### Description Running kamailio 5.7.1 as a webrtc server on port 7443 ### Troubleshooting #### Reproduction Start it up and wait. Weirdly this one was almost exactly 1 hour since the previous one, probably coincidence as it then crashed 4 times in the space of 4 seconds. #### Debugging Data <!-- If you got a core dump, use gdb to extract troubleshooting data - full backtrace, local variables and the list of the code at the issue location. gdb /path/to/kamailio /path/to/corefile bt full info locals list If you are familiar with gdb, feel free to attach more of what you consider to be relevant. --> ``` (gdb) bt full #0 0x0000000000000000 in ?? () No symbol table info available. #1 0x00007fe80077ef22 in ssl3_finish_mac (s=0x7fe7f01ce9d0, buf=<optimized out>, len=10) at ssl/s3_enc.c:358 ret = <optimized out> __func__ = "ssl3_finish_mac" #2 0x00007fe8007c4e47 in ssl3_do_write (s=0x7fe7f01ce9d0, type=22) at ssl/statem/statem_lib.c:61 ret = <optimized out> written = 10 #3 0x00007fe8007bb276 in statem_do_write (s=0x7fe7f01ce9d0) at ssl/statem/statem.c:719 st = <optimized out> st = <optimized out> #4 write_state_machine (s=0x7fe7f01ce9d0) at ssl/statem/statem.c:884 post_work = 0x7fe8007c9200 <ossl_statem_server_post_work> mt = 8 pkt = {buf = 0x7fe7efa92ba0, staticbuf = 0x0, curr = 10, written = 10, maxsize = 18446744073709551615, subs = 0x0, endfirst = 0} ret = <optimized out> pre_work = 0x7fe8007c8260 <ossl_statem_server_pre_work> get_construct_message_f = 0x7fe8007c1920 <ossl_statem_server_construct_message> confunc = 0x7fe8007c9940 <tls_construct_encrypted_extensions> st = 0x7fe7f01cea18 transition = 0x7fe8007c8cf0 <ossl_statem_server_write_transition> cb = 0x7fe7ff324e72 <sr_ssl_ctx_info_callback> st = <optimized out> ret = <optimized out> transition = <optimized out> pre_work = <optimized out> post_work = <optimized out> get_construct_message_f = <optimized out> cb = <optimized out> confunc = <optimized out> mt = <optimized out> pkt = {buf = <optimized out>, staticbuf = <optimized out>, curr = <optimized out>, written = <optimized out>, maxsize = <optimized out>, subs = <optimized out>, endfirst = <optimized out>} __func__ = {<optimized out> <repeats 20 times>} tmpret = <optimized out> #5 state_machine (s=0x7fe7f01ce9d0, server=<optimized out>) at ssl/statem/statem.c:451 buf = 0x0 cb = <optimized out> st = <optimized out> ret = <optimized out> ssret = <optimized out> __func__ = {<optimized out> <repeats 14 times>} #6 0x00007fe7ff35f584 in tls_accept (c=0x7fe7f0308350, error=0x7ffc91d028d4) at tls_server.c:470 ret = 0 ssl = 0x7fe7f01ce9d0 cert = 0x1 tls_c = 0x7fe7f0253838 tls_log = 0 __func__ = "tls_accept" #7 0x00007fe7ff36a8be in tls_h_read_f (c=0x7fe7f0308350, flags=0x7ffc91d02d10) at tls_server.c:1175 r = 0x7fe7f0308478 bytes_free = 16383 --Type <RET> for more, q to quit, c to continue without paging-- bytes_read = 617 read_size = 16383 ssl_error = 0 ssl_read = 0 ssl = 0x7fe7f01ce9d0 rd_buf = "\026\003\001\002d\001\000\002`\003\003\273\256\310^~;4\027\373W\351H_l/\022\257\060\363\277&\370\065\255\177\037\v\004\t\246\335\\ םC\016e\237\217\021\236\274\232D\321\022\215h\261H%4\332\333\301\200\230؞p茗\341\000 \212\212\023\003\023\001\023\002̨̩\300+\300/\300,\300\060\300\023\300\024\000\234\000\235\000/\000\065\001\000\001\367zz\000\000\000\027\000\000\000\005\000\005\001\000\000\000\000\000\r\000\022\000\020\004\003\b\004\004\001\005\003\b\005\005\001\b\006\006\001\000\020\000\v\000\t\bhttp/1.1\000\022\000\000\000\v\000\002\001\000\000\063\000+\000)::\000\001\000\000\035\000 \006\201T\261\031\274[\263ئ\211\313\067\220"... wr_buf = "\360(ϑ\374\177\000\000\026\003\000\000\026\003\000\000\000\000\001\000\326\315[&\237\273\070\234\313\001\000\204\360\245\035?\244\026\372\206\316\060\"\237\202&z\315,E\016\252}v`\204Z\002cx\313\067\263\070\236\362\320\\\347;]\271\377\247\022S\210^/zn\216;̷\323+כ\360S}\264<\025\366\241p\202%=NAع_\"\324Sqq\273^\343F\353\323\a\035\357\206\035\211F\200m)|w\020\260\000E<0\v\204\353\325\304x\263\334\034tʝWkUH^-KCFR\233\063a\207P\262\030?C\334\315\316M̕\270\033\302\226\315\b\205u5\363\375\346\370\023\027\061Ï\365Ύ\266Q\277\324\"m]Z\351+\254S\372\334\216\060\254"... rd = {buf = 0x7ffc91cf28d0 "\026\003\001\002d\001", pos = 617, used = 617, size = 65536} wr = {buf = 0x7ffc91ce28d0 "\360(ϑ\374\177", pos = 0, used = 0, size = 65536} tls_c = 0x7fe7f0253838 enc_rd_buf = 0x0 n = 0 flush_flags = 0 err_src = 0x7fe7ff3875a0 "TLS read:" ip_buf = '\000' <repeats 63 times> x = 17493065 tls_dbg = 4095 __func__ = "tls_h_read_f" #8 0x00000000006c79bc in tcp_read_headers (c=0x7fe7f0308350, read_flags=0x7ffc91d02d10) at core/tcp_read.c:441 bytes = 65535 remaining = 0 p = 0x2f8ef9f5881 <error: Cannot access memory at address 0x2f8ef9f5881> r = 0x7fe7f0308478 mc = 32743 body_len = 61343 mfline = 0x7fe7ef9f5650 "\201\376\002\370 Ck\246r\006,\357s\027", <incomplete sequence \364> mtransid = {s = 0x7fe7ef9f52a8 "N", len = -274771264} __func__ = "tcp_read_headers" #9 0x00000000006cfb94 in tcp_read_req (con=0x7fe7f0308350, bytes_read=0x7ffc91d02d14, read_flags=0x7ffc91d02d10) at core/tcp_read.c:1469 bytes = -1 total_bytes = 0 resp = 1 size = 176093659136 req = 0x7fe7f0308478 dst = {send_sock = 0x7fe7ef9f52a8, to = {s = {sa_family = 0, sa_data = "\000\020\002\000\000\000\001\000Б)\000\000"}, sin = {sin_family = 0, sin_port = 4096, sin_addr = {s_addr = 2}, sin_zero = "\001\000Б)\000\000"}, sin6 = {sin6_family = 0, sin6_port = 4096, sin6_flowinfo = 2, sin6_addr = {__in6_u = {__u6_addr8 = "\001\000Б)\000\000\000\004\000\231\000\000\000\000", __u6_addr16 = {1, 37328, 41, 0, 4, 153, 0, 0}, __u6_addr32 = {2446327809, 41, 10027012, 0}}}, sin6_scope_id = 18119584}, sas = {ss_family = 0, __ss_padding = "\000\020\002\000\000\000\001\000Б)\000\000\000\004\000\231\000\000\000\000\000\240{\024\001\350\177\000\000@T\237\357\347\177\000\000P,Б\001˾M\020\000\000\000\020\000\000\000\024\000\000\000\000\000\000\000\001\000\000\000\001\000\000\000\017\000\000\000\000\000\000\000\033\000\000\000\000\000\000\000\b-Б\374\177\000\000\b", '\000' <repeats 22 times>, __ss_align = 140722754825120}}, id = 1, send_flags = {f = 0, blst_imask = 0}, proto = -128 '\200', proto_pad0 = 43 '+', proto_pad1 = -28208} c = 0 '\000' ret = 0 __func__ = "tcp_read_req" #10 0x00000000006d4cc3 in handle_io (fm=0x7fe800999c58, events=1, idx=-1) at core/tcp_read.c:1780 ret = 8 n = 8 read_flags = RD_CONN_SHORT_READ con = 0x7fe7f0308350 s = 15 resp = 5340591 t = 0 ee = 0x0 __func__ = "handle_io" #11 0x00000000006c271d in io_wait_loop_epoll (h=0x99b2e0 <io_w>, t=2, repeat=0) at core/io_wait.h:1070 n = 1 r = 0 fm = 0x7fe800999c58 revents = 1 __func__ = "io_wait_loop_epoll" #12 0x00000000006d7a47 in tcp_receive_loop (unix_sock=41) at core/tcp_read.c:1976 __func__ = "tcp_receive_loop" #13 0x00000000006b7689 in tcp_init_children (woneinit=0x7ffc91d030cc) at core/tcp_main.c:5239 r = 0 i = 3 reader_fd_1 = 41 pid = 0 si_desc = "tcp receiver (generic)\000\000\000\000\000\000\000\000\000\000\023e\204\000\000\000\000\000\033\000\000\000\000\000\000\000\240{\024\001\350\177\000\000\000\000\000\020\000\000\000\000`0Б\374\177\000\000\034\003e\000\000\000\000\000`0Б\374\177\000\000\345\030n\000\000\000\000\000\020\060Б\374\177\000\000\252\264~\000\000\000\000\000\023e\204\000\000\000\000\000\310\371\063\357 \000\000" si = 0x0 __func__ = "tcp_init_children" #14 0x000000000042fae9 in main_loop () at main.c:1851 i = 4 pid = 2124 si = 0x0 si_desc = "udp receiver child=3 sock=172.16.128.55:5090\000\235\"r01Б\374\177\000\000\000\000\000\000\000\000\000\000\220\066Б\374\177\000\000\023e\204\000\000\000\000\000\033\000\000\000\000\000\000\000X_\212\000\350\177\000\000\000\000\000\020\000\000\000\000:|\024\001\350\177\000\000\060\000\000\000\060\000\000\000H2Б\374\177\000" nrprocs = 4 woneinit = 1 __func__ = "main_loop" #15 0x0000000000439969 in main (argc=11, argv=0x7ffc91d037a8) at main.c:3086 cfg_stream = 0x1bdf380 c = -1 r = 0 tmp = 0x7ffc91d03ea4 "" tmp_len = 0 port = 0 proto = 0 ahost = 0x0 aport = 0 options = 0x8322d8 ":f:cm:M:dVIhEeb:l:L:n:vKrRDTN:W:w:t:u:g:P:G:SQ:O:a:A:x:X:Y:" ret = -1 seed = 4190893818 rfd = 4 debug_save = 0 debug_flag = 0 dont_fork_cnt = 2 n_lst = 0x200000064 p = 0x0 st = {st_dev = 24, st_ino = 891, st_nlink = 2, st_mode = 16832, st_uid = 990, st_gid = 988, __pad0 = 0, st_rdev = 0, st_size = 40, st_blksize = 4096, st_blocks = 0, st_atim = {tv_sec = 1694643229, tv_nsec = 729000000}, st_mtim = {tv_sec = 1694644781, tv_nsec = 493359816}, st_ctim = {tv_sec = 1694644781, tv_nsec = 493359816}, __glibc_reserved = {0, 0, 0}} tbuf = "\331\\M\001\350\177\000\000\070\033J\001\350\177\000\000 4Б\374\177\000\000\a\000\000\000\000\000\000\000\330\bJ\001\350\177\000\000\a\000\000\000#\000\000\000\060jM\001\350\177\000\000\245\066K\001\350\177\000\000\000\000\000\000\000\000\000\000\220IK\001\350\177\000\000\070\000\001\001\350\177\000\000\000zI\001\350\177\000\000\000\000\000\000\000\000\000\000\360\063Б\374\177\000\000\360^M\001\350\177\000\000\330\032J\001\350\177\000\000\330\032J\001\350\177\000\000\000\000\000\000\000\000\000\000؈I\001\350\177\000\000\360\063Б\374\177\000\000\220uM\001\350\177\000\000\000\000J\001\350\177\000\000\022\fJ\001\350\177\000\000\066\001K\001\350\177\000\000\344#\000\001\350\177\000\000\272\230L\001"... option_index = 12 long_options = {{name = 0x834976 "help", has_arg = 0, flag = 0x0, val = 104}, {name = 0x82f4f4 "version", has_arg = 0, flag = 0x0, val = 118}, {name = 0x83497b "alias", has_arg = 1, flag = 0x0, val = 1024}, {name = 0x834981 "subst", has_arg = 1, flag = 0x0, val = 1025}, {name = 0x834987 "substdef", has_arg = 1, flag = 0x0, val = 1026}, {name = 0x834990 "substdefs", has_arg = 1, flag = 0x0, val = 1027}, { name = 0x83499a "server-id", has_arg = 1, flag = 0x0, val = 1028}, {name = 0x8349a4 "loadmodule", has_arg = 1, flag = 0x0, val = 1029}, {name = 0x8349af "modparam", has_arg = 1, flag = 0x0, val = 1030}, {name = 0x8349b8 "log-engine", has_arg = 1, flag = 0x0, val = 1031}, {name = 0x8349c3 "debug", has_arg = 1, flag = 0x0, val = 1032}, {name = 0x8349c9 "cfg-print", has_arg = 0, flag = 0x0, val = 1033}, { name = 0x8349d3 "atexit", has_arg = 1, flag = 0x0, val = 1034}, {name = 0x8349da "all-errors", has_arg = 0, flag = 0x0, val = 1035}, {name = 0x0, has_arg = 0, flag = 0x0, val = 0}} __func__ = "main" ``` #### Log Messages ``` Sep 13 23:34:53 kamrtc01 /usr/sbin/kamailio[2133]: CRITICAL: <core> [core/mem/q_malloc.c:519]: qm_free(): BUG: freeing already freed pointer (0x7fe7ef9b6800), called from tls: tls_init.c: ser_free(405), first free tls: tls_init.c: ser_free(405) - ignoring Sep 13 23:34:53 kamrtc01 /usr/sbin/kamailio[2132]: CRITICAL: <core> [core/mem/q_malloc.c:519]: qm_free(): BUG: freeing already freed pointer (0x7fe7f04adc20), called from tls: tls_init.c: ser_free(405), first free tls: tls_init.c: ser_free(405) - ignoring Sep 13 23:38:18 kamrtc01 /usr/sbin/kamailio[2133]: CRITICAL: <core> [core/mem/q_malloc.c:519]: qm_free(): BUG: freeing already freed pointer (0x7fe7efa8e9e0), called from tls: tls_init.c: ser_free(405), first free tls: tls_init.c: ser_free(405) - ignoring Sep 13 23:39:26 kamrtc01 /usr/sbin/kamailio[2136]: CRITICAL: <core> [core/mem/q_malloc.c:519]: qm_free(): BUG: freeing already freed pointer (0x7fe7ef9c9468), called from tls: tls_init.c: ser_free(405), first free tls: tls_init.c: ser_free(405) - ignoring Sep 13 23:39:26 kamrtc01 /usr/sbin/kamailio[2132]: CRITICAL: <core> [core/mem/q_malloc.c:519]: qm_free(): BUG: freeing already freed pointer (0x7fe7ef9c3148), called from tls: tls_init.c: ser_free(405), first free tls: tls_init.c: ser_free(405) - ignoring Sep 13 23:39:26 kamrtc01 kernel: kamailio[2132]: segfault at 0 ip 0000000000000000 sp 00007ffc91ce25b8 error 14 in kamailio[400000+1d000] Sep 13 23:39:26 kamrtc01 kernel: Code: Unable to access opcode bytes at RIP 0xffffffffffffffd6. ``` System details the same as in https://github.com/kamailio/kamailio/issues/3563 -- Reply to this email directly or view it on GitHub: https://github.com/kamailio/kamailio/issues/3564 You are receiving this because you are subscribed to this thread. Message ID: &lt;kamailio/kamailio/issues/3564(a)github.com&gt;