#345 RLS crash with big bodies



I justed tested and RLS and PS with large bodies (~ 5KB). It seems like opensips crashes when the timer process triggers RLS aggregation:

# opensipsctl ps
Process:: ID=0 PID=25456 Type=attendant
Process:: ID=1 PID=25457 Type=MI FIFO
Process:: ID=2 PID=25458 Type=SIP receiver udp:
Process:: ID=3 PID=25459 Type=SIP receiver udp:
Process:: ID=4 PID=25460 Type=SIP receiver udp:
Process:: ID=5 PID=25461 Type=SIP receiver udp:
Process:: ID=6 PID=25465 Type=time_keeper
Process:: ID=7 PID=25467 Type=timer
Process:: ID=8 PID=25469 Type=TCP receiver
Process:: ID=9 PID=25471 Type=TCP receiver
Process:: ID=10 PID=25475 Type=TCP receiver
Process:: ID=11 PID=25477 Type=TCP receiver
Process:: ID=12 PID=25480 Type=TCP main

Jan 28 17:24:00 kernel: [2189846.371004] opensips[25467]: segfault at 78787878 ip 080ca3bf sp bfba4c10 error 6 in opensips[8048000+e8000]
Jan 28 17:24:00 opensips[25480]: CRITICAL:core:receive_fd: EOF on 13
Jan 28 17:24:00 opensips[25456]: INFO:core:handle_sigs: child process 25467 exited by a signal 11
Jan 28 17:24:00 opensips[25456]: INFO:core:handle_sigs: core was generated
Jan 28 17:24:00 opensips[25456]: INFO:core:handle_sigs: terminating due to SIGCHLD

#0 0x080ca3bf in fm_remove_free (qm=0x816fa60, size=6080) at mem/f_malloc.c:172
172 *pf=n->u.nxt_free;
(gdb) bt
#0 0x080ca3bf in fm_remove_free (qm=0x816fa60, size=6080) at mem/f_malloc.c:172
#1 fm_malloc (qm=0x816fa60, size=6080) at mem/f_malloc.c:378
#2 0xb705fac7 in agg_body_sendn_update (rl_uri=0xb31ffc94, bstr=..., rlmi_body=0xbfba4dcc, multipart_body=0xbfba4dc4,
subs=0xb31ffc94, hash_code=0) at notify.c:242
#3 0xb7064ab4 in timer_send_notify (ticks=340, param=0x0) at resource_notify.c:748
#4 0x080b8ecf in timer_ticker () at timer.c:325
#5 run_timer_process () at timer.c:395
#6 start_timer_processes () at timer.c:475
#7 0x0806b4c2 in main_loop (argc=9, argv=0xbfba4fa4) at main.c:873
#8 main (argc=9, argv=0xbfba4fa4) at main.c:1393


  • Anca Vamanu

    Anca Vamanu - 2011-02-10
    • assigned_to: nobody --> anca_vamanu
  • Bogdan-Andrei Iancu

    • status: open --> closed-out-of-date
    • Group: --> 1.4.x

