[OpenSIPS-Users] OpenSIPS Crash
Liviu Chircu
liviu at opensips.org
Fri Jun 8 05:15:53 EDT 2018
Hi Ben,
Excellent report! I managed to reproduce the crash on first try:
Core was generated by `./opensips -m64 -M16 -f
cfg/opensips-2.4-sipp-siptrace.cfg -w .'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x00007f7987cd7f2a in sip_trace (msg=0x7f799817fd20,
info=0x7f799468d5e0) at siptrace.c:1646
1646 db_vals[1].val.str_val.s = msg->callid->body.s;
(gdb) bt
#0 0x00007f7987cd7f2a in sip_trace (msg=0x7f799817fd20,
info=0x7f799468d5e0) at siptrace.c:1646
#1 0x00007f7987cd7c8d in sip_trace_w (msg=0x7f799817fd20,
param1=0x7f7998169110 "\001", param2=0x2 <error: Cannot access memory at
address 0x2>, param3=0x7f79981691f8 "\001", param4=0x0) at siptrace.c:1590
#2 0x0000000000445082 in do_action (a=0x7f79981589a0,
msg=0x7f799817fd20) at action.c:1864
#3 0x000000000043ccf7 in run_action_list (a=0x7f79981589a0,
msg=0x7f799817fd20) at action.c:172
Quick question for you: you are sending a malformed INVITE, correct?
Here is how mine looked like:
INVITE sip:sipp at 127.0.0.1:5060 SIP/2.0.
Via: SIP/2.0/UDP 127.0.0.1:7000;branch=z9hG4bK-1988-1-0.
From: sipp <sip:sipp at 127.0.0.1:7000>;tag=123456789.
To: sut <sip:sipp at 127.0.0.1:5060>.
CSeq: 1 INVITE.
Contact: <sip:sipp at 127.0.0.1:7000> Call-ID: 1-1988 at 127.0.0.1.
Max-Forwards: 70.
Subject: Performance Test.
Content-Type: application/sdp.
Content-Length: 129.
.
v=0.
o=user1 53655765 2353687637 IN IP4 127.0.0.1.
s=-.
c=IN IP4 127.0.0.1.
t=0 0.
m=audio 6001 RTP/AVP 0.
a=rtpmap:0 PCMU/8000.
Notice how OpenSIPS will be unable to parse the Call-ID header field,
hence the immediate crash in sip_trace(), as it's unable to handle a
NULL Call-ID.
Best regards,
Liviu Chircu
OpenSIPS Developer
http://www.opensips-solutions.com
On 07.06.2018 22:24, Ben Newlin wrote:
>
> Hi,
>
> While running a new test scenario I encountered an OpenSIPS crash.
>
> version: opensips 2.3.3 (x86_64/linux)
>
> flags: STATS: On, DISABLE_NAGLE, USE_MCAST, SHM_MMAP, PKG_MALLOC,
> F_MALLOC, FAST_LOCK-ADAPTIVE_WAIT
>
> ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16,
> MAX_URI_SIZE 1024, BUF_SIZE 65535
>
> poll method support: poll, epoll_lt, epoll_et, sigio_rt, select.
>
> git revision: a0bed9d
>
> main.c compiled on 21:08:28 May 16 2018 with gcc 4.8.5
>
> Logs: https://pastebin.com/3vL3rbG4 <https://pastebin.com/3vL3rbG4>
>
> BT: https://pastebin.com/tTp32ASC <https://pastebin.com/tTp32ASC>
>
> Let me know if anything else is needed.
>
> Thanks,
>
> Ben Newlin
>
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20180608/7ceb0761/attachment.html>
More information about the Users
mailing list