AW: received signal SIGSEGV, Segmentation fault. malloc_consolidate (av=0x7ffff5e2de80) at malloc.c:5196

Thu Dec 12 14:51:42 CET 2013

-----Ursprüngliche Nachricht-----
Von: freeradius-users-bounces+tobias.hachmer=stadt-frankfurt.de at lists.freeradius.org [mailto:freeradius-users-bounces+tobias.hachmer=stadt-frankfurt.de at lists.freeradius.org] Im Auftrag von Arran Cudbard-Bell
Gesendet: Donnerstag, 12. Dezember 2013 14:04
An: FreeRadius users mailing list
Betreff: Re: received signal SIGSEGV, Segmentation fault. malloc_consolidate (av=0x7ffff5e2de80) at malloc.c:5196

>> thanks for the answer.
> Nice assert! But that's not really related to the issue :(
That thanks?

>>> *sigh* probably memory corruption could you run it under valgrind and see if there's any useful info?
>> Complete output of valgrind is about 10000 lines. It's hard to me to find out which lines are the useful ones but I give it a try. See at the end of this post.
> Could you post the full valgrind output anyway, just in case there is something else, either send it as an attachment to my email or put it in a gist.
Sure, will send this directly to you ...

>>> Also when you build your RPMs could you make sure to pass --enable-developer to turn off optimization so we don't get all those <value optimized out> messages.
>> I have built a new package with this configure parameter but there are still optimized out messages.
> Weird, try: CFLAGS='-g3 -O0' ./configure <args>
That has worked.

> Interestingly and importantly if you look at the calls on detach, the block of memory being freed twice, was originally freed by a request! My guess is krb5_copy_context isn't duplicating a bit of memory it needs to.
> Could you comment out krb5_free_context(context) at line 448 in rlm_krb5.c? Rebuild, and run a few requests through it.
Yes, my provided bt and valgrind output is based on 

radiusd: FreeRADIUS Version 3.0.1 (git #e86a529), for host x86_64-redhat-linux-gnu, built on Dec 12 2013 at 14:19:30

+ the line you mentioned commented out.

Regards,
Tobias

BT: 
rad_recv: Access-Request packet from host 127.0.0.1 port 42335, id=16, length=103
        User-Name = 'hachmer'
        User-Password = 'pass'
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
        Message-Authenticator = 0xecaf11b4272d31821075a076004c4808
(4) # Executing section authorize from file /etc/raddb/sites-enabled/default
(4)   authorize {
(4)   filter_username filter_username {
(4)    ? if (User-Name != "%{tolower:%{User-Name}}") 

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff5b04285 in malloc_consolidate () from /lib64/libc.so.6
Missing separate debuginfos, use: debuginfo-install freeradius-3.0.1-9.el6.x86_64
(gdb) bt
#0  0x00007ffff5b04285 in malloc_consolidate () from /lib64/libc.so.6
#1  0x00007ffff5b07405 in _int_malloc () from /lib64/libc.so.6
#2  0x00007ffff5b08991 in malloc () from /lib64/libc.so.6
#3  0x00007ffff714063f in _talloc_array () from /usr/lib64/libtalloc.so.2
#4  0x00007ffff7bcedcf in xlat_aprint (ctx=0x89e5f0, request=0x89e5f0, node=0x998810, escape=0, escape_ctx=0x0, lvl=0) at src/main/xlat.c:1895
#5  0x00007ffff7bcf0c7 in xlat_process (out=0x7fffffffc2c0, request=0x89e5f0, head=0x998810, escape=0, escape_ctx=0x0) at src/main/xlat.c:1976
#6  0x00007ffff7bcf462 in xlat_expand (out=0x7fffffffc3f8, outlen=0, request=0x89e5f0, fmt=0x83dff0 "%{tolower:%{User-Name}}", escape=0, escape_ctx=0x0) at src/main/xlat.c:2068
#7  0x00007ffff7bcf5f6 in radius_axlat (out=0x7fffffffc3f8, request=0x89e5f0, fmt=0x83dff0 "%{tolower:%{User-Name}}", escape=0, ctx=0x0) at src/main/xlat.c:2095
#8  0x00007ffff7bc88ec in radius_expand_tmpl (out=0x7fffffffc3f8, request=0x89e5f0, vpt=0x83df60) at src/main/evaluate.c:108
#9  0x00007ffff7bc92bc in radius_evaluate_map (request=0x89e5f0, modreturn=10, depth=0, c=0x83dc60) at src/main/evaluate.c:424
#10 0x00007ffff7bc9800 in radius_evaluate_cond (request=0x89e5f0, modreturn=10, depth=0, c=0x83dc60) at src/main/evaluate.c:597
#11 0x0000000000422929 in modcall_recurse (request=0x89e5f0, component=RLM_COMPONENT_AUTZ, depth=2, entry=0x7fffffffd770) at src/main/modcall.c:480
#12 0x00000000004226f3 in modcall_child (request=0x89e5f0, component=RLM_COMPONENT_AUTZ, depth=2, entry=0x7fffffffd758, c=0xa2ad60, result=0x7fffffffcfd8) at src/main/modcall.c:414
#13 0x0000000000423beb in modcall_recurse (request=0x89e5f0, component=RLM_COMPONENT_AUTZ, depth=1, entry=0x7fffffffd758) at src/main/modcall.c:780
#14 0x00000000004226f3 in modcall_child (request=0x89e5f0, component=RLM_COMPONENT_AUTZ, depth=1, entry=0x7fffffffd740, c=0xa2ace0, result=0x7fffffffd618) at src/main/modcall.c:414
#15 0x0000000000423beb in modcall_recurse (request=0x89e5f0, component=RLM_COMPONENT_AUTZ, depth=0, entry=0x7fffffffd740) at src/main/modcall.c:780
#16 0x00000000004249c0 in modcall (component=RLM_COMPONENT_AUTZ, c=0xa2c6a0, request=0x89e5f0) at src/main/modcall.c:1036
#17 0x000000000042015e in indexed_modcall (comp=RLM_COMPONENT_AUTZ, idx=0, request=0x89e5f0) at src/main/modules.c:747
#18 0x0000000000421dfc in process_authorize (autz_type=0, request=0x89e5f0) at src/main/modules.c:1647
#19 0x000000000040d1a3 in rad_authenticate (request=0x89e5f0) at src/main/auth.c:409
#20 0x0000000000432641 in request_running (request=0x89e5f0, action=1) at src/main/process.c:1211
#21 0x00000000004318a9 in request_queue_or_run (request=0x89e5f0, process=0x432576 <request_running>) at src/main/process.c:851
#22 0x0000000000432d59 in request_receive (listener=0xa43750, packet=0x9368c0, client=0x82a370, fun=0x40cff4 <rad_authenticate>) at src/main/process.c:1414
#23 0x000000000041442f in auth_socket_recv (listener=0xa43750) at src/main/listen.c:1509
#24 0x00000000004386fc in event_socket_handler (xel=0xa2de10, fd=12, ctx=0xa43750) at src/main/process.c:3499
#25 0x00007ffff79a54dc in fr_event_loop (el=0xa2de10) at src/lib/event.c:417
#26 0x00000000004398b7 in radius_event_process () at src/main/process.c:4216
#27 0x0000000000427d1e in main (argc=2, argv=0x7fffffffe678) at src/main/radiusd.c:479