THIS IS AN AUTOMATED MESSAGE, DO NOT REPLY.
The following task has a new comment added:
FS#173 - Double Free -- Crash/Coredump and possible security vulnerability
User who did this - Brandon Armstead (CRYY2010)
----------
Daniel,
I believe the following backtrace I'm going to post is from the "work
around" crash.
As for restarting the SIP server --- this is possible but ONLY after a crash - so not sure
if somehow the core file was still being generated and kamailio hadn't completely
shutdown...
**** BACK TRACE ****
#0 0x00007fd59be0fed5 in raise () from /lib/libc.so.6
#1 0x00007fd59be113f3 in abort () from /lib/libc.so.6
#2 0x0000000000528679 in qm_free (qm=0x7fd584f78000, p=0x7fd585269fe8,
file=0x7fd599fd66bb "dialog: dlg_hash.c", func=0x7fd599fd7022
"destroy_dlg", line=215) at mem/q_malloc.c:447
#3 0x00007fd599fbe224 in destroy_dlg (dlg=0x7fd58526c828) at dlg_hash.c:215
#4 0x00007fd599fc069b in unref_dlg (dlg=0x7fd58526c828, cnt=514) at dlg_hash.c:584
#5 0x00007fd599fc5a94 in profile_cleanup (msg=<value optimized out>,
flags=<value optimized out>, param=0x6) at dlg_profile.c:317
#6 0x00000000004bc9d1 in exec_post_script_cb (msg=0xe04b18, type=<value optimized
out>) at script_cb.c:195
#7 0x000000000049598d in receive_msg (
buf=0x8a4300 "INVITE sip:RURI@KAMAILIO SIP/2.0\r\nRecord-Route:
<sip:KAMAILIO_REGISTRAR;lr=on;ftag=658fa5a34456db0do0>\r\nVia: SIP/2.0/UDP
KAMAILIO_REGISTRAR;branch=z9hG4bK8177.1bcb9436.0\r\nVia: SIP/2."..., len=<value
optimized out>, rcv_info=0x7fffa4763210) at receive.c:221
#8 0x000000000051c9d1 in udp_rcv_loop () at udp_server.c:532
#9 0x0000000000464b35 in main_loop () at main.c:1560
#10 0x0000000000467fa3 in main (argc=<value optimized out>, argv=0x7fffa47634d8) at
main.c:2410
#0 0x00007fd59be0fed5 in raise () from /lib/libc.so.6
No symbol table info available.
#1 0x00007fd59be113f3 in abort () from /lib/libc.so.6
No symbol table info available.
#2 0x0000000000528679 in qm_free (qm=0x7fd584f78000, p=0x7fd585269fe8,
file=0x7fd599fd66bb "dialog: dlg_hash.c", func=0x7fd599fd7022
"destroy_dlg", line=215) at mem/q_malloc.c:447
f = <value optimized out>
size = <value optimized out>
#3 0x00007fd599fbe224 in destroy_dlg (dlg=0x7fd58526c828) at dlg_hash.c:215
ret = <value optimized out>
__FUNCTION__ = "destroy_dlg"
#4 0x00007fd599fc069b in unref_dlg (dlg=0x7fd58526c828, cnt=514) at dlg_hash.c:584
d_entry = <value optimized out>
#5 0x00007fd599fc5a94 in profile_cleanup (msg=<value optimized out>,
flags=<value optimized out>, param=0x6) at dlg_profile.c:317
No locals.
#6 0x00000000004bc9d1 in exec_post_script_cb (msg=0xe04b18, type=<value optimized
out>) at script_cb.c:195
cb = (struct script_cb *) 0xe19c08
flags = 2147483649
#7 0x000000000049598d in receive_msg (
buf=0x8a4300 "INVITE sip:RURI@KAMAILIO SIP/2.0\r\nRecord-Route:
<sip:KAMAILIO_REGISTRAR;lr=on;ftag=658fa5a34456db0do0>\r\nVia: SIP/2.0/UDP
KAMAILIO_REGISTRAR;branch=z9hG4bK8177.1bcb9436.0\r\nVia: SIP/2."..., len=<value
optimized out>, rcv_info=0x7fffa4763210) at receive.c:221
msg = (struct sip_msg *) 0xe04b18
ctx = {rec_lev = 8, run_flags = 0, last_retcode = 0, jmp_env = {{__jmpbuf = {9420032,
5082547, 140735952597839, 0, 140555419815472, 140555429711872, 8, 4294967295},
__mask_was_saved = 9420904,
__saved_mask = {__val = {8357392, 140735952597528, 14699168, 4294967245,
140555429709464, 0, 140555427602890, 1, 0, 140557099728895, 4250091, 140555419815472,
14775720, 14699160, 140555427627026, 16}}}}}
ret = <value optimized out>
inb = {
s = 0x8a4300 "INVITE sip:RURI@KAMAILIO SIP/2.0\r\nRecord-Route:
<sip:KAMAILIO_REGISTRAR;lr=on;ftag=658fa5a34456db0do0>\r\nVia: SIP/2.0/UDP
KAMAILIO_REGISTRAR;branch=z9hG4bK8177.1bcb9436.0\r\nVia: SIP/2."..., len = 1077}
__FUNCTION__ = "receive_msg"
#8 0x000000000051c9d1 in udp_rcv_loop () at udp_server.c:532
len = 1077
from = (union sockaddr_union *) 0xe04a98
fromlen = 16
ri = {src_ip = {af = 2, len = 4, u = {addrl = {2512315459, 8}, addr32 = {2512315459, 0,
8, 0}, addr16 = {58435, 38334, 0, 0, 8, 0, 0, 0}, addr =
"C��\225\000\000\000\000\b\000\000\000\000\000\000"}},
dst_ip = {af = 2, len = 4, u = {addrl = {162653251, 0}, addr32 = {162653251, 0, 0, 0},
addr16 = {58435, 2481, 0, 0, 0, 0, 0, 0}, addr = "C��\t", '\0'
<repeats 11 times>}}, src_port = 5060, dst_port = 5060,
proto_reserved1 = 0, proto_reserved2 = 0, src_su = {s = {sa_family = 2, sa_data =
"\023�C��\225\000\000\000\000\000\000\000"}, sin = {sin_family = 2, sin_port =
50195, sin_addr = {s_addr = 2512315459},
sin_zero = "\000\000\000\000\000\000\000"}, sin6 = {sin6_family = 2,
sin6_port = 50195, sin6_flowinfo = 2512315459, sin6_addr = {in6_u = {u6_addr8 =
'\0' <repeats 15 times>, u6_addr16 = {0, 0, 0, 0, 0, 0,
0, 0}, u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}, bind_address =
0xe175a8, proto = 1 '\001'}
buf = "INVITE sip:RURI@KAMAILIO SIP/2.0\r\nRecord-Route:
<sip:KAMAILIO_REGISTRAR;lr=on;ftag=658fa5a34456db0do0>\r\nVia: SIP/2.0/UDP
KAMAILIO_REGISTRAR;branch=z9hG4bK8177.1bcb9436.0\r\nVia: SIP/2."...
__FUNCTION__ = "udp_rcv_loop"
#9 0x0000000000464b35 in main_loop () at main.c:1560
i = 7
pid = <value optimized out>
si = (struct socket_info *) 0xe175a8
si_desc = "udp receiver child=7
sock=KAMAILIO:5060\000\000\000\000\000�o�\000\000\000\000\000\001\000\000\000�\177",
'\0' <repeats 18 times>,
"t\000\000\000\000\000\000\000\030��\204\001\000\000\000\001\000\000\000\000\000\000\000\003",
'\0' <repeats 22 times>
#10 0x0000000000467fa3 in main (argc=<value optimized out>, argv=0x7fffa47634d8) at
main.c:2410
cfg_stream = (FILE *) 0x2316010
c = <value optimized out>
r = <value optimized out>
tmp = 0x7fffa4764f76 ""
tmp_len = 32725
port = <value optimized out>
proto = <value optimized out>
ret = <value optimized out>
seed = 427627096
rfd = 4
debug_save = <value optimized out>
debug_flag = 0
dont_fork_cnt = 0
n_lst = <value optimized out>
p = <value optimized out>
----------
More information can be found at the following URL:
http://sip-router.org/tracker/index.php?do=details&task_id=173#comment4…
You are receiving this message because you have requested it from the Flyspray bugtracking
system. If you did not expect this message or don't want to receive mails in future,
you can change your notification settings at the URL shown above.