[OpenSIPS-Devel] [ opensips-Bugs-2862280 ] b2bua crash

SourceForge.net noreply at sourceforge.net
Tue Sep 22 21:48:15 CEST 2009


Bugs item #2862280, was opened at 2009-09-19 14:38
Message generated for change (Comment added) made by sokhapkin
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=1086410&aid=2862280&group_id=232389

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: modules
Group: trunk
Status: Open
Resolution: Fixed
Priority: 5
Private: No
Submitted By: Sergey Okhapkin (sokhapkin)
Assigned to: Nobody/Anonymous (nobody)
Summary: b2bua crash

Initial Comment:
Core was generated by `/usr/local/sbin/opensips -P /var/run/opensips.pid -m 512'.
Program terminated with signal 11, Segmentation fault.
#0  0xb7d06791 in b2b_logic_notify (src=0, msg=0x81bf7f0, key=0xbf86b418, type=0, param=0x97d07f78) at logic.c:696
696                     if(entity->peer && entity->peer->key.s)
(gdb) bt
#0  0xb7d06791 in b2b_logic_notify (src=0, msg=0x81bf7f0, key=0xbf86b418, type=0, param=0x97d07f78) at logic.c:696
#1  0xb7d07f96 in b2b_server_notify (msg=0x81bf7f0, key=0xbf86b418, type=0, param=0x97d07f78) at logic.c:918
#2  0xb7d16b68 in b2b_prescript_f (msg=0x81bf7f0, uparam=0x0) at dlg.c:444
#3  0x080b6bda in exec_pre_req_cb (msg=0x81bf7f0) at script_cb.c:155
#4  0x0809f4f4 in receive_msg (
    buf=0x8191280 "CANCEL sip:15167973100 at 216.86.152.88 SIP/2.0\r\nVia: SIP/2.0/UDP 38.99.108.126;branch=z9hG4bK9193.37a1e097.1\r\nFrom: \"V0919141542006817107\"<sip:8664606632 at 206.123.79.110:5060>;tag=bb70c027\r\nCall-ID: ZWFi"..., len=362,
    rcv_info=0xbf86b4e4) at receive.c:156
#5  0x080e5bed in udp_rcv_loop () at udp_server.c:490
#6  0x08072096 in main (argc=5, argv=0xbf86b6e4) at main.c:818


----------------------------------------------------------------------

>Comment By: Sergey Okhapkin (sokhapkin)
Date: 2009-09-22 15:48

Message:
Few hours long test run is still running, no problems so far.

----------------------------------------------------------------------

Comment By: Anca Vamanu (anca_vamanu)
Date: 2009-09-22 10:23

Message:
Hi,

I think the last commit should fix this. 

Anca


----------------------------------------------------------------------

Comment By: Sergey Okhapkin (sokhapkin)
Date: 2009-09-22 08:49

Message:
Similar crash in a different place.

Core was generated by `/usr/local/sbin/opensips -P /var/run/opensips.pid
-m 512'.
Program terminated with signal 11, Segmentation fault.
#0  0x080f04ae in parse_headers (msg=0xffffffff,
flags=18446744073709551615, next=0)
    at parser/msg_parser.c:298
298             end=msg->buf+msg->len;
(gdb) bt
#0  0x080f04ae in parse_headers (msg=0xffffffff,
flags=18446744073709551615, next=0)
    at parser/msg_parser.c:298
#1  0xb7d36d52 in b2b_logic_notify (src=1, msg=0xffffffff, key=0x97d52848,
type=1,
    param=0x97d52e80) at logic.c:332
#2  0xb7d38ef4 in b2b_client_notify (msg=0xffffffff, key=0x97d52848,
type=1, param=0x97d52e80)
    at logic.c:930
#3  0xb7d49f75 in b2b_tm_cback (htable=0x97d26488, ps=0xb7da42d4) at
dlg.c:1540
#4  0xb7d41ff9 in b2b_client_tm_cback (t=0x97d544a8, type=512,
ps=0xb7da42d4) at client.c:44
#5  0xb7d79dc2 in run_trans_callbacks (type=512, trans=0x97d544a8,
req=0x0, rpl=0xffffffff,
    code=408) at t_hooks.c:208
#6  0xb7d895e1 in local_reply (t=0x97d544a8, p_msg=0xffffffff, branch=0,
msg_status=408,
    cancel_bitmap=0xbfcb0728) at t_reply.c:1339
#7  0xb7d8cbeb in fake_reply (t=0x97d544a8, branch=0, code=408) at
timer.c:253
#8  0xb7d8fe1e in timer_routine (ticks=5087, attr=0x0) at timer.c:365
#9  0x080d7a90 in start_timer_processes () at timer.c:325
#10 0x08071f59 in main (argc=5, argv=0xbfcb0a04) at main.c:867


----------------------------------------------------------------------

Comment By: Anca Vamanu (anca_vamanu)
Date: 2009-09-22 04:58

Message:
Hi Sergey,

It was an addition I made recently and I forgot to add a check. I made the
fix now.

Thanks,
Anca

----------------------------------------------------------------------

Comment By: Sergey Okhapkin (sokhapkin)
Date: 2009-09-21 16:56

Message:
New crash:

Core was generated by `/usr/local/sbin/opensips -P /var/run/opensips.pid
-m 512'.
Program terminated with signal 11, Segmentation fault.
#0  0x080f04ae in parse_headers (msg=0xffffffff,
flags=18446744073709551615, next=0) at parser/msg_parser.c:298
298             end=msg->buf+msg->len;
(gdb) bt
#0  0x080f04ae in parse_headers (msg=0xffffffff,
flags=18446744073709551615, next=0) at parser/msg_parser.c:298
#1  0xb7d2ab53 in b2b_tm_cback (htable=0x97d07488, ps=0xb7d852d4) at
dlg.c:1282
#2  0xb7d22ff9 in b2b_client_tm_cback (t=0x97e99908, type=512,
ps=0xb7d852d4) at client.c:44
#3  0xb7d5adc2 in run_trans_callbacks (type=512, trans=0x97e99908,
req=0x0, rpl=0xffffffff, code=408) at t_hooks.c:208
#4  0xb7d6a5e1 in local_reply (t=0x97e99908, p_msg=0xffffffff, branch=0,
msg_status=408, cancel_bitmap=0xbfa87aa8)
    at t_reply.c:1339
#5  0xb7d6dbeb in fake_reply (t=0x97e99908, branch=0, code=408) at
timer.c:253
#6  0xb7d70e1e in timer_routine (ticks=1737, attr=0x0) at timer.c:365
#7  0x080d7a90 in start_timer_processes () at timer.c:325
#8  0x08071f59 in main (argc=5, argv=0xbfa87d84) at main.c:867
(gdb)  

----------------------------------------------------------------------

Comment By: Anca Vamanu (anca_vamanu)
Date: 2009-09-21 08:30

Message:
Hi,

I have made now a commit in which I fixed what you reported in the other
bug report and also added some checks to prevent this crashes. Please
update and reply if there is you see some other problems.

regards,
Anca

----------------------------------------------------------------------

Comment By: Sergey Okhapkin (sokhapkin)
Date: 2009-09-20 14:36

Message:
One more coredump:

Core was generated by `/usr/local/sbin/opensips -P /var/run/opensips.pid
-m 512'.
Program terminated with signal 11, Segmentation fault.
#0  0xb7dd1f15 in b2b_client_build_dlg (dlg=0x97dff038, leg=0x0) at
client.c:229
229             td->id.rem_tag = leg->tag;
(gdb) bt
#0  0xb7dd1f15 in b2b_client_build_dlg (dlg=0x97dff038, leg=0x0) at
client.c:229
#1  0xb7dd39d3 in b2b_client_dlg (dlg=0x97dff038) at dlg.c:888
#2  0xb7dd6f13 in b2b_send_request (et=B2B_CLIENT, b2b_key=0x97e071f0,
method=0xbf863144, extra_headers=0x0, body=0x0)
    at dlg.c:1003
#3  0xb7dc75af in b2b_logic_notify (src=0, msg=0x81bf7f0, key=0xbf863308,
type=0, param=0x97dc9ec8) at logic.c:697
#4  0xb7dc8fa8 in b2b_server_notify (msg=0x81bf7f0, key=0xbf863308,
type=0, param=0x97dc9ec8) at logic.c:918
#5  0xb7dd7b68 in b2b_prescript_f (msg=0x81bf7f0, uparam=0x0) at
dlg.c:444
#6  0x080b6bda in exec_pre_req_cb (msg=0x81bf7f0) at script_cb.c:155
#7  0x0809f4f4 in receive_msg (
    buf=0x8191280 "ACK sip:0011101355682700402 at sip.voxbeam.com
SIP/2.0\r\nVia: SIP/2.0/UDP
38.99.108.126;branch=z9hG4bK0053.e71e8485.0\r\nFrom: \"12486356887\"
<sip:12486356887 at 38.99.70.226>;tag=as64f545f3\r\nCall-ID: 0fa19b8f2"...,
len=386,
    rcv_info=0xbf8633d4) at receive.c:156
#8  0x080e5bed in udp_rcv_loop () at udp_server.c:490
#9  0x08072096 in main (argc=5, argv=0xbf8635d4) at main.c:818
(gdb) 

----------------------------------------------------------------------

Comment By: Sergey Okhapkin (sokhapkin)
Date: 2009-09-19 14:41

Message:
In real world entity variable could be NULL.

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=1086410&aid=2862280&group_id=232389



More information about the Devel mailing list