10 Feb
2011
10 Feb
'11
8:37 a.m.
[root@ tmp]# /usr/local/sbin/kamailio -V
version: kamailio 1.5.5-notls (x86_64/linux)
flags: STATISTICS, EXTRA_DEBUG, USE_IPV6, USE_TCP, DISABLE_NAGLE,
USE_MCAST, SHM_MMAP,
PKG_MALLOC, F_MALLOC, FAST_LOCK-ADAPTIVE_WAIT
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16,
MAX_URI_SIZE 1024,
BUF_SIZE 65535, PKG_SIZE 4194304
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
svnrevision: unknown
@(#) $Id: main.c 5608 2009-02-13 16:48:17Z henningw $
main.c compiled on 12:38:36 Feb 2 2011 with gcc 4.1.2
-----------------------------
Core was generated by `/usr/local/sbin/kamailio -P
/var/run/openser/openser.pid -m 32 -u
openser -g op'.
Program terminated with signal 11, Segmentation fault.
#0 0x000000000046b0e3 in fm_malloc (qm=0x72dc00, size=32) at
mem/f_malloc.c:354
354 if ((*f)->size>=size) goto found;
(gdb) backtrace
#0 0x000000000046b0e3 in fm_malloc (qm=0x72dc00, size=32) at
mem/f_malloc.c:354
#1 0x00002b30f2803087 in build_rr (_l=0x76f110, _l2=0x76fe80,
user=0x7fffe9c5a500,
tag=0x777a58, params=0x0, _inbound=0)
at record.c:176
#2 0x00002b30f2802b7a in record_route (_m=0x76e0e0, params=0x0) at
record.c:322
#3 0x00002b30f28047db in w_record_route (msg=0x76e0e0, key=0x0,
bar=0x0) at rr_mod.c:212
#4 0x000000000040ed9b in do_action (a=0x73f5a0, msg=0x76e0e0) at
action.c:874
#5 0x000000000040c03a in run_action_list (a=0x73f5a0, msg=0x76e0e0) at
action.c:145
#6 0x000000000040e6a7 in do_action (a=0x73f810, msg=0x76e0e0) at
action.c:746
#7 0x000000000040c03a in run_action_list (a=0x73e418, msg=0x76e0e0) at
action.c:145
#8 0x000000000040c2a9 in run_actions (a=0x73e418, msg=0x76e0e0) at
action.c:120
#9 0x000000000040c357 in run_top_route (a=0x73e418, msg=0x76e0e0) at
action.c:195
#10 0x000000000043bda4 in receive_msg (
buf=0x70c980 "NOTIFY sip:XXXXXX.com SIP/2.0\r\nVia: SIP/2.0/UDP
XX.XXX.101.68:5060;branch=z9hG4bK-6ee3865\r\nFrom: VTHome
<sip:101650@XXXXXX.com>;tag=129d73a13db8ec7fo0\r\nTo:
<sip:XXXXX.com>\r\nCall-ID:
e3fd1da9-142a0a17"..., len=373,
rcv_info=0x7fffe9c5ae90) at receive.c:175
#11 0x0000000000467eeb in udp_rcv_loop () at udp_server.c:449
#12 0x000000000042097b in main_loop () at main.c:774
#13 0x00000000004228b0 in main (argc=11, argv=0x7fffe9c5b118) at main.c:1321
(gdb) print size
$1 = 32
(gdb) quit
--------------------------------------------
Core was generated by `/usr/local/sbin/kamailio -P
/var/run/openser/openser.pid -m 32 -u
openser -g op'.
Program terminated with signal 11, Segmentation fault.
#0 0x000000000046bf7b in fm_status (qm=0x72dc00) at mem/f_malloc.c:609
609
size+=f->size,f=f->u.nxt_free,i++,j++){
(gdb) backtrace
#0 0x000000000046bf7b in fm_status (qm=0x72dc00) at mem/f_malloc.c:609
#1 0x000000000041feb3 in sig_usr (signo=15) at main.c:563
#2 <signal handler called>
#3 0x00000039d8cd4a51 in __recvfrom_nocancel () from /lib64/libc.so.6
#4 0x0000000000467bf4 in udp_rcv_loop () at udp_server.c:408
#5 0x000000000042097b in main_loop () at main.c:774
#6 0x00000000004228b0 in main (argc=11, argv=0x7fffe9c5b118) at main.c:1321
(gdb) print i
$1 = 402
(gdb) print j
$2 = 1
(gdb) print size
$3 = 7234295468789601279
(gdb) print f
$4 = (struct fm_frag *) 0x3738656435393838
(gdb) print f->size
Cannot access memory at address 0x3738656435393838
-------------------------------------------------------------------
Andrew O. Zhukov
10 Feb
10 Feb
8:53 a.m.
Hello,
from the subject I don't understand exactly: did you get this crash also
with 1.3.4? Is it reproducible?
Looks like there is a buffer overflow. Can you recompile/reinstall with
memory debug on (in 1.5.x, see Makefile.vars)? The watch the logs and
see if you get any error related to buffer overwritten ops.
Cheers,
Daniel
On 2/10/11 7:37 AM, Andrew O. Zhukov wrote:
[root@ tmp]# /usr/local/sbin/kamailio -V
version: kamailio 1.5.5-notls (x86_64/linux)
flags: STATISTICS, EXTRA_DEBUG, USE_IPV6, USE_TCP, DISABLE_NAGLE,
USE_MCAST, SHM_MMAP,
PKG_MALLOC, F_MALLOC, FAST_LOCK-ADAPTIVE_WAIT
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16,
MAX_URI_SIZE 1024,
BUF_SIZE 65535, PKG_SIZE 4194304
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
svnrevision: unknown
@(#) $Id: main.c 5608 2009-02-13 16:48:17Z henningw $
main.c compiled on 12:38:36 Feb 2 2011 with gcc 4.1.2
-----------------------------
Core was generated by `/usr/local/sbin/kamailio -P
/var/run/openser/openser.pid -m 32 -u
openser -g op'.
Program terminated with signal 11, Segmentation fault.
#0 0x000000000046b0e3 in fm_malloc (qm=0x72dc00, size=32) at
mem/f_malloc.c:354
354 if ((*f)->size>=size) goto found;
(gdb) backtrace
#0 0x000000000046b0e3 in fm_malloc (qm=0x72dc00, size=32) at
mem/f_malloc.c:354
#1 0x00002b30f2803087 in build_rr (_l=0x76f110, _l2=0x76fe80,
user=0x7fffe9c5a500,
tag=0x777a58, params=0x0, _inbound=0)
at record.c:176
#2 0x00002b30f2802b7a in record_route (_m=0x76e0e0, params=0x0) at
record.c:322
#3 0x00002b30f28047db in w_record_route (msg=0x76e0e0, key=0x0,
bar=0x0) at rr_mod.c:212
#4 0x000000000040ed9b in do_action (a=0x73f5a0, msg=0x76e0e0) at
action.c:874
#5 0x000000000040c03a in run_action_list (a=0x73f5a0, msg=0x76e0e0)
at action.c:145
#6 0x000000000040e6a7 in do_action (a=0x73f810, msg=0x76e0e0) at
action.c:746
#7 0x000000000040c03a in run_action_list (a=0x73e418, msg=0x76e0e0)
at action.c:145
#8 0x000000000040c2a9 in run_actions (a=0x73e418, msg=0x76e0e0) at
action.c:120
#9 0x000000000040c357 in run_top_route (a=0x73e418, msg=0x76e0e0) at
action.c:195
#10 0x000000000043bda4 in receive_msg (
buf=0x70c980 "NOTIFY sip:XXXXXX.com SIP/2.0\r\nVia: SIP/2.0/UDP
XX.XXX.101.68:5060;branch=z9hG4bK-6ee3865\r\nFrom: VTHome
<sip:101650@XXXXXX.com>;tag=129d73a13db8ec7fo0\r\nTo:
<sip:XXXXX.com>\r\nCall-ID:
e3fd1da9-142a0a17"..., len=373,
rcv_info=0x7fffe9c5ae90) at receive.c:175
#11 0x0000000000467eeb in udp_rcv_loop () at udp_server.c:449
#12 0x000000000042097b in main_loop () at main.c:774
#13 0x00000000004228b0 in main (argc=11, argv=0x7fffe9c5b118) at
main.c:1321
(gdb) print size
$1 = 32
(gdb) quit
--------------------------------------------
Core was generated by `/usr/local/sbin/kamailio -P
/var/run/openser/openser.pid -m 32 -u
openser -g op'.
Program terminated with signal 11, Segmentation fault.
#0 0x000000000046bf7b in fm_status (qm=0x72dc00) at mem/f_malloc.c:609
609 size+=f->size,f=f->u.nxt_free,i++,j++){
(gdb) backtrace
#0 0x000000000046bf7b in fm_status (qm=0x72dc00) at mem/f_malloc.c:609
#1 0x000000000041feb3 in sig_usr (signo=15) at main.c:563
#2 <signal handler called>
#3 0x00000039d8cd4a51 in __recvfrom_nocancel () from /lib64/libc.so.6
#4 0x0000000000467bf4 in udp_rcv_loop () at udp_server.c:408
#5 0x000000000042097b in main_loop () at main.c:774
#6 0x00000000004228b0 in main (argc=11, argv=0x7fffe9c5b118) at
main.c:1321
(gdb) print i
$1 = 402
(gdb) print j
$2 = 1
(gdb) print size
$3 = 7234295468789601279
(gdb) print f
$4 = (struct fm_frag *) 0x3738656435393838
(gdb) print f->size
Cannot access memory at address 0x3738656435393838
-------------------------------------------------------------------
Andrew O. Zhukov
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
--
Daniel-Constantin Mierla
http://www.asipto.com
9:12 a.m.
Couple month ago I sent whole set of crash-es from 1.3.4 to this
maillist. Nobody respond me.
On 02/10/2011 08:53 AM, Daniel-Constantin Mierla wrote:
Hello,
from the subject I don't understand exactly: did you get this crash also
with 1.3.4? Is it reproducible?
This crash-es from 1.5.5. I rise it up on this
weekend.
I do not shutdown server with 1.3.4 yet. I still keep all crashes there.
Looks like there is a buffer overflow. Can you recompile/reinstall with
memory debug on (in 1.5.x, see Makefile.vars)? The watch the logs and
see if you get any error related to buffer overwritten ops.
Ok. I'll do it.
Cheers,
Daniel
On 2/10/11 7:37 AM, Andrew O. Zhukov wrote:
[root@ tmp]# /usr/local/sbin/kamailio -V
version: kamailio 1.5.5-notls (x86_64/linux)
flags: STATISTICS, EXTRA_DEBUG, USE_IPV6, USE_TCP, DISABLE_NAGLE,
USE_MCAST, SHM_MMAP,
PKG_MALLOC, F_MALLOC, FAST_LOCK-ADAPTIVE_WAIT
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16,
MAX_URI_SIZE 1024,
BUF_SIZE 65535, PKG_SIZE 4194304
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
svnrevision: unknown
@(#) $Id: main.c 5608 2009-02-13 16:48:17Z henningw $
main.c compiled on 12:38:36 Feb 2 2011 with gcc 4.1.2
-----------------------------
Core was generated by `/usr/local/sbin/kamailio -P
/var/run/openser/openser.pid -m 32 -u
openser -g op'.
Program terminated with signal 11, Segmentation fault.
#0 0x000000000046b0e3 in fm_malloc (qm=0x72dc00, size=32) at
mem/f_malloc.c:354
354 if ((*f)->size>=size) goto found;
(gdb) backtrace
#0 0x000000000046b0e3 in fm_malloc (qm=0x72dc00, size=32) at
mem/f_malloc.c:354
#1 0x00002b30f2803087 in build_rr (_l=0x76f110, _l2=0x76fe80,
user=0x7fffe9c5a500,
tag=0x777a58, params=0x0, _inbound=0)
at record.c:176
#2 0x00002b30f2802b7a in record_route (_m=0x76e0e0, params=0x0) at
record.c:322
#3 0x00002b30f28047db in w_record_route (msg=0x76e0e0, key=0x0,
bar=0x0) at rr_mod.c:212
#4 0x000000000040ed9b in do_action (a=0x73f5a0, msg=0x76e0e0) at
action.c:874
#5 0x000000000040c03a in run_action_list (a=0x73f5a0, msg=0x76e0e0) at
action.c:145
#6 0x000000000040e6a7 in do_action (a=0x73f810, msg=0x76e0e0) at
action.c:746
#7 0x000000000040c03a in run_action_list (a=0x73e418, msg=0x76e0e0) at
action.c:145
#8 0x000000000040c2a9 in run_actions (a=0x73e418, msg=0x76e0e0) at
action.c:120
#9 0x000000000040c357 in run_top_route (a=0x73e418, msg=0x76e0e0) at
action.c:195
#10 0x000000000043bda4 in receive_msg (
buf=0x70c980 "NOTIFY sip:XXXXXX.com SIP/2.0\r\nVia: SIP/2.0/UDP
XX.XXX.101.68:5060;branch=z9hG4bK-6ee3865\r\nFrom: VTHome
<sip:101650@XXXXXX.com>;tag=129d73a13db8ec7fo0\r\nTo:
<sip:XXXXX.com>\r\nCall-ID:
e3fd1da9-142a0a17"..., len=373,
rcv_info=0x7fffe9c5ae90) at receive.c:175
#11 0x0000000000467eeb in udp_rcv_loop () at udp_server.c:449
#12 0x000000000042097b in main_loop () at main.c:774
#13 0x00000000004228b0 in main (argc=11, argv=0x7fffe9c5b118) at
main.c:1321
(gdb) print size
$1 = 32
(gdb) quit
--------------------------------------------
Core was generated by `/usr/local/sbin/kamailio -P
/var/run/openser/openser.pid -m 32 -u
openser -g op'.
Program terminated with signal 11, Segmentation fault.
#0 0x000000000046bf7b in fm_status (qm=0x72dc00) at mem/f_malloc.c:609
609 size+=f->size,f=f->u.nxt_free,i++,j++){
(gdb) backtrace
#0 0x000000000046bf7b in fm_status (qm=0x72dc00) at mem/f_malloc.c:609
#1 0x000000000041feb3 in sig_usr (signo=15) at main.c:563
#2 <signal handler called>
#3 0x00000039d8cd4a51 in __recvfrom_nocancel () from /lib64/libc.so.6
#4 0x0000000000467bf4 in udp_rcv_loop () at udp_server.c:408
#5 0x000000000042097b in main_loop () at main.c:774
#6 0x00000000004228b0 in main (argc=11, argv=0x7fffe9c5b118) at
main.c:1321
(gdb) print i
$1 = 402
(gdb) print j
$2 = 1
(gdb) print size
$3 = 7234295468789601279
(gdb) print f
$4 = (struct fm_frag *) 0x3738656435393838
(gdb) print f->size
Cannot access memory at address 0x3738656435393838
-------------------------------------------------------------------
Andrew O. Zhukov
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
9:14 a.m.
On 2/10/11 8:12 AM, Andrew O. Zhukov wrote:
Couple month ago I sent whole set of crash-es from
1.3.4 to this
maillist. Nobody respond me.
Probably they were forgotten in the history, if most
of devs were
offline at the moment you sent. Do you have a link to the thread, it may
help reading what you sent at that time, as well.
Cheers,
Daniel
On 02/10/2011 08:53 AM, Daniel-Constantin Mierla wrote:
--
Daniel-Constantin Mierla
http://www.asipto.com
Hello,
from the subject I don't understand exactly: did you get this crash also
with 1.3.4? Is it reproducible?
This crash-es from 1.5.5. I rise it up on this
weekend.
I do not shutdown server with 1.3.4 yet. I still keep all crashes there.
Looks like there is a buffer overflow. Can you recompile/reinstall with
memory debug on (in 1.5.x, see Makefile.vars)? The watch the logs and
see if you get any error related to buffer overwritten ops.
Ok. I'll do it.
Cheers,
Daniel
On 2/10/11 7:37 AM, Andrew O. Zhukov wrote:
[root@ tmp]# /usr/local/sbin/kamailio -V
version: kamailio 1.5.5-notls (x86_64/linux)
flags: STATISTICS, EXTRA_DEBUG, USE_IPV6, USE_TCP, DISABLE_NAGLE,
USE_MCAST, SHM_MMAP,
PKG_MALLOC, F_MALLOC, FAST_LOCK-ADAPTIVE_WAIT
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16,
MAX_URI_SIZE 1024,
BUF_SIZE 65535, PKG_SIZE 4194304
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
svnrevision: unknown
@(#) $Id: main.c 5608 2009-02-13 16:48:17Z henningw $
main.c compiled on 12:38:36 Feb 2 2011 with gcc 4.1.2
-----------------------------
Core was generated by `/usr/local/sbin/kamailio -P
/var/run/openser/openser.pid -m 32 -u
openser -g op'.
Program terminated with signal 11, Segmentation fault.
#0 0x000000000046b0e3 in fm_malloc (qm=0x72dc00, size=32) at
mem/f_malloc.c:354
354 if ((*f)->size>=size) goto found;
(gdb) backtrace
#0 0x000000000046b0e3 in fm_malloc (qm=0x72dc00, size=32) at
mem/f_malloc.c:354
#1 0x00002b30f2803087 in build_rr (_l=0x76f110, _l2=0x76fe80,
user=0x7fffe9c5a500,
tag=0x777a58, params=0x0, _inbound=0)
at record.c:176
#2 0x00002b30f2802b7a in record_route (_m=0x76e0e0, params=0x0) at
record.c:322
#3 0x00002b30f28047db in w_record_route (msg=0x76e0e0, key=0x0,
bar=0x0) at rr_mod.c:212
#4 0x000000000040ed9b in do_action (a=0x73f5a0, msg=0x76e0e0) at
action.c:874
#5 0x000000000040c03a in run_action_list (a=0x73f5a0, msg=0x76e0e0) at
action.c:145
#6 0x000000000040e6a7 in do_action (a=0x73f810, msg=0x76e0e0) at
action.c:746
#7 0x000000000040c03a in run_action_list (a=0x73e418, msg=0x76e0e0) at
action.c:145
#8 0x000000000040c2a9 in run_actions (a=0x73e418, msg=0x76e0e0) at
action.c:120
#9 0x000000000040c357 in run_top_route (a=0x73e418, msg=0x76e0e0) at
action.c:195
#10 0x000000000043bda4 in receive_msg (
buf=0x70c980 "NOTIFY sip:XXXXXX.com SIP/2.0\r\nVia: SIP/2.0/UDP
XX.XXX.101.68:5060;branch=z9hG4bK-6ee3865\r\nFrom: VTHome
<sip:101650@XXXXXX.com>;tag=129d73a13db8ec7fo0\r\nTo:
<sip:XXXXX.com>\r\nCall-ID:
e3fd1da9-142a0a17"..., len=373,
rcv_info=0x7fffe9c5ae90) at receive.c:175
#11 0x0000000000467eeb in udp_rcv_loop () at udp_server.c:449
#12 0x000000000042097b in main_loop () at main.c:774
#13 0x00000000004228b0 in main (argc=11, argv=0x7fffe9c5b118) at
main.c:1321
(gdb) print size
$1 = 32
(gdb) quit
--------------------------------------------
Core was generated by `/usr/local/sbin/kamailio -P
/var/run/openser/openser.pid -m 32 -u
openser -g op'.
Program terminated with signal 11, Segmentation fault.
#0 0x000000000046bf7b in fm_status (qm=0x72dc00) at mem/f_malloc.c:609
609 size+=f->size,f=f->u.nxt_free,i++,j++){
(gdb) backtrace
#0 0x000000000046bf7b in fm_status (qm=0x72dc00) at mem/f_malloc.c:609
#1 0x000000000041feb3 in sig_usr (signo=15) at main.c:563
#2 <signal handler called>
#3 0x00000039d8cd4a51 in __recvfrom_nocancel () from /lib64/libc.so.6
#4 0x0000000000467bf4 in udp_rcv_loop () at udp_server.c:408
#5 0x000000000042097b in main_loop () at main.c:774
#6 0x00000000004228b0 in main (argc=11, argv=0x7fffe9c5b118) at
main.c:1321
(gdb) print i
$1 = 402
(gdb) print j
$2 = 1
(gdb) print size
$3 = 7234295468789601279
(gdb) print f
$4 = (struct fm_frag *) 0x3738656435393838
(gdb) print f->size
Cannot access memory at address 0x3738656435393838
-------------------------------------------------------------------
Andrew O. Zhukov
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users
9:58 a.m.
Is DBG_QM_MALLOC exactly what you want?
[root@ kamailio-1.5.5-notls]# /usr/local/sbin/kamailio -V
version: kamailio 1.5.5-notls (x86_64/linux)
flags: STATISTICS, EXTRA_DEBUG, USE_IPV6, USE_TCP, DISABLE_NAGLE,
USE_MCAST, SHM_MMAP, PKG_MALLOC, DBG_QM_MALLOC, FAST_LOCK-ADAPTIVE_WAIT
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16,
MAX_URI_SIZE 1024, BUF_SIZE 65535, PKG_SIZE 4194304
poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
svnrevision: unknown
@(#) $Id: main.c 5608 2009-02-13 16:48:17Z henningw $
main.c compiled on 09:42:37 Feb 10 2011 with gcc 4.1.2
11 Feb
11 Feb
7:23 p.m.
Here is it with MEMDBG=1
------------------------------------------------------------------------------------------------------
Core was generated by `/usr/local/sbin/kamailio -P
/var/run/openser/openser.pid -m 32 -u openser -g op'.
Program terminated with signal 6, Aborted.
#0 0x00000039d8c30265 in raise () from /lib64/libc.so.6
(gdb) backtrace
#0 0x00000039d8c30265 in raise () from /lib64/libc.so.6
#1 0x00000039d8c31d10 in abort () from /lib64/libc.so.6
#2 0x000000000046c397 in qm_debug_frag (qm=0x733c00, f=0x7ca950) at
mem/q_malloc.c:137
#3 0x000000000046d99a in qm_free (qm=0x733c00, p=0x7ca980,
file=0x4e4d30 "parser/digest/digest.c", func=0x4e4da0
"free_credentials", line=95)
at mem/q_malloc.c:439
#4 0x0000000000495fac in free_credentials (_b=0x2ba07046a7b8) at
parser/digest/digest.c:95
#5 0x0000000000471a36 in clean_hdr_field (hf=0x2ba07046a788) at
parser/hf.c:116
#6 0x00002ba06cec58de in clean_msg_clone (msg=0x2ba0704697b8,
min=0x2ba0704697b8, max=0x2ba07046add0) at sip_msg.h:54
#7 0x00002ba06cec57b7 in run_trans_callbacks (type=2,
trans=0x2ba07045b3f0, req=0x2ba0704697b8, rpl=0x7c0eb8, code=200) at
t_hooks.c:245
#8 0x00002ba06cecc39d in t_reply_matching (p_msg=0x7c0eb8,
p_branch=0x7fff8a7202c8) at t_lookup.c:888
#9 0x00002ba06cecc997 in t_check (p_msg=0x7c0eb8,
param_branch=0x7fff8a7202c8) at t_lookup.c:964
#10 0x00002ba06cedb79b in reply_received (p_msg=0x7c0eb8) at t_reply.c:1395
#11 0x000000000041c6db in forward_reply (msg=0x7c0eb8) at forward.c:576
#12 0x000000000043ccf0 in receive_msg (
buf=0x712980 "SIP/2.0 200 OK\r\nVia: SIP/2.0/UDP
XXX.XX.XXX.13;branch=z9hG4bKb01c.8ffe0f62.0;received=XXX.XX.XXX.13\r\nVia:
SIP/2.0/UDP
XXX.XX.XXX.236:5060;received=XXX.XX.XXX.236;branch=z9hG4bK20b12a8d;rport=5060\r\nRec"...,
len=576, rcv_info=0x7fff8a720420) at receive.c:212
#13 0x00000000004692e3 in udp_rcv_loop () at udp_server.c:449
#14 0x0000000000420ecb in main_loop () at main.c:774
#15 0x0000000000422e0f in main (argc=11, argv=0x7fff8a7206a8) at main.c:1321
--------------------------------------------------------------------------------------------------------------
Core was generated by `/usr/local/sbin/kamailio -P
/var/run/openser/openser.pid -m 32 -u openser -g op'.
Program terminated with signal 6, Aborted.
#0 0x00000039d8c30265 in raise () from /lib64/libc.so.6
(gdb) backtrace
#0 0x00000039d8c30265 in raise () from /lib64/libc.so.6
#1 0x00000039d8c31d10 in abort () from /lib64/libc.so.6
#2 0x000000000046c397 in qm_debug_frag (qm=0x733c00, f=0x83a818) at
mem/q_malloc.c:137
#3 0x000000000046d99a in qm_free (qm=0x733c00, p=0x83a848,
file=0x4e4d30 "parser/digest/digest.c", func=0x4e4da0
"free_credentials", line=95)
at mem/q_malloc.c:439
#4 0x0000000000495fac in free_credentials (_b=0x2b95e9de8758) at
parser/digest/digest.c:95
#5 0x0000000000471a36 in clean_hdr_field (hf=0x2b95e9de8728) at
parser/hf.c:116
#6 0x00002b95e687e8de in clean_msg_clone (msg=0x2b95e9de7758,
min=0x2b95e9de7758, max=0x2b95e9de8d70) at sip_msg.h:54
#7 0x00002b95e687e7b7 in run_trans_callbacks (type=2,
trans=0x2b95e9fe5150, req=0x2b95e9de7758, rpl=0x7c0eb8, code=200) at
t_hooks.c:245
#8 0x00002b95e688539d in t_reply_matching (p_msg=0x7c0eb8,
p_branch=0x7fff77e144b8) at t_lookup.c:888
#9 0x00002b95e6885997 in t_check (p_msg=0x7c0eb8,
param_branch=0x7fff77e144b8) at t_lookup.c:964
#10 0x00002b95e689479b in reply_received (p_msg=0x7c0eb8) at t_reply.c:1395
#11 0x000000000041c6db in forward_reply (msg=0x7c0eb8) at forward.c:576
#12 0x000000000043ccf0 in receive_msg (
buf=0x712980 "SIP/2.0 200 OK\r\nVia: SIP/2.0/UDP
XXX.XX.XXX.13;branch=z9hG4bK2cb3.224aa3e4.0;received=XXX.XX.XXX.13\r\nVia:
SIP/2.0/UDP
XXX.XX.XXX.236:5060;received=XXX.XX.XXX.236;branch=z9hG4bK3ca41325;rport=5060\r\nRec"...,
len=576, rcv_info=0x7fff77e14610) at receive.c:212
#13 0x00000000004692e3 in udp_rcv_loop () at udp_server.c:449
#14 0x0000000000420ecb in main_loop () at main.c:774
#15 0x0000000000422e0f in main (argc=11, argv=0x7fff77e14898) at main.c:1321
--------------------------------
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Core was generated by `/usr/local/sbin/kamailio -P
/var/run/openser/openser.pid -m 32 -u openser -g op'.
Program terminated with signal 11, Segmentation fault.
#0 0x000000000046bf7b in add_avp_galias_str (alias_definition=0x46de56
"") at usr_avp.c:680
680 LM_ERR("parse error in <%s> around pos %ld\n",
(gdb) backtrace
#0 0x000000000046bf7b in add_avp_galias_str (alias_definition=0x46de56
"") at usr_avp.c:680
#1 0x0000000000000000 in ?? ()
On 02/10/2011 09:14 AM, Daniel-Constantin Mierla wrote:
On 2/10/11 8:12 AM, Andrew O. Zhukov wrote:
Couple month ago I sent whole set of crash-es
from 1.3.4 to this
maillist. Nobody respond me.
Probably they were forgotten in the history, if most
of devs were
offline at the moment you sent. Do you have a link to the thread, it may
help reading what you sent at that time, as well.
12 Feb
12 Feb
8:50 a.m.
On 2/11/11 6:23 PM, Andrew O. Zhukov wrote:
Here is it with MEMDBG=1
Did you get in syslog
any error (bug) message mentioning overwriting
tail/head for memory operations? If yes, send the syslog messages here.
I will try to look over it soon, being offline for some traveling...
Cheers,
Daniel
------------------------------------------------------------------------------------------------------
Core was generated by `/usr/local/sbin/kamailio -P
/var/run/openser/openser.pid -m 32 -u openser -g op'.
Program terminated with signal 6, Aborted.
#0 0x00000039d8c30265 in raise () from /lib64/libc.so.6
(gdb) backtrace
#0 0x00000039d8c30265 in raise () from /lib64/libc.so.6
#1 0x00000039d8c31d10 in abort () from /lib64/libc.so.6
#2 0x000000000046c397 in qm_debug_frag (qm=0x733c00, f=0x7ca950) at
mem/q_malloc.c:137
#3 0x000000000046d99a in qm_free (qm=0x733c00, p=0x7ca980,
file=0x4e4d30 "parser/digest/digest.c", func=0x4e4da0
"free_credentials", line=95)
at mem/q_malloc.c:439
#4 0x0000000000495fac in free_credentials (_b=0x2ba07046a7b8) at
parser/digest/digest.c:95
#5 0x0000000000471a36 in clean_hdr_field (hf=0x2ba07046a788) at
parser/hf.c:116
#6 0x00002ba06cec58de in clean_msg_clone (msg=0x2ba0704697b8,
min=0x2ba0704697b8, max=0x2ba07046add0) at sip_msg.h:54
#7 0x00002ba06cec57b7 in run_trans_callbacks (type=2,
trans=0x2ba07045b3f0, req=0x2ba0704697b8, rpl=0x7c0eb8, code=200) at
t_hooks.c:245
#8 0x00002ba06cecc39d in t_reply_matching (p_msg=0x7c0eb8,
p_branch=0x7fff8a7202c8) at t_lookup.c:888
#9 0x00002ba06cecc997 in t_check (p_msg=0x7c0eb8,
param_branch=0x7fff8a7202c8) at t_lookup.c:964
#10 0x00002ba06cedb79b in reply_received (p_msg=0x7c0eb8) at
t_reply.c:1395
#11 0x000000000041c6db in forward_reply (msg=0x7c0eb8) at forward.c:576
#12 0x000000000043ccf0 in receive_msg (
buf=0x712980 "SIP/2.0 200 OK\r\nVia: SIP/2.0/UDP
XXX.XX.XXX.13;branch=z9hG4bKb01c.8ffe0f62.0;received=XXX.XX.XXX.13\r\nVia:
SIP/2.0/UDP
XXX.XX.XXX.236:5060;received=XXX.XX.XXX.236;branch=z9hG4bK20b12a8d;rport=5060\r\nRec"...,
len=576, rcv_info=0x7fff8a720420) at receive.c:212
#13 0x00000000004692e3 in udp_rcv_loop () at udp_server.c:449
#14 0x0000000000420ecb in main_loop () at main.c:774
#15 0x0000000000422e0f in main (argc=11, argv=0x7fff8a7206a8) at
main.c:1321
--------------------------------------------------------------------------------------------------------------
Core was generated by `/usr/local/sbin/kamailio -P
/var/run/openser/openser.pid -m 32 -u openser -g op'.
Program terminated with signal 6, Aborted.
#0 0x00000039d8c30265 in raise () from /lib64/libc.so.6
(gdb) backtrace
#0 0x00000039d8c30265 in raise () from /lib64/libc.so.6
#1 0x00000039d8c31d10 in abort () from /lib64/libc.so.6
#2 0x000000000046c397 in qm_debug_frag (qm=0x733c00, f=0x83a818) at
mem/q_malloc.c:137
#3 0x000000000046d99a in qm_free (qm=0x733c00, p=0x83a848,
file=0x4e4d30 "parser/digest/digest.c", func=0x4e4da0
"free_credentials", line=95)
at mem/q_malloc.c:439
#4 0x0000000000495fac in free_credentials (_b=0x2b95e9de8758) at
parser/digest/digest.c:95
#5 0x0000000000471a36 in clean_hdr_field (hf=0x2b95e9de8728) at
parser/hf.c:116
#6 0x00002b95e687e8de in clean_msg_clone (msg=0x2b95e9de7758,
min=0x2b95e9de7758, max=0x2b95e9de8d70) at sip_msg.h:54
#7 0x00002b95e687e7b7 in run_trans_callbacks (type=2,
trans=0x2b95e9fe5150, req=0x2b95e9de7758, rpl=0x7c0eb8, code=200) at
t_hooks.c:245
#8 0x00002b95e688539d in t_reply_matching (p_msg=0x7c0eb8,
p_branch=0x7fff77e144b8) at t_lookup.c:888
#9 0x00002b95e6885997 in t_check (p_msg=0x7c0eb8,
param_branch=0x7fff77e144b8) at t_lookup.c:964
#10 0x00002b95e689479b in reply_received (p_msg=0x7c0eb8) at
t_reply.c:1395
#11 0x000000000041c6db in forward_reply (msg=0x7c0eb8) at forward.c:576
#12 0x000000000043ccf0 in receive_msg (
buf=0x712980 "SIP/2.0 200 OK\r\nVia: SIP/2.0/UDP
XXX.XX.XXX.13;branch=z9hG4bK2cb3.224aa3e4.0;received=XXX.XX.XXX.13\r\nVia:
SIP/2.0/UDP
XXX.XX.XXX.236:5060;received=XXX.XX.XXX.236;branch=z9hG4bK3ca41325;rport=5060\r\nRec"...,
len=576, rcv_info=0x7fff77e14610) at receive.c:212
#13 0x00000000004692e3 in udp_rcv_loop () at udp_server.c:449
#14 0x0000000000420ecb in main_loop () at main.c:774
#15 0x0000000000422e0f in main (argc=11, argv=0x7fff77e14898) at
main.c:1321
--------------------------------
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Core was generated by `/usr/local/sbin/kamailio -P
/var/run/openser/openser.pid -m 32 -u openser -g op'.
Program terminated with signal 11, Segmentation fault.
#0 0x000000000046bf7b in add_avp_galias_str
(alias_definition=0x46de56 "") at usr_avp.c:680
680 LM_ERR("parse error in <%s> around pos %ld\n",
(gdb) backtrace
#0 0x000000000046bf7b in add_avp_galias_str
(alias_definition=0x46de56 "") at usr_avp.c:680
#1 0x0000000000000000 in ?? ()
On 02/10/2011 09:14 AM, Daniel-Constantin Mierla wrote:
--
Daniel-Constantin Mierla
http://www.asipto.com
On 2/10/11 8:12 AM, Andrew O. Zhukov wrote:
_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list
sr-users(a)lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users Couple month ago I sent whole set of crash-es
from 1.3.4 to this
maillist. Nobody respond me.
Probably they were forgotten in the history, if most
of devs were
offline at the moment you sent. Do you have a link to the thread, it may
help reading what you sent at that time, as well.
5039
days inactive
5041
days old
6 comments
2 participants
participants (2)
-
Andrew O. Zhukov -
Daniel-Constantin Mierla