Bugs item #2430807, was opened at 2008-12-15 16:34
Message generated for change (Comment added) made by rmnathan
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=1086410&aid=2430807&group_id=232389
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: modules
Group: trunk
Status: Open
Resolution: None
Priority: 8
Private: No
Submitted By: Nathan (rmnathan)
Assigned to: Anca Vamanu (anca_vamanu)
Summary: Opensips crashes when publish received for RLS list
Initial Comment:
Version - trunk(5049)
I have tried all sort of following thing to generate core . But it failed to
generate core dump.
1. disable_core_dump is set to no
2. set fork=no and child=no
3. tried to find core dump at /
4. compiled opensips with the following command
make mode=debug modules
echo $?
make mode=debug prefix=/usr/local/ install
5. OS stinbng46:/# uname -a
Linux stinbng46 2.6.18-staros-v2-20294-deb #1 SMP Mon Jul 14 05:18:18 EDT 2008
i686 GNU/Linux ( With same OS openser created core dump)
Is there any anything I might be missing? please help me to generate core dump
, it will be very helpful for debugging.
Crash:
=====
Crash observed when notify sent out for RLS list in case of PUBLISH received.
for more information please find the attached logs.
Dec 15 05:12:44 [15278] DBG:core:parse_uri: uri params:
transport=<>, val=<>, proto=0
Dec 15 05:12:44 [15278] DBG:core:parse_uri: user-param=<>, val=<>
Dec 15 05:12:44 [15278] DBG:core:parse_uri: method=<>, val=<>
Dec 15 05:12:44 [15278] DBG:core:parse_uri: ttl=<>, val=<>
Dec 15 05:12:44 [15278] DBG:core:parse_uri: maddr=<>, val=<>
Dec 15 05:12:44 [15278] DBG:core:parse_uri: lr=<lr>
Dec 15 05:12:44 [15278] DBG:core:mk_proxy: doing DNS lookup...
Dec 15 05:12:44 [15278] DBG:tm:dlg2hash: 21643
Dec 15 05:12:44 [15278] DBG:tm:print_request_uri: sip:c...@192.168.126.151:40000
Dec 15 05:12:44 [15278] DBG:tm:set_timer: relative timeout is 500000
Dec 15 05:12:44 [15278] DBG:tm:insert_timer_unsafe: [4]: 0xb5be4a64 (20500000)
Dec 15 05:12:44 [15278] DBG:tm:set_timer: relative timeout is 30
Dec 15 05:12:44 [15278] DBG:tm:insert_timer_unsafe: [0]: 0xb5be4a84 (50)
Dec 15 05:12:44 [15278] DBG:rls:timer_send_notify: Found rl-subs record in hash
table
Dec 15 05:12:44 [15277] INFO:core:handle_sigs: child process 15278 exited by a
signal 11
Dec 15 05:12:44 [15277] INFO:core:handle_sigs: core was not generated
Dec 15 05:12:44 [15277] INFO:core:handle_sigs: terminating due to SIGCHLD
Dec 15 05:12:44 [15279] INFO:core:sig_usr: signal 15 received
Dec 15 05:12:44 [15277] DBG:core:shm_mem_destroy:
Dec 15 05:12:44 [15277] DBG:core:shm_mem_destroy: destroying the shared memory
lock
Dec 15 05:12:44 [15277] DBG:core:handle_sigs: terminating due to SIGCHLD
----------------------------------------------------------------------
Comment By: Nathan (rmnathan)
Date: 2009-02-02 14:34
Message:
Hi Anca,
I have tested with new clone . The crash is not observed. but i have seen
lot of error message like beow. I will update log and call flow for this
error message in the respective bug item.
Feb 2 14:26:28 [26461] ERROR:rls:parse_subs_state: terminated state and
no reason foundFeb 2 14:26:28 [26461] ERROR:rls:rls_handle_notify: while
parsing 'Subscription-State' header
Feb 2 14:26:28 [26461] ERROR:rls:parse_subs_state: terminated state and
no reason foundFeb 2 14:26:28 [26461] ERROR:rls:rls_handle_notify: while
parsing 'Subscription-State' header
Feb 2 14:26:29 [26461] ERROR:rls:rls_notify_callback: record not found in
hash table
Feb 2 14:26:34 [26461] ERROR:rls:parse_subs_state: terminated state and
no reason foundFeb 2 14:26:34 [26461] ERROR:rls:rls_handle_notify: while
parsing 'Subscription-State' header
Feb 2 14:26:34 [26461] ERROR:rls:parse_subs_state: terminated state and
no reason foundFeb 2 14:26:34 [26461] ERROR:rls:rls_handle_notify: while
parsing 'Subscription-State' header
Thanks lot
Regards,
rmnathan
----------------------------------------------------------------------
Comment By: Anca Vamanu (anca_vamanu)
Date: 2009-01-23 18:46
Message:
Hi Rmnathan,
Yesterday I have found a double free bug in rls module. Can you please
update your version and test again?
Thanks and regards,
Anca
----------------------------------------------------------------------
Comment By: Nathan (rmnathan)
Date: 2009-01-22 12:23
Message:
Hi Anca,
Any update on this issue?
Regards,
rmnathan
----------------------------------------------------------------------
Comment By: Nobody/Anonymous (nobody)
Date: 2009-01-12 19:25
Message:
Hi Anca,
The details of error message and call scenario as follows
1.Error Message
=================
Only following error message is getting at the time of crashing
Jan 12 08:20:10 [27860] WARNING:core:main: no fork mode
Jan 12 08:21:10 [27860] ERROR:core:db_do_insert: invalid parameter value
Jan 12 08:21:10 [27860] ERROR:pua:db_update: while inserting in db table
pua
2. Setup details
=================
UE 1
------- PROXY --------- Opensips
UE 2
Note : All users are in same domain
UE 2 will have following list in openxcap table
----------------------------------------------------
It has 100 list for each user
uE2_1, UE2_2, UE2_3 ..
UE2_1 list will have 5 entry uri like UE1_1,UE1_2,UE1_3,UE1_4,UE1_5
UE2_2 list will have 5 entry uri like UE1_2,UE1_3,UE1_4,UE1_5,UE1_6
simillary it will go for 100 user
.
.
UE2_100 list will have 5 entry uri like UE1_100,UE1_1,UE1_2,UE1_3,UE1_4
UE 1 will have following list in openxcap table
----------------------------------------------------
It has 100 list for each user
uE2_1, UE2_2, UE2_3 ..
UE1_1 list will have 5 entry uri like UE2_1,UE2_2,UE2_3,UE2_4,UE2_5
UE1_2 list will have 5 entry uri like UE2_2,UE2_3,UE2_4,UE2_5,UE2_6
simillary it will go for 100 user
.
.
UE1_100 list will have 5 entry uri like UE2_100,UE2_1,UE2_2,UE2_3,UE2_4
Sample Message flow for UE1 for one user
========================================
1. UE 1(UE1_1) will send subscribe message to rls list UE1_1
2. UE 1 will send publish
simillary UE2_1 .. will send subscribe and publish.
Regards,
rmnathan
----------------------------------------------------------------------
Comment By: Anca Vamanu (anca_vamanu)
Date: 2009-01-08 21:36
Message:
Hi,
I did not succeeded to get segmentation fault on my machine or to detect
the problem in the code and from your trace. Can you please tell me if see
any errors in you log file? And what scenario are you using when testing?
regards,
Anca
----------------------------------------------------------------------
Comment By: Nathan (rmnathan)
Date: 2009-01-07 18:22
Message:
crash 2 with full bt trace
===================
error message before crashing:
Jan 7 07:21:05 [10134] ERROR:core:db_do_insert: invalid parameter value
Jan 7 07:21:05 [10134] ERROR:pua:db_update: while inserting in db table
pua
Core was generated by `/usr/local/sbin/opensips -m 1024'.
Program terminated with signal 11, Segmentation fault.
#0 fm_malloc (qm=0x81a3ba0, size=1528) at mem/f_malloc.c:267
267 if ((*f)->size>=size) goto found;
(gdb) bt full
#0 fm_malloc (qm=0x81a3ba0, size=1528) at mem/f_malloc.c:267
f = (struct fm_frag **) 0x81a4330
hash = 239
#1 0xb78f1b51 in agg_body_sendn_update (rl_uri=0x81b31b0,
boundary_string={s = 0x81b1970 "gQIIPDYu2UDVZoZv5NTp3DgT", len = 24},
rlmi_body=0xbf9ad484,
multipart_body=0xbf9ad47c, subs=0x81b31b0, hash_code=1381) at
notify.c:238
cid = {s = 0x81b1c50 "1231330858.sip:c...@10.6.2.246.1189641421",
len = 41}
len = 1526
body = {s = 0x0, len = 0}
__FUNCTION__ = "agg_body_sendn_update"
#2 0xb78f4efe in timer_send_notify (ticks=180, param=0x0) at
resource_notify.c:544
query_cols = {0xb7906844, 0xb7ab9510}
update_cols = {0xb7906844}
result_cols = {0xb7906834, 0xb790683c, 0xb790684c, 0xb790685c,
0xb7906854, 0xb7906864, 0x0}
query_vals = {{type = DB_INT, nul = 0, free = 2007220120, val =
{int_val = 1, double_val = 1.6975966328216244e-313, time_val = 1,
string_val = 0x1 <Address 0x1 out of bounds>, str_val = {s = 0x1
<Address 0x1 out of bounds>, len = 8}, blob_val = {
s = 0x1 <Address 0x1 out of bounds>, len = 8}, bitmap_val = 1}},
{type = 135996560, nul = 0, free = -1080372044, val = {int_val = 135974160,
double_val = 6.7180161178120992e-316, time_val = 135974160,
string_val = 0x81acd10 "¨\225«·", str_val = {s = 0x81acd10 "¨\225«·",
len = 0},
blob_val = {s = 0x81acd10 "¨\225«·", len = 0}, bitmap_val =
135974160}}}
update_vals = {{type = DB_DATETIME, nul = 2007220120, free =
-1213492080, val = {int_val = -1, double_val = -1.5830897899132156e-40,
time_val = -1,
string_val = 0xffffffff <Address 0xffffffff out of bounds>, str_val
= {s = 0xffffffff <Address 0xffffffff out of bounds>, len = -1213492016},
blob_val = {s = 0xffffffff <Address 0xffffffff out of bounds>, len =
-1213492016}, bitmap_val = 4294967295}}}
i = 5
result = (db_res_t *) 0x81b1768
prev_did = 0x481c5c3c
"c5-1-80;227413568;97b57f2144c425bc44f2e7a21eb22549-57d9"
curr_did = 0x481c601c
"c6-1-80;227413312;97b57f2144c425bc44f2e7a21eb22549-4c39"
row_vals = (db_val_t *) 0x81b2d78
resource_uri = 0x481c6054 "sip:s...@10.6.2.246"
pres_state = 0x481c6080 "<?xml version=\"1.0\"
encoding=\"UTF-8\"?>\n<presence xmlns=\"urn:ietf:params:xml:ns:pidf\"
xmlns:rpid=\"urn:ietf:params:xml:ns:pidf:rpid\"
xmlns:dm=\"urn:ietf:params:xml:ns:pidf:data-model\"
xmlns:pcp=\"urn:ietf"...
callid = {s = 0x481c5c3c
"c5-1-80;227413568;97b57f2144c425bc44f2e7a21eb22549-57d9", len = 7}
to_tag = {s = 0x481c5c4e "97b57f2144c425bc44f2e7a21eb22549-57d9",
len = 37}
from_tag = {s = 0x481c5c44
"227413568;97b57f2144c425bc44f2e7a21eb22549-57d9", len = 9}
rlmi_doc = (xmlDocPtr) 0x481af758
list_node = (xmlNodePtr) 0x481accb8
instance_node = (xmlNodePtr) 0x481af9a0
resource_node = (xmlNodePtr) 0x481af8b0
hash_code = 1381
size = 2048
buf_len = 1004
buf = 0x81b3380
"--gQIIPDYu2UDVZoZv5NTp3DgT\r\n\r\nContent-Transfer-Encoding:
binary\r\nContent-ID:
<1231330858.sip:s...@10.6.2.246.596516649>\r\nContent-Type:
application/pidf+xml\r\n\r\n<?xml version=\"1.0\"
encoding=\"UTF-8\"?>\n<p"...
auth_state = <value optimized out>
contor = 1
auth_state_flag = 2
bstr = {s = 0x81b1970 "gQIIPDYu2UDVZoZv5NTp3DgT", len = 24}
rlmi_cont = {
s = 0x481aed98 "<?xml version=\"1.0\"?>\n<list
uri=\"sip:c...@10.6.2.246\" xmlns=\"urn:ietf:params:xml:ns:rlmi\"
version=\"5\" fullState=\"false\">\n <resource
uri=\"sip:s...@10.6.2.246\">\n <instance id=\"icDW4oK5\"
state=\"activ"..., len = 274}
multi_cont = {
s = 0x81b3380
"--gQIIPDYu2UDVZoZv5NTp3DgT\r\n\r\nContent-Transfer-Encoding:
binary\r\nContent-ID:
<1231330858.sip:s...@10.6.2.246.596516649>\r\nContent-Type:
application/pidf+xml\r\n\r\n<?xml version=\"1.0\"
encoding=\"UTF-8\"?>\n<p"..., len = 1004}
s = (subs_t *) 0x77af7598
dialog = (subs_t *) 0x81b31b0
rl_uri = 0x81b2a80 "sip:c...@10.6.2.246"
str_aux = <value optimized out>
__FUNCTION__ = "timer_send_notify"
#3 0x080ccfb5 in start_timer_processes () at timer.c:280
---Type <return> to continue, or q <return> to quit---
tpl = (struct sr_timer_process *) 0x81acad8
pid = <value optimized out>
first = <value optimized out>
__FUNCTION__ = "start_timer_processes"
#4 0x0806f189 in main (argc=3, argv=0xbf9ad664) at main.c:666
cfg_log_stderr = 0
cfg_stream = (FILE *) 0x481a4008
c = <value optimized out>
r = <value optimized out>
tmp = 0xbf9aedec ""
tmp_len = <value optimized out>
port = <value optimized out>
proto = <value optimized out>
ret = <value optimized out>
seed = 4221279407
rfd = 4
__FUNCTION__ = "main"
(gdb)
crash 3 with full bt trace
===================
error message before crashing:
Jan 7 07:29:00 [10190] ERROR:db_mysql:db_mysql_str2val: invalid parameter
value
Jan 7 07:29:00 [10190] ERROR:db_mysql:db_mysql_convert_row: failed to
convert value
Jan 7 07:29:09 [10189] ERROR:core:db_do_insert: invalid parameter value
Jan 7 07:29:09 [10189] ERROR:pua:db_update: while inserting in db table
pua
Core was generated by `/usr/local/sbin/opensips -m 1024'.
Program terminated with signal 11, Segmentation fault.
#0 db_free_row (_r=0x81b79e8) at db/db_row.c:62
62 switch (VAL_TYPE(_val)) {
(gdb) bt full
#0 db_free_row (_r=0x81b79e8) at db/db_row.c:62
col = 0
_val = (db_val_t *) 0x0
__FUNCTION__ = "db_free_row"
#1 0xb7d9b580 in db_mysql_convert_row (_h=0x81b3820, _res=0x81ad938,
_r=0x81b79e8) at row.c:69
lengths = (long unsigned int *) 0x481aebcc
i = 135935876
__FUNCTION__ = "db_mysql_convert_row"
#2 0xb7d9aeca in db_mysql_convert_result (_h=0x81b3820, _r=0x81ad938) at
res.c:171
__FUNCTION__ = "db_mysql_convert_result"
#3 0xb7d98a2f in db_mysql_store_result (_h=0x81b3820, _r=0xbf9f4500) at
dbase.c:177
__FUNCTION__ = "db_mysql_store_result"
#4 0x0811b94f in db_do_query (_h=0x81b3820, _k=0xbf9f44f4, _op=0x0,
_v=0xbf9f4474, _c=0xbf9f449c, _n=1, _nc=6, _o=0xb78e6834, _r=0xbf9f4500,
val2str=0xb7d9b780 <db_mysql_val2str>, submit_query=0xb7d98de9
<db_mysql_submit_query>, store_result=0xb7d989c7 <db_mysql_store_result>)
at db/db_query.c:105
tmp = <value optimized out>
off = 132
ret = <value optimized out>
__FUNCTION__ = "db_do_query"
#5 0xb7d97d05 in db_mysql_query (_h=0x81b3820, _k=0xbf9f44f4, _op=0x0,
_v=0xbf9f4474, _c=0xbf9f449c, _n=1, _nc=6, _o=0xb78e6834, _r=0xbf9f4500)
at dbase.c:247
No locals.
#6 0xb78d4c75 in timer_send_notify (ticks=80, param=0x0) at
resource_notify.c:493
query_cols = {0xb78e6844, 0x0}
update_cols = {0xb78e6844}
result_cols = {0xb78e6834, 0xb78e683c, 0xb78e684c, 0xb78e685c,
0xb78e6854, 0xb78e6864, 0x0}
query_vals = {{type = DB_INT, nul = 0, free = 2007089048, val =
{int_val = 1, double_val = -2.766852607421637e-39, time_val = 1,
string_val = 0x1 <Address 0x1 out of bounds>, str_val = {s = 0x1
<Address 0x1 out of bounds>, len = -1209130788}, blob_val = {
s = 0x1 <Address 0x1 out of bounds>, len = -1209130788},
bitmap_val = 1}}, {type = 3085836512, nul = -1209131020, free = 310, val =
{int_val = 310,
double_val = -0.03053575754165757, time_val = 310, string_val =
0x136 <Address 0x136 out of bounds>, str_val = {
s = 0x136 <Address 0x136 out of bounds>, len = -1080081212},
blob_val = {s = 0x136 <Address 0x136 out of bounds>, len = -1080081212},
bitmap_val = 310}}}
update_vals = {{type = DB_DATETIME, nul = 2007089048, free =
-1080081152, val = {int_val = -1, double_val = -3.3348689399357007e-39,
time_val = -1,
string_val = 0xffffffff <Address 0xffffffff out of bounds>, str_val
= {s = 0xffffffff <Address 0xffffffff out of bounds>, len = -1208866784},
blob_val = {s = 0xffffffff <Address 0xffffffff out of bounds>, len =
-1208866784}, bitmap_val = 4294967295}}}
i = <value optimized out>
result = (db_res_t *) 0x81ad938
prev_did = <value optimized out>
curr_did = <value optimized out>
row_vals = <value optimized out>
resource_uri = <value optimized out>
pres_state = <value optimized out>
callid = {s = 0x0, len = 0}
to_tag = {s = 0x481c67ed
"h\034H_h\034H`h\034H±k\034Hc3-2-80;210632768;97b57f2144c425bc44f2e7a21eb22549-f3e9",
len = 79}
from_tag = {s = 0x481c67e4
"4h\034HHh\034HJh\034H_h\034H`h\034H±k\034Hc3-2-80;210632768;97b57f2144c425bc44f2e7a21eb22549-f3e9",
len = 8}
rlmi_doc = <value optimized out>
list_node = <value optimized out>
instance_node = <value optimized out>
resource_node = <value optimized out>
hash_code = <value optimized out>
size = <value optimized out>
buf_len = <value optimized out>
buf = <value optimized out>
auth_state = <value optimized out>
contor = <value optimized out>
auth_state_flag = <value optimized out>
bstr = {s = 0x0, len = 0}
---Type <return> to continue, or q <return> to quit---
rlmi_cont = {s = 0x0, len = 0}
multi_cont = {s = 0x0, len = 8}
s = <value optimized out>
dialog = <value optimized out>
rl_uri = <value optimized out>
str_aux = <value optimized out>
__FUNCTION__ = "timer_send_notify"
#7 0x080ccfb5 in start_timer_processes () at timer.c:280
tpl = (struct sr_timer_process *) 0x81acad8
pid = <value optimized out>
first = <value optimized out>
__FUNCTION__ = "start_timer_processes"
#8 0x0806f189 in main (argc=3, argv=0xbf9f46b4) at main.c:666
cfg_log_stderr = 0
cfg_stream = (FILE *) 0x481a4008
c = <value optimized out>
r = <value optimized out>
tmp = 0xbf9f5dec ""
tmp_len = <value optimized out>
port = <value optimized out>
proto = <value optimized out>
ret = <value optimized out>
seed = 3089561270
rfd = 4
__FUNCTION__ = "main"
(gdb)
----------------------------------------------------------------------
Comment By: Nathan (rmnathan)
Date: 2009-01-07 17:45
Message:
Hi
the full trace as follows
Core was generated by `/usr/local/sbin/opensips'.
Program terminated with signal 11, Segmentation fault.
#0 0xb78e7eca in timer_send_notify (ticks=120, param=0x0) at
resource_notify.c:721
721
if(strncmp(row_vals[resource_uri_col].val.string_val,
(gdb) bt full
#0 0xb78e7eca in timer_send_notify (ticks=120, param=0x0) at
resource_notify.c:721
query_cols = {0xb78f8844, 0xb7aab510}
update_cols = {0x0}
result_cols = {0xb78f8834, 0xb78f883c, 0xb78f884c, 0xb78f885c,
0xb78f8854, 0xb78f8864, 0x0}
query_vals = {{type = DB_INT, nul = 0, free = -1247617128, val =
{int_val = 1, double_val = 4.2439915824246103e-314, time_val = 1,
string_val = 0x1 <Address 0x1 out of bounds>, str_val = {s = 0x1
<Address 0x1 out of bounds>, len = 2}, blob_val = {
s = 0x1 <Address 0x1 out of bounds>, len = 2}, bitmap_val = 1}},
{type = DB_DOUBLE, nul = 0, free = -1081894044, val = {int_val = 135974160,
double_val = 6.7180161178120992e-316, time_val = 135974160,
string_val = 0x81acd10 "°µª·øÎ\032\b", str_val = {s = 0x81acd10
"°µª·øÎ\032\b", len = 0},
blob_val = {s = 0x81acd10 "°µª·øÎ\032\b", len = 0}, bitmap_val
= 135974160}}}
update_vals = {{type = DB_DATETIME, nul = -1247617128, free =
-1243838944, val = {int_val = -1213549416, double_val =
-1.5328670054899573e-40,
time_val = -1213549416, string_val = 0xb7aab498 "ÍSª·\006",
str_val = {s = 0xb7aab498 "ÍSª·\006", len = -1213549360}, blob_val = {
s = 0xb7aab498 "ÍSª·\006", len = -1213549360}, bitmap_val =
3081417880}}}
i = 298
result = (db_res_t *) 0x828f678
prev_did = 0x4821159c
"s6-13-80;100595200;97b57f2144c425bc44f2e7a21eb22549-1265"
curr_did = 0x48211d5c
"s6-14-80;218035712;97b57f2144c425bc44f2e7a21eb22549-365a"
row_vals = (db_val_t *) 0x64697072
resource_uri = <value optimized out>
pres_state = 0x48211dc2 "<?xml version=\"1.0\"
encoding=\"UTF-8\"?>\n<presence xmlns=\"urn:ietf:params:xml:ns:pidf\"
xmlns:rpid=\"urn:ietf:params:xml:ns:pidf:rpid\"
xmlns:dm=\"urn:ietf:params:xml:ns:pidf:data-model\"
xmlns:pcp=\"urn:ietf"...
callid = {s = 0x48211d5c
"s6-14-80;218035712;97b57f2144c425bc44f2e7a21eb22549-365a", len = 8}
to_tag = {s = 0x48211d6f "97b57f2144c425bc44f2e7a21eb22549-365a",
len = 37}
from_tag = {s = 0x48211d65
"218035712;97b57f2144c425bc44f2e7a21eb22549-365a", len = 9}
rlmi_doc = (xmlDocPtr) 0x481aec20
list_node = (xmlNodePtr) 0x481accb8
instance_node = (xmlNodePtr) 0x481f0da0
resource_node = (xmlNodePtr) 0x481af8c0
hash_code = 349
size = 6144
buf_len = 1007
buf = 0x8298040
"--uiJUnfDUyfcSFWRINqnYyVEx\r\n\r\nContent-Transfer-Encoding:
binary\r\nContent-ID:
<1231322726.sip:c6...@10.6.2.246.596516649>\r\nContent-Type:
application/pidf+xml\r\n\r\n<?xml version=\"1.0\"
encoding=\"UTF-8\"?>\n<"...
auth_state = <value optimized out>
contor = 1
auth_state_flag = <value optimized out>
bstr = {s = 0x8292c30 "uiJUnfDUyfcSFWRINqnYyVEx", len = 24}
rlmi_cont = {
s = 0x481f0fd8 "pTï·pTï·Ð\017\037HÐ\017\037H.0\"?>\n<list
uri=\"sip:s6...@10.6.2.246\" xmlns=\"urn:ietf:params:xml:ns:rlmi\"
version=\"2\" fullState=\"false\">\n <resource
uri=\"sip:c6...@10.6.2.246\">\n <instance id=\"icDW4oK5\"
state=\"act"..., len = 959}
multi_cont = {
s = 0x8298040
"--uiJUnfDUyfcSFWRINqnYyVEx\r\n\r\nContent-Transfer-Encoding:
binary\r\nContent-ID:
<1231322726.sip:c6...@10.6.2.246.596516649>\r\nContent-Type:
application/pidf+xml\r\n\r\n<?xml version=\"1.0\"
encoding=\"UTF-8\"?>\n<"..., len = 6053}
s = (subs_t *) 0xb602c300
dialog = (subs_t *) 0x81a7ef0
rl_uri = 0x8291670 "sip:s6...@10.6.2.246"
str_aux = <value optimized out>
__FUNCTION__ = "timer_send_notify"
#1 0x080ccfb5 in start_timer_processes () at timer.c:280
tpl = (struct sr_timer_process *) 0x81acad8
pid = <value optimized out>
first = <value optimized out>
__FUNCTION__ = "start_timer_processes"
#2 0x0806f189 in main (argc=1, argv=0xbf839d14) at main.c:666
cfg_log_stderr = 0
cfg_stream = (FILE *) 0x481a4008
c = <value optimized out>
r = <value optimized out>
---Type <return> to continue, or q <return> to quit---
tmp = 0x8166200 "\034a\026\bhf�...@¼ò·"
tmp_len = <value optimized out>
port = <value optimized out>
proto = <value optimized out>
ret = <value optimized out>
seed = 82752229
rfd = 4
__FUNCTION__ = "main"
(gdb)
Regards,
rmnathan
----------------------------------------------------------------------
Comment By: Nobody/Anonymous (nobody)
Date: 2009-01-07 16:34
Message:
It would help to provide the backtrace with the full context and the value
of the local variables. To do that use "bt full" instead of just "bt".
Dan
----------------------------------------------------------------------
Comment By: Nathan (rmnathan)
Date: 2009-01-07 16:10
Message:
Hi Anca,
I observed few crashes as follows while testing with new trunck build.
Crash 1:
======
Core was generated by `/usr/local/sbin/opensips -m 1024'.
Program terminated with signal 11, Segmentation fault.
#0 0xb7e18d00 in strncmp () from /lib/libc.so.6
(gdb) bt
#0 0xb7e18d00 in strncmp () from /lib/libc.so.6
#1 0xb78cfee3 in timer_send_notify (ticks=40, param=0x0) at
resource_notify.c:721
#2 0x080ccfb5 in start_timer_processes () at timer.c:280
#3 0x0806f189 in main (argc=3, argv=0xbfb57014) at main.c:666
Crash 2:
======
Program terminated with signal 11, Segmentation fault.
#0 fm_malloc (qm=0x81a3ba0, size=2640) at mem/f_malloc.c:267
267 if ((*f)->size>=size) goto found;
(gdb) bt
#0 fm_malloc (qm=0x81a3ba0, size=2640) at mem/f_malloc.c:267
#1 0xb78dcb51 in agg_body_sendn_update (rl_uri=0x81a7ef0,
boundary_string={s = 0x81dadc0 "j5dDEBAL5H1LAtor2qUGI2ac", len = 24},
rlmi_body=0xbfef61d4,
multipart_body=0xbfef61cc, subs=0x81a7ef0, hash_code=1978) at
notify.c:238
#2 0xb78dfefe in timer_send_notify (ticks=60, param=0x0) at
resource_notify.c:544
#3 0x080ccfb5 in start_timer_processes () at timer.c:280
#4 0x0806f189 in main (argc=3, argv=0xbfef63b4) at main.c:666
crash 3:
======
#0 0xb78e7eca in timer_send_notify (ticks=120, param=0x0) at
resource_notify.c:721
721
if(strncmp(row_vals[resource_uri_col].val.string_val,
(gdb) bt
#0 0xb78e7eca in timer_send_notify (ticks=120, param=0x0) at
resource_notify.c:721
#1 0x080ccfb5 in start_timer_processes () at timer.c:280
#2 0x0806f189 in main (argc=1, argv=0xbf839d14) at main.c:666
crash 4:
======
Core was generated by `/usr/local/sbin/opensips -m 1024'.
Program terminated with signal 11, Segmentation fault.
#0 db_free_row (_r=0x81c25d0) at db/db_row.c:62
62 switch (VAL_TYPE(_val)) {
crash 5:
======
Core was generated by `/usr/local/sbin/opensips'.
Program terminated with signal 11, Segmentation fault.
#0 0x080f9282 in parse_uri (buf=0x8 <Address 0x8 out of bounds>,
len=135995841, uri=0xbf9fbfe0) at parser/parse_uri.c:329
329 scheme=buf[0]+(buf[1]<<8)+(buf[2]<<16)+(buf[3]<<24);
----------------------------------------------------------------------
Comment By: Anca Vamanu (anca_vamanu)
Date: 2009-01-06 20:11
Message:
Hi Meganathan,
I think that I have finally found the bug this time. Can you please
update, test again and confirm?
Thanks and regards,
Anca
----------------------------------------------------------------------
Comment By: Nathan (rmnathan)
Date: 2008-12-31 15:07
Message:
Hi Anca,
Any update on this issue?
Regards,
Meganathan.
----------------------------------------------------------------------
Comment By: Nathan (rmnathan)
Date: 2008-12-18 20:15
Message:
Hi Anca
I have retested with latest build (rev 5071). Again I got the crash
(gdb) bt
#0 0xb7e1861d in _IO_str_overflow () from /lib/libc.so.6
#1 0xb7e17747 in _IO_default_xsputn () from /lib/libc.so.6
#2 0xb7deea94 in vfprintf () from /lib/libc.so.6
#3 0xb7e0c92c in vsprintf () from /lib/libc.so.6
#4 0xb7df775e in sprintf () from /lib/libc.so.6
#5 0xb78d810b in timer_send_notify (ticks=40, param=0x0) at
resource_notify.c:700
#6 0x080ccb55 in start_timer_processes () at timer.c:280
#7 0x0806ef69 in main (argc=1, argv=0xbfa78f44) at main.c:666
Regards,
rmnathan
----------------------------------------------------------------------
Comment By: Anca Vamanu (anca_vamanu)
Date: 2008-12-18 17:58
Message:
Hi rmnathan,
I have made some changes in the rls module.
Can you please update and test again?
regards,
Anca
----------------------------------------------------------------------
Comment By: Nathan (rmnathan)
Date: 2008-12-16 15:42
Message:
Hi Anca,
After i compiled with following commands i got core dump with line
numbers.
make
echo $?
make prefix=/usr/local/ install
Program terminated with signal 11, Segmentation fault.
#0 0xb7e5161d in _IO_str_overflow () from /lib/libc.so.6
(gdb) bt
#0 0xb7e5161d in _IO_str_overflow () from /lib/libc.so.6
#1 0xb7e50747 in _IO_default_xsputn () from /lib/libc.so.6
#2 0xb7e27a94 in vfprintf () from /lib/libc.so.6
#3 0xb7e4592c in vsprintf () from /lib/libc.so.6
#4 0xb7e3075e in sprintf () from /lib/libc.so.6
#5 0xb7911d53 in timer_send_notify (ticks=40, param=0x0) at
resource_notify.c:687
#6 0x080ccb55 in start_timer_processes () at timer.c:280
#7 0x0806ef69 in main (argc=1, argv=0xbf805cf4) at main.c:666
regards,
rmnathan
----------------------------------------------------------------------
Comment By: Nathan (rmnathan)
Date: 2008-12-16 15:15
Message:
Hi Anca,
I have tried with latest trunk build (rev 5060), am getting the same
crash.
I have set 'ulimit -c unlimited' also but the line numbers not getting
printed.
Core was generated by `opensips'.
Program terminated with signal 11, Segmentation fault.
#0 0xb7ec161d in _IO_str_overflow () from /lib/libc.so.6
(gdb) bt
#0 0xb7ec161d in _IO_str_overflow () from /lib/libc.so.6
#1 0xb7ec0747 in _IO_default_xsputn () from /lib/libc.so.6
#2 0xb7e97a94 in vfprintf () from /lib/libc.so.6
#3 0xb7eb592c in vsprintf () from /lib/libc.so.6
#4 0xb7ea075e in sprintf () from /lib/libc.so.6
#5 0xb799a25d in timer_send_notify () from
/usr/local//lib/opensips/modules/rls.so
#6 0x080b1194 in timer_ticker ()
#7 0x080b0fc5 in run_timer_process ()
#8 0x080b12ff in start_timer_processes ()
#9 0x08065cdd in main_loop ()
#10 0x08067f53 in main ()
Regards
rmnathan
----------------------------------------------------------------------
Comment By: Anca Vamanu (anca_vamanu)
Date: 2008-12-15 19:49
Message:
Hi rmnathan,
I have tested myself and got a crash after some time - it was due to a
recent change that I made. I have commited the fix in trunk.
However I am not really sure it is the same as you have seen, as in your
trace there isn't enough information -like line numbers. Can you please
update and test again and report if you see the crash again.
Btw, have you run: 'ulimit -c unlimited'?
regards,
Anca
----------------------------------------------------------------------
Comment By: Nathan (rmnathan)
Date: 2008-12-15 16:47
Message:
Finally core has created. Please see below
stinbng46:/# gdb /usr/local/sbin/opensips core
GNU gdb 6.4.90-debian
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you
are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for
details.
This GDB was configured as "i486-linux-gnu"...Using host libthread_db
library "/lib/libthread_db.so.1".
warning: Can't read pathname for load map: Input/output error.
Reading symbols from /lib/libdl.so.2...done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /lib/libresolv.so.2...done.
Loaded symbols for /lib/libresolv.so.2
Reading symbols from /lib/libc.so.6...done.
Loaded symbols for /lib/libc.so.6
Reading symbols from /lib/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
Reading symbols from /usr/local/lib/opensips/modules/db_mysql.so...done.
Loaded symbols for /usr/local//lib/opensips/modules/db_mysql.so
Reading symbols from /usr/lib/libmysqlclient.so.15...done.
Loaded symbols for /usr/lib/libmysqlclient.so.15
Reading symbols from /lib/libpthread.so.0...done.
Loaded symbols for /lib/libpthread.so.0
Reading symbols from /lib/libcrypt.so.1...done.
Loaded symbols for /lib/libcrypt.so.1
Reading symbols from /lib/libnsl.so.1...done.
Loaded symbols for /lib/libnsl.so.1
Reading symbols from /lib/libm.so.6...done.
Loaded symbols for /lib/libm.so.6
Reading symbols from /usr/lib/libz.so.1...done.
Loaded symbols for /usr/lib/libz.so.1
Reading symbols from /usr/local/lib/opensips/modules/sl.so...done.
Loaded symbols for /usr/local//lib/opensips/modules/sl.so
Reading symbols from /usr/local/lib/opensips/modules/maxfwd.so...done.
Loaded symbols for /usr/local//lib/opensips/modules/maxfwd.so
Reading symbols from /usr/local/lib/opensips/modules/textops.so...done.
Loaded symbols for /usr/local//lib/opensips/modules/textops.so
Reading symbols from /usr/local/lib/opensips/modules/tm.so...done.
Loaded symbols for /usr/local//lib/opensips/modules/tm.so
Reading symbols from /usr/local/lib/opensips/modules/rr.so...done.
Loaded symbols for /usr/local//lib/opensips/modules/rr.so
Reading symbols from /usr/local/lib/opensips/modules/presence.so...done.
Loaded symbols for /usr/local//lib/opensips/modules/presence.so
Reading symbols from /usr/lib/libxml2.so.2...done.
Loaded symbols for /usr/lib/libxml2.so.2
Reading symbols from /usr/local/lib/opensips/modules/avpops.so...done.
Loaded symbols for /usr/local//lib/opensips/modules/avpops.so
Reading symbols from /usr/local/lib/opensips/modules/pua.so...done.
Loaded symbols for /usr/local//lib/opensips/modules/pua.so
Reading symbols from /usr/local/lib/opensips/modules/mi_fifo.so...done.
Loaded symbols for /usr/local//lib/opensips/modules/mi_fifo.so
Reading symbols from
/usr/local/lib/opensips/modules/presence_xml.so...done.
Loaded symbols for /usr/local//lib/opensips/modules/presence_xml.so
Reading symbols from /usr/local/lib/opensips/modules/rls.so...done.
Loaded symbols for /usr/local//lib/opensips/modules/rls.so
Reading symbols from /usr/local/lib/opensips/modules/xlog.so...done.
Loaded symbols for /usr/local//lib/opensips/modules/xlog.so
Reading symbols from /usr/local/lib/opensips/modules/signaling.so...done.
Loaded symbols for /usr/local//lib/opensips/modules/signaling.so
Reading symbols from /lib/libnss_db.so.2...done.
Loaded symbols for /lib/libnss_db.so.2
Reading symbols from /lib/libnss_files.so.2...done.
Loaded symbols for /lib/libnss_files.so.2
Reading symbols from /usr/lib/libdb3.so.3...done.
Loaded symbols for /usr/lib/libdb3.so.3
Core was generated by `/usr/local/sbin/opensips -D'.
Program terminated with signal 11, Segmentation fault.
#0 0xb7e9f61d in _IO_str_overflow () from /lib/libc.so.6
(gdb) bt
#0 0xb7e9f61d in _IO_str_overflow () from /lib/libc.so.6
#1 0xb7e9e747 in _IO_default_xsputn () from /lib/libc.so.6
#2 0xb7e75a94 in vfprintf () from /lib/libc.so.6
#3 0xb7e9392c in vsprintf () from /lib/libc.so.6
#4 0xb7e7e75e in sprintf () from /lib/libc.so.6
#5 0xb7978256 in timer_send_notify () from
/usr/local//lib/opensips/modules/rls.so
#6 0x080b11a0 in timer_ticker ()
#7 0x080b0fd1 in run_timer_process ()
#8 0x080b130b in start_timer_processes ()
#9 0x08065cdd in main_loop ()
#10 0x08067f5f in main ()
Regards
rmnathan
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=1086410&aid=2430807&group_id=232389
_______________________________________________
Devel mailing list
Devel@lists.opensips.org
http://lists.opensips.org/cgi-bin/mailman/listinfo/devel
