;
 
 
    /*allocs the table*/
 
-   hash_table = (struct s_table*)sh_malloc(  sizeof( struct s_table ) );
 
+   hash_table = (struct s_table*)sh_malloc( sizeof( struct s_table ) );
 
    if ( !hash_table )
 
       goto error;

+ 1 - 1
modules/tm/t_funcs.c
View File 

@@ -87,7 +87,7 @@ void tm_shutdown()
 
 
     DBG("DEBUG: tm_shutdown : empting DELETE list\n");
 
     /*unlink the lists*/
 
-    for( i=NR_OF_TIMER_LISTS ; i>=0 ; i-- )
 
+    for( i=0; i<NR_OF_TIMER_LISTS ; i++ )
 
     {
 
        //lock( hash_table->timers[i].mutex );
 
        hash_table->timers[ i ].first_tl = hash_table->timers[ i ].last_tl = 0;

+ 60 - 1
q_malloc.c
View File 

@@ -23,8 +23,41 @@
 
 		((struct qm_frag_end*)((char*)(f)-sizeof(struct qm_frag_end)))->size- \
 
 			sizeof(struct qm_frag) ) )
 
 
+#define PREV_FRAG_END(f) \
 
+		((struct qm_frag_end*)((char*)(f)-sizeof(struct qm_frag_end)))
 
+
 
+#ifdef DBG_QM_MALLOC
 
+#define ST_CHECK_PATTERN   0xf0f0f0f0
 
+#define END_CHECK_PATTERN1 0xc0c0c0c0
 
+#define END_CHECK_PATTERN2 0xabcdefed
 
 
 
+static  void qm_debug_frag(struct qm_block* qm, struct qm_frag* f)
 
+{
 
+	if (f->check!=ST_CHECK_PATTERN){
 
+		LOG(L_CRIT, "BUG: qm_*: fragm. %x beginning overwritten(%x)!\n",
 
+				f, f->check);
 
+		qm_status(qm);
 
+		abort();
 
+	};
 
+	if ((FRAG_END(f)->check1!=END_CHECK_PATTERN1)||
 
+		(FRAG_END(f)->check2!=END_CHECK_PATTERN2)){
 
+		LOG(L_CRIT, "BUG: qm_*: fragm. %x end overwritten(%x, %x)!\n",
 
+				f, FRAG_END(f)->check1, FRAG_END(f)->check2);
 
+		qm_status(qm);
 
+		abort();
 
+	}
 
+	if ((f>qm->first_frag)&&
 
+			((PREV_FRAG_END(f)->check1!=END_CHECK_PATTERN1) ||
 
+				(PREV_FRAG_END(f)->check2!=END_CHECK_PATTERN2) ) ){
 
+		LOG(L_CRIT, "BUG: qm_*: prev. fragm. tail overwritten(%x, %x)[%x]!\n",
 
+				PREV_FRAG_END(f)->check1, PREV_FRAG_END(f)->check2, f);
 
+		qm_status(qm);
 
+		abort();
 
+	}
 
+}
 
+#endif
 
+
 
 
 
 /* init malloc and return a qm_block*/
 
@@ -65,6 +98,11 @@ struct qm_block* qm_malloc_init(char* address, unsigned int size)
 
 	qm->first_frag->u.nxt_free=&(qm->free_lst);
 
 	qm->last_frag_end->size=size;
 
 	qm->last_frag_end->prev_free=&(qm->free_lst);
 
+#ifdef DBG_QM_MALLOC
 
+	qm->first_frag->check=ST_CHECK_PATTERN;
 
+	qm->last_frag_end->check1=END_CHECK_PATTERN1;
 
+	qm->last_frag_end->check2=END_CHECK_PATTERN2;
 
+#endif
 
 	/* init free_lst* */
 
 	qm->free_lst.u.nxt_free=qm->first_frag;
 
 	qm->free_lst_end.prev_free=qm->first_frag;
 
@@ -136,6 +174,9 @@ void* qm_malloc(struct qm_block* qm, unsigned int size)
 
 		if (f->size>=size){
 
 			/* we found it!*/
 
 			/*detach it from the free list*/
 
+#ifdef DBG_QM_MALLOC
 
+			qm_debug_frag(qm, f);
 
+#endif
 
 			qm_detach_free(qm, f);
 
 			/*mark it as "busy"*/
 
 			f->u.is_free=0;
 
@@ -153,10 +194,15 @@ void* qm_malloc(struct qm_block* qm, unsigned int size)
 
 				FRAG_END(n)->size=n->size;
 
 				qm->real_used+=overhead;
 
 #ifdef DBG_QM_MALLOC
 
+				end->check1=END_CHECK_PATTERN1;
 
+				end->check2=END_CHECK_PATTERN2;
 
 				/* frag created by malloc, mark it*/
 
 				n->file=file;
 
 				n->func="frag. from qm_malloc";
 
 				n->line=line;
 
+				n->check=ST_CHECK_PATTERN;
 
+/*				FRAG_END(n)->check1=END_CHECK_PATTERN1;
 
+				FRAG_END(n)->check2=END_CHECK_PATTERN2; */
 
 #endif
 
 				/* reinsert n in free list*/
 
 				qm_insert_free(qm, n);
 
@@ -171,7 +217,11 @@ void* qm_malloc(struct qm_block* qm, unsigned int size)
 
 			f->file=file;
 
 			f->func=func;
 
 			f->line=line;
 
-	DBG("qm_malloc(%x, %d) returns address %x\n", qm, size,(char*)f+sizeof(struct qm_frag) );
 
+			f->check=ST_CHECK_PATTERN;
 
+		/*  FRAG_END(f)->check1=END_CHECK_PATTERN1;
 
+			FRAG_END(f)->check2=END_CHECK_PATTERN2;*/
 
+	DBG("qm_malloc(%x, %d) returns address %x\n", qm, size,
 
+			(char*)f+sizeof(struct qm_frag) );
 
 #endif
 
 			return (char*)f+sizeof(struct qm_frag);
 
 		}
 
@@ -210,6 +260,7 @@ void qm_free(struct qm_block* qm, void* p)
 
 	prev=next=0;
 
 	f=(struct qm_frag*) ((char*)p-sizeof(struct qm_frag));
 
 #ifdef DBG_QM_MALLOC
 
+	qm_debug_frag(qm, f);
 
 	if (f->u.is_free){
 
 		LOG(L_CRIT, "BUG: qm_free: freeing already freed pointer,"
 
 				" first free: %s: %s(%d) - aborting\n",
 
@@ -224,6 +275,9 @@ void qm_free(struct qm_block* qm, void* p)
 
 	size=f->size;
 
 	qm->used-=size;
 
 	qm->real_used-=size;
 
+#ifdef DBG_QM_MALLOC
 
+	qm_debug_frag(qm, f);
 
+#endif
 
 	if (((char*)next < (char*)qm->last_frag_end) &&( next->u.is_free)){
 
 		/* join */
 
 		qm_detach_free(qm, next);
 
@@ -235,6 +289,9 @@ void qm_free(struct qm_block* qm, void* p)
 
 		prev=FRAG_PREV(f);
 
 		/*	(struct qm_frag*)((char*)f - (struct qm_frag_end*)((char*)f-
 
 								sizeof(struct qm_frag_end))->size);*/
 
+#ifdef DBG_QM_MALLOC
 
+		qm_debug_frag(qm, f);
 
+#endif
 
 		if (prev->u.is_free){
 
 			/*join*/
 
 			qm_detach_free(qm, prev);
 
@@ -275,6 +332,8 @@ void qm_status(struct qm_block* qm)
 
 #ifdef DBG_QM_MALLOC
 
 		LOG(L_INFO, "            %s from %s: %s(%d)\n",
 
 				(f->u.is_free)?"freed":"alloc'd", f->file, f->func, f->line);
 
+		LOG(L_INFO, "        start check=%x, end check= %x, %x\n",
 
+				f->check, FRAG_END(f)->check1, FRAG_END(f)->check2);
 
 #endif
 
 	}
 
 	DBG("dumping free list:\n");

+ 5 - 0
q_malloc.h
View File 

@@ -17,10 +17,15 @@ struct qm_frag{
 
 	char* file;
 
 	char* func;
 
 	unsigned int line;
 
+	unsigned int check;
 
 #endif
 
 };
 
 
 struct qm_frag_end{
 
+#ifdef DBG_QM_MALLOC
 
+	unsigned int check1;
 
+	unsigned int check2;
 
+#endif
 
 	unsigned int size;
 
 	struct qm_frag* prev_free;
 
 };