[sr-dev] [kamailio] kamailio 4.3.3 crash during usrloc save location and DMQ (#373)
vinzens
notifications at github.com
Tue Oct 20 15:15:22 CEST 2015
We use the kamailio with dmq. One Kamailio gets an SIP Register and process it and forwards it though DMQ to another kamailio. here it should be saved in location as well.
During saving this location the kamailio crashes. For me (not an dev) it seems to crash during getting the length of the AOR. This is not happening every time while kamailio gets an DMQ register but we can reproduce it very easy. (at least this is the line pointing to referred in the backtrace)
the SIP DMQ Message looks like
Oct 20 14:44:53 messi /usr/sbin/kamailio[15059]: NOTICE: <script>: Got KDMQ Message, handle it..
KDMQ sip:usrloc at 217.116.120.39:5060 SIP/2.0
Via: SIP/2.0/UDP 172.20.21.3;branch=z9hG4bK7031.da526d01000000000000000000000000.0
To: <sip:usrloc at 217.116.120.39:5060>
From: <sip:usrloc at 172.20.21.3:5060>;tag=c67e1a50505355c50500c05660eca619-6820
CSeq: 10 KDMQ
Call-ID: 77bf92d7284e3548-25608 at 172.20.21.3
Content-Length: 430
Max-Forwards: 0
Content-Type: application/json
{"action":2,"aor":"1016811e7 at sipgate.de","ruid":"uloc-562103eb-6411-a4a1","c":"sip:1016811e7 at XX.XXX.XXX.XX:3072;line=2u4rbxb1","received":"","path":"<sip:XXX.XXX.XXX.XXX;lr>","callid":"3134343130393735323137323138-pbswhv8xostq","user_agent":"snom870/8.7.5.13","instance":"<urn:uuid:f3495943-cd1f-4de0-8d9c-000413413E79>","expires":10,"cseq":28786,"flags":0,"cflags":0,"q":1000,"last_modified":1445345060,"methods":6111,"reg_id":1}
we managed to get an core dump and it says:
GNU gdb (GDB) 7.4.1-debian
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/sbin/kamailio...Reading symbols from /usr/lib/debug/.build-id/b9/e50c34b5b5de6da1e2473514911ce96a8a094d.debug...done.
done.
[New LWP 15069]
warning: Can't read pathname for load map: Input/output error.
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `/usr/sbin/kamailio -f /etc/kamailio/kamailio_sip_location_proxy.cfg -P /var/run'.
Program terminated with signal 11, Segmentation fault.
#0 0x00007f573d8c7770 in db_load_urecord_by_ruid (_c=0x7f573f616278, _d=_d at entry=0x7f5736ef5498, _ruid=_ruid at entry=0x7f573ae6d200) at udomain.c:822
822 udomain.c: No such file or directory.
(gdb) bt
#0 0x00007f573d8c7770 in db_load_urecord_by_ruid (_c=0x7f573f616278, _d=_d at entry=0x7f5736ef5498, _ruid=_ruid at entry=0x7f573ae6d200) at udomain.c:822
#1 0x00007f573d8cd0d5 in get_urecord_by_ruid (_d=0x7f5736ef5498, _aorhash=2416148423, _ruid=_ruid at entry=0x7f573ae6d200, _r=_r at entry=0x7ffc358958a0, _c=_c at entry=0x7ffc358958b0) at udomain.c:1177
#2 0x00007f573ac6720a in delete_contact (aor=..., ci=<optimized out>) at usrloc_sync.c:109
#3 usrloc_dmq_handle_msg (msg=<optimized out>, resp=0x7ffc35895a00, node=0x7f5736f9e6d8) at usrloc_sync.c:394
#4 0x00007f573ae8b10b in worker_loop (id=id at entry=1) at worker.c:105
#5 0x00007f573ae721e8 in child_init (rank=<optimized out>) at dmq.c:293
#6 child_init (rank=<optimized out>) at dmq.c:279
#7 0x000000000056d4f8 in init_mod_child (m=0x7f573f5fdf20, rank=rank at entry=0) at sr_module.c:915
#8 0x000000000056d442 in init_mod_child (m=0x7f573f5fe418, rank=rank at entry=0) at sr_module.c:912
#9 0x000000000056e91b in init_child (rank=rank at entry=0) at sr_module.c:941
#10 0x00000000004aa78c in main_loop () at main.c:1650
#11 0x0000000000427292 in main (argc=<optimized out>, argv=<optimized out>) at main.c:2547
(gdb) bt full
#0 0x00007f573d8c7770 in db_load_urecord_by_ruid (_c=0x7f573f616278, _d=_d at entry=0x7f5736ef5498, _ruid=_ruid at entry=0x7f573ae6d200) at udomain.c:822
ci = 0x7f573daeaf00
columns = {0x7f573daeac30, 0x7f573daeac20, 0x7f573daeac10, 0x7f573daeac00, 0x7f573daeabf0, 0x7f573daeabe0, 0x7f573daeabd0, 0x7f573daeabc0, 0x7f573daeabb0, 0x7f573daeaba0, 0x7f573daeab90,
0x7f573daeab80, 0x7f573daeab50, 0x7f573daeac60, 0x7f573daeab70, 0x7f573daeab60, 0x7f573daeab40, 0x7f573daeab30, 0x7f573daeab20, 0x7f573daeac50, 0x7f573daeac40}
keys = {0x7f573daeac60}
order = <optimized out>
vals = {{type = DB1_STR, nul = 0, free = 2, val = {int_val = 40974704, ll_val = 40974704, double_val = 2.0244193594913908e-316, time_val = 40974704,
string_val = 0x2713970 "uloc-562103eb-6411-a4a1", str_val = {s = 0x2713970 "uloc-562103eb-6411-a4a1", len = 23}, blob_val = {s = 0x2713970 "uloc-562103eb-6411-a4a1", len = 23},
bitmap_val = 40974704}}}
res = 0x7f573f6164e8
row = <optimized out>
contact = {s = 0x272edd0 "sip:1016811e7 at XX.XXX.XXX.XX:3072;line=e52c50xi", len = 46}
aor = {s = 0x37fc50 <Address 0x37fc50 out of bounds>, len = 898193808}
aorbuf = '\000' <repeats 511 times>
domain = <optimized out>
r = 0x0
c = <optimized out>
__FUNCTION__ = "db_load_urecord_by_ruid"
#1 0x00007f573d8cd0d5 in get_urecord_by_ruid (_d=0x7f5736ef5498, _aorhash=2416148423, _ruid=_ruid at entry=0x7f573ae6d200, _r=_r at entry=0x7ffc358958a0, _c=_c at entry=0x7ffc358958b0) at udomain.c:1177
sl = 16327
i = <optimized out>
r = <optimized out>
c = <optimized out>
#2 0x00007f573ac6720a in delete_contact (aor=..., ci=<optimized out>) at usrloc_sync.c:109
c = <optimized out>
ci = 0x7f573ae6d200
_d = 0x7f5736ef5498
r = <optimized out>
#3 usrloc_dmq_handle_msg (msg=<optimized out>, resp=0x7ffc35895a00, node=0x7f5736f9e6d8) at usrloc_sync.c:394
content_length = <optimized out>
body = <optimized out>
jdoc = {root = 0x27137b0, flags = 0, buf = {
s = 0x7f5736fd6662 "{\"action\":2,\"aor\":\"1016811e7 at sipgate.de\",\"ruid\":\"uloc-562103eb-6411-a4a1\",\"c\":\"sip:1016811e7 at XX.XXX.XXX.XX:3072;line=2u4rbxb1\",\"received\":\"\",\"path\":\"<sip:217.116.120.247;lr>\",\"callid\":\"313434313039373"..., len = 438}, malloc_fn = 0x7f573fa1ba00 <malloc>, free_fn = 0x7f573fa1b920 <free>}
it = <optimized out>
ci = {ruid = {s = 0x2713970 "uloc-562103eb-6411-a4a1", len = 23}, c = 0x7ffc358958d0, received = {s = 0x2719190 "", len = 0}, path = 0x7ffc358958e0, expires = 1445345660, q = 1000,
callid = 0x7ffc358958f0, cseq = 28786, flags = 2, cflags = 0, user_agent = 0x7ffc35895900, sock = 0x0, methods = 6111, instance = {
s = 0x27193d0 "<urn:uuid:f3495943-cd1f-4de0-8d9c-000413413E79>", len = 47}, reg_id = 1, server_id = 0, tcpconn_id = -1, keepalive = 0, xavp = 0x0, last_modified = 1445345060}
action = <optimized out>
expires = <optimized out>
cseq = <optimized out>
flags = <optimized out>
cflags = <optimized out>
q = <optimized out>
last_modified = <optimized out>
methods = <optimized out>
reg_id = <optimized out>
aor = {s = <optimized out>, len = 20}
ruid = <optimized out>
c = {s = 0x27190e0 "sip:1016811e7 at IPADDRESS:3072;line=2u4rbxb1", len = 46}
received = <optimized out>
path = {s = 0x2713a00 "<sip:IPADDRESS;lr>", len = 24}
callid = {s = 0x2719290 "3134343130393735323137323138-pbswhv8xostq", len = 41}
user_agent = {s = 0x2719340 "snom870/8.7.5.13", len = 16}
instance = <optimized out>
__FUNCTION__ = "usrloc_dmq_handle_msg"
#4 0x00007f573ae8b10b in worker_loop (id=id at entry=1) at worker.c:105
worker = 0x7f5736f957f0
current_job = 0x7f5736fa0a00
peer_response = {resp_code = 0, content_type = {s = 0x0, len = 0}, reason = {s = 0x0, len = 0}, body = {s = 0x0, len = 0}}
ret_value = <optimized out>
not_parsed = 0
dmq_node = 0x7f5736f9e6d8
__FUNCTION__ = "worker_loop"
#5 0x00007f573ae721e8 in child_init (rank=<optimized out>) at dmq.c:293
---Type <return> to continue, or q <return> to quit---
i = <optimized out>
newpid = <optimized out>
#6 child_init (rank=<optimized out>) at dmq.c:279
No locals.
#7 0x000000000056d4f8 in init_mod_child (m=0x7f573f5fdf20, rank=rank at entry=0) at sr_module.c:915
__FUNCTION__ = "init_mod_child"
#8 0x000000000056d442 in init_mod_child (m=0x7f573f5fe418, rank=rank at entry=0) at sr_module.c:912
__FUNCTION__ = "init_mod_child"
#9 0x000000000056e91b in init_child (rank=rank at entry=0) at sr_module.c:941
No locals.
#10 0x00000000004aa78c in main_loop () at main.c:1650
i = <optimized out>
pid = <optimized out>
si = <optimized out>
si_desc = "udp receiver child=3 sock=217.116.120.39:5060\000\000\000\020\213k\000\000\000\000\000\252\311k\000\000\000\000\000\003\000\000\000\000\000\000\000(E\311\066W\177\000\000\001\000\000\000\000\000\000\000\000P:\251\313M\a\342\004\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\250\222\241\000\000\000\000\000\240\222\241\000\000\000\000"
nrprocs = <optimized out>
__FUNCTION__ = "main_loop"
#11 0x0000000000427292 in main (argc=<optimized out>, argv=<optimized out>) at main.c:2547
cfg_stream = <optimized out>
c = <optimized out>
r = <optimized out>
tmp = 0x7ffc35896efe ""
tmp_len = 0
port = 1
proto = 1
options = 0x6baf50 ":f:cm:M:dVIhEeb:l:L:n:vKrRDTN:W:w:t:u:g:P:G:SQ:O:a:A:"
ret = -1
seed = 1198920520
rfd = 4
debug_save = <optimized out>
debug_flag = <optimized out>
dont_fork_cnt = <optimized out>
n_lst = 0x0
p = <optimized out>
st = {st_dev = 14, st_ino = 30859, st_nlink = 2, st_mode = 16877, st_uid = 0, st_gid = 0, __pad0 = 0, st_rdev = 0, st_size = 60, st_blksize = 4096, st_blocks = 0, st_atim = {
tv_sec = 1444903317, tv_nsec = 438957686}, st_mtim = {tv_sec = 1445345013, tv_nsec = 829833044}, st_ctim = {tv_sec = 1445345020, tv_nsec = 417829857}, __unused = {0, 0, 0}}
__FUNCTION__ = "main"
(gdb)
---
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/373
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-dev/attachments/20151020/d3082165/attachment-0001.html>
More information about the sr-dev
mailing list