[SR-Users] Debian 4.4.3 reproducable crashes in rtpengine.so
Daniel Tryba
d.tryba at pocos.nl
Mon Sep 19 16:17:58 CEST 2016
With
kamctl fifo nh_enable_rtpp udp:rptipaddr:7723 1
kamailio will begin to crash:
Sep 19 16:00:08 sipcluster-backend2 kernel: [1658593.859081] kamailio[22992]: segfault at 4 ip 00007f5a4d44e11f sp 0000
7ffcac5293e0 error 4 in rtpengine.so[7f5a4d446000+41000]
Sep 19 16:00:12 sipcluster-backend2 /usr/sbin/kamailio[22999]: CRITICAL: <core> [pass_fd.c:275]: receive_fd(): EOF on 2
8
Sep 19 16:00:12 sipcluster-backend2 /usr/sbin/kamailio[22976]: ALERT: <core> [main.c:740]: handle_sigs(): child process
22992 exited by a signal 11
Sep 19 16:00:12 sipcluster-backend2 /usr/sbin/kamailio[22976]: ALERT: <core> [main.c:743]: handle_sigs(): core was gene
rated
Sep 19 16:00:12 sipcluster-backend2 /usr/sbin/kamailio[22976]: INFO: <core> [main.c:755]: handle_sigs(): terminating du
e to SIGCHLD
Sep 19 16:00:12 sipcluster-backend2 /usr/sbin/kamailio[22978]: INFO: <core> [main.c:810]: sig_usr(): signal 15 received
....
Backtrace,
Program terminated with signal SIGSEGV, Segmentation fault.
#0 send_rtpp_command (node=node at entry=0x7f5a522b2140,
dict=dict at entry=0x7f5a644b97c8, outlen=outlen at entry=0x7ffcac5294ec)
at rtpengine.c:2619
2619 rtpengine.c: No such file or directory.
(gdb) thread apply all bt full
Thread 1 (Thread 0x7f5a66a49700 (LWP 22992)):
#0 send_rtpp_command (node=node at entry=0x7f5a522b2140,
dict=dict at entry=0x7f5a644b97c8, outlen=outlen at entry=0x7ffcac5294ec)
at rtpengine.c:2619
addr = {sun_family = 12616,
sun_path = "A\000\000\000\000\000t\326_", '\000' <repeats 13 times>, "\240ZGMZ\177\000\000`_GMZ\177\000\000\360\224R\254\374\177\000\000\a\000\000\000\000\000\000\000\374\257DMZ\177\000\000(\230KdZ\177\000\000\214\260DMZ\177\000\000\004\000\000\000\000\000\000\000\374\257DM\001\000\000\000\360\224R\254\374\177\000\000(\230KdZ\177"}
fd = <optimized out>
len = 0
i = <optimized out>
vcnt = 6
cp = 0x7f5a4d687dc0 <buf> ""
buf = '\000' <repeats 65535 times>
fds = {{fd = 223, events = 0, revents = 0}}
v = 0x7f5a644b98f6
out = {s = 0x0, len = 0}
__FUNCTION__ = "send_rtpp_command"
#1 0x00007f5a4d44f81c in rtpp_test_ping (node=0x7f5a522b2140)
at rtpengine.c:1041
bencbuf = {pieces = 0x7f5a644b97b0, free_list = 0x0, error = 0}
dict = 0x7f5a644b97c8
cp = <optimized out>
ret = 0
#2 0x00007f5a4d454d89 in mi_enable_rtp_proxy (cmd_tree=0x1, param=0x1)
at rtpengine.c:1137
crt_node = 0x0
rtpp_list = 0x7f5a522b1f80
root = 0x16
attr = 0x0
found = 0
__FUNCTION__ = "mi_enable_rtp_proxy"
#3 0x00007f5a515f071e in run_mi_cmd (cmd=<optimized out>,
cmd=<optimized out>, t=<optimized out>) at ../../lib/kmi/mi.h:77
No locals.
#4 mi_fifo_server (fifo_stream=0x27be8a0) at fifo_fnc.c:509
line_len = 39
file_sep = 0x0
command = 0x7f5a644a2b41 "nh_enable_rtpp"
f = 0x276f838
reply_stream = 0x27c4cf0
__FUNCTION__ = "mi_fifo_server"
#5 0x00007f5a515e6345 in fifo_process (rank=1) at mi_fifo.c:270
fifo_stream = 0x27be8a0
__FUNCTION__ = "fifo_process"
#6 0x00007f5a515e8f1e in mi_child_init (rank=0) at mi_fifo.c:234
pid = 0
#7 0x0000000000512ba9 in init_mod_child (m=0x1, rank=1) at sr_module.c:921
__FUNCTION__ = "init_mod_child"
#8 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#9 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#10 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#11 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#12 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#13 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#14 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#15 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#16 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#17 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#18 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#19 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#20 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#21 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#22 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#23 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#24 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#25 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#26 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#27 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#28 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#29 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#30 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#31 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#32 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#33 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#34 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#35 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#36 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#37 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#38 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#39 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#40 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#41 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#42 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#43 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#44 0x0000000000512ad8 in init_mod_child (m=0x1, rank=1) at sr_module.c:918
__FUNCTION__ = "init_mod_child"
#45 0x0000000000510f18 in main_loop () at main.c:1696
si_desc = "udp receiver child=0 sock=127.0.0.1:5060\000\060\066\060\000\000\000\000\270\357DdZ\177\000\000\017\000\000\000\000\000\000\000n\000\000\000\000\000\000\000\255\370_\000\000\000\000\000\071\222\343p\000\000\000\000\000\071X\207\335c\334e\000\000\000\000\000\000\000\000\000\071X\207\335c\334e\210\263\246\000\000\000\000\000\005\000\000\000\000\000\000"
woneinit = 1
__FUNCTION__ = "main_loop"
#46 0x000000000041cefc in main (argc=3, argv=0x0) at main.c:2631
cfg_stream = 0x0
r = 0
tmp = 0x7ffcac52bee5 ""
tmp_len = 0
port = 0
proto = 1722066384
ret = 0
seed = 2123298762
debug_save = 0
debug_flag = 8
dont_fork_cnt = 0
st = {st_dev = 15, st_ino = 12771, st_nlink = 2, st_mode = 16832,
st_uid = 112, st_gid = 118, __pad0 = 0, st_rdev = 0, st_size = 100,
st_blksize = 4096, st_blocks = 0, st_atim = {tv_sec = 1472635951,
tv_nsec = 983999907}, st_mtim = {tv_sec = 1474293427,
tv_nsec = 27546593}, st_ctim = {tv_sec = 1474293427,
tv_nsec = 27546593}, __glibc_reserved = {0, 0, 0}}
__FUNCTION__ = "main"
(gdb)
More information about the sr-users
mailing list