Search⌘ K
AI Features
Home
Courses
Accelerated Linux Core Dump Analysis

Identify Heap Contention Errors

Explore how to identify heap contention errors such as double free issues in multithreaded Linux applications by analyzing core dumps. Understand thread states, stack traces, and memory operations to spot concurrency problems causing crashes. This lesson guides you through debugging shared memory allocation errors to improve your diagnostic skills.

We'll cover the following...

Application source code

We’ll be analyzing the core dump generated from the following file:

C
// Build:
// gcc main.c -pthread -static -o App10
#include <stdio.h>
#include <pthread.h>
#include <unistd.h>
#include <string.h>
#include <stdlib.h>
#define ARR_SIZE 10000
char *pAllocBuf[ARR_SIZE] = {0};
void proc()
{
    while (1)
    {
        int idx = rand() % ARR_SIZE;
        int malloc_size = rand() % ARR_SIZE;
        if (pAllocBuf[idx])
        {
            free(pAllocBuf[idx]);
            pAllocBuf[idx] = 0;
        }
        pAllocBuf[idx] = malloc(malloc_size);
    }
}
#define THREAD_DECLARE(num, func) \
    void bar_##num()               \
    {                              \
        func;                      \
    }                              \
                                   \
    void foo_##num()               \
    {                              \
        bar_##num();               \
    }                              \
                                   \
    void *thread_##num(void *arg) \
    {                              \
        foo_##num();               \
        return 0;                  \
    }
THREAD_DECLARE(one, proc())
THREAD_DECLARE(two, proc())
THREAD_DECLARE(three, proc())
THREAD_DECLARE(four, proc())
THREAD_DECLARE(five, proc())
#define THREAD_CREATE(num)                            \
    {                                                 \
        pthread_t threadID_##num;                     \
        pthread_create(&threadID_##num, NULL, thread_##num, NULL); \
    }
int main(int argc, const char *argv[])
{
    THREAD_CREATE(one)
    THREAD_CREATE(two)
    THREAD_CREATE(three)
    THREAD_CREATE(four)
    THREAD_CREATE(five)
    sleep(-1);
    return 0;
}

We can see that several threads are allocating and freeing memory using a shared array of pointers. If you execute this application, you’ll get the double free error:

Double free errors occur when the free() function is called twice on a pointer. In this lesson, we’ll learn how to identify such errors in a multithreaded environment.

Loading the core dump

Let’s begin by loading the generated core dump:

gdb -c core.App10 -se App10

The above command will output the following to the terminal:

Listing all threads

Let’s take a look at the list of threads and identify the top frames at the time of the crash:

info threads

The above command will output the following to the terminal:

We ...