[OpenSIPS-Devel] [ opensips-Bugs-3401668 ] sigfault in presence module due mix_dialog_presence flag

SourceForge.net noreply at sourceforge.net
Thu Sep 8 21:51:14 CEST 2011 

Bugs item #3401668, was opened at 2011-08-31 20:26
Message generated for change (Comment added) made by shari_786pk
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=1086410&aid=3401668&group_id=232389

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: modules
Group: 1.7.x
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Muhammad Shahzad (shari_786pk)
Assigned to: Bogdan-Andrei Iancu (bogdan_iancu)
Summary: sigfault in presence module due mix_dialog_presence flag

Initial Comment:
Enabling "mix_dialog_presence=1" in presence module causes random crash. Core dump of each crash shows sigfault that happens only when using a specific version of Eyebeam. So, it may be a bug in Eyebeam instead of opensips. Anyhow, here is the BT.


Core was generated by `/usr/local/sbin/opensips -P /var/run/opensips.pid -m 512 -u root -g root'.
Program terminated with signal 11, Segmentation fault.
#0  0xb6fdc1ad in get_presence_from_dialog (pres_uri=0xbff1af50, uri=0xbff1ad9c, hash_code=2590) at notify.c:861
/usr/src/svn-src/opensips-1.7.0-tls/modules/presence/notify.c:861:20235:beg:0xb6fdc1ad
(gdb) bt
#0  0xb6fdc1ad in get_presence_from_dialog (pres_uri=0xbff1af50, uri=0xbff1ad9c, hash_code=2590) at notify.c:861
#1  0xb6fdf9e9 in get_p_notify_body (pres_uri=..., event=0x9719d8c4, etag=0x0, publ_body=0x0, contact=0xbff1b230, dbody=0x0, extra_hdrs=0xbff1b058,
    free_fct=0xbff1b074) at notify.c:985
#2  0xb6fe22f9 in send_notify_request (subs=0xbff1b1d8, watcher_subs=0x0, n_body=0x0, force_null_body=0, extra_hdrs=0x0) at notify.c:1916
#3  0xb6fe37ab in notify (subs=0xbff1b1d8, watcher_subs=0x0, n_body=0x0, force_null_body=0, extra_hdrs=0x0) at notify.c:2094
#4  0xb700149d in update_subscription (msg=0x826e79c, subs=0xbff1b1d8, init_req=1) at subscribe.c:451
#5  0xb7001e9a in handle_subscribe (msg=0x826e79c, force_active_param=0x0, str2=0x0) at subscribe.c:659
#6  0x080599b2 in do_action (a=0x820569c, msg=0x970ee8e0) at action.c:1280
#7  0x08058139 in run_action_list (a=0x820569c, msg=0x826e79c) at action.c:141
#8  0x0805c02b in do_action (a=0x8205708, msg=0x826e79c) at action.c:847
#9  0x08058139 in run_action_list (a=0x8205708, msg=0x826e79c) at action.c:141
#10 0x0805ca5b in do_action (a=0x8205774, msg=0x826e79c) at action.c:853
#11 0x08058139 in run_action_list (a=0x82050f4, msg=0x826e79c) at action.c:141
#12 0x0805c02b in do_action (a=0x820584c, msg=0x826e79c) at action.c:847
#13 0x08058139 in run_action_list (a=0x81fdbac, msg=0x826e79c) at action.c:141
#14 0x0805dc40 in run_actions (a=0x81fdbac, msg=0x826e79c) at action.c:121
#15 run_top_route (a=0x81fdbac, msg=0x826e79c) at action.c:182
#16 0x080a38ce in receive_msg (
    buf=0x81cf480 "SUBSCRIBE sip:13107350014 at rtsip.vopium.com SIP/2.0\r\nVia: SIP/2.0/UDP 203.215.176.22:41166;branch=z9hG4bK-d8754z-ff02150196589f0a-1---d8754z-;rport\r\nMax-Forwards: 69\r\nContact: <sip:923214032232 at 203.215"..., len=678, rcv_info=0xbff1c118) at receive.c:165
#17 0x080f91b6 in udp_rcv_loop () at udp_server.c:419
#18 0x08074662 in main_loop (argc=9, argv=0xbff1c2c4) at main.c:885
#19 main (argc=9, argv=0xbff1c2c4) at main.c:1503


The user-agent string of Eyebeam i have that causes these crashes (so far 4), is "eyeBeam release 1101l stamp 49847",

I also have memdump available if you need it.



----------------------------------------------------------------------

>Comment By: Muhammad Shahzad (shari_786pk)
Date: 2011-09-09 00:51

Message:
Nothing so far. Still chasing the customer. I couldn't reproduce it by
other means either.

----------------------------------------------------------------------

Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2011-09-08 16:04

Message:
any update on this ?

Best regards,
Bogdan

----------------------------------------------------------------------

Comment By: Muhammad Shahzad (shari_786pk)
Date: 2011-09-02 01:00

Message:
Actually, i am not sure if its the eyebeam version causing the crash or
something is wrong with opensips. If its eyebeam version then i can simply
block its user-agent in opensips dial plan to avoid crash.
 
Let me try to contact the end-user who has this eyebeam version and see
s/he is willing to help us out in reproducing this crash.

Thank you.


----------------------------------------------------------------------

Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2011-09-02 00:37

Message:
Just to know in what direction to go with the troubleshooting - can you
reproduce this crash?

Regards,
Bogdan

----------------------------------------------------------------------

Comment By: Muhammad Shahzad (shari_786pk)
Date: 2011-09-01 19:48

Message:
Thanks for explaining. I checked all 4 core dumps and they all give exact
same error for last two commands. Here it is,

Core was generated by `/usr/local/sbin/opensips -P /var/run/opensips.pid
-m 512 -u root -g root'.
Program terminated with signal 11, Segmentation fault.
#0  0xb701c1ad in get_presence_from_dialog (pres_uri=0xbf8bb4b0,
uri=0xbf8bb2fc, hash_code=2590) at notify.c:861
/usr/src/svn-src/opensips-1.7.0-tls/modules/presence/notify.c:861:20235:beg:0xb701c1ad
(gdb) frame 0
#0  0xb701c1ad in get_presence_from_dialog (pres_uri=0xbf8bb4b0,
uri=0xbf8bb2fc, hash_code=2590) at notify.c:861
/usr/src/svn-src/opensips-1.7.0-tls/modules/presence/notify.c:861:20235:beg:0xb701c1ad
(gdb) print dialog_event_p
$1 = (pres_ev_t **) 0x97094844
(gdb) print *dialog_event_p
$2 = (pres_ev_t *) 0x6
(gdb) print (*dialog_event_p)->evp
Cannot access memory at address 0xe
(gdb) print (*dialog_event_p)->evp->parsed
Cannot access memory at address 0xe

Thank you.


----------------------------------------------------------------------

Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2011-09-01 18:11

Message:
in gdb command line, just do:
frame 0
print dialog_event_p
print *dialog_event_p
print (*dialog_event_p)->evp
print (*dialog_event_p)->evp->parsed

Thanks,
Bogdan

----------------------------------------------------------------------

Comment By: Muhammad Shahzad (shari_786pk)
Date: 2011-09-01 17:50

Message:
humm, not sure how to do that? I am attaching BT FULL in file here for
further reference. I do see "Address 0xXXXX out of bounds" at a number of
places in it.

----------------------------------------------------------------------

Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2011-09-01 15:52

Message:
Hi,

In frame 0, please print the following values:
    dialog_event_p
    *dialog_event_p
    (*dialog_event_p)->evp
    (*dialog_event_p)->evp->parsed

Thanks and regards,
Bogdan

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=1086410&aid=3401668&group_id=232389

More information about the Devel mailing list