<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<br>
<div class="moz-cite-prefix">On 11/23/13 1:00 AM, Kelvin Chua wrote:<br>
</div>
<blockquote
cite="mid:CAMF97-dx=CDDJBHciOpPXkqCxS8ENZ8eDAee0KVjepg3CDpEqg@mail.gmail.com"
type="cite">
<p dir="ltr">the patch worked</p>
<p dir="ltr">is it safe to commit to 4.0?<br>
</p>
</blockquote>
Yes, I backported in the git branch 4.0.<br>
<br>
Cheers,<br>
Daniel<br>
<br>
<blockquote
cite="mid:CAMF97-dx=CDDJBHciOpPXkqCxS8ENZ8eDAee0KVjepg3CDpEqg@mail.gmail.com"
type="cite">
<p dir="ltr">
On Nov 21, 2013 4:34 PM, "Daniel-Constantin Mierla" <<a
moz-do-not-send="true" href="mailto:miconda@gmail.com">miconda@gmail.com</a>>
wrote:<br>
><br>
> If you still have the old core, can you get the content of
f in frame 1 from gdb?<br>
><br>
> frame 1<br>
> p *f<br>
><br>
> If you are going to test with the patch I suggested in
previous email, can you set MEMDBG=1 in Makefile.defs, then
compile and install? It will be easy to detect if there is a
buffer overflow somewhere.<br>
><br>
> Cheers,<br>
> Daniel<br>
><br>
><br>
> On 11/20/13 11:30 AM, Daniel-Constantin Mierla wrote:<br>
>><br>
>> Hello,<br>
>><br>
>> can you try with next patch?<br>
>><br>
>> - <a moz-do-not-send="true"
href="http://git.sip-router.org/cgi-bin/gitweb.cgi?p=sip-router;a=blobdiff;f=modules/dialog/dlg_hash.c;h=d346800a848b6ae0477530d0b875c8d2c528d7dc;hp=6f944e1fcc00b892a838fd19b4891c92c7637290;hb=082a6c43938cf8e3839d46fd070e391bd522d4ed;hpb=8d6a981543a044fddc3448c93dba9ed35afac0c0">http://git.sip-router.org/cgi-bin/gitweb.cgi?p=sip-router;a=blobdiff;f=modules/dialog/dlg_hash.c;h=d346800a848b6ae0477530d0b875c8d2c528d7dc;hp=6f944e1fcc00b892a838fd19b4891c92c7637290;hb=082a6c43938cf8e3839d46fd070e391bd522d4ed;hpb=8d6a981543a044fddc3448c93dba9ed35afac0c0</a><br>
>><br>
>> It is on master, but there was no much testing to port
it to branch 4.0 so far.<br>
>><br>
>> Cheers,<br>
>> Daniel<br>
>><br>
>> On 11/20/13 5:36 AM, Kelvin Chua wrote:<br>
>>><br>
>>> I can reproduce it consistently.<br>
>>> I am doing serial forking into a non-existent host,
when the caller gets impatient, it cancels the call and send
another invite.<br>
>>> this happens after that.<br>
>>><br>
>>> full backtrace:<br>
>>><br>
>>> #0 qm_detach_free (frag=0x7fb2b552e2b0,
qm=<optimized out>) at mem/q_malloc.c:269<br>
>>> prev = 0x7fb2b5192058<br>
>>> next = 0x0<br>
>>> #1 qm_malloc (qm=0x7fb2b5192000, size=16) at
mem/q_malloc.c:386<br>
>>> f = 0x7fb2b552e2b0<br>
>>> hash = -1256644520<br>
>>> #2 0x00007fb2b44f7e93 in set_dlg_variable_unsafe
() from /usr/local/lib64/kamailio/modules/dialog.so<br>
>>> No symbol table info available.<br>
>>> #3 0x00007fb2b44fa3aa in pv_set_dlg_variable ()
from /usr/local/lib64/kamailio/modules/dialog.so<br>
>>> No symbol table info available.<br>
>>> #4 0x000000000047be59 in lval_pvar_assign
(rv=0x7fb2bf8348f8, lv=0x7fb2bf834750, msg=0x7fb2bf8c7a00, <br>
>>> h=<optimized out>) at lvalue.c:353<br>
>>> r_avp = <optimized out><br>
>>> ret = 1<br>
>>> destroy_pval = 1<br>
>>> pvar = 0x7fb2bf834758<br>
>>> pval = {rs = {<br>
>>> s = 0x92750b
"+1xx882xx111@2xx.xx1.3x.2x SIP/2.0\r\nRecord-Route:
<a class="moz-txt-link-rfc2396E" href="sip:6x.x1.4.195;lr=on;ftag=gK085a1dec"><sip:6x.x1.4.195;lr=on;ftag=gK085a1dec></a>\r\nRecord-Route:
<a class="moz-txt-link-rfc2396E" href="sip:6X.2X1.8.8X;lr=on;ftag=gK085a1dec"><sip:6X.2X1.8.8X;lr=on;ftag=gK085a1dec></a>\r\nAccept:
application/sdp\r\nAllow: INVITE,ACK,CANCEL,BYE"..., len = 12},
ri = 0, flags = 4}<br>
>>> avp_val = {n = 0, s = {s = 0x0, len = 0},
re = 0x0}<br>
>>> v = <optimized out><br>
>>> #5 lval_assign (h=<optimized out>,
msg=0x7fb2bf8c7a00, lv=0x7fb2bf834750, rve=0x7fb2bf8348f0) at
lvalue.c:401<br>
>>> rv = 0x7fb2bf8348f8<br>
>>> ret = 0<br>
>>> __FUNCTION__ = "lval_assign"<br>
>>> #6 0x000000000041cf14 in do_action
(h=0x7fffe1b8f710, a=0x7fb2bf8332b0, msg=0x7fb2bf8c7a00) at
action.c:1453<br>
>>> ret = -5<br>
>>> v = <optimized out><br>
>>> dst = {send_sock = 0x7fb2bdb0f080, to = {s
= {sa_family = 0, <br>
>>> sa_data =
"\000\000\000\000\000\000\200-\210\000\000\000\000"}, sin =
{sin_family = 0, sin_port = 0, <br>
>>> sin_addr = {s_addr = 0}, sin_zero =
"\200-\210\000\000\000\000"}, sin6 = {sin6_family = 0, <br>
>>> sin6_port = 0, sin6_flowinfo = 0,
sin6_addr = {__in6_u = {<br>
>>> __u6_addr8 =
"\200-\210\000\000\000\000\000\016\000\000\000\000\000\000",
__u6_addr16 = {11648, <br>
>>> 136, 0, 0, 14, 0, 0, 0},
__u6_addr32 = {8924544, 0, 14, 0}}}, sin6_scope_id = 13}}, id =
0, <br>
>>> proto = 58 ':', send_flags = {f = 180
'\264', blst_imask = 138 '\212'}}<br>
>>> tmp = <optimized out><br>
>>> new_uri = <optimized out><br>
>>> end = <optimized out><br>
>>> crt = <optimized out><br>
>>> cmd = <optimized out><br>
>>> len = <optimized out><br>
>>> user = <optimized out><br>
>>> uri = {user = {s = 0x7fffe1b8eef0 "/", len
= 0}, passwd = {<br>
>>> s = 0x3000000010 <Address
0x3000000010 out of bounds>, len = -507973920}, host = {<br>
>>> s = 0x7fffe1b8ee20 "", len = 17022112},
port = {s = 0x7fb2bffbd720 "", len = 8208}, params = {<br>
>>> s = 0x2010 <Address 0x2010 out of
bounds>, len = 17030320}, sip_params = {<br>
>>> s = 0x2010 <Address 0x2010 out of
bounds>, len = -1077387804}, headers = {<br>
>>> s = 0x7fb2bffbdfb0 "0z\001\001", len =
-507974144}, port_no = 55072, proto = 49147, type = 32690, <br>
>>> flags = 17022128, transport = {s = 0x95
<Address 0x95 out of bounds>, len = -1241200896}, ttl = {<br>
>>> s = 0x3734000000a0 <Address
0x3734000000a0 out of bounds>, len = -1081931184}, user_param
= {s = 0x0, <br>
>>> len = 0}, maddr = {s = 0x63371f "", len
= -1}, method = {s = 0x7fb2b519cb30 "\220\240H\265\262\177", <br>
>>> len = 4310469}, lr = {s = 0x3000000018
<Address 0x3000000018 out of bounds>, len = -507973440},
r2 = {<br>
>>> s = 0x7fffe1b8f000 "\210u\223", len =
8187}, gr = {s = 0x2 <Address 0x2 out of bounds>, len =
1}, <br>
>>> transport_val = {s = 0x1 <Address 0x1
out of bounds>, len = 0}, ttl_val = {<br>
>>> s = 0xffffffffffffffa0 <Address
0xffffffffffffffa0 out of bounds>, len = 17022112},
user_param_val = {<br>
>>> s = 0x7fb2bffbd720 "", len =
-507974064}, maddr_val = {s = 0x7fb2bf8c7a00 "\016", len =
-1081931184}, <br>
>>> method_val = {s = 0x2010 <Address
0x2010 out of bounds>, len = -507971824}, lr_val = {s = 0x0, <br>
>>> len = -507971824}, r2_val = {s =
0x7fffe1b8f580 "\001", len = -1}, gr_val = {<br>
>>> s = 0x7fb2b519cb30
"\220\240H\265\262\177", len = 4346308}}<br>
>>> next_hop = {user = {s = 0x0, len = 1},
passwd = {s = 0x7fffe1b8f710 "\002", len = 1237187532}, host = {<br>
>>> s = 0x7fffe1b8f710 "\002", len =
-507972224}, port = {<br>
>>> s = 0xffffffff <Address 0xffffffff
out of bounds>, len = -1256600784}, params = {<br>
>>> s = 0x3542f9ae92fdfbcc <Address
0x3542f9ae92fdfbcc out of bounds>, len = -589431860},
sip_params = {<br>
>>> s = 0x0, len = 17022128}, headers = {s
= 0x15 <Address 0x15 out of bounds>, len = 1}, port_no =
0, <br>
>>> proto = 0, type = ERROR_URI_T, flags =
4294967200, transport = {s = 0x7fffe1b8efe8 "l\345N", <br>
>>> len = -1076936721}, ttl = {s = 0x1
<Address 0x1 out of bounds>, len = -1114716768},
user_param = {<br>
>>> s = 0x1c0000002f <Address
0x1c0000002f out of bounds>, len = 7}, maddr = {<br>
>>> s = 0x710000000a <Address
0x710000000a out of bounds>, len = 2}, method = {s = 0x0, len
= -18000}, <br>
>>> lr = {s = 0x1017a30 "EST", len =
6323844}, r2 = {s = 0x7fb2bd8ed356 "tm [t_lookup.c:716]: ", <br>
>>> len = -507972224}, gr = {s =
0x7fffe1b8f710 "\002", len = 5148368}, transport_val = {s =
0x0, <br>
>>> len = 0}, ttl_val = {s = 0x7fb2bf8c7a00
"\016", len = -507973348}, user_param_val = {<br>
>>> s = 0x103bcb0 "<135>Nov 19
07:28:47 /usr/local/sbin/kamailio[15556]: DEBUG: dialog
[dlg_hash.c:602]: dlg_lookup(): dialog id=7094 found on entry
2049\n", len = 0}, maddr_val = {<br>
>>> s = 0x103bcb0 "<135>Nov 19
07:28:47 /usr/local/sbin/kamailio[15556]: DEBUG: dialog
[dlg_hash.c:602]: dlg_lookup(): dialog id=7094 found on entry
2049\n", len = -1115163744}, method_val = {<br>
>>> s = 0x99 <Address 0x99 out of
bounds>, len = 1384864127}, lr_val = {s = 0x882d80 "", <br>
>>> len = -1081312768}, r2_val = {s =
0x7fb2bdb0f080 "\016", len = 8924544}, gr_val = {<br>
>>> s = 0xffffffff <Address 0xffffffff
out of bounds>, len = -1081930768}}<br>
>>> u = <optimized out><br>
>>> port = <optimized out><br>
>>> dst_host = <optimized out><br>
>>> i = <optimized out><br>
>>> flags = <optimized out><br>
>>> avp = <optimized out><br>
>>> st = {flags = 3213654528, id = 32690, name
= {n = -507971824, s = {s = 0x7fffe1b8f710 "\002", <br>
>>> len = -507972224}, re =
0x7fffe1b8f710}, avp = 0x4ee56c}<br>
>>> sct = <optimized out><br>
>>> sjt = <optimized out><br>
>>> rve = <optimized out><br>
>>> mct = <optimized out><br>
>>> rv = <optimized out><br>
>>> rv1 = <optimized out><br>
>>> c1 = {cache_type = 3213020352, val_type =
32690, c = {avp_val = {n = 0, s = {<br>
>>> s = 0x7fb200000000 <Address
0x7fb200000000 out of bounds>, len = -1081312768}, <br>
>>> re = 0x7fb200000000}, pval = {rs = {s
= 0x7fb200000000 <Address 0x7fb200000000 out of bounds>, <br>
>>> len = -1081312768}, ri =
-1124131338, flags = 32690}}, <br>
>>> i2s = "\377\377\377\377\060", '\000'
<repeats 16 times>}<br>
>>> s = {s = 0x7fffe1b8f0d8
"\260\062\203\277\262\177", len = -507973632}<br>
>>> srevp = {0x937588, 0x7fb2bfc4f1fc}<br>
>>> mod_f_params = {{type = NOSUBTYPE, u =
{number = 0, string = 0x0, str = {s = 0x0, len = 0}, data =
0x0, <br>
>>> attr = 0x0, select = 0x0}}, {type =
NOSUBTYPE, u = {number = 0, string = 0x0, str = {s = 0x0, <br>
>>> len = 0}, data = 0x0, attr = 0x0,
select = 0x0}}, {type = NOSUBTYPE, u = {number = 0, <br>
>>> string = 0x0, str = {s = 0x0, len =
0}, data = 0x0, attr = 0x0, select = 0x0}}, {type = NOSUBTYPE, <br>
>>> u = {number = 0, string = 0x0, str = {s
= 0x0, len = 0}, data = 0x0, attr = 0x0, select = 0x0}}, {<br>
>>> type = NOSUBTYPE, u = {number = 0,
string = 0x0, str = {s = 0x0, len = 0}, data = 0x0, attr = 0x0, </p>
<p dir="ltr">>><br>
>>><br>
>>> ... cut ....<br>
>>><br>
>>> Kelvin Chua<br>
>>><br>
>>><br>
>>> On Tue, Nov 19, 2013 at 9:40 PM, Daniel-Constantin
Mierla <<a moz-do-not-send="true"
href="mailto:miconda@gmail.com">miconda@gmail.com</a>>
wrote:<br>
>>>><br>
>>>> Hello,<br>
>>>><br>
>>>> can you get the output for 'bt full'? Probably
you have to install the debug symbols (kamailio-dbg package) for
getting something useful.<br>
>>>><br>
>>>> Another question, can you reproduce it? Or it
happens sporadically?<br>
>>>><br>
>>>> Cheers,<br>
>>>> Daniel<br>
>>>><br>
>>>><br>
>>>><br>
>>>><br>
>>>> On 11/19/13 1:11 PM, Kelvin Chua wrote:<br>
>>>>><br>
>>>>> kamailio 4.0.4<br>
>>>>> has anybody experience this using dialog
module?<br>
>>>>><br>
>>>>> backtrace:<br>
>>>>> #0 0x000000000057af45 in qm_malloc ()<br>
>>>>> #1 0x00007f268ac0fe93 in
set_dlg_variable_unsafe () from
/usr/local/lib64/kamailio/modules/dialog.so<br>
>>>>> #2 0x00007f268ac123aa in
pv_set_dlg_variable () from
/usr/local/lib64/kamailio/modules/dialog.so<br>
>>>>> #3 0x000000000047be59 in lval_assign ()<br>
>>>>> #4 0x000000000041cf14 in do_action ()<br>
>>>>> #5 0x000000000041c5c5 in run_actions ()<br>
>>>>> #6 0x000000000041d92e in do_action ()<br>
>>>>> #7 0x000000000041c5c5 in run_actions ()<br>
>>>>> #8 0x0000000000425250 in run_top_route ()<br>
>>>>> #9 0x00000000004bfcce in receive_msg ()<br>
>>>>> #10 0x000000000056a2df in udp_rcv_loop ()<br>
>>>>> #11 0x0000000000481b43 in main_loop ()<br>
>>>>> #12 0x000000000041c081 in main ()<br>
>>>>><br>
>>>>> logfile:<br>
>>>>> DEBUG: <core>
[parser/msg_parser.c:623]: parse_msg(): SIP Request:<br>
>>>>> DEBUG: <core>
[parser/msg_parser.c:625]: parse_msg(): method: <ACK><br>
>>>>> DEBUG: <core>
[parser/msg_parser.c:627]: parse_msg(): uri:
<a class="moz-txt-link-rfc2396E" href="sip:+1XX882XX111@2XX.XX1.X9.2X"><sip:+1XX882XX111@2XX.XX1.X9.2X></a><br>
>>>>> DEBUG: <core>
[parser/msg_parser.c:629]: parse_msg(): version:
<SIP/2.0><br>
>>>>> DEBUG: <core>
[parser/parse_via.c:1284]: parse_via_param(): Found param type
232, <branch> = <z9hG4bKe97b.5a4397f3.0>; state=16<br>
>>>>> DEBUG: <core>
[parser/parse_via.c:2672]: parse_via(): end of header reached,
state=5<br>
>>>>> DEBUG: <core>
[parser/msg_parser.c:513]: parse_headers(): parse_headers: Via
found, flags=2<br>
>>>>> DEBUG: <core>
[parser/msg_parser.c:515]: parse_headers(): parse_headers: this
is the first via<br>
>>>>> DEBUG: <core> [receive.c:151]:
receive_msg(): After parse_msg...<br>
>>>>> DEBUG: <core> [receive.c:192]:
receive_msg(): preparing to run routing scripts...<br>
>>>>> DEBUG: <core>
[parser/parse_to.c:176]: parse_to_param(): DEBUG: add_param:
tag=bbd932f8f9dbf9743f9b7cadcbf622ac.0dc7<br>
>>>>> DEBUG: <core>
[parser/parse_to.c:799]: parse_to(): end of header reached,
state=29<br>
>>>>> DEBUG: <core>
[parser/msg_parser.c:190]: get_hdr_field(): DEBUG:
get_hdr_field: <To> [74];
uri=[<a class="moz-txt-link-freetext" href="sip:+1XX882XX111@6X.X31.X.8X">sip:+1XX882XX111@6X.X31.X.8X</a>]<br>
>>>>> DEBUG: <core>
[parser/msg_parser.c:192]: get_hdr_field(): DEBUG: to body
[<a class="moz-txt-link-rfc2396E" href="sip:+1XX882XX111@6X.X31.X.8X"><sip:+1XX882XX111@6X.X31.X.8X></a>]<br>
>>>>> DEBUG: sl [sl_funcs.c:415]:
sl_filter_ACK(): SL local ACK found -> dropping it!<br>
>>>>> DEBUG: <core> [usr_avp.c:644]:
destroy_avp_list(): DEBUG:destroy_avp_list: destroying list
(nil)<br>
>>>>> last message repeated 5 times<br>
>>>>> DEBUG: <core> [xavp.c:447]:
xavp_destroy_list(): destroying xavp list (nil)<br>
>>>>> DEBUG: <core> [receive.c:295]:
receive_msg(): receive_msg: cleaning up<br>
>>>>> segfault at 0 ip 000000000057af45 sp
00007fff30e44ac0 error 4 in kamailio[400000+27c000]</p>
<p dir="ltr">>>>>><br>
>>>>> Kelvin Chua<br>
>>>>><br>
>>>>><br>
>>>>>
_______________________________________________<br>
>>>>> SIP Express Router (SER) and Kamailio
(OpenSER) - sr-users mailing list<br>
>>>>> <a moz-do-not-send="true"
href="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</a><br>
>>>>> <a moz-do-not-send="true"
href="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</a><br>
>>>><br>
>>>><br>
>>>> -- <br>
>>>> Daniel-Constantin Mierla - <a
moz-do-not-send="true" href="http://www.asipto.com">http://www.asipto.com</a><br>
>>>> <a moz-do-not-send="true"
href="http://twitter.com/#%21/miconda">http://twitter.com/#!/miconda</a>
- <a moz-do-not-send="true"
href="http://www.linkedin.com/in/miconda">http://www.linkedin.com/in/miconda</a><br>
>>>> Kamailio Advanced Trainings - Berlin, Nov 25-28<br>
>>>> - more details about Kamailio trainings at <a
moz-do-not-send="true" href="http://www.asipto.com">http://www.asipto.com</a>
-<br>
>>>><br>
>>>><br>
>>>> _______________________________________________<br>
>>>> SIP Express Router (SER) and Kamailio (OpenSER)
- sr-users mailing list<br>
>>>> <a moz-do-not-send="true"
href="mailto:sr-users@lists.sip-router.org">sr-users@lists.sip-router.org</a><br>
>>>> <a moz-do-not-send="true"
href="http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users">http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users</a><br>
>>>><br>
>>><br>
>>><br>
>><br>
>> -- <br>
>> Daniel-Constantin Mierla - <a moz-do-not-send="true"
href="http://www.asipto.com">http://www.asipto.com</a><br>
>> <a moz-do-not-send="true"
href="http://twitter.com/#%21/miconda">http://twitter.com/#!/miconda</a>
- <a moz-do-not-send="true"
href="http://www.linkedin.com/in/miconda">http://www.linkedin.com/in/miconda</a><br>
>> Kamailio Advanced Trainings - Berlin, Nov 25-28<br>
>> - more details about Kamailio trainings at <a
moz-do-not-send="true" href="http://www.asipto.com">http://www.asipto.com</a>
-<br>
><br>
><br>
> -- <br>
> Daniel-Constantin Mierla - <a moz-do-not-send="true"
href="http://www.asipto.com">http://www.asipto.com</a><br>
> <a moz-do-not-send="true"
href="http://twitter.com/#%21/miconda">http://twitter.com/#!/miconda</a>
- <a moz-do-not-send="true"
href="http://www.linkedin.com/in/miconda">http://www.linkedin.com/in/miconda</a><br>
> Kamailio Advanced Trainings - Berlin, Nov 25-28<br>
> - more details about Kamailio trainings at <a
moz-do-not-send="true" href="http://www.asipto.com">http://www.asipto.com</a>
-<br>
</p>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Daniel-Constantin Mierla - <a class="moz-txt-link-freetext" href="http://www.asipto.com">http://www.asipto.com</a>
<a class="moz-txt-link-freetext" href="http://twitter.com/#!/miconda">http://twitter.com/#!/miconda</a> - <a class="moz-txt-link-freetext" href="http://www.linkedin.com/in/miconda">http://www.linkedin.com/in/miconda</a></pre>
</body>
</html>