Hi,<br><br>yes, you're totally right, we got the core in other server and I though the fix was included in the code we compiled in this server, but it wasn't. My fault.<br><br>Now, a very recent copy of the 3.1 git branch is running, Daniel's patch is included. I'll keep you informed but it should go fine.<br>
<br>Thanks, and sorry for the misunderstanding, <br><br>Regards,<br>Anton<br><br><br><br><div class="gmail_quote">2011/5/13 Timo Reimann <span dir="ltr"><<a href="mailto:timo.reimann@1und1.de">timo.reimann@1und1.de</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">Hey,<br>
<div><div></div><div class="h5"><br>
<br>
On 13.05.2011 11:11, Timo Reimann wrote:<br>
> On 12.05.2011 15:55, Anton Roman wrote:<br>
>> my answer is inline:<br>
>><br>
>> 2011/5/12 Timo Reimann <<a href="mailto:timo.reimann@1und1.de">timo.reimann@1und1.de</a><br>
>> <mailto:<a href="mailto:timo.reimann@1und1.de">timo.reimann@1und1.de</a>>><br>
>> As to the reason of the segfault, the dialog structure or hash table may<br>
>> already be gone when unref_dlg() is called. Can you go to stack #0 and<br>
>> tell us what the value of each of the following data structures is (use<br>
>> "p <data structure> in gdb):<br>
>><br>
>> *dlg<br>
>> d_table<br>
>> d_table->entries<br>
>><br>
>><br>
>> Here you have:<br>
>><br>
>> (gdb) p *dlg<br>
>> $1 = {ref = 793790803, next = 0xa0d4b4f20303032, prev =<br>
>> 0x504953203a616956, h_id = 808333871, h_entry = 1346655535, state =<br>
>> 775174432,<br>
>> lifetime = 841888562, start_ts = 892219952, dflags = 808794678, sflags<br>
>> = 1648046134, toroute = 1668178290, toroute_name = {<br>
>> s = 0x62344768397a3d68 <Address 0x62344768397a3d68 out of bounds>,<br>
>> len = 946221643}, from_rr_nb = 1886534457, tl = {<br>
>> next = 0x72460a0d30363035, prev = 0x6f6e4122203a6d6f, timeout =<br>
>> 1869445486}, callid = {<br>
>> s = 0x6f6e613a7069733c <Address 0x6f6e613a7069733c out of bounds>,<br>
>> len = 1869445486}, from_uri = {<br>
>> s = 0x3230322e33322e34 <Address 0x3230322e33322e34 out of bounds>,<br>
>> len = 1043739950}, to_uri = {<br>
><br>
> [...]<br>
><br>
> As I suspected, your dialog seems outdated already: The reference count<br>
> is 793790803, and the Call-ID is supposed to have a rough 2 billions<br>
> characters. That's what I call unique. :)<br>
><br>
> I could ask you for more details on the dump but it'd probably be<br>
> easiest if I could take a direct (gdb-)look at it. Would you mind<br>
> sending it to me in private (i.e., no CC to the mailing list) to the<br>
> address I am writing from?<br>
<br>
</div></div>I (and Marius -- credits!) digged through your coredump and found a few<br>
curiosities. Before I bug you with the details, let me just say this:<br>
There might be something wrong the dialog reference counter that<br>
determines when a dialog is a to be removed from the hash table. In<br>
fact, your call stack indicates that an unreference operation was<br>
attempted on a hash table which looks empty:<br>
<br>
(gdb) frame 0<br>
<div class="im">#0 unref_dlg (dlg=0x7f08a9f67da8, cnt=1) at dlg_hash.c:598<br>
</div>598 dlg_lock( d_table, d_entry);<br>
<div class="im">(gdb) p *d_table->entries<br>
</div>$53 = {first = 0x0, last = 0x0, next_id = 1124074261, lock_idx = 0}<br>
<br>
<br>
Looking through the mailing-list archive, I noticed you brought<br>
attention to another reference counter-related bug which Daniel provided<br>
a fix for with commit 2c28a251a. Since you reported that no more issues<br>
appeared with that fixed version, I just backported the patch into 3.1.<br>
However, I can see from your core dump that you are not using a Kamailio<br>
version that includes the fix.<br>
<br>
Before we continue with any bug hunting, could you try a version of<br>
Kamailio that comes with Daniel's "safer unref of terminated dialogs"<br>
patch? This can be master branch copy or a recent copy of the 3.1 git<br>
branch. I'd suggest the latter so we can ensure that no bleeding-edge<br>
features added to the dialog module distort our analysis.<br>
<br>
Thanks and<br>
<br>
<br>
Cheers,<br>
<font color="#888888"><br>
--Timo<br>
</font></blockquote></div><br>