[SR-Users] Kamailio 3.0.4 is crashed

Daniel-Constantin Mierla miconda at gmail.com
Sat Sep 10 08:58:40 CEST 2011 

Hello,

it seems like a buffer overflow happened previously, since the crash is 
in malloc. Do you get any error messages is syslog? Can you recompile 
with QM_DBG_MALLOC like explained in the next link and try again 
watching the syslog messages?
http://www.kamailio.org/dokuwiki/doku.php/troubleshooting:memory

On another hand, 3.0.4 is quite old, why are not using 3.1.4, it is far 
more updated than 3.0 series -- we are just to release first in 3.2 
series. Upgrading from 3.0 to 3.1 is rather trivial.

Cheers,
Daniel


On 9/9/11 8:38 PM, KhoaNVP wrote:
> Hi everyone,
>
> I hope you can help me with this issues.
> I'm working with kamailio 3.0.4 and when i implement the call via kamailio
> after 1-->3 mins , kamailio is crashed.
>
> It's my debug from core log.
>
> Core was generated by `kamailio -E -ddd'.
> Program terminated with signal 11, Segmentation fault.
> #0  fm_malloc (qm=0x88c860, size=<value optimized out>) at
> mem/f_malloc.c:382
> 382             *f=frag->u.nxt_free;
> (gdb) qt
> Undefined command: "qt".  Try "help".
> (gdb) bt
> #0  fm_malloc (qm=0x88c860, size=<value optimized out>) at
> mem/f_malloc.c:382
> #1  0x000000000041fd27 in dup_lump_list_r (l=0x9275f8, dir=LD_AFTER,
> error=0x7fff23bd661c) at data_lump.c:453
> #2  0x000000000041ffa9 in dup_lump_list_r (l=0x927640, dir=LD_AFTER,
> error=0x7fff23bd666c) at data_lump.c:476
> #3  0x000000000041ff6d in dup_lump_list_r (l=0x926db0, dir=<value optimized
> out>, error=0x7fff23bd66b4) at data_lump.c:465
> #4  0x0000000000420058 in dup_lump_list (l=0x88c860) at data_lump.c:508
> #5  0x00002b8b2efb858d in prepare_new_uac (t=0x2b8b3218ffa8, i_req=0x926ef0,
> branch=0, uri=0x927150, path=0x9274d0, next_hop=<value optimized out>,
>      fsocket=0x0, snd_flags=0 '\000', fproto=0, flags=0) at t_fwd.c:242
> #6  0x00002b8b2efb94c7 in add_uac (t=0x2b8b3218ffa8, request=0x926ef0,
> uri=0x927150, next_hop=0x7, path=0x9274d0, proxy=0x0, fsocket=0x0,
>      snd_flags=0 '\000', proto=0, flags=0) at t_fwd.c:679
> #7  0x00002b8b2efbce7a in t_forward_nonack (t=0x2b8b3218ffa8,
> p_msg=0x926ef0, proxy=0x0, proto=0) at t_fwd.c:1340
> #8  0x00002b8b2efb4996 in t_relay_to (p_msg=0x926ef0, proxy=0x0, proto=0,
> replicate=0) at t_funcs.c:358
> #9  0x0000000000413489 in do_action (h=0x7fff23bd71e0, a=0x8be788,
> msg=0x926ef0) at action.c:860
> #10 0x0000000000415e03 in run_actions (h=0x7fff23bd71e0, a=0x8be788,
> msg=0x926ef0) at action.c:1315
> #11 0x00000000004161e7 in run_actions_safe (h=0x7fff23bd8bb0, a=0x38,
> msg=0x88ca08) at action.c:1370
> #12 0x000000000049696b in rval_get_int (h=0x7fff23bd8bb0, msg=0x88ca08,
> i=0x7fff23bd75dc, rv=0x7, cache=0x7) at rvalue.c:897
> #13 0x000000000049b7fc in rval_expr_eval_int (h=0x7fff23bd8bb0,
> msg=0x926ef0, res=0x7fff23bd75dc, rve=0x8be878) at rvalue.c:1841
> #14 0x000000000049b8ad in rval_expr_eval_int (h=0x7fff23bd8bb0,
> msg=0x926ef0, res=0x7fff23bd79d8, rve=0x8bef48) at rvalue.c:1848
> #15 0x0000000000411d49 in do_action (h=0x7fff23bd8bb0, a=0x8bf798,
> msg=0x926ef0) at action.c:834
> #16 0x0000000000415e03 in run_actions (h=0x7fff23bd8bb0, a=0x8be608,
> msg=0x926ef0) at action.c:1315
> #17 0x0000000000413084 in do_action (h=0x7fff23bd8bb0, a=0x8f6060,
> msg=0x926ef0) at action.c:479
> #18 0x0000000000415e03 in run_actions (h=0x7fff23bd8bb0, a=0x8f6060,
> msg=0x926ef0) at action.c:1315
> #19 0x0000000000411dab in do_action (h=0x7fff23bd8bb0, a=0x8f62d0,
> msg=0x926ef0) at action.c:853
> #20 0x0000000000415e03 in run_actions (h=0x7fff23bd8bb0, a=0x8f62d0,
> msg=0x926ef0) at action.c:1315
> #21 0x0000000000413084 in do_action (h=0x7fff23bd8bb0, a=0x8bd698,
> msg=0x926ef0) at action.c:479
> #22 0x0000000000415e03 in run_actions (h=0x7fff23bd8bb0, a=0x8bd398,
> msg=0x926ef0) at action.c:1315
> #23 0x0000000000411dab in do_action (h=0x7fff23bd8bb0, a=0x8bd788,
> msg=0x926ef0) at action.c:853
> #24 0x0000000000415e03 in run_actions (h=0x7fff23bd8bb0, a=0x8a1340,
> msg=0x926ef0) at action.c:1315
> #25 0x0000000000416174 in run_top_route (a=0x8a1340, msg=0x926ef0, c=<value
> optimized out>) at action.c:1391
> #26 0x000000000048009c in receive_msg (buf=0x57e779 "DEBUG", len=<value
> optimized out>, rcv_info=0x7fff23bd8e20) at receive.c:196
> #27 0x000000000050698b in udp_rcv_loop () at udp_server.c:520
> #28 0x0000000000455e2f in main_loop () at main.c:1447
> #29 0x0000000000456f32 in main (argc=<value optimized out>,
> argv=0x7fff23bd90e8) at main.c:2251
> (gdb)
>
>
> Thanks with all the help,
> Khoa

-- 
Daniel-Constantin Mierla -- http://www.asipto.com
Kamailio Advanced Training, Oct 10-13, Berlin: http://asipto.com/u/kat
http://linkedin.com/in/miconda -- http://twitter.com/miconda

More information about the sr-users mailing list