On core load

Using host libthread_db library "/lib64/libthread_db.so.1".
Core was generated by `/usr/sbin/kamailio --atexit=no -DD -P /run/kamailio/kamailio.pid -f /etc/kamail'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x0000ffff94f36350 in strlen () from /lib64/libc.so.6
Missing separate debuginfos, use: yum debuginfo-install glibc-2.28-236.el8.aarch64 jansson-2.14-1.el8.aarch64 json-c-0.13.1-3.el8.aarch64 keyutils-libs-1.5.10-9.el8.aarch64 krb5-libs-1.18.2-25.el8.aarch64 libblkid-2.32.1-43.el8.aarch64 libcom_err-1.45.6-5.el8.aarch64 libcurl-minimal-7.61.1-33.el8.aarch64 libevent-2.1.8-5.el8.aarch64 libgcc-8.5.0-20.el8.aarch64 libmount-2.32.1-43.el8.aarch64 libnghttp2-1.33.0-3.el8_2.1.aarch64 librabbitmq-0.9.0-4.el8.aarch64 libselinux-2.9-8.el8.aarch64 libunistring-0.9.9-3.el8.aarch64 libuuid-2.32.1-43.el8.aarch64 libxml2-2.9.7-16.el8.aarch64 mariadb-connector-c-3.1.11-2.el8_3.aarch64 openssl-libs-1.1.1k-9.el8.aarch64 pcre-8.42-6.el8.aarch64 pcre2-10.32-3.el8.aarch64 systemd-libs-239-78.el8.aarch64 xz-libs-5.2.4-4.el8.aarch64 zlib-1.2.11-25.el8.aarch64

bt full

#0  0x0000ffff94f36350 in strlen () from /lib64/libc.so.6
No symbol table info available.
#1  0x0000ffff94f60c7c in vfprintf () from /lib64/libc.so.6
No symbol table info available.
#2  0x0000ffff94fe500c in __vsyslog_chk () from /lib64/libc.so.6
No symbol table info available.
#3  0x0000ffff94fe5110 in syslog () from /lib64/libc.so.6
No symbol table info available.
#4  0x000000000077ebb8 in qm_status (qmp=0xffff8acee000) at core/mem/q_malloc.c:877
        __llevel = -4
        qm = 0xffff8acee000
        f = 0xffff8c0e0c08
        i = 5961
        j = 9650680
        h = 0
        unused = 0
        memlog = -4
        mem_summary = 0
        __func__ = "qm_status"
        __llevel = <optimized out>
        __kld = <optimized out>
#5  0x0000000000772e30 in qm_debug_check_frag (qm=0xffff8acee000, f=0xffff8c0e0c08, file=0xffff8a2a47f0 "kazoo: kz_amqp.c", line=633, efile=0x934218 "core/mem/q_malloc.c", eline=511) at core/mem/q_malloc.c:139
        p = 0xffffd0ed96e0
        __func__ = "qm_debug_check_frag"
#6  0x00000000007775c8 in qm_free (qmp=0xffff8acee000, p=0xffff8c0e0c40, file=0xffff8a2a47f0 "kazoo: kz_amqp.c", func=0xffff8a2abcb0 <__func__.18644> "kz_amqp_destroy_channels", line=633, mname=0xffff8a2a4350 "kazoo") at core/mem/q_malloc.c:511
        qm = 0xffff8acee000
        f = 0xffff8c0e0c08
        size = 281472999768912
        next = 0xd0ed9740
        prev = 0x1
        __func__ = "qm_free"
#7  0x0000000000784058 in qm_shm_free (qmp=0xffff8acee000, p=0xffff8c0e0c40, file=0xffff8a2a47f0 "kazoo: kz_amqp.c", func=0xffff8a2abcb0 <__func__.18644> "kz_amqp_destroy_channels", line=633, mname=0xffff8a2a4350 "kazoo") at core/mem/q_malloc.c:1350
No locals.
#8  0x0000ffff8a248270 in kz_amqp_destroy_channels (server_ptr=0xffff8ad28880) at kz_amqp.c:633
        i = 25
        __func__ = "kz_amqp_destroy_channels"
#9  0x0000ffff8a2482b4 in kz_amqp_destroy_server (server_ptr=0xffff8ad28880) at kz_amqp.c:641
        next = 0x0
        __func__ = "kz_amqp_destroy_server"
#10 0x0000ffff8a248388 in kz_amqp_destroy_zone (zone_ptr=0xffff8ad28410) at kz_amqp.c:652
        next = 0xffff8ad28918
        server_ptr = 0xffff8ad28880
        __func__ = "kz_amqp_destroy_zone"
#11 0x0000ffff8a248488 in kz_amqp_destroy_zones () at kz_amqp.c:664
        g = 0xffff8ad28410
        __func__ = "kz_amqp_destroy_zones"
#12 0x0000ffff8a248510 in kz_amqp_destroy () at kz_amqp.c:672
        __func__ = "kz_amqp_destroy"
#13 0x0000ffff8a2402a0 in mod_destroy () at kazoo.c:541
        __func__ = "mod_destroy"
#14 0x00000000005e1670 in destroy_modules () at core/sr_module.c:842
        t = 0xffff9379c750
        foo = 0xffff9379b798
        __func__ = "destroy_modules"
#15 0x000000000041e81c in cleanup (show_status=1) at main.c:561
        memlog = -767102331
        __func__ = "cleanup"
#16 0x00000000004208b4 in shutdown_children (sig=15, show_status=1) at main.c:704
        __func__ = "shutdown_children"
#17 0x00000000004217d0 in handle_sigs () at main.c:735
        chld = 65535
        chld_status = 0
        any_chld_stopped = 0
        memlog = 4407388
        __func__ = "handle_sigs"
#18 0x0000000000434058 in main_loop () at main.c:1900
        i = 8
        pid = 1350059
        si = 0x0
        si_desc = "udp receiver child=7 sock=[2605:84c0:51:1f04::6]:5080\000\000\000\360\234\355\320\377\377\000\000صx\223\377\377\000\000\300\234\355\320\377\377\000\000\250\303Փ\377\377\000\000\340\234\355\320\377\377\000\000\360\234\355\320\377\377\000\000\360\234\355\320\377\377\000\000\300\234\355\320\377\377\000\000\320\377\377\377\200\377\377\377"
        nrprocs = 8
        woneinit = 1
        __func__ = "main_loop"
#19 0x000000000043f094 in main (argc=11, argv=0xffffd0eda278) at main.c:3078
        cfg_stream = 0xec522a0
        c = -1
        r = 0
        tmp = 0xffffd0edae66 ""
        tmp_len = 0
        port = 0
        proto = 65535
        ahost = 0x0
        aport = 0
        options = 0x8c99d0 ":f:cm:M:dVIhEeb:l:L:n:vKrRDTN:W:w:t:u:g:P:G:SQ:O:a:A:x:X:Y:"
        ret = -1
        seed = 1225301378
        rfd = 4
        debug_save = 0
        debug_flag = 0
        dont_fork_cnt = 2
        n_lst = 0xffffffff
        p = 0xffff94f39348 <__libc_start_main+160> ""
        st = {st_dev = 22, st_ino = 18918, st_mode = 16832, st_nlink = 2, st_uid = 992, st_gid = 987, st_rdev = 0, __pad1 = 0, st_size = 60, st_blksize = 4096, __pad2 = 0, st_blocks = 0, st_atim = {tv_sec = 1695127265, tv_nsec = 210164976}, st_mtim = {tv_sec = 1695742685, tv_nsec = 688032700}, st_ctim = {tv_sec = 1695742685, tv_nsec = 688032700}, __glibc_reserved = {0, 0}}
        tbuf = '\000' <repeats 56 times>, "xN!\225\377\377\000\000hN!\225\377\377\000\000\bN!\225\377\377\000\000(N!\225\377\377\000\000\070N!\225\377\377\000\000\250N!\225\377\377\000\000\270N!\225\377\377\000\000\310N!\225\377\377\000\000HN!\225\377\377\000\000XN!\225\377\377", '\000' <repeats 18 times>, "\330M!\225\377\377", '\000' <repeats 42 times>...
        option_index = 12
        long_options = {{name = 0x8cbda8 "help", has_arg = 0, flag = 0x0, val = 104}, {name = 0x8c6c10 "version", has_arg = 0, flag = 0x0, val = 118}, {name = 0x8cbdb0 "alias", has_arg = 1, flag = 0x0, val = 1024}, {name = 0x8cbdb8 "subst", has_arg = 1, flag = 0x0, val = 1025}, {name = 0x8cbdc0 "substdef", has_arg = 1, flag = 0x0, val = 1026}, {name = 0x8cbdd0 "substdefs", has_arg = 1, flag = 0x0, val = 1027}, {name = 0x8cbde0 "server-id", has_arg = 1, flag = 0x0, val = 1028}, {name = 0x8cbdf0 "loadmodule", has_arg = 1, flag = 0x0, val = 1029}, {name = 0x8cbe00 "modparam", has_arg = 1, flag = 0x0, val = 1030}, {name = 0x8cbe10 "log-engine", has_arg = 1, flag = 0x0, val = 1031}, {name = 0x8cbe20 "debug", has_arg = 1, flag = 0x0, val = 1032}, {name = 0x8cbe28 "cfg-print", has_arg = 0, flag = 0x0, val = 1033}, {name = 0x8cbe38 "atexit", has_arg = 1, flag = 0x0, val = 1034}, {name = 0x0, has_arg = 0, flag = 0x0, val = 0}}
        __func__ = "main"

Some more info

(gdb) f 8 
#8  0x0000ffff8a248270 in kz_amqp_destroy_channels (server_ptr=0xffff8ad28880) at kz_amqp.c:633
633		shm_free(server_ptr->channels);
(gdb) list
628		for(i=0; i < dbk_channels; i++) {
629			if(server_ptr->channels[i].targeted != NULL) {
630				kz_amqp_free_bind(server_ptr->channels[i].targeted);
631			}
632		}
633		shm_free(server_ptr->channels);
634		server_ptr->channels = NULL;
635	}
636	
637	kz_amqp_server_ptr kz_amqp_destroy_server(kz_amqp_server_ptr server_ptr)
(gdb) p server_ptr
$1 = (kz_amqp_server_ptr) 0xffff8ad28880
(gdb) p *server_ptr
$2 = {id = 1, channel_index = 20, zone = 0xffff8ad28410, connection = 0xffff8ad28578, producer = 0xffff8c754700, channels = 0xffff8c0e0c40, next = 0x0}
(gdb) p server_ptr->channels
$3 = (kz_amqp_channel_ptr) 0xffff8c0e0c40
(gdb) p *server_ptr->channels
$4 = {cmd = 0x0, targeted = 0xffff8c0e1220, consumer = 0x0, channel = 1, state = KZ_AMQP_CHANNEL_FREE, timer = {tv_sec = 1700266610, tv_usec = 250929}, lock = 0}
(gdb) f 7
#7  0x0000000000784058 in qm_shm_free (qmp=0xffff8acee000, p=0xffff8c0e0c40, file=0xffff8a2a47f0 "kazoo: kz_amqp.c", func=0xffff8a2abcb0 <__func__.18644> "kz_amqp_destroy_channels", line=633, mname=0xffff8a2a4350 "kazoo") at core/mem/q_malloc.c:1350
1350		qm_free(qmp, p, file, func, line, mname);
(gdb) list
1345	}
1346	void qm_shm_free(void* qmp, void* p, const char* file, const char* func,
1347			unsigned int line, const char* mname)
1348	{
1349		qm_shm_lock();
1350		qm_free(qmp, p, file, func, line, mname);
1351		qm_shm_unlock();
1352	}
1353	#else
1354	void* qm_shm_malloc(void* qmp, size_t size)

This happened on customized Kamailio 5.6.4 where reverted some commits.
If it does not make sense for you please close.


Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.Message ID: <kamailio/kamailio/issues/3648@github.com>