[sr-dev] [kamailio/kamailio] Kamailio 5.4.2 - CentOS 7 - qm_free(): BUG: freeing already freed pointer, called from core: core/usr_avp.c: destroy_avp_list_unsafe (#2620)

Ryan Gehrig notifications at github.com
Wed Feb 3 00:03:41 CET 2021


```
(gdb) bt full
#0  0x00000000006024be in destroy_avp_list_unsafe (list=0x7fdc559d4fd8) at core/usr_avp.c:625
        avp = 0x554b414c5554594c
        foo = 0x554b414c5554594c
        __FUNCTION__ = "destroy_avp_list_unsafe"
#1  0x00007fdd56fb8f92 in free_cell_helper (dead_cell=0x7fdc559d4dd8, silent=0, fname=0x7fdd570d1363 "timer.c", fline=643) at h_table.c:255
        b = 0x0
        i = 1
        rpl = 0x0
        tt = 0x0
        foo = 0x0
        cbs = 0x0
        cbs_tmp = 0x7fdc53f941c0
        __FUNCTION__ = "free_cell_helper"
#2  0x00007fdd5707dc4d in wait_handler (ti=236720304, wait_tl=0x7fdc559d4e60, data=0x7fdc559d4dd8) at timer.c:643
        p_cell = 0x7fdc559d4dd8
        ret = 0
        unlinked = 0
        rcount = 1
        __FUNCTION__ = "wait_handler"
#3  0x00000000004ea094 in timer_list_expire (t=236720304, h=0x7fdc536c6640, slow_l=0x7fdc536c74c8, slow_mark=4293) at core/timer.c:857
        tl = 0x7fdc559d4e60
        ret = 32733
#4  0x00000000004ea53d in timer_handler () at core/timer.c:922
        saved_ticks = 236720304
        run_slow_timer = 0
        i = 197
        __FUNCTION__ = "timer_handler"
#5  0x00000000004ea9e7 in timer_main () at core/timer.c:961
No locals.
#6  0x000000000042a838 in main_loop () at main.c:1753
        i = 8
        pid = 0
        si = 0x0
        si_desc = "udp receiver child=7 sock=<our public ip>:35060\000\000;0\177", '\000' <repeats 13 times>, "\360\373\"b\377\177\000\000\330\r}\000\000\000\000\000%\000\000\000\000\000\000\000\320\376\200\232\335\177\000\000C`\201\000\000\000\000\000_\377\200\232\335\177\000\000b\233kS\335\177\000\000\020\b\302Z\335\177\000"
        nrprocs = 8
        woneinit = 1
        __FUNCTION__ = "main_loop"
#7  0x0000000000433a96 in main (argc=12, argv=0x7fff6222fcd8) at main.c:2856
        cfg_stream = 0x2359010
        c = -1
        r = 0
        tmp = 0x7fff62230ecc ""
        tmp_len = 0
        port = 0
        proto = 0
        ahost = 0x0
        aport = 0
        options = 0x7d3a38 ":f:cm:M:dVIhEeb:l:L:n:vKrRDTN:W:w:t:u:g:P:G:SQ:O:a:A:x:X:Y:"
        ret = -1
        seed = 3270549116
        rfd = 4
        debug_save = 0
        debug_flag = 0
        dont_fork_cnt = 2
---Type <return> to continue, or q <return> to quit---
        n_lst = 0x0
        p = 0x0
        st = {st_dev = 20, st_ino = 21156, st_nlink = 2, st_mode = 16832, st_uid = 995, st_gid = 2, __pad0 = 0, st_rdev = 0, st_size = 40, st_blksize = 4096, st_blocks = 0, st_atim = {tv_sec = 1611404518, tv_nsec = 41000000}, st_mtim = {
            tv_sec = 1612139036, tv_nsec = 999083038}, st_ctim = {tv_sec = 1612139036, tv_nsec = 999083038}, __unused = {0, 0, 0}}
        tbuf = '\000' <repeats 88 times>, "p\362\252\000\000\000\000\000\340\270A\000\000\000\000\000\320\374\"b\377\177", '\000' <repeats 26 times>, "\036-!\233\335\177\000\000\001", '\000' <repeats 23 times>, "\260\203r\232\335\177\000\000\240\374\"b\377\177\000\000\032\251!\233\335\177\000\000\034\000\000\000\000\000\000\000"...
        option_index = 0
        long_options = {{name = 0x7d5c2f "help", has_arg = 0, flag = 0x0, val = 104}, {name = 0x7d1234 "version", has_arg = 0, flag = 0x0, val = 118}, {name = 0x7d5c34 "alias", has_arg = 1, flag = 0x0, val = 1024}, {name = 0x7d5c3a "subst",
            has_arg = 1, flag = 0x0, val = 1025}, {name = 0x7d5c40 "substdef", has_arg = 1, flag = 0x0, val = 1026}, {name = 0x7d5c49 "substdefs", has_arg = 1, flag = 0x0, val = 1027}, {name = 0x7d5c53 "server-id", has_arg = 1, flag = 0x0, val = 1028},
          {name = 0x7d5c5d "loadmodule", has_arg = 1, flag = 0x0, val = 1029}, {name = 0x7d5c68 "modparam", has_arg = 1, flag = 0x0, val = 1030}, {name = 0x7d5c71 "log-engine", has_arg = 1, flag = 0x0, val = 1031}, {name = 0x7d5c7c "debug",
            has_arg = 1, flag = 0x0, val = 1032}, {name = 0x0, has_arg = 0, flag = 0x0, val = 0}}
        __FUNCTION__ = "main"
(gdb)
```

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2620#issuecomment-772075315
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-dev/attachments/20210202/52715fbb/attachment-0001.htm>


More information about the sr-dev mailing list