[OpenSIPS-Devel] [opensips] Intermittent segmentation fault in flat_db_insert when acc db_missed_flag param is set [2.1] (#559)

pbaines notifications at github.com
Mon Jun 22 15:39:28 CEST 2015


Hello,

We are seeing intermittent crashes of opensips. The coredump appears to point towards the flatstore module:

```
Program terminated with signal 11, Segmentation fault.
#0  0x00007f1729aec3c2 in flat_db_insert (h=<optimized out>, k=<optimized out>, v=0x7f1729694080, n=23) at flatstore.c:368
368                             FLAT_COPY(i, VAL_STR(v + i).s, VAL_STR(v + i).len);
```

Removing the following from the config script seems to have solved the crashing issues for now:

```
modparam("acc", "db_missed_flag", "ACC_MISSED")
setflag(ACC_MISSED);
```

Below is the full output from gdb:

```
Reading symbols from /usr/local/opensips_pbx/sbin/opensips...done.
[New LWP 31520]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `/usr/local/opensips_pbx/sbin/opensips -P /var/run/opensips/opensips.pid -m 64 -'.
Program terminated with signal 11, Segmentation fault.
#0  0x00007f1729aec3c2 in flat_db_insert (h=<optimized out>, k=<optimized out>, v=0x7f1729694080, n=23) at flatstore.c:368
368				FLAT_COPY(i, VAL_STR(v + i).s, VAL_STR(v + i).len);
#0  0x00007f1729aec3c2 in flat_db_insert (h=<optimized out>, k=<optimized out>, v=0x7f1729694080, n=23) at flatstore.c:368
        len = 0
        s = 0x7f1700000003 <Address 0x7f1700000003 out of bounds>
        aux = <optimized out>
        l = 25
        p = 0x7f1700000003 <Address 0x7f1700000003 out of bounds>
        f = 0xced3f0
        i = <optimized out>
        auxl = <optimized out>
        aux = <optimized out>
        begin = 0x7f172cc02220 "INVITE94988e1Z06Zvcb9e8ce3ae3166206-9373-1233-7682-0800275a62ce486Busy here1434972185"
        __FUNCTION__ = "flat_db_insert"
#1  0x00007f172945c567 in acc_db_request (rq=rq at entry=0x7f172c763580, rpl=rpl at entry=0x7f172cbfdbb0, ins_list=ins_list at entry=0x7f1729696600, cdr_flag=<optimized out>) at acc.c:640
        my_ps_ins = 0x0
        my_ps = 0x0
        m = 9
        n = <optimized out>
        i = <optimized out>
        _created = <optimized out>
        _setup_time = 694695888
        __FUNCTION__ = "acc_db_request"
#2  0x00007f17294694f8 in on_missed (code=<optimized out>, reply=0x7f172cbfdbb0, req=0x7f172c763580, t=<optimized out>) at acc_logic.c:456
        new_uri_bk = {s = 0x7f172cbffeb8 "sip:2010 at 10.15.20.53:5060;transport=udp;registering_acc=pbx_sourcevox_com", len = 73}
        flags_to_reset = 0
#3  tmcb_func (ps=<optimized out>, t=<optimized out>, type=<optimized out>) at acc_logic.c:685
No locals.
#4  tmcb_func (t=<optimized out>, type=<optimized out>, ps=<optimized out>) at acc_logic.c:680
No locals.
#5  0x00007f172c511702 in run_trans_callbacks (type=type at entry=32, trans=trans at entry=0x7f17229c2230, req=req at entry=0x7f172c763580, rpl=<optimized out>, code=<optimized out>) at t_hooks.c:209
        params = {req = 0x7f172c763580, rpl = 0x7f172cbfdbb0, code = 486, param = 0x7f17229ceaa0, extra1 = 0x0, extra2 = 0x0}
        cbp = 0x7f17229cea90
        backup = 0x7f17229c3c48
        trans_backup = 0x7f17229c2230
        __FUNCTION__ = "run_trans_callbacks"
#6  0x00007f172c535e98 in run_failure_handlers (t=0x7f17229c2230) at t_reply.c:569
        uac = <optimized out>
        on_failure = <optimized out>
        shmem_msg = 0x7f17229ec148
        faked_req = {id = 29, first_line = {type = 1, len = 43, u = {request = {method = {
                  s = 0x7f17229ec9d8 "INVITE sip:2010 at 10.15.20.160:5060 SIP/2.0\r\nVia: SIP/2.0/UDP 10.15.20.160:5090;rport;branch=z9hG4bKgj6c9aBHg3y4D\r\nMax-Forwards: 66\r\nFrom: \"2008\" <sip:2008 at pbx.sourcevox.com>;tag=94988e1Z06Zvc\r\nTo: <sip"..., len = 6}, uri = {
                  s = 0x7f17229ec9df "sip:2010 at 10.15.20.160:5060 SIP/2.0\r\nVia: SIP/2.0/UDP 10.15.20.160:5090;rport;branch=z9hG4bKgj6c9aBHg3y4D\r\nMax-Forwards: 66\r\nFrom: \"2008\" <sip:2008 at pbx.sourcevox.com>;tag=94988e1Z06Zvc\r\nTo: <sip:2010 at 1"..., len = 26}, version = {
                  s = 0x7f17229ec9fa "SIP/2.0\r\nVia: SIP/2.0/UDP 10.15.20.160:5090;rport;branch=z9hG4bKgj6c9aBHg3y4D\r\nMax-Forwards: 66\r\nFrom: \"2008\" <sip:2008 at pbx.sourcevox.com>;tag=94988e1Z06Zvc\r\nTo: <sip:2010 at 10.15.20.160:5060>\r\nCall-ID:"..., len = 7}, method_value = 1}, reply = {version = {
                  s = 0x7f17229ec9d8 "INVITE sip:2010 at 10.15.20.160:5060 SIP/2.0\r\nVia: SIP/2.0/UDP 10.15.20.160:5090;rport;branch=z9hG4bKgj6c9aBHg3y4D\r\nMax-Forwards: 66\r\nFrom: \"2008\" <sip:2008 at pbx.sourcevox.com>;tag=94988e1Z06Zvc\r\nTo: <sip"..., len = 6}, status = {
                  s = 0x7f17229ec9df "sip:2010 at 10.15.20.160:5060 SIP/2.0\r\nVia: SIP/2.0/UDP 10.15.20.160:5090;rport;branch=z9hG4bKgj6c9aBHg3y4D\r\nMax-Forwards: 66\r\nFrom: \"2008\" <sip:2008 at pbx.sourcevox.com>;tag=94988e1Z06Zvc\r\nTo: <sip:2010 at 1"..., len = 26}, reason = {
                  s = 0x7f17229ec9fa "SIP/2.0\r\nVia: SIP/2.0/UDP 10.15.20.160:5090;rport;branch=z9hG4bKgj6c9aBHg3y4D\r\nMax-Forwards: 66\r\nFrom: \"2008\" <sip:2008 at pbx.sourcevox.com>;tag=94988e1Z06Zvc\r\nTo: <sip:2010 at 10.15.20.160:5060>\r\nCall-ID:"..., len = 7}, statuscode = 1}}}, via1 = 0x7f17229ecf60, via2 = 0x0, headers = 0x7f17229ecf18, last_header = 0x7f17229edce0, 
          parsed_flag = 18446744073709551615, h_via1 = 0x7f17229ecf18, h_via2 = 0x0, callid = 0x7f17229ed7e8, to = 0x7f17229ed498, cseq = 0x7f17229ed830, from = 0x7f17229ed118, contact = 0x7f17229ed8a8, 
          maxforwards = 0x7f17229ed0d0, route = 0x0, record_route = 0x0, path = 0x0, content_type = 0x7f17229eda10, content_length = 0x7f17229edaa0, authorization = 0x0, expires = 0x0, proxy_auth = 0x0, 
          supported = 0x7f17229ed980, proxy_require = 0x0, unsupported = 0x0, allow = 0x7f17229ed938, event = 0x0, accept = 0x0, accept_language = 0x0, organization = 0x0, priority = 0x0, subject = 0x0, 
          user_agent = 0x7f17229ed8f0, content_disposition = 0x7f17229eda58, accept_disposition = 0x0, diversion = 0x0, rpid = 0x7f17229edce0, refer_to = 0x0, session_expires = 0x0, min_se = 0x0, 
          ppi = 0x0, pai = 0x0, privacy = 0x0, call_info = 0x0, www_authenticate = 0x0, proxy_authenticate = 0x0, min_expires = 0x0, sdp = 0x0, multi = 0x0, 
          eoh = 0x7f17229ece19 "\r\nv=0\r\no=FreeSWITCH 1434953118 1434953119 IN IP4 10.15.20.160\r\ns=FreeSWITCH\r\nc=IN IP4 10.15.20.160\r\nt=0 0\r\nm=audio 19064 RTP/AVP 0 8 101 13\r\na=rtpmap:0 PCMU/8000\r\na=rtpmap:8 PCMA/8000\r\na=rtpmap:101 te"..., 
          unparsed = 0x7f17229ece19 "\r\nv=0\r\no=FreeSWITCH 1434953118 1434953119 IN IP4 10.15.20.160\r\ns=FreeSWITCH\r\nc=IN IP4 10.15.20.160\r\nt=0 0\r\nm=audio 19064 RTP/AVP 0 8 101 13\r\na=rtpmap:0 PCMU/8000\r\na=rtpmap:8 PCMA/8000\r\na=rtpmap:101 te"..., rcv = {src_ip = {af = 2, len = 4, u = {addrl = {2685669130, 90194313233}, addr32 = {2685669130, 0, 17, 21}, addr16 = {3850, 40980, 0, 0, 17, 0, 21, 
                  0}, addr = "\n\017\024\240\000\000\000\000\021\000\000\000\025\000\000"}}, dst_ip = {af = 2, len = 4, u = {addrl = {2685669130, 0}, addr32 = {2685669130, 0, 0, 0}, addr16 = {3850, 40980, 
                  0, 0, 0, 0, 0, 0}, addr = "\n\017\024\240", '\000' <repeats 11 times>}}, src_port = 5090, dst_port = 5060, proto = 1, proto_reserved1 = 0, proto_reserved2 = 0, src_su = {s = {
                sa_family = 2, sa_data = "\023\342\n\017\024\240\000\000\000\000\000\000\000"}, sin = {sin_family = 2, sin_port = 57875, sin_addr = {s_addr = 2685669130}, 
                sin_zero = "\000\000\000\000\000\000\000"}, sin6 = {sin6_family = 2, sin6_port = 57875, sin6_flowinfo = 2685669130, sin6_addr = {__in6_u = {
                    __u6_addr8 = "\000\000\000\000\000\000\000\000\001\000\000\000\000\000\000", __u6_addr16 = {0, 0, 0, 0, 1, 0, 0, 0}, __u6_addr32 = {0, 0, 1, 0}}}, sin6_scope_id = 5133244}}, 
            bind_address = 0x7f172cb76f68}, 
          buf = 0x7f17229ec9d8 "INVITE sip:2010 at 10.15.20.160:5060 SIP/2.0\r\nVia: SIP/2.0/UDP 10.15.20.160:5090;rport;branch=z9hG4bKgj6c9aBHg3y4D\r\nMax-Forwards: 66\r\nFrom: \"2008\" <sip:2008 at pbx.sourcevox.com>;tag=94988e1Z06Zvc\r\nTo: <sip"..., len = 1338, new_uri = {
            s = 0x7f17229cf0b7 "sip:2010 at 10.15.20.53:5060;transport=udp;registering_acc=pbx_sourcevox_com SIP/2.0\r\nVia: SIP/2.0/UDP 10.15.20.160:5060;branch=z9hG4bKacd9.6a24c876.0\r\nMax-Forwards: 66\r\nFrom: \"2008\" <sip:2008 at pbx.source"..., len = 73}, dst_uri = {s = 0x0, len = 0}, ruri_q = -1, ruri_bflags = 0, force_send_socket = 0x7f172cb76f68, path_vec = {s = 0x0, len = 0}, parsed_uri_ok = 0, 
          parsed_uri = {user = {s = 0x7f172cc00944 "", len = 4}, passwd = {s = 0x0, len = 0}, host = {s = 0x7f172cc00949 "", len = 11}, port = {s = 0x7f172cc00955 "", len = 4}, params = {
              s = 0x7f172cc0095a "", len = 47}, headers = {s = 0x0, len = 0}, port_no = 5060, proto = 1, type = SIP_URI_T, transport = {s = 0x7f172cc0095a "", len = 13}, ttl = {s = 0x0, len = 0}, 
            user_param = {s = 0x0, len = 0}, maddr = {s = 0x0, len = 0}, method = {s = 0x0, len = 0}, lr = {s = 0x0, len = 0}, r2 = {s = 0x0, len = 0}, gr = {s = 0x0, len = 0}, transport_val = {
              s = 0x7f172cc00964 "", len = 3}, ttl_val = {s = 0x0, len = 0}, user_param_val = {s = 0x0, len = 0}, maddr_val = {s = 0x0, len = 0}, method_val = {s = 0x0, len = 0}, lr_val = {s = 0x0, 
              len = 0}, r2_val = {s = 0x0, len = 0}, gr_val = {s = 0x0, len = 0}, u_name = {{s = 0x7f172cc00968 "", len = 15}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, 
                len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}}, u_val = {{s = 0x7f172cc00978 "", len = 17}, {s = 0x0, len = 0}, {s = 0x0, 
                len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}}, u_params_no = 1}, 
          parsed_orig_ruri_ok = 0, parsed_orig_ruri = {user = {s = 0x0, len = 0}, passwd = {s = 0x0, len = 0}, host = {s = 0x0, len = 0}, port = {s = 0x0, len = 0}, params = {s = 0x0, len = 0}, headers = {
              s = 0x0, len = 0}, port_no = 0, proto = 0, type = ERROR_URI_T, transport = {s = 0x0, len = 0}, ttl = {s = 0x0, len = 0}, user_param = {s = 0x0, len = 0}, maddr = {s = 0x0, len = 0}, 
            method = {s = 0x0, len = 0}, lr = {s = 0x0, len = 0}, r2 = {s = 0x0, len = 0}, gr = {s = 0x0, len = 0}, transport_val = {s = 0x0, len = 0}, ttl_val = {s = 0x0, len = 0}, user_param_val = {
              s = 0x0, len = 0}, maddr_val = {s = 0x0, len = 0}, method_val = {s = 0x0, len = 0}, lr_val = {s = 0x0, len = 0}, r2_val = {s = 0x0, len = 0}, gr_val = {s = 0x0, len = 0}, u_name = {{s = 0x0, 
                len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, 
                len = 0}}, u_val = {{s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {s = 0x0, len = 0}, {
                s = 0x0, len = 0}, {s = 0x0, len = 0}}, u_params_no = 0}, add_rm = 0x7f17229ceb38, body_lumps = 0x0, reply_lump = 0x0, add_to_branch_s = '\000' <repeats 57 times>, add_to_branch_len = 0, 
          hash_index = 40394, flags = 348, msg_flags = 163872, set_global_address = {s = 0x0, len = 0}, set_global_port = {s = 0x0, len = 0}, msg_cb = 0x0}
#7  t_should_relay_response (Trans=Trans at entry=0x7f17229c2230, new_code=new_code at entry=486, branch=branch at entry=0, should_store=should_store at entry=0x7fff3f7098f0, 
    should_relay=should_relay at entry=0x7fff3f7098e0, cancel_bitmap=cancel_bitmap at entry=0x7fff3f7099f0, reply=reply at entry=0x7f172cbfdbb0) at t_reply.c:911
        branch_cnt = 1
        inv_through = 0
        do_cancel = <optimized out>
        __FUNCTION__ = "t_should_relay_response"
#8  0x00007f172c53608a in relay_reply (t=0x7f17229c2230, p_msg=0x7f172cbfdbb0, branch=0, msg_status=486, cancel_bitmap=0x7fff3f7099f0) at t_reply.c:1125
        relay = <optimized out>
        save_clone = <optimized out>
        buf = 0x0
        res_len = 0
        relayed_code = 0
        relayed_msg = 0x0
        bm = {to_tag_val = {s = 0x88e550 "\350j\267,\027\177", len = 743480754}}
        totag_retr = 0
        reply_status = <optimized out>
        uas_rb = <optimized out>
        cb_s = {s = 0x7f172cbfdbb0 "\034", len = 0}
        text = {s = 0x614b62344768397a <Address 0x614b62344768397a out of bounds>, len = 1}
        __FUNCTION__ = "relay_reply"
#9  0x00007f172c5399d2 in reply_received (p_msg=0x7f172cbfdbb0) at t_reply.c:1505
        msg_status = 486
        last_uac_status = 180
        branch = 0
        reply_status = <optimized out>
        timer = <optimized out>
        cancel_bitmap = 0
        uac = 0x7f17229c2408
        t = 0x7f17229c2230
        backup_list = <optimized out>
        has_reply_route = <optimized out>
        __FUNCTION__ = "reply_received"
#10 0x00000000004417d0 in forward_reply (msg=msg at entry=0x7f172cbfdbb0) at forward.c:516
        new_buf = 0x0
        to = 0x0
        new_len = <optimized out>
        mod = 0x7f172cb77428
        proto = <optimized out>
        id = 0
        send_sock = <optimized out>
        s = <optimized out>
        len = <optimized out>
        __FUNCTION__ = "forward_reply"
#11 0x000000000049a202 in receive_msg (
    buf=0x87ace0 "SIP/2.0 486 Busy here\r\nCSeq: 77150027 INVITE\r\nCall-ID: e3166206-9373-1233-7682-0800275a62ce\r\nFrom: \"2008\" <sip:2008 at pbx.sourcevox.com>;tag=94988e1Z06Zvc\r\nTo: <sip:2010 at 10.15.20.160:5060>;tag=b9e8ce3a\r"..., len=<optimized out>, rcv_info=rcv_info at entry=0x7fff3f709bd0) at receive.c:243
        ctx = 0x7f172cbfd8c8
        msg = 0x7f172cbfdbb0
        start = {tv_sec = 139737341308560, tv_usec = 139737420576943}
        rc = 3
        tmp = 0x7f172299d3b8 "\006"
        in_buff = {
          s = 0x87ace0 "SIP/2.0 486 Busy here\r\nCSeq: 77150027 INVITE\r\nCall-ID: e3166206-9373-1233-7682-0800275a62ce\r\nFrom: \"2008\" <sip:2008 at pbx.sourcevox.com>;tag=94988e1Z06Zvc\r\nTo: <sip:2010 at 10.15.20.160:5060>;tag=b9e8ce3a\r"..., len = 416}
        __FUNCTION__ = "receive_msg"
#12 0x00000000005b7a0f in udp_read_req (si=<optimized out>, bytes_read=<optimized out>) at net/proto_udp/proto_udp.c:190
        ri = {src_ip = {af = 2, len = 4, u = {addrl = {890507018, 139737341307880}, addr32 = {890507018, 0, 580332520, 32535}, addr16 = {3850, 13588, 0, 0, 11240, 8855, 32535, 0}, 
              addr = "\n\017\024\065\000\000\000\000\350+\227\"\027\177\000"}}, dst_ip = {af = 2, len = 4, u = {addrl = {2685669130, 0}, addr32 = {2685669130, 0, 0, 0}, addr16 = {3850, 40980, 0, 0, 0, 0, 
                0, 0}, addr = "\n\017\024\240", '\000' <repeats 11 times>}}, src_port = 5060, dst_port = 5060, proto = 1, proto_reserved1 = 0, proto_reserved2 = 0, src_su = {s = {sa_family = 2, 
              sa_data = "\023\304\n\017\024\065\000\000\000\000\000\000\000"}, sin = {sin_family = 2, sin_port = 50195, sin_addr = {s_addr = 890507018}, sin_zero = "\000\000\000\000\000\000\000"}, sin6 = {
              sin6_family = 2, sin6_port = 50195, sin6_flowinfo = 890507018, sin6_addr = {__in6_u = {__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 
                    0}}}, sin6_scope_id = 5133270}}, bind_address = 0x7f172cb76f68}
        len = <optimized out>
        buf = "SIP/2.0 486 Busy here\r\nCSeq: 77150027 INVITE\r\nCall-ID: e3166206-9373-1233-7682-0800275a62ce\r\nFrom: \"2008\" <sip:2008 at pbx.sourcevox.com>;tag=94988e1Z06Zvc\r\nTo: <sip:2010 at 10.15.20.160:5060>;tag=b9e8ce3a\r"...
        tmp = 0x2 <Address 0x2 out of bounds>
        fromlen = 16
        p = <optimized out>
        msg = {
          s = 0x87ace0 "SIP/2.0 486 Busy here\r\nCSeq: 77150027 INVITE\r\nCall-ID: e3166206-9373-1233-7682-0800275a62ce\r\nFrom: \"2008\" <sip:2008 at pbx.sourcevox.com>;tag=94988e1Z06Zvc\r\nTo: <sip:2010 at 10.15.20.160:5060>;tag=b9e8ce3a\r"..., len = 416}
        __FUNCTION__ = "udp_read_req"
#13 0x00000000005a8751 in handle_io (fm=<optimized out>, idx=<optimized out>, event_type=<optimized out>) at net/net_udp.c:259
        read = 0
#14 handle_io (fm=<optimized out>, idx=<optimized out>, event_type=<optimized out>) at net/net_udp.c:286
No locals.
#15 io_wait_loop_epoll (h=<optimized out>, t=<optimized out>, repeat=<optimized out>) at net/../io_wait_loop.h:190
        ret = <optimized out>
        n = 1
        r = 0
        e = <optimized out>
#16 udp_rcv_loop (si=si at entry=0x7f172cb76f68) at net/net_udp.c:307
        __FUNCTION__ = "udp_rcv_loop"
#17 0x00000000005aa63c in udp_start_processes (chd_rank=chd_rank at entry=0x83db24, startup_done=startup_done at entry=0x0) at net/net_udp.c:434
        si = 0x7f172cb76f68
        load_p = 0x7f17229a95b0
        pid = <optimized out>
        i = <optimized out>
        __FUNCTION__ = "udp_start_processes"
#18 0x000000000041ae97 in main_loop () at main.c:717
        startup_done = 0x0
        chd_rank = 4
#19 main (argc=<optimized out>, argv=<optimized out>) at main.c:1248
        cfg_log_stderr = <optimized out>
        cfg_stream = <optimized out>
        c = <optimized out>
        r = 0
        tmp = 0x7fff3f70a749 ""
        tmp_len = <optimized out>
        port = <optimized out>
        proto = <optimized out>
        options = 0x5d03a8 "f:cCm:M:b:l:n:N:rRvdDFETSVhw:t:u:g:P:G:W:o:"
        seed = 2731643305
        rfd = <optimized out>
        __FUNCTION__ = "main"
(gdb) quit
```

---
Reply to this email directly or view it on GitHub:
https://github.com/OpenSIPS/opensips/issues/559
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/devel/attachments/20150622/7b144e00/attachment-0001.htm>


More information about the Devel mailing list