[sr-dev] [kamailio/kamailio] crash in slow timer (#1897)

lazedo notifications at github.com
Wed Mar 20 16:09:58 CET 2019 

<!--
Kamailio Project uses GitHub Issues only for bugs in the code or feature requests. Please use this template only for bug reports.

If you have questions about using Kamailio or related to its configuration file, ask on sr-users mailing list:

  * http://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users

If you have questions about developing extensions to Kamailio or its existing C code, ask on sr-dev mailing list:

  * http://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-dev

Please try to fill this template as much as possible for any issue. It helps the developers to troubleshoot the issue.

If there is no content to be filled in a section, the entire section can be removed.

You can delete the comments from the template sections when filling.

You can delete next line and everything above before submitting (it is a comment).
-->

### Description

slow_timer proc exited with crash, kamailio kept running but tm transaction kept accumulating which will lead to shared memory exhaustion and crash.

in line 1131 `ret=tl->f(*ticks, tl, tl->data);` f is null, reason of crash
<!--
Explain what you did, what you expected to happen, and what actually happened.
-->

### Troubleshooting

#### Reproduction

happens from time to time, not a way to reliably reproduce it.
<!--
If the issue can be reproduced, describe how it can be done.
-->

#### Debugging Data

<!--
If you got a core dump, use gdb to extract troubleshooting data - full backtrace,
local variables and the list of the code at the issue location.

  gdb /path/to/kamailio /path/to/corefile
  bt full
  info locals
  list

If you are familiar with gdb, feel free to attach more of what you consider to
be relevant.
-->

```
#0  0x0000000000000000 in ?? ()
#1  0x000000000049f648 in slow_timer_main () at core/timer.c:1131
#2  0x0000000000424b84 in main_loop () at main.c:1685
#3  0x000000000042b9d3 in main (argc=16, argv=0x7ffe568bcd08) at main.c:2663
(gdb) frame 1
#1  0x000000000049f648 in slow_timer_main () at core/timer.c:1131
1131						ret=tl->f(*ticks, tl, tl->data);
(gdb) list
1126	#ifdef TIMER_DEBUG
1127					tl->expires_no++;
1128	#endif
1129					SET_RUNNING_SLOW(tl);
1130					UNLOCK_SLOW_TIMER_LIST();
1131						ret=tl->f(*ticks, tl, tl->data);
1132						/* reset the configuration group handles */
1133						cfg_reset_all();
1134						if (ret==0){
1135							/* one shot */
(gdb) p *tl
$1 = {next = 0x0, prev = 0x0, expire = 938928580, initial_timeout = 80, data = 0x0, f = 0x0, flags = 768, slow_idx = 45488}
(gdb) info locals
n = 12
ret = 4294967295
tl = 0x7fb2d3c860d0
i = 432
__func__ = "slow_timer_main"

```

#### Log Messages

<!--
Check the syslog file and if there are relevant log messages printed by Kamailio, add them next, or attach to issue, or provide a link to download them (e.g., to a pastebin site).
-->

```
(paste your log messages here)
```

#### SIP Traffic

<!--
If the issue is exposed by processing specific SIP messages, grab them with ngrep or save in a pcap file, then add them next, or attach to issue, or provide a link to download them (e.g., to a pastebin site).
-->

```
(paste your sip traffic here)
```

### Possible Solutions

<!--
If you found a solution or workaround for the issue, describe it. Ideally, provide a pull request with a fix.
-->

### Additional Information

  * **Kamailio Version** - output of `kamailio -v`

```
5.1.7
```

* **Operating System**:

<!--
Details about the operating system, the type: Linux (e.g.,: Debian 8.4, Ubuntu 16.04, CentOS 7.1, ...), MacOS, xBSD, Solaris, ...;
Kernel details (output of `uname -a`)
-->

```
centos 7
```


-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/1897
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-dev/attachments/20190320/c9c57d1f/attachment.html>

More information about the sr-dev mailing list