[SR-Users] Crash Kamailio 4.1.5

Igor Potjevlesch igor.potjevlesch at gmail.com
Wed Sep 17 19:48:26 CEST 2014


Hello,

 

(gdb) frame 2

#2  0x00007fb984c0b089 in db_mysql_val2str (_c=0x7fb985033d18,
_v=0x7fb981921f60, _s=0x1c51bf0 "0669','0123456789','<A.B.C.D>')",
_len=0x7fffab695f74) at km_val.c:79

79                              _s +=
mysql_real_escape_string(CON_CONNECTION(_c), _s, VAL_STR(_v).s,
VAL_STR(_v).len);

(gdb) p *_v

$1 = {type = DB1_STR, nul = 0, free = 0, val = {int_val = 1953656688, ll_val
= 3904679414993153904, double_val = 1.1089942400964931e-47, time_val =
3904679414993153904, string_val = 0x3630353d74726f70 <Address
0x3630353d74726f70 out of bounds>, str_val = {

      s = 0x3630353d74726f70 <Address 0x3630353d74726f70 out of bounds>, len
= 1919040304}, blob_val = {s = 0x3630353d74726f70 <Address
0x3630353d74726f70 out of bounds>, len = 1919040304}, bitmap_val =
1953656688}}

 

Hope this help.

Regards,

 

Igor.



De : sr-users-bounces at lists.sip-router.org
[mailto:sr-users-bounces at lists.sip-router.org] De la part de
Daniel-Constantin Mierla
Envoyé : mardi 16 septembre 2014 17:44
À : Kamailio (SER) - Users Mailing List
Objet : Re: [SR-Users] Crash Kamailio 4.1.5

 

Hello,

can you get the output in gdb for:

frame 2
p *_v

Cheers,
Daniel

On 16/09/14 17:34, Igor Potjevlesch wrote:

Hello,

 

A crash just occurred.

I use the patch for the PAI issue. I had a look to the core dump and it
looks to be another issue:

(gdb) bt full

#0  0x00000030f2230f30 in escape_string_for_mysql () from
/usr/lib64/mysql/libmysqlclient.so.16

No symbol table info available.

#1  0x00000030f22269c1 in mysql_real_escape_string () from
/usr/lib64/mysql/libmysqlclient.so.16

No symbol table info available.

#2  0x00007fb984c0b089 in db_mysql_val2str (_c=0x7fb985033d18,
_v=0x7fb981921f60, _s=0x1c51bf0 "0669','<phone_number>','A.B.C.D')",
_len=0x7fffab695f74) at km_val.c:79

        l = 10

        tmp = 1

        old_s = 0x1c51bef "'0669','<phone_number>','A.B.C.D')"

        __FUNCTION__ = "db_mysql_val2str"

#3  0x00007fb9847e1137 in db_print_values (_c=0x7fb985033d18, 

    _b=0x1c51b0c
"'INVITE','as689f6052','a94c095b773be1dd6e8d668a785a9c847afd0320','361aa4536
ba9cd8463b3ec8114d3711a at domain.tld
<mailto:361aa4536ba9cd8463b3ec8114d3711a at domain.tld>
','200','OK','2014-09-16
17:05:26','<phone_number>','<phone_number>@domain.tld','trunk."...,
_l=65379, _v=0x7fb981921e00, _n=15, 

    val2str=0x7fb984c0ac88 <db_mysql_val2str>) at db_ut.c:318

        i = 11

        l = 65152

        len = 227

        __FUNCTION__ = "db_print_values"

#4  0x00007fb9847da028 in db_do_insert_cmd (_h=0x7fb985033d18,
_k=0x7fb981921b20, _v=0x7fb981921e00, _n=15, val2str=0x7fb984c0ac88
<db_mysql_val2str>, submit_query=0x7fb984c02092 <db_mysql_submit_query>,
mode=0) at db_query.c:224

        off = 156

        ret = 10

        __FUNCTION__ = "db_do_insert_cmd"

#5  0x00007fb9847da3b9 in db_do_insert (_h=0x7fb985033d18,
_k=0x7fb981921b20, _v=0x7fb981921e00, _n=15, val2str=0x7fb984c0ac88
<db_mysql_val2str>, submit_query=0x7fb984c02092 <db_mysql_submit_query>) at
db_query.c:249

No locals.

#6  0x00007fb984c04419 in db_mysql_insert (_h=0x7fb985033d18,
_k=0x7fb981921b20, _v=0x7fb981921e00, _n=15) at km_dbase.c:415

No locals.

#7  0x00007fb98170b783 in acc_db_request (rq=0x7fb9797ab0c8) at acc.c:492

        m = 15

        n = 2038083784

        i = 15

        t = 0x414cc0

        __FUNCTION__ = "acc_db_request"

#8  0x00007fb981715bc8 in acc_onreply (t=0x7fb979775070, req=0x7fb9797ab0c8,
reply=0x7fb98504fc48, code=200) at acc_logic.c:471

        new_uri_bk = {s = 0x7fb97971e1af "sip:<phone_number>@domain.tld
SIP/2.0\r\nRecord-Route:  <sip:A.B.C.D;lr=on> <sip:A.B.C.D;lr=on>\r\nVia:
SIP/2.0/UDP
A.B.C.D;branch=z9hG4bK6a0a.6c2a27c22049161f515e9c9ac1ffe7e1.0\r\nVia:
SIP/2.0/UDP 172.16.3.105:5060;branch=z9hG4bK4"..., len = 19}

        br = 0

        hdr = 0x7fb98171cc20

        __FUNCTION__ = "acc_onreply"

#9  0x00007fb98171630a in tmcb_func (t=0x7fb979775070, type=512,
ps=0x7fffab6962e0) at acc_logic.c:573

        __FUNCTION__ = "tmcb_func"

#10 0x00007fb98391046c in run_trans_callbacks_internal
(cb_lst=0x7fb9797750e0, type=512, trans=0x7fb979775070,
params=0x7fffab6962e0) at t_hooks.c:290

        cbp = 0x7fb979633b38

        backup_from = 0x934630

        backup_to = 0x934638

        backup_dom_from = 0x934640

        backup_dom_to = 0x934648

        backup_uri_from = 0x934620

        backup_uri_to = 0x934628

        backup_xavps = 0x934760

        __FUNCTION__ = "run_trans_callbacks_internal"

#11 0x00007fb98391067e in run_trans_callbacks_with_buf (type=512,
rbuf=0x7fb979775130, req=0x7fb9797ab0c8, repl=0x7fb98504fc48, flags=200) at
t_hooks.c:336

        params = {req = 0x7fb9797ab0c8, rpl = 0x7fb98504fc48, param =
0x7fb979633b48, code = 200, flags = 200, branch = 0, t_rbuf =
0x7fb979775130, dst = 0x7fb979775180, send_buf = {

            s = 0x7fb9796f4070 "SIP/2.0 200 OK\r\nVia: SIP/2.0/UDP
172.16.3.105:5060;branch=z9hG4bK49e57236;rport=5060\r\nCall-ID:
361aa4536ba9cd8463b3ec8114d3711a at domain.tld\r\nFrom: \"<phone_number>\"
<sip: <sip:%3cphone_number> <phone_number>@domain.tld>;t"..., len = 925}}

        trans = 0x7fb979775070

#12 0x00007fb983942bfa in relay_reply (t=0x7fb979775070,
p_msg=0x7fb98504fc48, branch=0, msg_status=200, cancel_data=0x7fffab696640,
do_put_on_wait=1) at t_reply.c:2001

        relay = 0

        save_clone = 0

        buf = 0x7fb98505ddd0 "SIP/2.0 200 OK\r\nVia: SIP/2.0/UDP
172.16.3.105:5060;branch=z9hG4bK49e57236;rport=5060\r\nCall-ID:
361aa4536ba9cd8463b3ec8114d3711a at domain.tld\r\nFrom: \"<phone_number>\"
<sip: <sip:%3cphone_number> <phone_number>@domain.tld>;t"...

        res_len = 925

        relayed_code = 200

        relayed_msg = 0x7fb98504fc48

        reply_bak = 0x7fffab696490

        bm = {to_tag_val = {s = 0x7fb979776608 "", len = 5449371}}

        totag_retr = 0

        reply_status = RPS_COMPLETED

        uas_rb = 0x7fb979775130

        to_tag = 0x0

        reason = {s = 0x1ab696440 <Address 0x1ab696440 out of bounds>, len =
1}

        onsend_params = {req = 0x200924a04, rpl = 0x7fb983962f90, param =
0x414cc0, code = 1, flags = 0, branch = 0, t_rbuf = 0x7fb96f3b4828, dst =
0x7fb98504fe40, send_buf = {s = 0xab696460 <Address 0xab696460 out of
bounds>, len = 1024}}

        __FUNCTION__ = "relay_reply"

#13 0x00007fb9839450ab in reply_received (p_msg=0x7fb98504fc48) at
t_reply.c:2499

        msg_status = 200

        last_uac_status = 180

        ack = 0x40 <Address 0x40 out of bounds>

        ack_len = 0

        branch = 0

        reply_status = -2063230624

        onreply_route = 1

        cancel_data = {cancel_bitmap = 0, reason = {cause = 200, u = {text =
{s = 0x0, len = 9586191}, e2e_cancel = 0x0, packed_hdrs = {s = 0x0, len =
9586191}}}}

        uac = 0x7fb9797751d8

        t = 0x7fb979775070

        lack_dst = {send_sock = 0x7fb9850202f0, to = {s = {sa_family =
17952, sa_data = "#\000\000\000\000\000`h\377\204\271\177\000"}, sin =
{sin_family = 17952, sin_port = 35, sin_addr = {s_addr = 0}, sin_zero =
"`h\377\204\271\177\000"}, sin6 = {

              sin6_family = 17952, sin6_port = 35, sin6_flowinfo = 0,
sin6_addr = {__in6_u = {__u6_addr8 =
"`h\377\204\271\177\000\000\220h\377\204\271\177\000", __u6_addr16 = {26720,
34047, 32697, 0, 26768, 34047, 32697, 0}, __u6_addr32 = {2231330912, 32697, 

                    2231330960, 32697}}}, sin6_scope_id = 2231330912}}, id =
32697, proto = 0 '\000', send_flags = {f = 39 '\'', blst_imask = 5 '\005'}}

        backup_user_from = 0x934630

        backup_user_to = 0x934638

        backup_domain_from = 0x934640

        backup_domain_to = 0x934648

        backup_uri_from = 0x934620

        backup_uri_to = 0x934628

        backup_xavps = 0x934760

        replies_locked = 1

        branch_ret = 0

        prev_branch = -1419155712

        blst_503_timeout = 32767

        hf = 0x7fb98504fc68

        onsend_params = {req = 0x7fffab6966c0, rpl = 0x550bb0, param =
0x2345e0, code = 0, flags = 3, branch = 0, t_rbuf = 0x7fb984e1d380, dst =
0x7fb9850526d0, send_buf = {s = 0x7fffab6966c0 "`G\223", len = 5538065}}

        ctx = {rec_lev = 0, run_flags = 0, last_retcode = 0, jmp_env =
{{__jmpbuf = {140434777374272, -8626733706341394934, 4279488,
140736069201136, 0, 0, -8626733706320423414, 8626919071020996106},
__mask_was_saved = 0, __saved_mask = {__val = {9586419, 

                  901952718779, 124554051613, 9586468, 140434777413984,
9587204, 9586197, 361695345073193192, 9586295, 9586274, 2231736624,
140434777413984, 140434777404704, 140434777374272, 4279488,
140736069201136}}}}}

        __FUNCTION__ = "reply_received"

#14 0x000000000045d853 in do_forward_reply (msg=0x7fb98504fc48, mode=0) at
forward.c:777

        new_buf = 0x0

        dst = {send_sock = 0x0, to = {s = {sa_family = 0, sa_data = '\000'
<repeats 13 times>}, sin = {sin_family = 0, sin_port = 0, sin_addr = {s_addr
= 0}, sin_zero = "\000\000\000\000\000\000\000"}, sin6 = {sin6_family = 0,
sin6_port = 0, sin6_flowinfo = 0, 

              sin6_addr = {__in6_u = {__u6_addr8 = '\000' <repeats 15
times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0,
0}}}, sin6_scope_id = 0}}, id = 0, proto = 0 '\000', send_flags = {f = 0
'\000', blst_imask = 0 '\000'}}

        new_len = 32697

        r = 1

        s = 0x4048504fc50 <Address 0x4048504fc50 out of bounds>

        len = 0

        __FUNCTION__ = "do_forward_reply"

#15 0x000000000045e114 in forward_reply (msg=0x7fb98504fc48) at
forward.c:860

No locals.

#16 0x00000000004a5903 in receive_msg (buf=0x924600 "SIP/2.0 200 OK\r\nVia:
SIP/2.0/UDP
A.B.C.D;branch=z9hG4bK6a0a.6c2a27c22049161f515e9c9ac1ffe7e1.0;received=A.B.C
.D\r\nVia: SIP/2.0/UDP
172.16.3.105:5060;branch=z9hG4bK49e57236;rport=5060\r\nCall-ID: 36"..., 

    len=1028, rcv_info=0x7fffab6969c0) at receive.c:273

        msg = 0x7fb98504fc48

        ctx = {rec_lev = 8868984, run_flags = 0, last_retcode = 0, jmp_env =
{{__jmpbuf = {0, 0, 0, 263853236176, 1, 0, 169733116696, 9586112},
__mask_was_saved = -1419155000, __saved_mask = {__val = {140434775328496,
12884901899, 140434775328496, 4279488, 

                  140736069201136, 140736069200192, 5477982, 0,
140434411832704, 50195, 169369879936, 9586112, 140736069200320,
140736069200240, 5474817, 4279488}}}}}

        ret = 32697

        inb = {s = 0x924600 "SIP/2.0 200 OK\r\nVia: SIP/2.0/UDP
A.B.C.D;branch=z9hG4bK6a0a.6c2a27c22049161f515e9c9ac1ffe7e1.0;received=A.B.C
.D\r\nVia: SIP/2.0/UDP
172.16.3.105:5060;branch=z9hG4bK49e57236;rport=5060\r\nCall-ID: 36"..., len
= 1028}

        __FUNCTION__ = "receive_msg"

#17 0x000000000053c9c4 in udp_rcv_loop () at udp_server.c:536

        len = 1028

        buf = "SIP/2.0 200 OK\r\nVia: SIP/2.0/UDP
A.B.C.D;branch=z9hG4bK6a0a.6c2a27c22049161f515e9c9ac1ffe7e1.0;received=A.B.C
.D\r\nVia: SIP/2.0/UDP
172.16.3.105:5060;branch=z9hG4bK49e57236;rport=5060\r\nCall-ID: 36"...

        tmp = 0x9245c0 "10.143.1.10"

        from = 0x7fb984f8cd70

        fromlen = 16

        ri = {src_ip = {af = 2, len = 4, u = {addrl = {336073913,
140434775328496}, addr32 = {336073913, 0, 2229651184, 32697}, addr16 =
{5305, 5128, 0, 0, 50928, 34021, 32697, 0}, addr =
"\271\024\b\024\000\000\000\000\360\306å

 
¹\177\000"}}, dst_ip = {af = 2, 

            len = 4, u = {addrl = {67638457, 0}, addr32 = {67638457, 0, 0,
0}, addr16 = {5305, 1032, 0, 0, 0, 0, 0, 0}, addr = "\271\024\b\004", '\000'
<repeats 11 times>}}, src_port = 5060, dst_port = 5060, proto_reserved1 = 0,
proto_reserved2 = 0, src_su = {s = {

              sa_family = 2, sa_data =
"\023Ĺ\024\b\024\000\000\000\000\000\000\000"}, sin = {sin_family = 2,
sin_port = 50195, sin_addr = {s_addr = 336073913}, sin_zero =
"\000\000\000\000\000\000\000"}, sin6 = {sin6_family = 2, sin6_port = 50195,


              sin6_flowinfo = 336073913, sin6_addr = {__in6_u = {__u6_addr8
= '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0},
__u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}, bind_address =
0x7fb984e5c588, proto = 1 '\001'}

        __FUNCTION__ = "udp_rcv_loop"

#18 0x000000000046d447 in main_loop () at main.c:1617

        i = 12

        pid = 0

        si = 0x7fb984e5c588

        si_desc = "udp receiver child=12
sock=A.B.C.D:5060\000\204\271\177\000\000\b\024î

 
¹\177\000\000\036\205^\000\000\000\000\000\000w^\000\000\000\000\000 at K\237@\
000\000\000\000\300LA\000\000\000\000\000\360li\253\377\177", '\000'
<repeats 18 times>, "0ki\253\377\177\000\000\020\245K\000\000\000\000"

        nrprocs = 15

        __FUNCTION__ = "main_loop"

#19 0x000000000047054f in main (argc=7, argv=0x7fffab696cf8) at main.c:2545

        cfg_stream = 0x1c42010

        c = -1

        r = 0

        tmp = 0x7fffab697f70 ""

        tmp_len = 0

        port = 0

        proto = 0

        options = 0x5e0a58
":f:cm:M:dVIhEeb:l:L:n:vKrRDTN:W:w:t:u:g:P:G:SQ:O:a:A:"

        ret = -1

        seed = 1073556037

        rfd = 4

        debug_save = 0

        debug_flag = 0

        dont_fork_cnt = 0

        n_lst = 0x3d6f60fb88

        p = 0x5caba0 "H\211l$\330L\211d$\340H\215-O\244*"

        __FUNCTION__ = "main"

 

Regards,

 

Igor.

 






_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users at lists.sip-router.org <mailto:sr-users at lists.sip-router.org> 
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users





-- 
Daniel-Constantin Mierla
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Next Kamailio Advanced Trainings 2014 - http://www.asipto.com
Sep 22-25, Berlin, Germany
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20140917/2b348711/attachment.html>


More information about the sr-users mailing list