With Kamalio master, RPC command keepalive.list causes crash (at least when there is nothing in the list).
gdb) bt full #0 rpc_struct_add (s=0x560b4df75830, fmt=0x7f2da23322c3 "SS") at binrpc_run.c:1092 ap = {{gp_offset = 32, fp_offset = 48, overflow_arg_area = 0x7ffebd54cfc0, reg_save_area = 0x7ffebd54ced0}} err = -1118515440 avp = {name = {s = 0x7f2da23322bf "uri", len = 3}, type = 1, u = {strval = {s = 0x0, len = 0}, fval = 0, intval = 0, end = 0}} rs = 0x7ffebd54d0e0 __func__ = "rpc_struct_add" #1 0x00007f2da2322776 in keepalive_rpc_list (rpc=0x7f2da2f022e0 <binrpc_callbacks>, ctx=0x7ffebd54d0e0) at keepalive_rpc.c:86 sub = 0x560b4df75830 dest = 0x1 t_buf = '\000' <repeats 25 times> #2 0x00007f2da2ecc993 in process_rpc_req ( buf=0x560b4df55784 "\241\003\021'\332D}\221\017keepalive.list", size=24, bytes_needed=0x7ffebd54d1e8, sh=0x7ffebd54d250, saved_state=0x560b4df65788) at binrpc_run.c:683 err = 0 val = {name = {s = 0x7ffebd54d1c0 " \323T\275\376\177", len = -1561476359}, type = 1, u = {strval = {s = 0x560b4df5578d "keepalive.list", len = 14}, fval = 4.6741847488088159e-310, intval = 1307924365, end = 1307924365}} rpc_e = 0x7f2da3c91910 f_ctx = {in = {ctx = {tlen = 17, cookie = 668615805, type = 0, flags = 1, offset = 17, in_struct = 0, in_array = 0}, s = 0x560b4df5579c "", end = 0x560b4df5579c "", record_no = 0, in_struct = 0}, out = {pkt = { body = 0x560b4df65820 "\003\203", end = 0x560b4df75820 "", crt = 0x560b4df65822 ""}, structs = {next = 0x560b4df75830, prev = 0x560b4df75830}}, send_h = 0x7ffebd54d250, method = 0x560b4df5578d "keepalive.list", gc = 0x0, replied = 0, err_code = 0, --Type <RET> for more, q to quit, c to continue without paging-- err_phrase = {s = 0x0, len = 0}} ctx = 0x7ffebd54d0e0 __func__ = "process_rpc_req" #3 0x00007f2da2ee9ae9 in handle_stream_read (s_c=0x560b4df55750, idx=-1) at io_listener.c:511 bytes_free = 65535 bytes_read = 24 bytes_needed = 1307733728 bytes_processed = 22027 r = 0x560b4df55770 sh = {fd = 15, type = 0, from = {sa_in = {s = {sa_family = 0, sa_data = "\000\000\000\000\000\000\001\000\377\377\377\377\377\377"}, sin = { sin_family = 0, sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\001\000\377\377\377\377\377\377"}, sin6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u = { __u6_addr8 = "\001\000", '\377' <repeats 14 times>, __u6_addr16 = {1, 65535, 65535, 65535, 65535, 65535, 65535, 65535}, __u6_addr32 = { 4294901761, 4294967295, 4294967295, 4294967295}}}, sin6_scope_id = 0}, sas = {ss_family = 0, __ss_padding = "\000\000\000\000\000\000\001\000", '\377' <repeats 14 times>, '\000' <repeats 16 times>, "\001\000\000\000\000\000\000\000\260:\n\232-\177", '\000' <repeats 18 times>, "\340\322T\275\001\000\000\000\260:\n\232-\177\000\000\340\322T\275\376\177\000\000\231{\355\242-\177\000\000\000\000\300\000\000\000\000\000\260:\n\232-\177\000", __ss_align = 10513424}}, sa_un = {sun_family = 0, sun_path = "\000\000\000\000\000\000\001\000", '\377' <repeats 14 times>, '\000' <repeats 16 times>, "\001\000\000\000\000\000\000\000\260:\n\232-\177", '\000' <repeats 18 times>, "\340\322T\275\001\000\000\000\260:\n\232-\177\000\000\340\322T\275\376\177\000\000\231{\355\242-\177\000\000\000\000\300\000\000"}}, from_len = 0} __func__ = "handle_stream_read" #4 0x00007f2da2eeb870 in handle_io (fm=0x7f2da3ca38a8, events=1, idx=-1) at io_listener.c:706 --Type <RET> for more, q to quit, c to continue without paging-- ret = 1 __func__ = "handle_io" #5 0x00007f2da2ee2092 in io_wait_loop_epoll (h=0x7f2da2f02380 <ctl_io_h>, t=10, repeat=0) at ../../core/io_wait.h:1070 n = 1 r = 0 fm = 0x7f2da3ca38a8 revents = 1 __func__ = "io_wait_loop_epoll" #6 0x00007f2da2ee6707 in io_listen_loop (fd_no=1, cs_lst=0x560b4df26ee0) at io_listener.c:281 max_fd_no = 295 poll_err = 0x0 poll_method = 2 cs = 0x0 type = 2 __func__ = "io_listen_loop" #7 0x00007f2da2ef1aa2 in mod_child (rank=0) at ctl.c:338 pid = 0 cs = 0x7f2d9a0a2850 rpc_handler = 1 __func__ = "mod_child" #8 0x0000560b4d8349f7 in init_mod_child (m=0x7f2da3cc0370, rank=0) at core/sr_module.c:827 __func__ = "init_mod_child" #9 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc07a0, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #10 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc0ad0, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #11 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc12b0, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" --Type <RET> for more, q to quit, c to continue without paging-- #12 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc1770, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #13 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc1a40, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #14 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc1ed0, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #15 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc2710, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #16 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc2a20, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #17 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc2d20, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #18 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc3730, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #19 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc39c0, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #20 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc3c10, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #21 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc3f40, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #22 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc47c0, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #23 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc4a90, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #24 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc4e30, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #25 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc5370, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #26 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc5980, rank=0) at core/sr_module.c:823 --Type <RET> for more, q to quit, c to continue without paging-- __func__ = "init_mod_child" #27 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc7850, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #28 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc7ec0, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #29 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc81d0, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #30 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc8550, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #31 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc87a0, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #32 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc9270, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #33 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cc99f0, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #34 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cca070, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #35 0x0000560b4d834612 in init_mod_child (m=0x7f2da3ccfb30, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #36 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd0260, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #37 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd05d0, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #38 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd0970, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #39 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd0bc0, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #40 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd1280, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" --Type <RET> for more, q to quit, c to continue without paging-- #41 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd1580, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #42 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd1960, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #43 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd24c0, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #44 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd29f0, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #45 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd2d00, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #46 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd3330, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #47 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd35c0, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #48 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd38f0, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #49 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd4340, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #50 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd4990, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #51 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd4d50, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #52 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd5d70, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #53 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd6010, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #54 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd6230, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #55 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd64f0, rank=0) at core/sr_module.c:823 --Type <RET> for more, q to quit, c to continue without paging-- __func__ = "init_mod_child" #56 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd6a90, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #57 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd6d90, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #58 0x0000560b4d834612 in init_mod_child (m=0x7f2da3cd7300, rank=0) at core/sr_module.c:823 __func__ = "init_mod_child" #59 0x0000560b4d835322 in init_child (rank=0) at core/sr_module.c:872 ret = 32557 type = 0x560b4db1a8ab "PROC_MAIN" __func__ = "init_child" #60 0x0000560b4d6dfd7c in main_loop () at main.c:1767 i = 8 pid = 14131 si = 0x0 si_desc = "udp receiver child=7 sock=127.0.0.1:5070\000\060\060\062\000\000\000\000\003\000\000\000)\000\000\000\000\223\354\277LǶ\a\000\000\000\000\000\000\000\000\210p\256M\vV\000\000\000\000\000\000\000\000\000\000\260\f\225\244-\177\000\000\003\263\263M\vV\000\000\000\000\000\b\000\000\000\000 \002U\275\376\177\000\000\201\210\231M\vV\000" nrprocs = 8 woneinit = 1 __func__ = "main_loop" #61 0x0000560b4d6ea1fa in main (argc=17, argv=0x7ffebd550768) at main.c:2878 cfg_stream = 0x560b4de16260 c = -1 r = 0 tmp = 0x7ffebd551f2d "" tmp_len = 32766 port = -1530935202 --Type <RET> for more, q to quit, c to continue without paging-- proto = 32557 ahost = 0x0 aport = 0 options = 0x560b4dae9a20 ":f:cm:M:dVIhEeb:l:L:n:vKrRDTN:W:w:t:u:g:P:G:SQ:O:a:A:x:X:Y:" ret = -1 seed = 3854247729 rfd = 4 debug_save = 0 debug_flag = 0 dont_fork_cnt = 0 n_lst = 0x7f2da4be1f10 p = 0x0 st = {st_dev = 20, st_ino = 21827, st_nlink = 2, st_mode = 16832, st_uid = 110, st_gid = 115, __pad0 = 0, st_rdev = 0, st_size = 40, st_blksize = 4096, st_blocks = 0, st_atim = {tv_sec = 1605600824, tv_nsec = 239389389}, st_mtim = { tv_sec = 1612186501, tv_nsec = 682961986}, st_ctim = {tv_sec = 1612186523, tv_nsec = 411094638}, __glibc_reserved = {0, 0, 0}} tbuf = "\001\000\000\000\000\000\000\000\b\000\000\000\000\000\000\000\060\307\301\244-\177\000\000\000\000\000\000\000\000\000\000\240\241U\275\376\177\000\000\364ʿ\244-\177\000\000\b\000\000\000\000\000\000\000\230\242U\275\376\177\000\000\060\307\301\244-\177\000\000\b\005U\275\376\177\000\000\004\005U\275\376\177", '\000' <repeats 18 times>, "\230\242U\275\376\177\000\000\250\241U\275\376\177\000\000'ޝ\244-\177\000\000&\260be\000\000\000\000p\006U\275\376\177\000\000\300\212\225\001\000\000\000\000\320\005U\275\376\177\000\000\300\005U\275\376\177\000\000\b\005U\275\376\177\000\000X\307\301\244-\177\000\000\001", '\000' <repeats 31 times>... option_index = 0 long_options = {{name = 0x560b4daeba77 "help", has_arg = 0, flag = 0x0, val = 104}, { name = 0x560b4dae74e3 "version", has_arg = 0, flag = 0x0, val = 118}, { name = 0x560b4daeba7c "alias", has_arg = 1, flag = 0x0, val = 1024}, { name = 0x560b4daeba82 "subst", has_arg = 1, flag = 0x0, val = 1025}, { --Type <RET> for more, q to quit, c to continue without paging-- name = 0x560b4daeba88 "substdef", has_arg = 1, flag = 0x0, val = 1026}, { name = 0x560b4daeba91 "substdefs", has_arg = 1, flag = 0x0, val = 1027}, { name = 0x560b4daeba9b "server-id", has_arg = 1, flag = 0x0, val = 1028}, { name = 0x560b4daebaa5 "loadmodule", has_arg = 1, flag = 0x0, val = 1029}, { name = 0x560b4daebab0 "modparam", has_arg = 1, flag = 0x0, val = 1030}, { name = 0x560b4daebab9 "log-engine", has_arg = 1, flag = 0x0, val = 1031}, { name = 0x560b4daebac4 "debug", has_arg = 1, flag = 0x0, val = 1032}, { name = 0x560b4daebaca "cfg-print", has_arg = 0, flag = 0x0, val = 1033}, { name = 0x0, has_arg = 0, flag = 0x0, val = 0}} __func__ = "main"
For some reason destination list is allocated with one uninitialized item already in it: ``` int ka_alloc_destinations_list() { if(ka_destinations_list != NULL) { LM_DBG("ka_destinations_list already allocated\n"); return 1; }
ka_destinations_list = (ka_destinations_list_t *)shm_malloc( sizeof(ka_destinations_list_t)); ``` It may be the source of trouble when keepalive_rpc_list tries to list it: ``` static void keepalive_rpc_list(rpc_t *rpc, void *ctx) { void *sub; ka_dest_t *dest; char t_buf[26] = {0};
for(dest = ka_destinations_list->first; dest != NULL; dest = dest->next) { ```
I pushed a fix for two cases when allocation was not initialized. Can you try with latest master?
Daniel-Constantin Mierla writes:
I pushed a fix for two cases when allocation was not initialized. Can you try with latest master?
Thanks, now keepalive.list works when there is nothing in the list.
But the second issue (that I didn't create yet) still exists, i.e., trying to add something to a list hangs and never returns, for example
kamailio_ctl> keepalive.add sip:example.com:5060 test
Closed #2618.
-
Daniel-Constantin Mierla -
Juha Heinanen -
juha-h