[sr-dev] [kamailio] kamailio 4.3 crash in update_dialog_vars_dbinfo (#301)
MayamaTakeshi
notifications at github.com
Fri Aug 28 00:55:50 CEST 2015
Here's what I got using 3 VMs:
1) CentOS6.6, 1CPU, 1GB, kamailio 4.3 commit 48d78ce87e2f42bdc77e688a0f45ff725ea97de5:
Crashed in update_dialog_vars_dbinfo
2) CentOS6.6, 1CPU, 2GB, kamailio 4.3 commit 48d78ce87e2f42bdc77e688a0f45ff725ea97de5
Crashed in update_dialog_vars_dbinfo generating 2 core files
3) CentOS6.7, 1CPU, 512GB, kamailio 4.4 commit 8d8e1b957d9461d80b15b8e52464322a4e2b5fb1
Crashed in update_dialog_vars_dbinfo
In all crashes, var is always set to 0x3433.
Here are full results applying the commands you passed before:
```
1) CentOS6.6, 1CPU, 1GB, kamailio 4.3 commit 48d78ce87e2f42bdc77e688a0f45ff725ea97de5
Core was generated by `/usr/local/src/git/kamailio-4.3/kamailio -m 512 -M 16 -P /var/run/kamailio.pid'.
Program terminated with signal 11, Segmentation fault.
#0 0x00007f125df5b9da in update_dialog_vars_dbinfo (cell=0x7f123a855bf8, var=0x3433) at dlg_db_handler.c:651
651 SET_STR_VALUE(values+2, var->key);
Missing separate debuginfos, use: debuginfo-install bzip2-libs-1.0.5-7.el6_0.x86_64 db4-4.7.25-19.el6_6.x86_64 elfutils-libelf-0.161-3.el6.x86_64 glibc-2.12-1.166.el6_7.1.x86_64 keyutils-libs-1.4-5.el6.x86_64 krb5-libs-1.10.3-42.el6.x86_64 libacl-2.2.49-6.el6.x86_64 libattr-2.4.44-7.el6.x86_64 libcap-2.16-5.5.el6.x86_64 libcom_err-1.41.12-22.el6.x86_64 libgcc-4.4.7-16.el6.x86_64 libselinux-2.0.94-5.8.el6.x86_64 lm_sensors-libs-3.1.1-17.el6.x86_64 lua-5.1.4-4.1.el6.x86_64 mysql-libs-5.1.73-5.el6_6.x86_64 net-snmp-libs-5.5-54.el6_7.1.x86_64 nspr-4.10.8-1.el6_6.x86_64 nss-3.19.1-3.el6_6.x86_64 nss-softokn-freebl-3.14.3-22.el6_6.x86_64 nss-util-3.19.1-1.el6_6.x86_64 openssl-1.0.1e-42.el6.x86_64 pcre-7.8-7.el6.x86_64 perl-libs-5.10.1-141.el6.x86_64 popt-1.13-7.el6.x86_64 rpm-libs-4.8.0-47.el6.x86_64 tcp_wrappers-libs-7.6-57.el6.x86_64 xz-libs-4.999.9-0.5.beta.20091007git.el6.x86_64 zlib-1.2.3-29.el6.x86_64
(gdb) bt
#0 0x00007f125df5b9da in update_dialog_vars_dbinfo (cell=0x7f123a855bf8, var=0x3433) at dlg_db_handler.c:651
#1 0x00007f125df5c511 in update_dialog_dbinfo_unsafe (cell=0x7f123a855bf8) at dlg_db_handler.c:718
#2 0x00007f125df5dafc in update_dialog_dbinfo (cell=0x7f123a855bf8) at dlg_db_handler.c:861
#3 0x00007f125df9d3dc in set_dlg_variable (dlg=0x7f123a855bf8, key=0x7f125ea9c760, val=0x7fffbab27030) at dlg_var.c:305
#4 0x00007f125e87aa9c in set_start_time (dialog=0x7f123a855bf8) at acc_cdr.c:523
#5 0x00007f125e880932 in cdr_on_create (dialog=0x7f123a855bf8, type=2, params=0x7f125e1be0a0) at acc_cdr.c:790
#6 0x00007f125df4c398 in run_create_callbacks (dlg=0x7f123a855bf8, msg=0x7f1261235dd8) at dlg_cb.c:230
#7 0x00007f125df66590 in dlg_new_dialog (req=0x7f1261235dd8, t=0x7f123ab55958, run_initial_cbs=1) at dlg_handlers.c:865
#8 0x00007f125df65006 in dlg_onreq (t=0x7f123ab55958, type=1, param=0x7f1260fd6760) at dlg_handlers.c:717
#9 0x00007f1260d1ac3a in run_reqin_callbacks_internal (hl=0x7f12399bb480, trans=0x7f123ab55958, params=0x7f1260fd6760) at t_hooks.c:360
#10 0x00007f1260d1ad48 in run_reqin_callbacks (trans=0x7f123ab55958, req=0x7f1261235dd8, code=1) at t_hooks.c:385
#11 0x00007f1260cdbb58 in build_cell (p_msg=0x7f1261235dd8) at h_table.c:356
#12 0x00007f1260d2c283 in new_t (p_msg=0x7f1261235dd8) at t_lookup.c:1269
#13 0x00007f1260d2d4b3 in t_newtran (p_msg=0x7f1261235dd8) at t_lookup.c:1409
#14 0x00007f1260d01e9c in t_relay_to (p_msg=0x7f1261235dd8, proxy=0x0, proto=0, replicate=0) at t_funcs.c:236
#15 0x00007f1260d40bbb in _w_t_relay_to (p_msg=0x7f1261235dd8, proxy=0x0, force_proto=0) at tm.c:1476
#16 0x00007f1260d41d20 in w_t_relay (p_msg=0x7f1261235dd8, _foo=0x0, _bar=0x0) at tm.c:1677
#17 0x000000000041ddad in do_action (h=0x7fffbab27e50, a=0x7f12610e5f60, msg=0x7f1261235dd8) at action.c:1053
#18 0x000000000042a4c3 in run_actions (h=0x7fffbab27e50, a=0x7f12610e5f60, msg=0x7f1261235dd8) at action.c:1548
#19 0x000000000042ab28 in run_actions_safe (h=0x7fffbab28a70, a=0x7f12610e5f60, msg=0x7f1261235dd8) at action.c:1613
#20 0x0000000000543c94 in rval_get_int (h=0x7fffbab28a70, msg=0x7f1261235dd8, i=0x7fffbab28328, rv=0x7f12610e65b0, cache=0x0) at rvalue.c:912
#21 0x0000000000547ecc in rval_expr_eval_int (h=0x7fffbab28a70, msg=0x7f1261235dd8, res=0x7fffbab28328, rve=0x7f12610e65a8) at rvalue.c:1906
#22 0x00000000005482c2 in rval_expr_eval_int (h=0x7fffbab28a70, msg=0x7f1261235dd8, res=0x7fffbab287b0, rve=0x7f12610e6ca8) at rvalue.c:1914
#23 0x000000000041d897 in do_action (h=0x7fffbab28a70, a=0x7f12610e6258, msg=0x7f1261235dd8) at action.c:1029
#24 0x000000000042a4c3 in run_actions (h=0x7fffbab28a70, a=0x7f1261029308, msg=0x7f1261235dd8) at action.c:1548
#25 0x000000000042abf0 in run_top_route (a=0x7f1261029308, msg=0x7f1261235dd8, c=0x0) at action.c:1634
#26 0x000000000050a938 in receive_msg (
buf=0xa6fee0 "INVITE sip:09011112222 at 192.168.2.183:5060 SIP/2.0\r\nVia: SIP/2.0/UDP 192.168.0.184:5010;rport;branch=z9hG4bK-11917-63211-4\r\nFrom: \"user1\" <sip:user1 at test1.com>;tag=11917SIPpTag0063211\r\nTo: <sip:0901111"..., len=944, rcv_info=0x7fffbab28d60) at receive.c:196
#27 0x000000000060a3ea in udp_rcv_loop () at udp_server.c:495
#28 0x00000000004a7ef7 in main_loop () at main.c:1573
#29 0x00000000004ae2d2 in main (argc=7, argv=0x7fffbab29198) at main.c:2533
(gdb) frame 0
#0 0x00007f125df5b9da in update_dialog_vars_dbinfo (cell=0x7f123a855bf8, var=0x3433) at dlg_db_handler.c:651
651 SET_STR_VALUE(values+2, var->key);
(gdb) p *cell
$1 = {ref = 1, next = 0x0, prev = 0x0, h_id = 6815, h_entry = 2610, state = 1, lifetime = 10800, init_ts = 1440663325, start_ts = 0, dflags = 0, iflags = 0, sflags = 0, toroute = 0, toroute_name = {
s = 0x0, len = 0}, from_rr_nb = 0, tl = {next = 0x0, prev = 0x0, timeout = 0}, callid = {
s = 0x7f123a855d58 "63211-11917 at 192.168.0.184sip:user1 at test1.comsip:09011112222 at 192.168.2.183:5060sip:09011112222 at 192.168.2.184:5030\b\002", len = 25}, from_uri = {
s = 0x7f123a855d71 "sip:user1 at test1.comsip:09011112222 at 192.168.2.183:5060sip:09011112222 at 192.168.2.184:5030\b\002", len = 19}, to_uri = {
s = 0x7f123a855d84 "sip:09011112222 at 192.168.2.183:5060sip:09011112222 at 192.168.2.184:5030\b\002", len = 34}, req_uri = {s = 0x7f123a855da6 "sip:09011112222 at 192.168.2.184:5030\b\002", len = 34}, tag = {
{s = 0x7f123ac9d580 "11917SIPpTag0063211sip:user1 at 192.168.2.50:5010", len = 19}, {s = 0x0, len = 0}}, cseq = {{s = 0x7f123a4c7360 "802r1\n", len = 3}, {s = 0x0, len = 0}}, route_set = {{s = 0x0,
len = 0}, {s = 0x0, len = 0}}, contact = {{s = 0x7f123ac9d593 "sip:user1 at 192.168.2.50:5010", len = 27}, {s = 0x0, len = 0}}, bind_addr = {0x7f1261008730, 0x0}, cbs = {first = 0x7f123a69fa08,
types = 41172}, profile_links = 0x7f123a78f7d8, vars = 0x7f123a600c78}
(gdb) p *cell->vars
$2 = {key = {s = 0x7f123a4d1d98 "answer_time", len = 11}, value = {s = 0x7f123aa2bbd0 "1440663325.614", len = 14}, vflags = 0, next = 0x7f123a4ca800}
(gdb) set $p=cell->vars->next
(gdb) while ($p != 0)
>p *$p
>set $p=$p->next
>end
$3 = {key = {s = 0x7f123a5c7760 "calling_number", len = 14}, value = {s = 0x7f123a4a9cb8 "0312341234mber", len = 10}, vflags = 0, next = 0x7f123a565978}
$4 = {key = {s = 0x7f123a3dd708 "destination", len = 11}, value = {s = 0x7f123a55aef8 "09011112222in", len = 11}, vflags = 0, next = 0x7f123a385dc8}
$5 = {key = {s = 0x7f123ac919e0 "caller_username", len = 15}, value = {s = 0x7f123a7758b0 "user1", len = 5}, vflags = 0, next = 0x7f123a828b98}
$6 = {key = {s = 0x7f123a59aa40 "caller_domain", len = 13}, value = {s = 0x7f123a48ca80 "test1.comon", len = 9}, vflags = 0, next = 0x7f123a585f38}
$7 = {key = {s = 0x7f123a3c35f0 "start_time", len = 10}, value = {s = 0x7f123a874098 "2015-08-27 17:15:27", len = 19}, vflags = 0, next = 0x0}
(gdb) p process_no
$8 = 1
(gdb) p pt[process_no]
$9 = {pid = 1947, unix_sock = 12, idx = -1, desc = "udp receiver child=0 sock=192.168.2.183:5060", '\000' <repeats 83 times>}
==========================================================================
2) CentOS6.6, 1CPU, 2GB, kamailio 4.3 commit 48d78ce87e2f42bdc77e688a0f45ff725ea97de5
Two core files generated:
[root at lab002185-flip-server kamailio-4.3]# ls -l /core.534*
-rw------- 1 root root 1095712768 8月 27 16:39 2015 /core.5341
-rw------- 1 root root 1095712768 8月 27 16:39 2015 /core.5342
[root at lab002185-flip-server kamailio-4.3]# diff /core.534*
Binary files /core.5341 and /core.5342 differ
/core.5341:
Core was generated by `/usr/local/src/git/kamailio-4.3/kamailio -m 1024 -M 16 -P /var/run/kamailio.pid'.
Program terminated with signal 11, Segmentation fault.
#0 0x00007fa7cdfa59da in update_dialog_vars_dbinfo (cell=0x7fa78abf06d0, var=0x3433) at dlg_db_handler.c:651
651 SET_STR_VALUE(values+2, var->key);
Missing separate debuginfos, use: debuginfo-install bzip2-libs-1.0.5-7.el6_0.x86_64 db4-4.7.25-19.el6_6.x86_64 elfutils-libelf-0.161-3.el6.x86_64 glibc-2.12-1.166.el6_7.1.x86_64 keyutils-libs-1.4-5.el6.x86_64 krb5-libs-1.10.3-42.el6.x86_64 libacl-2.2.49-6.el6.x86_64 libattr-2.4.44-7.el6.x86_64 libcap-2.16-5.5.el6.x86_64 libcom_err-1.41.12-22.el6.x86_64 libgcc-4.4.7-16.el6.x86_64 libselinux-2.0.94-5.8.el6.x86_64 lm_sensors-libs-3.1.1-17.el6.x86_64 lua-5.1.4-4.1.el6.x86_64 mysql-libs-5.1.73-5.el6_6.x86_64 net-snmp-libs-5.5-54.el6_7.1.x86_64 nspr-4.10.8-1.el6_6.x86_64 nss-3.19.1-3.el6_6.x86_64 nss-softokn-freebl-3.14.3-22.el6_6.x86_64 nss-util-3.19.1-1.el6_6.x86_64 openssl-1.0.1e-42.el6.x86_64 pcre-7.8-7.el6.x86_64 perl-libs-5.10.1-141.el6.x86_64 popt-1.13-7.el6.x86_64 rpm-libs-4.8.0-47.el6.x86_64 tcp_wrappers-libs-7.6-57.el6.x86_64 xz-libs-4.999.9-0.5.beta.20091007git.el6.x86_64 zlib-1.2.3-29.el6.x86_64
(gdb) bt
#0 0x00007fa7cdfa59da in update_dialog_vars_dbinfo (cell=0x7fa78abf06d0, var=0x3433) at dlg_db_handler.c:651
#1 0x00007fa7cdfa6511 in update_dialog_dbinfo_unsafe (cell=0x7fa78abf06d0) at dlg_db_handler.c:718
#2 0x00007fa7cdfa7afc in update_dialog_dbinfo (cell=0x7fa78abf06d0) at dlg_db_handler.c:861
#3 0x00007fa7cdfe73dc in set_dlg_variable (dlg=0x7fa78abf06d0, key=0x7fa7ceae6760, val=0x7ffc91e90910) at dlg_var.c:305
#4 0x00007fa7ce8c4a9c in set_start_time (dialog=0x7fa78abf06d0) at acc_cdr.c:523
#5 0x00007fa7ce8ca932 in cdr_on_create (dialog=0x7fa78abf06d0, type=2, params=0x7fa7ce2080a0) at acc_cdr.c:790
#6 0x00007fa7cdf96398 in run_create_callbacks (dlg=0x7fa78abf06d0, msg=0x7fa7d1280850) at dlg_cb.c:230
#7 0x00007fa7cdfb0590 in dlg_new_dialog (req=0x7fa7d1280850, t=0x7fa78a5e81e8, run_initial_cbs=1) at dlg_handlers.c:865
#8 0x00007fa7cdfaf006 in dlg_onreq (t=0x7fa78a5e81e8, type=1, param=0x7fa7d1020760) at dlg_handlers.c:717
#9 0x00007fa7d0d64c3a in run_reqin_callbacks_internal (hl=0x7fa789a19480, trans=0x7fa78a5e81e8, params=0x7fa7d1020760) at t_hooks.c:360
#10 0x00007fa7d0d64d48 in run_reqin_callbacks (trans=0x7fa78a5e81e8, req=0x7fa7d1280850, code=1) at t_hooks.c:385
#11 0x00007fa7d0d25b58 in build_cell (p_msg=0x7fa7d1280850) at h_table.c:356
#12 0x00007fa7d0d76283 in new_t (p_msg=0x7fa7d1280850) at t_lookup.c:1269
#13 0x00007fa7d0d774b3 in t_newtran (p_msg=0x7fa7d1280850) at t_lookup.c:1409
#14 0x00007fa7d0d4be9c in t_relay_to (p_msg=0x7fa7d1280850, proxy=0x0, proto=0, replicate=0) at t_funcs.c:236
#15 0x00007fa7d0d8abbb in _w_t_relay_to (p_msg=0x7fa7d1280850, proxy=0x0, force_proto=0) at tm.c:1476
#16 0x00007fa7d0d8bd20 in w_t_relay (p_msg=0x7fa7d1280850, _foo=0x0, _bar=0x0) at tm.c:1677
#17 0x000000000041ddad in do_action (h=0x7ffc91e91730, a=0x7fa7d112a9b8, msg=0x7fa7d1280850) at action.c:1053
#18 0x000000000042a4c3 in run_actions (h=0x7ffc91e91730, a=0x7fa7d112a9b8, msg=0x7fa7d1280850) at action.c:1548
#19 0x000000000042ab28 in run_actions_safe (h=0x7ffc91e92350, a=0x7fa7d112a9b8, msg=0x7fa7d1280850) at action.c:1613
#20 0x0000000000543c94 in rval_get_int (h=0x7ffc91e92350, msg=0x7fa7d1280850, i=0x7ffc91e91c08, rv=0x7fa7d112b008, cache=0x0) at rvalue.c:912
#21 0x0000000000547ecc in rval_expr_eval_int (h=0x7ffc91e92350, msg=0x7fa7d1280850, res=0x7ffc91e91c08, rve=0x7fa7d112b000) at rvalue.c:1906
#22 0x00000000005482c2 in rval_expr_eval_int (h=0x7ffc91e92350, msg=0x7fa7d1280850, res=0x7ffc91e92090, rve=0x7fa7d112b700) at rvalue.c:1914
#23 0x000000000041d897 in do_action (h=0x7ffc91e92350, a=0x7fa7d112acb0, msg=0x7fa7d1280850) at action.c:1029
#24 0x000000000042a4c3 in run_actions (h=0x7ffc91e92350, a=0x7fa7d1073308, msg=0x7fa7d1280850) at action.c:1548
#25 0x000000000042abf0 in run_top_route (a=0x7fa7d1073308, msg=0x7fa7d1280850, c=0x0) at action.c:1634
#26 0x000000000050a938 in receive_msg (
buf=0xa6fee0 "INVITE sip:09011112222 at 192.168.2.185:5060 SIP/2.0\r\nVia: SIP/2.0/UDP 192.168.0.186:5010;rport;branch=z9hG4bK-16716-21895-4\r\nFrom: \"user1\" <sip:user1 at test1.com>;tag=16716SIPpTag0021895\r\nTo: <sip:0901111"..., len=944, rcv_info=0x7ffc91e92640) at receive.c:196
#27 0x000000000060a3ea in udp_rcv_loop () at udp_server.c:495
#28 0x00000000004a7ef7 in main_loop () at main.c:1573
#29 0x00000000004ae2d2 in main (argc=7, argv=0x7ffc91e92a78) at main.c:2533
(gdb) frame 0
#0 0x00007fa7cdfa59da in update_dialog_vars_dbinfo (cell=0x7fa78abf06d0, var=0x3433) at dlg_db_handler.c:651
651 SET_STR_VALUE(values+2, var->key);
(gdb) p *cell
$1 = {ref = 1, next = 0x0, prev = 0x0, h_id = 2258, h_entry = 2559, state = 1, lifetime = 10800, init_ts = 1440661168, start_ts = 0, dflags = 0, iflags = 0, sflags = 0, toroute = 0, toroute_name = {
s = 0x0, len = 0}, from_rr_nb = 0, tl = {next = 0x0, prev = 0x0, timeout = 0}, callid = {
s = 0x7fa78abf0830 "21895-16716 at 192.168.0.186sip:user1 at test1.comsip:09011112222 at 192.168.2.185:5060sip:09011112222 at 192.168.2.186:50300", len = 25}, from_uri = {
s = 0x7fa78abf0849 "sip:user1 at test1.comsip:09011112222 at 192.168.2.185:5060sip:09011112222 at 192.168.2.186:50300", len = 19}, to_uri = {
s = 0x7fa78abf085c "sip:09011112222 at 192.168.2.185:5060sip:09011112222 at 192.168.2.186:50300", len = 34}, req_uri = {s = 0x7fa78abf087e "sip:09011112222 at 192.168.2.186:50300", len = 34}, tag = {{
s = 0x7fa78a5e0970 "16716SIPpTag0021895sip:user1 at 192.168.2.50:5010", len = 19}, {s = 0x0, len = 0}}, cseq = {{s = 0x7fa78a3fe4e0 "80294\017", len = 3}, {s = 0x0, len = 0}}, route_set = {{s = 0x0,
len = 0}, {s = 0x0, len = 0}}, contact = {{s = 0x7fa78a5e0983 "sip:user1 at 192.168.2.50:5010", len = 27}, {s = 0x0, len = 0}}, bind_addr = {0x7fa7d1052730, 0x0}, cbs = {first = 0x7fa78a606488,
types = 41172}, profile_links = 0x7fa78a9df160, vars = 0x7fa78a58ce28}
(gdb) p *cell->vars
$2 = {key = {s = 0x7fa78a7cd658 "answer_time", len = 11}, value = {s = 0x7fa78a6ecb38 "1440661168.396e", len = 14}, vflags = 0, next = 0x7fa78a8b65b8}
(gdb) set $p=cell->vars->next
(gdb) while ($p != 0)
>p *$p
>set $p=$p->next
>end
$3 = {key = {s = 0x7fa78a5a6280 "calling_number", len = 14}, value = {s = 0x7fa78a8fed10 "0312341234mber", len = 10}, vflags = 0, next = 0x7fa78a6e7dc8}
$4 = {key = {s = 0x7fa78a96ec10 "destination", len = 11}, value = {s = 0x7fa78a48a060 "09011112222in", len = 11}, vflags = 0, next = 0x7fa78a4898f8}
$5 = {key = {s = 0x7fa78a7c2690 "caller_username", len = 15}, value = {s = 0x7fa78a600420 "user1\r", len = 5}, vflags = 0, next = 0x7fa78a6b9840}
$6 = {key = {s = 0x7fa78aa682b0 "caller_domain", len = 13}, value = {s = 0x7fa78abdfe48 "test1.comon", len = 9}, vflags = 0, next = 0x7fa78a8c6608}
$7 = {key = {s = 0x7fa78a3abaa0 "start_time", len = 10}, value = {s = 0x7fa78a8e4a78 "1440661168ain", len = 10}, vflags = 0, next = 0x0}
(gdb) p process_no
$8 = 3
(gdb) p pt[process_no]
$9 = {pid = 5341, unix_sock = 14, idx = -1, desc = "udp receiver child=2 sock=192.168.2.185:5060", '\000' <repeats 83 times>}
/core.5342:
Core was generated by `/usr/local/src/git/kamailio-4.3/kamailio -m 1024 -M 16 -P /var/run/kamailio.pid'.
Program terminated with signal 11, Segmentation fault.
#0 0x00007fa7cdfa59da in update_dialog_vars_dbinfo (cell=0x7fa78a7ec0a8, var=0x3433) at dlg_db_handler.c:651
651 SET_STR_VALUE(values+2, var->key);
Missing separate debuginfos, use: debuginfo-install bzip2-libs-1.0.5-7.el6_0.x86_64 db4-4.7.25-19.el6_6.x86_64 elfutils-libelf-0.161-3.el6.x86_64 glibc-2.12-1.166.el6_7.1.x86_64 keyutils-libs-1.4-5.el6.x86_64 krb5-libs-1.10.3-42.el6.x86_64 libacl-2.2.49-6.el6.x86_64 libattr-2.4.44-7.el6.x86_64 libcap-2.16-5.5.el6.x86_64 libcom_err-1.41.12-22.el6.x86_64 libgcc-4.4.7-16.el6.x86_64 libselinux-2.0.94-5.8.el6.x86_64 lm_sensors-libs-3.1.1-17.el6.x86_64 lua-5.1.4-4.1.el6.x86_64 mysql-libs-5.1.73-5.el6_6.x86_64 net-snmp-libs-5.5-54.el6_7.1.x86_64 nspr-4.10.8-1.el6_6.x86_64 nss-3.19.1-3.el6_6.x86_64 nss-softokn-freebl-3.14.3-22.el6_6.x86_64 nss-util-3.19.1-1.el6_6.x86_64 openssl-1.0.1e-42.el6.x86_64 pcre-7.8-7.el6.x86_64 perl-libs-5.10.1-141.el6.x86_64 popt-1.13-7.el6.x86_64 rpm-libs-4.8.0-47.el6.x86_64 tcp_wrappers-libs-7.6-57.el6.x86_64 xz-libs-4.999.9-0.5.beta.20091007git.el6.x86_64 zlib-1.2.3-29.el6.x86_64
(gdb) bt
#0 0x00007fa7cdfa59da in update_dialog_vars_dbinfo (cell=0x7fa78a7ec0a8, var=0x3433) at dlg_db_handler.c:651
#1 0x00007fa7cdfa6511 in update_dialog_dbinfo_unsafe (cell=0x7fa78a7ec0a8) at dlg_db_handler.c:718
#2 0x00007fa7cdfa7afc in update_dialog_dbinfo (cell=0x7fa78a7ec0a8) at dlg_db_handler.c:861
#3 0x00007fa7cdfe73dc in set_dlg_variable (dlg=0x7fa78a7ec0a8, key=0x7fa7ceae6760, val=0x7ffc91e90910) at dlg_var.c:305
#4 0x00007fa7ce8c4a9c in set_start_time (dialog=0x7fa78a7ec0a8) at acc_cdr.c:523
#5 0x00007fa7ce8ca932 in cdr_on_create (dialog=0x7fa78a7ec0a8, type=2, params=0x7fa7ce2080a0) at acc_cdr.c:790
#6 0x00007fa7cdf96398 in run_create_callbacks (dlg=0x7fa78a7ec0a8, msg=0x7fa7d1280850) at dlg_cb.c:230
#7 0x00007fa7cdfb0590 in dlg_new_dialog (req=0x7fa7d1280850, t=0x7fa78a740c60, run_initial_cbs=1) at dlg_handlers.c:865
#8 0x00007fa7cdfaf006 in dlg_onreq (t=0x7fa78a740c60, type=1, param=0x7fa7d1020760) at dlg_handlers.c:717
#9 0x00007fa7d0d64c3a in run_reqin_callbacks_internal (hl=0x7fa789a19480, trans=0x7fa78a740c60, params=0x7fa7d1020760) at t_hooks.c:360
#10 0x00007fa7d0d64d48 in run_reqin_callbacks (trans=0x7fa78a740c60, req=0x7fa7d1280850, code=1) at t_hooks.c:385
#11 0x00007fa7d0d25b58 in build_cell (p_msg=0x7fa7d1280850) at h_table.c:356
#12 0x00007fa7d0d76283 in new_t (p_msg=0x7fa7d1280850) at t_lookup.c:1269
#13 0x00007fa7d0d774b3 in t_newtran (p_msg=0x7fa7d1280850) at t_lookup.c:1409
#14 0x00007fa7d0d4be9c in t_relay_to (p_msg=0x7fa7d1280850, proxy=0x0, proto=0, replicate=0) at t_funcs.c:236
#15 0x00007fa7d0d8abbb in _w_t_relay_to (p_msg=0x7fa7d1280850, proxy=0x0, force_proto=0) at tm.c:1476
#16 0x00007fa7d0d8bd20 in w_t_relay (p_msg=0x7fa7d1280850, _foo=0x0, _bar=0x0) at tm.c:1677
#17 0x000000000041ddad in do_action (h=0x7ffc91e91730, a=0x7fa7d112a9b8, msg=0x7fa7d1280850) at action.c:1053
#18 0x000000000042a4c3 in run_actions (h=0x7ffc91e91730, a=0x7fa7d112a9b8, msg=0x7fa7d1280850) at action.c:1548
#19 0x000000000042ab28 in run_actions_safe (h=0x7ffc91e92350, a=0x7fa7d112a9b8, msg=0x7fa7d1280850) at action.c:1613
#20 0x0000000000543c94 in rval_get_int (h=0x7ffc91e92350, msg=0x7fa7d1280850, i=0x7ffc91e91c08, rv=0x7fa7d112b008, cache=0x0) at rvalue.c:912
#21 0x0000000000547ecc in rval_expr_eval_int (h=0x7ffc91e92350, msg=0x7fa7d1280850, res=0x7ffc91e91c08, rve=0x7fa7d112b000) at rvalue.c:1906
#22 0x00000000005482c2 in rval_expr_eval_int (h=0x7ffc91e92350, msg=0x7fa7d1280850, res=0x7ffc91e92090, rve=0x7fa7d112b700) at rvalue.c:1914
#23 0x000000000041d897 in do_action (h=0x7ffc91e92350, a=0x7fa7d112acb0, msg=0x7fa7d1280850) at action.c:1029
#24 0x000000000042a4c3 in run_actions (h=0x7ffc91e92350, a=0x7fa7d1073308, msg=0x7fa7d1280850) at action.c:1548
#25 0x000000000042abf0 in run_top_route (a=0x7fa7d1073308, msg=0x7fa7d1280850, c=0x0) at action.c:1634
#26 0x000000000050a938 in receive_msg (
buf=0xa6fee0 "INVITE sip:09011112222 at 192.168.2.185:5060 SIP/2.0\r\nVia: SIP/2.0/UDP 192.168.0.186:5010;rport;branch=z9hG4bK-16716-21896-4\r\nFrom: \"user1\" <sip:user1 at test1.com>;tag=16716SIPpTag0021896\r\nTo: <sip:0901111"..., len=944, rcv_info=0x7ffc91e92640) at receive.c:196
#27 0x000000000060a3ea in udp_rcv_loop () at udp_server.c:495
#28 0x00000000004a7ef7 in main_loop () at main.c:1573
#29 0x00000000004ae2d2 in main (argc=7, argv=0x7ffc91e92a78) at main.c:2533
(gdb) frame 0
#0 0x00007fa7cdfa59da in update_dialog_vars_dbinfo (cell=0x7fa78a7ec0a8, var=0x3433) at dlg_db_handler.c:651
651 SET_STR_VALUE(values+2, var->key);
(gdb) p *cell
$1 = {ref = 1, next = 0x0, prev = 0x0, h_id = 3538, h_entry = 250, state = 1, lifetime = 10800, init_ts = 1440661168, start_ts = 0, dflags = 0, iflags = 0, sflags = 0, toroute = 0, toroute_name = {
s = 0x0, len = 0}, from_rr_nb = 0, tl = {next = 0x0, prev = 0x0, timeout = 0}, callid = {
s = 0x7fa78a7ec208 "21896-16716 at 192.168.0.186sip:user1 at test1.comsip:09011112222 at 192.168.2.185:5060sip:09011112222 at 192.168.2.186:50300", len = 25}, from_uri = {
s = 0x7fa78a7ec221 "sip:user1 at test1.comsip:09011112222 at 192.168.2.185:5060sip:09011112222 at 192.168.2.186:50300", len = 19}, to_uri = {
s = 0x7fa78a7ec234 "sip:09011112222 at 192.168.2.185:5060sip:09011112222 at 192.168.2.186:50300", len = 34}, req_uri = {s = 0x7fa78a7ec256 "sip:09011112222 at 192.168.2.186:50300", len = 34}, tag = {{
s = 0x7fa78a842160 "16716SIPpTag0021896sip:user1 at 192.168.2.50:5010", len = 19}, {s = 0x0, len = 0}}, cseq = {{s = 0x7fa78a8de008 "802r1\002", len = 3}, {s = 0x0, len = 0}}, route_set = {{s = 0x0,
len = 0}, {s = 0x0, len = 0}}, contact = {{s = 0x7fa78a842173 "sip:user1 at 192.168.2.50:5010", len = 27}, {s = 0x0, len = 0}}, bind_addr = {0x7fa7d1052730, 0x0}, cbs = {first = 0x7fa78a6d6278,
types = 41172}, profile_links = 0x7fa78a863710, vars = 0x7fa78a9c9c30}
(gdb) p *cell->vars
$2 = {key = {s = 0x7fa78a3f4fa8 "answer_time", len = 11}, value = {s = 0x7fa78a555708 "1440661168.396e", len = 14}, vflags = 0, next = 0x7fa78abe6620}
(gdb) set $p=cell->vars->next
(gdb) while ($p != 0)
>p *$p
>set $p=$p->next
>end
$3 = {key = {s = 0x7fa78abe7020 "calling_number", len = 14}, value = {s = 0x7fa78a825460 "0312341234mber", len = 10}, vflags = 0, next = 0x7fa78aa4cd70}
$4 = {key = {s = 0x7fa78a533cb0 "destination", len = 11}, value = {s = 0x7fa78a574110 "09011112222in", len = 11}, vflags = 0, next = 0x7fa78a5163d0}
$5 = {key = {s = 0x7fa78a4ecaf0 "caller_username", len = 15}, value = {s = 0x7fa78a465758 "user1\002", len = 5}, vflags = 0, next = 0x7fa78a6bf620}
$6 = {key = {s = 0x7fa78aa68cb8 "caller_domain", len = 13}, value = {s = 0x7fa78a4e3d70 "test1.comon", len = 9}, vflags = 0, next = 0x7fa78a543e90}
$7 = {key = {s = 0x7fa78a4d20f8 "start_time", len = 10}, value = {s = 0x7fa78a905530 "1440661168.649", len = 10}, vflags = 0, next = 0x0}
(gdb) p process_no
$8 = 4
(gdb) p pt[process_no]
$9 = {pid = 5342, unix_sock = 15, idx = -1, desc = "udp receiver child=3 sock=192.168.2.185:5060", '\000' <repeats 83 times>}
==========================================================================
3) CentOS6.7, 1CPU, 512GB, kamailio 4.4 commit 8d8e1b957d9461d80b15b8e52464322a4e2b5fb1
Core was generated by `/usr/local/src/git/kamailio-devel/kamailio -m 256 -M 16 -P /var/run/kamailio.pi'.
Program terminated with signal 11, Segmentation fault.
#0 0x00007f711633b5ac in update_dialog_vars_dbinfo (cell=0x7f7100188c40, var=0x3433) at dlg_db_handler.c:652
652 SET_STR_VALUE(values+2, var->key);
Missing separate debuginfos, use: debuginfo-install bzip2-libs-1.0.5-7.el6_0.x86_64 db4-4.7.25-19.el6_6.x86_64 elfutils-libelf-0.161-3.el6.x86_64 glibc-2.12-1.166.el6_7.1.x86_64 keyutils-libs-1.4-5.el6.x86_64 krb5-libs-1.10.3-42.el6.x86_64 libacl-2.2.49-6.el6.x86_64 libattr-2.4.44-7.el6.x86_64 libcap-2.16-5.5.el6.x86_64 libcom_err-1.41.12-22.el6.x86_64 libgcc-4.4.7-16.el6.x86_64 libselinux-2.0.94-5.8.el6.x86_64 lm_sensors-libs-3.1.1-17.el6.x86_64 lua-5.1.4-4.1.el6.x86_64 mysql-libs-5.1.73-5.el6_6.x86_64 net-snmp-libs-5.5-54.el6_7.1.x86_64 nspr-4.10.8-1.el6_6.x86_64 nss-3.19.1-3.el6_6.x86_64 nss-softokn-freebl-3.14.3-22.el6_6.x86_64 nss-util-3.19.1-1.el6_6.x86_64 openssl-1.0.1e-42.el6.x86_64 pcre-7.8-7.el6.x86_64 perl-libs-5.10.1-141.el6.x86_64 popt-1.13-7.el6.x86_64 rpm-libs-4.8.0-47.el6.x86_64 tcp_wrappers-libs-7.6-57.el6.x86_64 xz-libs-4.999.9-0.5.beta.20091007git.el6.x86_64 zlib-1.2.3-29.el6.x86_64
(gdb) bt
#0 0x00007f711633b5ac in update_dialog_vars_dbinfo (cell=0x7f7100188c40, var=0x3433) at dlg_db_handler.c:652
#1 0x00007f711633c105 in update_dialog_dbinfo_unsafe (cell=0x7f7100188c40) at dlg_db_handler.c:719
#2 0x00007f711633d7ec in update_dialog_dbinfo (cell=0x7f7100188c40) at dlg_db_handler.c:866
#3 0x00007f71163808e3 in set_dlg_variable (dlg=0x7f7100188c40, key=0x7f7116e83900, val=0x7ffe8e783d00) at dlg_var.c:307
#4 0x00007f7116c61eb0 in set_start_time (dialog=0x7f7100188c40) at acc_cdr.c:523
#5 0x00007f7116c67ec6 in cdr_on_create (dialog=0x7f7100188c40, type=2, params=0x7f71165a20c0) at acc_cdr.c:790
#6 0x00007f711632b9f6 in run_create_callbacks (dlg=0x7f7100188c40, msg=0x7f711bc8be60) at dlg_cb.c:230
#7 0x00007f7116346574 in dlg_new_dialog (req=0x7f711bc8be60, t=0x7f71002c3cd0, run_initial_cbs=1) at dlg_handlers.c:865
#8 0x00007f7116344f8d in dlg_onreq (t=0x7f71002c3cd0, type=1, param=0x7f711ba265c0) at dlg_handlers.c:717
#9 0x00007f711b7682ee in run_reqin_callbacks_internal (hl=0x7f70ff731be8, trans=0x7f71002c3cd0, params=0x7f711ba265c0) at t_hooks.c:360
#10 0x00007f711b7683fe in run_reqin_callbacks (trans=0x7f71002c3cd0, req=0x7f711bc8be60, code=1) at t_hooks.c:385
#11 0x00007f711b727ef1 in build_cell (p_msg=0x7f711bc8be60) at h_table.c:356
#12 0x00007f711b779e92 in new_t (p_msg=0x7f711bc8be60) at t_lookup.c:1269
#13 0x00007f711b77b10f in t_newtran (p_msg=0x7f711bc8be60) at t_lookup.c:1409
#14 0x00007f711b74ed9b in t_relay_to (p_msg=0x7f711bc8be60, proxy=0x0, proto=0, replicate=0) at t_funcs.c:236
#15 0x00007f711b78ed9f in _w_t_relay_to (p_msg=0x7f711bc8be60, proxy=0x0, force_proto=0) at tm.c:1476
#16 0x00007f711b78ff56 in w_t_relay (p_msg=0x7f711bc8be60, _foo=0x0, _bar=0x0) at tm.c:1677
#17 0x000000000041e1ca in do_action (h=0x7ffe8e784c80, a=0x7f711bb33600, msg=0x7f711bc8be60) at action.c:1053
#18 0x000000000042ab90 in run_actions (h=0x7ffe8e784c80, a=0x7f711bb33600, msg=0x7f711bc8be60) at action.c:1548
#19 0x000000000042b216 in run_actions_safe (h=0x7ffe8e785a30, a=0x7f711bb33600, msg=0x7f711bc8be60) at action.c:1613
#20 0x000000000054bc3a in rval_get_int (h=0x7ffe8e785a30, msg=0x7f711bc8be60, i=0x7ffe8e785228, rv=0x7f711bb33c50, cache=0x0) at rvalue.c:912
#21 0x000000000054fff1 in rval_expr_eval_int (h=0x7ffe8e785a30, msg=0x7f711bc8be60, res=0x7ffe8e785228, rve=0x7f711bb33c48) at rvalue.c:1906
#22 0x000000000055041f in rval_expr_eval_int (h=0x7ffe8e785a30, msg=0x7f711bc8be60, res=0x7ffe8e785760, rve=0x7f711bb34348) at rvalue.c:1914
#23 0x000000000041dc7c in do_action (h=0x7ffe8e785a30, a=0x7f711bb338f8, msg=0x7f711bc8be60) at action.c:1029
#24 0x000000000042ab90 in run_actions (h=0x7ffe8e785a30, a=0x7f711ba769a8, msg=0x7f711bc8be60) at action.c:1548
#25 0x000000000042b2de in run_top_route (a=0x7f711ba769a8, msg=0x7f711bc8be60, c=0x0) at action.c:1634
#26 0x000000000051139c in receive_msg (
buf=0xa84320 "INVITE sip:09011112222 at 192.168.2.187:5060 SIP/2.0\r\nVia: SIP/2.0/UDP 192.168.0.188:5010;rport;branch=z9hG4bK-20004-110686-4\r\nFrom: \"user1\" <sip:user1 at test1.com>;tag=20004SIPpTag00110686\r\nTo: <sip:09011"..., len=947, rcv_info=0x7ffe8e785d50) at receive.c:196
#27 0x000000000061809c in udp_rcv_loop () at udp_server.c:495
#28 0x00000000004ac5ba in main_loop () at main.c:1573
#29 0x00000000004b2bc5 in main (argc=7, argv=0x7ffe8e7861e8) at main.c:2533
(gdb) frame 0
#0 0x00007f711633b5ac in update_dialog_vars_dbinfo (cell=0x7f7100188c40, var=0x3433) at dlg_db_handler.c:652
652 SET_STR_VALUE(values+2, var->key);
(gdb) p *cell
$1 = {ref = 1, next = 0x0, prev = 0x0, h_id = 6034, h_entry = 2375, state = 1, lifetime = 10800, init_ts = 1440666688, start_ts = 0, dflags = 0, iflags = 0, sflags = 0, toroute = 0, toroute_name = {
s = 0x0, len = 0}, from_rr_nb = 0, tl = {next = 0x0, prev = 0x0, timeout = 0}, callid = {
s = 0x7f7100188da0 "110686-20004 at 192.168.0.188sip:user1 at test1.comsip:09011112222 at 192.168.2.187:5060sip:09011112222 at 192.168.2.188:5030168.2.188:5030gent: VS4000/SIP Ver1.0.0\r\nContent-Length: 0\r\n\r\n", len = 26}, from_uri = {s = 0x7f7100188dba "sip:user1 at test1.comsip:09011112222 at 192.168.2.187:5060sip:09011112222 at 192.168.2.188:5030168.2.188:5030gent: VS4000/SIP Ver1.0.0\r\nContent-Length: 0\r\n\r\n",
len = 19}, to_uri = {s = 0x7f7100188dcd "sip:09011112222 at 192.168.2.187:5060sip:09011112222 at 192.168.2.188:5030168.2.188:5030gent: VS4000/SIP Ver1.0.0\r\nContent-Length: 0\r\n\r\n", len = 34},
req_uri = {s = 0x7f7100188def "sip:09011112222 at 192.168.2.188:5030168.2.188:5030gent: VS4000/SIP Ver1.0.0\r\nContent-Length: 0\r\n\r\n", len = 34}, tag = {{s = 0x7f710026ae28 "20004SIPpTag00110686",
len = 20}, {s = 0x0, len = 0}}, cseq = {{s = 0x7f710008fc88 "802r1", len = 3}, {s = 0x0, len = 0}}, route_set = {{s = 0x0, len = 0}, {s = 0x0, len = 0}}, contact = {{
s = 0x7f7100015be0 "sip:user1 at 192.168.2.50:5010", len = 27}, {s = 0x0, len = 0}}, bind_addr = {0x7f711ba58730, 0x0}, cbs = {first = 0x7f71002a9170, types = 41172}, profile_links = 0x7f710006b1d8,
vars = 0x7f710013daf0}
(gdb) p *cell->vars
$2 = {key = {s = 0x7f71001240f8 "answer_time", len = 11}, value = {s = 0x7f7100196358 "1440666688.375", len = 14}, vflags = 0, next = 0x7f710017f108}
(gdb) set $p=cell->vars->next
(gdb) while ($p != 0)
>p *$p
>set $p=$p->next
>end
$3 = {key = {s = 0x7f7100184890 "calling_number", len = 14}, value = {s = 0x7f7100436aa0 "0312341234", len = 10}, vflags = 0, next = 0x7f7100443180}
$4 = {key = {s = 0x7f71003ecb78 "destination", len = 11}, value = {s = 0x7f710006d080 "09011112222", len = 11}, vflags = 0, next = 0x7f71001496f0}
$5 = {key = {s = 0x7f71000bab68 "caller_username", len = 15}, value = {s = 0x7f71001a8170 "user1", len = 5}, vflags = 0, next = 0x7f7100032020}
$6 = {key = {s = 0x7f710013d498 "caller_domain", len = 13}, value = {s = 0x7f710013c3f0 "test1.com", len = 9}, vflags = 0, next = 0x7f7100226ba0}
$7 = {key = {s = 0x7f7100294bb0 "start_time", len = 10}, value = {s = 0x7f71001a2f58 "2015-08-27 18:11:28", len = 19}, vflags = 0, next = 0x0}
(gdb) p process_no
$8 = 2
(gdb) p pt[process_no]
$9 = {pid = 14673, unix_sock = -1, idx = -1, desc = "udp receiver child=1 sock=192.168.2.187:5060", '\000' <repeats 83 times>}
(gdb)
```
I am also load testing latest commit 9e03ac7410c879dc9e91dd21c04c0597ce1ccff3 of version 4.1 and so far the problem didn't happen with it (4.1 is what I am running in production. Since i need to update my kamailio.cfg with new functionality, I am trying to upgrade kamailio version to not lag too much behind).
---
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/301#issuecomment-135577581
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-dev/attachments/20150827/7ab9427f/attachment-0001.html>
More information about the sr-dev
mailing list