[SR-Users] Segfault in qm_insert_free

Igor Potjevlesch igor.potjevlesch at gmail.com
Wed Aug 31 11:54:24 CEST 2016 

Hello,

Can we have help on my problem?
Anyone have the same problem?

Igor

2016-08-12 11:53 GMT+02:00 Igor Potjevlesch <igor.potjevlesch at gmail.com>:

> Hello,
>
> We got a crash yesterday of a Kamailio instance (4.2.7).
> I can see a segfault:
>
> "Program terminated with signal 11, Segmentation fault.
> #0 0x000000000061a856 in qm_insert_free (qm=0x7fcbde513000,
> frag=0x7fcbded7dd08) at mem/q_malloc.c:180
> 180 prev=FRAG_END(f)->prev_free;"
>
> The output of "bt full":
>
> (gdb) bt full
>  #0 0x000000000061a856 in qm_insert_free (qm=0x7fcbde513000,
> frag=0x7fcbded7dd08) at mem/q_malloc.c:180
>  f = 0x7fcbdf2d1e18
>  prev = 0x0
>  hash = 78
>  #1 0x000000000061d6dc in qm_free (qm=0x7fcbde513000, p=0x7fcbded7dd38,
> file=0x7fcbf4ffe34d "tm: h_table.c", func=0x7fcbf4ffe628 "free_cell",
> line=186) at mem/q_malloc.c:537
>  f = 0x7fcbded7dd08
>  size = 624
>  next = 0x400
>  prev = 0x7fffc283f720
>  __FUNCTION__ = "qm_free"
>  #2 0x00007fcbf4f3fc9d in free_cell (dead_cell=0x7fcbdf2fa360) at
> h_table.c:186
>  b = 0x7fcbded7dd38 "PRACK sip:1.2.3.4:5060;transport=UDP SIP/2.0\r\nVia:
> SIP/2.0/UDP
> 4.5.6.7;branch=z9hG4bK7419.88222290c54ce503af46b89a1da0c125.0\r\nVia:
> SIP/2.0/UDP 9.8.7.6:5060;branch=z9hG4bK0cB6cd54b5"...
>  i = 0
>  rpl = 0x0
>  tt = 0x7fcbde6b7778
>  foo = 0x7fffc283f7f0
>  cbs = 0x0
>  cbs_tmp = 0x7fcbde79fca0
>  __FUNCTION__ = "free_cell"
>  #3 0x00007fcbf4f84a1c in wait_handler (ti=1160550038,
> wait_tl=0x7fcbdf2fa3e0, data=0x7fcbdf2fa360) at timer.c:675
>  p_cell = 0x7fcbdf2fa360
>  ret = 1
>  #4 0x00000000005fd30f in timer_list_expire (t=1160550038,
> h=0x7fcbde58c908,
> slow_l=0x7fcbde58ea28, slow_mark=19953) at timer.c:888
>  tl = 0x7fcbdf2fa3e0
>  ret = 1160550038
>  #5 0x00000000005fd757 in timer_handler () at timer.c:953
>  saved_ticks = 1160550038
>  run_slow_timer = 0
>  i = 497
>  __FUNCTION__ = "timer_handler"
>  #6 0x00000000005fdbc5 in timer_main () at timer.c:992
>  No locals.
>  #7 0x00000000004a77e6 in main_loop () at main.c:1700
>  i = 8
>  pid = 0
>  si = 0x0
>  si_desc = "udp receiver child=7
> sock=91.213.145.60:5060\000\177\000\000\000\372\203\302\
> 377\177\000\000\033{
> N\000\000\000\000\000P\372\203\302\377\177\000\000\004\
> 000\000\000\000\000\0
> 00\000`TA\000\000\000\000\000(\205T\336\313\177", '\000' <repeats 14
> times>,
> "\001\000\000\000P\372\203\302\377\177\000\000\276{N\000\000\000\000"
>  nrprocs = 8
>  __FUNCTION__ = "main_loop"
>  #8 0x00000000004acfab in main (argc=7, argv=0x7fffc283fcc8) at main.c:2581
>  cfg_stream = 0xe5e010
>  c = -1
>  r = 0
>  tmp = 0x7fffc283ff70 ""
>  tmp_len = 32767
>  port = -1031537762
>  proto = 0
>  options = 0x7033b8 ":f:cm:M:dVIhEeb:l:L:n:vKrRDTN:W:w:t:u:g:P:G:SQ:O:a:
> A:"
>  ret = -1
>  seed = 1876790668
>  rfd = 4
>  debug_save = 0
>  debug_flag = 0
>  dont_fork_cnt = 0
>  n_lst = 0x40d134
>  p = 0xc2 <Address 0xc2 out of bounds>
>  __FUNCTION__ = "main"
>
> I don't figure out what is gone wrong. Thank you for your help.
>
> Regards,
>
> Igor.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20160831/f498ea96/attachment.html>

More information about the sr-users mailing list