Hello,
We got a crash yesterday of a Kamailio instance (4.2.7). I can see a segfault:
"Program terminated with signal 11, Segmentation fault. #0 0x000000000061a856 in qm_insert_free (qm=0x7fcbde513000, frag=0x7fcbded7dd08) at mem/q_malloc.c:180 180 prev=FRAG_END(f)->prev_free;"
The output of "bt full":
(gdb) bt full #0 0x000000000061a856 in qm_insert_free (qm=0x7fcbde513000, frag=0x7fcbded7dd08) at mem/q_malloc.c:180 f = 0x7fcbdf2d1e18 prev = 0x0 hash = 78 #1 0x000000000061d6dc in qm_free (qm=0x7fcbde513000, p=0x7fcbded7dd38, file=0x7fcbf4ffe34d "tm: h_table.c", func=0x7fcbf4ffe628 "free_cell", line=186) at mem/q_malloc.c:537 f = 0x7fcbded7dd08 size = 624 next = 0x400 prev = 0x7fffc283f720 __FUNCTION__ = "qm_free" #2 0x00007fcbf4f3fc9d in free_cell (dead_cell=0x7fcbdf2fa360) at h_table.c:186 b = 0x7fcbded7dd38 "PRACK sip:1.2.3.4:5060;transport=UDP SIP/2.0\r\nVia: SIP/2.0/UDP 4.5.6.7;branch=z9hG4bK7419.88222290c54ce503af46b89a1da0c125.0\r\nVia: SIP/2.0/UDP 9.8.7.6:5060;branch=z9hG4bK0cB6cd54b5"... i = 0 rpl = 0x0 tt = 0x7fcbde6b7778 foo = 0x7fffc283f7f0 cbs = 0x0 cbs_tmp = 0x7fcbde79fca0 __FUNCTION__ = "free_cell" #3 0x00007fcbf4f84a1c in wait_handler (ti=1160550038, wait_tl=0x7fcbdf2fa3e0, data=0x7fcbdf2fa360) at timer.c:675 p_cell = 0x7fcbdf2fa360 ret = 1 #4 0x00000000005fd30f in timer_list_expire (t=1160550038, h=0x7fcbde58c908, slow_l=0x7fcbde58ea28, slow_mark=19953) at timer.c:888 tl = 0x7fcbdf2fa3e0 ret = 1160550038 #5 0x00000000005fd757 in timer_handler () at timer.c:953 saved_ticks = 1160550038 run_slow_timer = 0 i = 497 __FUNCTION__ = "timer_handler" #6 0x00000000005fdbc5 in timer_main () at timer.c:992 No locals. #7 0x00000000004a77e6 in main_loop () at main.c:1700 i = 8 pid = 0 si = 0x0 si_desc = "udp receiver child=7 sock=91.213.145.60:5060\000\177\000\000\000\372\203\302\377\177\000\000\033{ N\000\000\000\000\000P\372\203\302\377\177\000\000\004\000\000\000\000\000\0 00\000`TA\000\000\000\000\000(\205T\336\313\177", '\000' <repeats 14 times>, "\001\000\000\000P\372\203\302\377\177\000\000\276{N\000\000\000\000" nrprocs = 8 __FUNCTION__ = "main_loop" #8 0x00000000004acfab in main (argc=7, argv=0x7fffc283fcc8) at main.c:2581 cfg_stream = 0xe5e010 c = -1 r = 0 tmp = 0x7fffc283ff70 "" tmp_len = 32767 port = -1031537762 proto = 0 options = 0x7033b8 ":f:cm:M:dVIhEeb:l:L:n:vKrRDTN:W:w:t:u:g:P:G:SQ:O:a:A:" ret = -1 seed = 1876790668 rfd = 4 debug_save = 0 debug_flag = 0 dont_fork_cnt = 0 n_lst = 0x40d134 p = 0xc2 <Address 0xc2 out of bounds> __FUNCTION__ = "main"
I don't figure out what is gone wrong. Thank you for your help.
Regards,
Igor.
Hello,
Can we have help on my problem? Anyone have the same problem?
Igor
2016-08-12 11:53 GMT+02:00 Igor Potjevlesch igor.potjevlesch@gmail.com:
Hello,
We got a crash yesterday of a Kamailio instance (4.2.7). I can see a segfault:
"Program terminated with signal 11, Segmentation fault. #0 0x000000000061a856 in qm_insert_free (qm=0x7fcbde513000, frag=0x7fcbded7dd08) at mem/q_malloc.c:180 180 prev=FRAG_END(f)->prev_free;"
The output of "bt full":
(gdb) bt full #0 0x000000000061a856 in qm_insert_free (qm=0x7fcbde513000, frag=0x7fcbded7dd08) at mem/q_malloc.c:180 f = 0x7fcbdf2d1e18 prev = 0x0 hash = 78 #1 0x000000000061d6dc in qm_free (qm=0x7fcbde513000, p=0x7fcbded7dd38, file=0x7fcbf4ffe34d "tm: h_table.c", func=0x7fcbf4ffe628 "free_cell", line=186) at mem/q_malloc.c:537 f = 0x7fcbded7dd08 size = 624 next = 0x400 prev = 0x7fffc283f720 __FUNCTION__ = "qm_free" #2 0x00007fcbf4f3fc9d in free_cell (dead_cell=0x7fcbdf2fa360) at h_table.c:186 b = 0x7fcbded7dd38 "PRACK sip:1.2.3.4:5060;transport=UDP SIP/2.0\r\nVia: SIP/2.0/UDP 4.5.6.7;branch=z9hG4bK7419.88222290c54ce503af46b89a1da0c125.0\r\nVia: SIP/2.0/UDP 9.8.7.6:5060;branch=z9hG4bK0cB6cd54b5"... i = 0 rpl = 0x0 tt = 0x7fcbde6b7778 foo = 0x7fffc283f7f0 cbs = 0x0 cbs_tmp = 0x7fcbde79fca0 __FUNCTION__ = "free_cell" #3 0x00007fcbf4f84a1c in wait_handler (ti=1160550038, wait_tl=0x7fcbdf2fa3e0, data=0x7fcbdf2fa360) at timer.c:675 p_cell = 0x7fcbdf2fa360 ret = 1 #4 0x00000000005fd30f in timer_list_expire (t=1160550038, h=0x7fcbde58c908, slow_l=0x7fcbde58ea28, slow_mark=19953) at timer.c:888 tl = 0x7fcbdf2fa3e0 ret = 1160550038 #5 0x00000000005fd757 in timer_handler () at timer.c:953 saved_ticks = 1160550038 run_slow_timer = 0 i = 497 __FUNCTION__ = "timer_handler" #6 0x00000000005fdbc5 in timer_main () at timer.c:992 No locals. #7 0x00000000004a77e6 in main_loop () at main.c:1700 i = 8 pid = 0 si = 0x0 si_desc = "udp receiver child=7 sock=91.213.145.60:5060\000\177\000\000\000\372\203\302\ 377\177\000\000\033{ N\000\000\000\000\000P\372\203\302\377\177\000\000\004\ 000\000\000\000\000\0 00\000`TA\000\000\000\000\000(\205T\336\313\177", '\000' <repeats 14 times>, "\001\000\000\000P\372\203\302\377\177\000\000\276{N\000\000\000\000" nrprocs = 8 __FUNCTION__ = "main_loop" #8 0x00000000004acfab in main (argc=7, argv=0x7fffc283fcc8) at main.c:2581 cfg_stream = 0xe5e010 c = -1 r = 0 tmp = 0x7fffc283ff70 "" tmp_len = 32767 port = -1031537762 proto = 0 options = 0x7033b8 ":f:cm:M:dVIhEeb:l:L:n:vKrRDTN:W:w:t:u:g:P:G:SQ:O:a: A:" ret = -1 seed = 1876790668 rfd = 4 debug_save = 0 debug_flag = 0 dont_fork_cnt = 0 n_lst = 0x40d134 p = 0xc2 <Address 0xc2 out of bounds> __FUNCTION__ = "main"
I don't figure out what is gone wrong. Thank you for your help.
Regards,
Igor.
-
Igor Potjevlesch