[SR-Users] Crash Kamailio 4.1 (qm_debug_frag(): BUG: qm_*: prev. fragm. tail overwritten)

Daniel-Constantin Mierla miconda at gmail.com
Mon Jun 9 18:08:20 CEST 2014


Hello,

do you still have the core file for inspection? Can the issue be reproduced?

Cheers,
Daniel

On 29/05/14 12:18, Andrés Souto wrote:
> Hello,
>
> Kamailio crashes with this message:
> May 29 12:03:45 kamfree-manager kamailio[8705]: : <core> 
> [mem/q_malloc.c:159]: qm_debug_frag(): BUG: qm_*: prev. fragm. tail 
> overwritten(c0c0c000, abcdefed)[0x7ff5a5031a98:0x7ff5a5031ac8]!
> May 29 12:03:45 kamfree-manager kamailio[8697]: ALERT: <core> 
> [main.c:775]: handle_sigs(): child process 8705 exited by a signal 6
> May 29 12:03:45 kamfree-manager kamailio[8697]: ALERT: <core> 
> [main.c:778]: handle_sigs(): core was generated
>
> The problem is produced in this line of the script:
> $rU = $dbr(ra=>[0,0]);
>
> I'm using last commit in 4.1 branch 
> (ad5235229f59ba5d1f4216e144291e110fee0211) on Debian wheezy.
>
> The backtrace:
> #0  0x00007ff5a538b475 in raise () from /lib/x86_64-linux-gnu/libc.so.6
> #1  0x00007ff5a538e6f0 in abort () from /lib/x86_64-linux-gnu/libc.so.6
> #2  0x0000000000546a00 in qm_debug_frag (qm=0x7ff5a4f58010, 
> f=0x7ff5a5031a98) at mem/q_malloc.c:161
> #3  0x000000000054796d in qm_malloc (qm=0x7ff5a4f58010, size=1024, 
> file=0x5c9ec1 "<core>: action.c", func=0x5cb1d8 "do_action", line=832) 
> at mem/q_malloc.c:386
> #4  0x000000000041affa in do_action (h=0x7fff810cd2b0, 
> a=0x7fff810cd390, msg=0x7ff5a502ed28) at action.c:832
> #5  0x00007ff5a2295d88 in pv_set_ruri_user (msg=0x7ff5a502ed28, 
> param=0x7ff5a4fb3750, op=254, val=0x7fff810cd4e0) at pv_core.c:2073
> #6  0x0000000000467bbf in lval_pvar_assign (h=0x7fff810d0200, 
> msg=0x7ff5a502ed28, lv=0x7ff5a501ea00, rv=0x7ff5a501f110) at lvalue.c:362
> #7  0x00000000004680a5 in lval_assign (h=0x7fff810d0200, 
> msg=0x7ff5a502ed28, lv=0x7ff5a501ea00, rve=0x7ff5a501f108) at lvalue.c:410
> #8  0x0000000000423fec in do_action (h=0x7fff810d0200, 
> a=0x7ff5a501eb68, msg=0x7ff5a502ed28) at action.c:1478
> #9  0x0000000000424d70 in run_actions (h=0x7fff810d0200, 
> a=0x7ff5a5013ee0, msg=0x7ff5a502ed28) at action.c:1599
> #10 0x000000000041c18d in do_action (h=0x7fff810d0200, 
> a=0x7ff5a5020a10, msg=0x7ff5a502ed28) at action.c:1090
> #11 0x0000000000424d70 in run_actions (h=0x7fff810d0200, 
> a=0x7ff5a5020a10, msg=0x7ff5a502ed28) at action.c:1599
> #12 0x000000000041c18d in do_action (h=0x7fff810d0200, 
> a=0x7ff5a5020e50, msg=0x7ff5a502ed28) at action.c:1090
> #13 0x0000000000424d70 in run_actions (h=0x7fff810d0200, 
> a=0x7ff5a50119b0, msg=0x7ff5a502ed28) at action.c:1599
> #14 0x000000000041a2b7 in do_action (h=0x7fff810d0200, 
> a=0x7ff5a4fd3fc0, msg=0x7ff5a502ed28) at action.c:715
> #15 0x0000000000424d70 in run_actions (h=0x7fff810d0200, 
> a=0x7ff5a4fd2800, msg=0x7ff5a502ed28) at action.c:1599
> #16 0x0000000000422c70 in do_action (h=0x7fff810d0200, 
> a=0x7ff5a4fd7af0, msg=0x7ff5a502ed28) at action.c:1235
> #17 0x0000000000424d70 in run_actions (h=0x7fff810d0200, 
> a=0x7ff5a4fd1ed8, msg=0x7ff5a502ed28) at action.c:1599
> #18 0x000000000041c18d in do_action (h=0x7fff810d0200, 
> a=0x7ff5a4fd7d10, msg=0x7ff5a502ed28) at action.c:1090
> #19 0x0000000000424d70 in run_actions (h=0x7fff810d0200, 
> a=0x7ff5a4fcf1d8, msg=0x7ff5a502ed28) at action.c:1599
> #20 0x000000000041a2b7 in do_action (h=0x7fff810d0200, 
> a=0x7ff5a4fb7d88, msg=0x7ff5a502ed28) at action.c:715
> #21 0x0000000000424d70 in run_actions (h=0x7fff810d0200, 
> a=0x7ff5a4fb6b68, msg=0x7ff5a502ed28) at action.c:1599
> #22 0x000000000041c18d in do_action (h=0x7fff810d0200, 
> a=0x7ff5a4fb9838, msg=0x7ff5a502ed28) at action.c:1090
> #23 0x0000000000424d70 in run_actions (h=0x7fff810d0200, 
> a=0x7ff5a4faf5a0, msg=0x7ff5a502ed28) at action.c:1599
> #24 0x0000000000425524 in run_top_route (a=0x7ff5a4faf5a0, 
> msg=0x7ff5a502ed28, c=0x0) at action.c:1685
> #25 0x00000000004a6fdb in receive_msg (
>     buf=0x921920 "INVITE sip:2000 at vpbx2.ur SIP/2.0\r\nVia: SIP/2.0/UDP 
> 192.168.0.101;rport;branch=z9hG4bK14cFrXZ0N53jS\r\nMax-Forwards: 
> 67\r\nFrom: \"1000\" <sip:1000 at vpbx1.ur>;tag=FjmFN79ZrXH0e\r\nTo: 
> <sip:2000 at vpbx2.ur>\r\nCall-"..., len=1061, rcv_info=0x7fff810d04b0) 
> at receive.c:212
> #26 0x000000000053c544 in udp_rcv_loop () at udp_server.c:536
> ---Type <return> to continue, or q <return> to quit---
> #27 0x000000000046ee54 in main_loop () at main.c:1617
> #28 0x0000000000471df4 in main (argc=3, argv=0x7fff810d07e8) at 
> main.c:2533
>
> Complete log: http://pastebin.com/YZirUkfe
>
> Thanks.
>
> Regards,
>
> -- 
> *Andrés Souto*
> VoIP Engineer @ Quobis <http://www.quobis.com/> | e: 
> andres.souto at quobis.com <mailto:andres.souto at quobis.com> | t: +34902999465
>
>
> _______________________________________________
> SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
> sr-users at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users

-- 
Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20140609/67a85def/attachment.html>


More information about the sr-users mailing list