<p>We use the kamailio with dmq. One Kamailio gets an SIP Register and process it and forwards it though DMQ to another kamailio. here it should be saved in location as well.</p>
<p>During saving this location the kamailio crashes. For me (not an dev) it seems to crash during getting the length of the AOR. This is not happening every time while kamailio gets an DMQ register but we can reproduce it very easy. (at least this is the line pointing to referred in the backtrace)</p>
<p>the SIP DMQ Message looks like </p>
<pre><code>Oct 20 14:44:53 messi /usr/sbin/kamailio[15059]: NOTICE: <script>: Got KDMQ Message, handle it..
KDMQ sip:usrloc@217.116.120.39:5060 SIP/2.0
Via: SIP/2.0/UDP 172.20.21.3;branch=z9hG4bK7031.da526d01000000000000000000000000.0
To: <sip:usrloc@217.116.120.39:5060>
From: <sip:usrloc@172.20.21.3:5060>;tag=c67e1a50505355c50500c05660eca619-6820
CSeq: 10 KDMQ
Call-ID: 77bf92d7284e3548-25608@172.20.21.3
Content-Length: 430
Max-Forwards: 0
Content-Type: application/json
{"action":2,"aor":"1016811e7@sipgate.de","ruid":"uloc-562103eb-6411-a4a1","c":"sip:1016811e7@XX.XXX.XXX.XX:3072;line=2u4rbxb1","received":"","path":"<sip:XXX.XXX.XXX.XXX;lr>","callid":"3134343130393735323137323138-pbswhv8xostq","user_agent":"snom870/8.7.5.13","instance":"<urn:uuid:f3495943-cd1f-4de0-8d9c-000413413E79>","expires":10,"cseq":28786,"flags":0,"cflags":0,"q":1000,"last_modified":1445345060,"methods":6111,"reg_id":1}
</code></pre>
<p>we managed to get an core dump and it says:</p>
<pre><code>GNU gdb (GDB) 7.4.1-debian
Copyright (C) 2012 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/sbin/kamailio...Reading symbols from /usr/lib/debug/.build-id/b9/e50c34b5b5de6da1e2473514911ce96a8a094d.debug...done.
done.
[New LWP 15069]
warning: Can't read pathname for load map: Input/output error.
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `/usr/sbin/kamailio -f /etc/kamailio/kamailio_sip_location_proxy.cfg -P /var/run'.
Program terminated with signal 11, Segmentation fault.
#0 0x00007f573d8c7770 in db_load_urecord_by_ruid (_c=0x7f573f616278, _d=_d@entry=0x7f5736ef5498, _ruid=_ruid@entry=0x7f573ae6d200) at udomain.c:822
822 udomain.c: No such file or directory.
(gdb) bt
#0 0x00007f573d8c7770 in db_load_urecord_by_ruid (_c=0x7f573f616278, _d=_d@entry=0x7f5736ef5498, _ruid=_ruid@entry=0x7f573ae6d200) at udomain.c:822
#1 0x00007f573d8cd0d5 in get_urecord_by_ruid (_d=0x7f5736ef5498, _aorhash=2416148423, _ruid=_ruid@entry=0x7f573ae6d200, _r=_r@entry=0x7ffc358958a0, _c=_c@entry=0x7ffc358958b0) at udomain.c:1177
#2 0x00007f573ac6720a in delete_contact (aor=..., ci=<optimized out>) at usrloc_sync.c:109
#3 usrloc_dmq_handle_msg (msg=<optimized out>, resp=0x7ffc35895a00, node=0x7f5736f9e6d8) at usrloc_sync.c:394
#4 0x00007f573ae8b10b in worker_loop (id=id@entry=1) at worker.c:105
#5 0x00007f573ae721e8 in child_init (rank=<optimized out>) at dmq.c:293
#6 child_init (rank=<optimized out>) at dmq.c:279
#7 0x000000000056d4f8 in init_mod_child (m=0x7f573f5fdf20, rank=rank@entry=0) at sr_module.c:915
#8 0x000000000056d442 in init_mod_child (m=0x7f573f5fe418, rank=rank@entry=0) at sr_module.c:912
#9 0x000000000056e91b in init_child (rank=rank@entry=0) at sr_module.c:941
#10 0x00000000004aa78c in main_loop () at main.c:1650
#11 0x0000000000427292 in main (argc=<optimized out>, argv=<optimized out>) at main.c:2547
(gdb) bt full
#0 0x00007f573d8c7770 in db_load_urecord_by_ruid (_c=0x7f573f616278, _d=_d@entry=0x7f5736ef5498, _ruid=_ruid@entry=0x7f573ae6d200) at udomain.c:822
ci = 0x7f573daeaf00
columns = {0x7f573daeac30, 0x7f573daeac20, 0x7f573daeac10, 0x7f573daeac00, 0x7f573daeabf0, 0x7f573daeabe0, 0x7f573daeabd0, 0x7f573daeabc0, 0x7f573daeabb0, 0x7f573daeaba0, 0x7f573daeab90,
0x7f573daeab80, 0x7f573daeab50, 0x7f573daeac60, 0x7f573daeab70, 0x7f573daeab60, 0x7f573daeab40, 0x7f573daeab30, 0x7f573daeab20, 0x7f573daeac50, 0x7f573daeac40}
keys = {0x7f573daeac60}
order = <optimized out>
vals = {{type = DB1_STR, nul = 0, free = 2, val = {int_val = 40974704, ll_val = 40974704, double_val = 2.0244193594913908e-316, time_val = 40974704,
string_val = 0x2713970 "uloc-562103eb-6411-a4a1", str_val = {s = 0x2713970 "uloc-562103eb-6411-a4a1", len = 23}, blob_val = {s = 0x2713970 "uloc-562103eb-6411-a4a1", len = 23},
bitmap_val = 40974704}}}
res = 0x7f573f6164e8
row = <optimized out>
contact = {s = 0x272edd0 "sip:1016811e7@XX.XXX.XXX.XX:3072;line=e52c50xi", len = 46}
aor = {s = 0x37fc50 <Address 0x37fc50 out of bounds>, len = 898193808}
aorbuf = '\000' <repeats 511 times>
domain = <optimized out>
r = 0x0
c = <optimized out>
__FUNCTION__ = "db_load_urecord_by_ruid"
#1 0x00007f573d8cd0d5 in get_urecord_by_ruid (_d=0x7f5736ef5498, _aorhash=2416148423, _ruid=_ruid@entry=0x7f573ae6d200, _r=_r@entry=0x7ffc358958a0, _c=_c@entry=0x7ffc358958b0) at udomain.c:1177
sl = 16327
i = <optimized out>
r = <optimized out>
c = <optimized out>
#2 0x00007f573ac6720a in delete_contact (aor=..., ci=<optimized out>) at usrloc_sync.c:109
c = <optimized out>
ci = 0x7f573ae6d200
_d = 0x7f5736ef5498
r = <optimized out>
#3 usrloc_dmq_handle_msg (msg=<optimized out>, resp=0x7ffc35895a00, node=0x7f5736f9e6d8) at usrloc_sync.c:394
content_length = <optimized out>
body = <optimized out>
jdoc = {root = 0x27137b0, flags = 0, buf = {
s = 0x7f5736fd6662 "{\"action\":2,\"aor\":\"1016811e7@sipgate.de\",\"ruid\":\"uloc-562103eb-6411-a4a1\",\"c\":\"sip:1016811e7@XX.XXX.XXX.XX:3072;line=2u4rbxb1\",\"received\":\"\",\"path\":\"<sip:217.116.120.247;lr>\",\"callid\":\"313434313039373"..., len = 438}, malloc_fn = 0x7f573fa1ba00 <malloc>, free_fn = 0x7f573fa1b920 <free>}
it = <optimized out>
ci = {ruid = {s = 0x2713970 "uloc-562103eb-6411-a4a1", len = 23}, c = 0x7ffc358958d0, received = {s = 0x2719190 "", len = 0}, path = 0x7ffc358958e0, expires = 1445345660, q = 1000,
callid = 0x7ffc358958f0, cseq = 28786, flags = 2, cflags = 0, user_agent = 0x7ffc35895900, sock = 0x0, methods = 6111, instance = {
s = 0x27193d0 "<urn:uuid:f3495943-cd1f-4de0-8d9c-000413413E79>", len = 47}, reg_id = 1, server_id = 0, tcpconn_id = -1, keepalive = 0, xavp = 0x0, last_modified = 1445345060}
action = <optimized out>
expires = <optimized out>
cseq = <optimized out>
flags = <optimized out>
cflags = <optimized out>
q = <optimized out>
last_modified = <optimized out>
methods = <optimized out>
reg_id = <optimized out>
aor = {s = <optimized out>, len = 20}
ruid = <optimized out>
c = {s = 0x27190e0 "sip:1016811e7@IPADDRESS:3072;line=2u4rbxb1", len = 46}
received = <optimized out>
path = {s = 0x2713a00 "<sip:IPADDRESS;lr>", len = 24}
callid = {s = 0x2719290 "3134343130393735323137323138-pbswhv8xostq", len = 41}
user_agent = {s = 0x2719340 "snom870/8.7.5.13", len = 16}
instance = <optimized out>
__FUNCTION__ = "usrloc_dmq_handle_msg"
#4 0x00007f573ae8b10b in worker_loop (id=id@entry=1) at worker.c:105
worker = 0x7f5736f957f0
current_job = 0x7f5736fa0a00
peer_response = {resp_code = 0, content_type = {s = 0x0, len = 0}, reason = {s = 0x0, len = 0}, body = {s = 0x0, len = 0}}
ret_value = <optimized out>
not_parsed = 0
dmq_node = 0x7f5736f9e6d8
__FUNCTION__ = "worker_loop"
#5 0x00007f573ae721e8 in child_init (rank=<optimized out>) at dmq.c:293
---Type <return> to continue, or q <return> to quit---
i = <optimized out>
newpid = <optimized out>
#6 child_init (rank=<optimized out>) at dmq.c:279
No locals.
#7 0x000000000056d4f8 in init_mod_child (m=0x7f573f5fdf20, rank=rank@entry=0) at sr_module.c:915
__FUNCTION__ = "init_mod_child"
#8 0x000000000056d442 in init_mod_child (m=0x7f573f5fe418, rank=rank@entry=0) at sr_module.c:912
__FUNCTION__ = "init_mod_child"
#9 0x000000000056e91b in init_child (rank=rank@entry=0) at sr_module.c:941
No locals.
#10 0x00000000004aa78c in main_loop () at main.c:1650
i = <optimized out>
pid = <optimized out>
si = <optimized out>
si_desc = "udp receiver child=3 sock=217.116.120.39:5060\000\000\000\020\213k\000\000\000\000\000\252\311k\000\000\000\000\000\003\000\000\000\000\000\000\000(E\311\066W\177\000\000\001\000\000\000\000\000\000\000\000P:\251\313M\a\342\004\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\250\222\241\000\000\000\000\000\240\222\241\000\000\000\000"
nrprocs = <optimized out>
__FUNCTION__ = "main_loop"
#11 0x0000000000427292 in main (argc=<optimized out>, argv=<optimized out>) at main.c:2547
cfg_stream = <optimized out>
c = <optimized out>
r = <optimized out>
tmp = 0x7ffc35896efe ""
tmp_len = 0
port = 1
proto = 1
options = 0x6baf50 ":f:cm:M:dVIhEeb:l:L:n:vKrRDTN:W:w:t:u:g:P:G:SQ:O:a:A:"
ret = -1
seed = 1198920520
rfd = 4
debug_save = <optimized out>
debug_flag = <optimized out>
dont_fork_cnt = <optimized out>
n_lst = 0x0
p = <optimized out>
st = {st_dev = 14, st_ino = 30859, st_nlink = 2, st_mode = 16877, st_uid = 0, st_gid = 0, __pad0 = 0, st_rdev = 0, st_size = 60, st_blksize = 4096, st_blocks = 0, st_atim = {
tv_sec = 1444903317, tv_nsec = 438957686}, st_mtim = {tv_sec = 1445345013, tv_nsec = 829833044}, st_ctim = {tv_sec = 1445345020, tv_nsec = 417829857}, __unused = {0, 0, 0}}
__FUNCTION__ = "main"
(gdb)
</code></pre>
<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br>Reply to this email directly or <a href="https://github.com/kamailio/kamailio/issues/373">view it on GitHub</a>.<img alt="" height="1" src="https://github.com/notifications/beacon/AF36ZfYGtPZYybNbrHbuwhfJ1O-pCuJxks5o9jXqgaJpZM4GSIu7.gif" width="1" /></p>
<div itemscope itemtype="http://schema.org/EmailMessage">
<div itemprop="action" itemscope itemtype="http://schema.org/ViewAction">
<link itemprop="url" href="https://github.com/kamailio/kamailio/issues/373"></link>
<meta itemprop="name" content="View Issue"></meta>
</div>
<meta itemprop="description" content="View this Issue on GitHub"></meta>
</div>