[OpenSER-Devel] [ openser-Bugs-1899005 ] Crash during CANCEL

SourceForge.net noreply at sourceforge.net
Wed Feb 27 12:55:17 CET 2008


Bugs item #1899005, was opened at 2008-02-21 18:23
Message generated for change (Comment added) made by norm_brandinger
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=743020&aid=1899005&group_id=139143

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: modules
Group: None
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Norm Brandinger (norm_brandinger)
Assigned to: Bogdan-Andrei Iancu (bogdan_iancu)
Summary: Crash during CANCEL

Initial Comment:
(gdb) bt
#0  fm_status (qm=0x715b20) at mem/f_malloc.c:513
#1  0x000000000041effc in sig_usr (signo=15) at main.c:568
#2  <signal handler called>
#3  0x00002b86c42a4727 in sched_yield () from /lib/libc.so.6
#4  0x00002b86c5ab1330 in cancel_invite (cancel_msg=<value optimized out>, t_cancel=<value optimized out>, t_invite=0x2b86ccd2ee40) at ../../mem/../fastlock.h:184
#5  0x00002b86c5ab3c6f in t_forward_nonack (t=0x2b86ccfbf368, p_msg=0x8cc5e8, proxy=0x0) at t_fwd.c:598
#6  0x00002b86c5aafde9 in t_relay_to (p_msg=0x8cc5e8, proxy=0x0, flags=10) at t_funcs.c:252
#7  0x00002b86c5abd683 in w_t_relay (p_msg=0x8cc5e8, proxy=0x0, flags=0xa <Address 0xa out of bounds>) at tm.c:929
#8  0x000000000040edbe in do_action (a=0x867ad8, msg=0x8cc5e8) at action.c:817
#9  0x000000000040d5c3 in run_action_list (a=<value optimized out>, msg=0x8cc5e8) at action.c:132
#10 0x0000000000448579 in eval_expr (e=0x867ba8, msg=0x8cc5e8, val=0x80) at route.c:1067
#11 0x0000000000448264 in eval_expr (e=0x867bf0, msg=0x8cc5e8, val=0x0) at route.c:1374
#12 0x000000000044827e in eval_expr (e=0x867c38, msg=0x8cc5e8, val=0x0) at route.c:1379
#13 0x000000000040e836 in do_action (a=0x868b80, msg=0x8cc5e8) at action.c:672
#14 0x000000000040d5c3 in run_action_list (a=<value optimized out>, msg=0x8cc5e8) at action.c:132
#15 0x000000000040f6ee in do_action (a=0x830038, msg=0x8cc5e8) at action.c:112
#16 0x000000000040d5c3 in run_action_list (a=<value optimized out>, msg=0x8cc5e8) at action.c:132
#17 0x000000000040f6ee in do_action (a=0x7ca838, msg=0x8cc5e8) at action.c:112
#18 0x000000000040d5c3 in run_action_list (a=<value optimized out>, msg=0x8cc5e8) at action.c:132
#19 0x00000000004106bf in do_action (a=0x7ca908, msg=0x8cc5e8) at action.c:695
#20 0x000000000040d5c3 in run_action_list (a=<value optimized out>, msg=0x8cc5e8) at action.c:132
#21 0x0000000000410257 in do_action (a=0x7cb460, msg=0x8cc5e8) at action.c:795
#22 0x000000000040d5c3 in run_action_list (a=<value optimized out>, msg=0x8cc5e8) at action.c:132
#23 0x000000000040f6ee in do_action (a=0x73b8f8, msg=0x8cc5e8) at action.c:112
#24 0x000000000040d5c3 in run_action_list (a=<value optimized out>, msg=0x8cc5e8) at action.c:132
#25 0x000000000041014d in do_action (a=0x73ba98, msg=0x8cc5e8) at action.c:689
#26 0x000000000040d5c3 in run_action_list (a=<value optimized out>, msg=0x8cc5e8) at action.c:132
#27 0x000000000041014d in do_action (a=0x73de60, msg=0x8cc5e8) at action.c:689
#28 0x000000000040d5c3 in run_action_list (a=<value optimized out>, msg=0x8cc5e8) at action.c:132
#29 0x0000000000410b90 in run_top_route (a=0x72fe70, msg=0x8cc5e8) at action.c:112
#30 0x000000000043e0ad in receive_msg (
    buf=0x6f4a60 "CANCEL sip:19734795595 at 209.102.225.3:5060 SIP/2.0\r\nVia: SIP/2.0/UDP 209.102.225.3;branch=z9hG4bK003c.7feb7676.2\r\nFrom: \"Test 8119 Test\" <sip:8119 at 209.102.227.6>;tag=34a3d08d21bd3c16o0\r\nCall-ID: fa8477"..., len=370, rcv_info=0x7fffe6ef89a0) at receive.c:156
#31 0x000000000046e922 in udp_rcv_loop () at udp_server.c:438
#32 0x00000000004221f1 in main (argc=<value optimized out>, argv=0x7fffe6ef8ba8) at main.c:779

----------------------------------------------------------------------

>Comment By: Norm Brandinger (norm_brandinger)
Date: 2008-02-27 11:55

Message:
Logged In: YES 
user_id=1786021
Originator: YES

Both crashes happend with the SVN trunk.

----------------------------------------------------------------------

Comment By: Bogdan-Andrei Iancu (bogdan_iancu)
Date: 2008-02-27 11:01

Message:
Logged In: YES 
user_id=1275325
Originator: NO

Hi Norman,

For the original reported crash, what openser version you were using. 
For the second crash, I understand in it the SVN trunk or??

Thanks and regards,
Bogdan

----------------------------------------------------------------------

Comment By: Norm Brandinger (norm_brandinger)
Date: 2008-02-21 18:39

Message:
Logged In: YES 
user_id=1786021
Originator: YES

Using the latest SVN produced another crash.
Ok, I have to fix my Contact header problems, but it shouldn't cause
OpenSER to core.


Program terminated with signal 11, Segmentation fault.
#0  0x00002ae56dd812c3 in reply_received (p_msg=0x8cc5e8) at
t_reply.c:1299
1299            if ( get_cseq(p_msg)->method_id==METHOD_CANCEL &&
is_invite(t) ) {
(gdb) bt
#0  0x00002ae56dd812c3 in reply_received (p_msg=0x8cc5e8) at
t_reply.c:1299
#1  0x000000000041b8fe in forward_reply (msg=0x8cc5e8) at forward.c:499
#2  0x000000000043e286 in receive_msg (
    buf=0x6f4a60 "SIP/2.0 400 Bad Contact Header\r\nVia: SIP/2.0/UDP
209.102.225.3;branch=z9hG4bK9afa.349110d6.3\r\nVia: SIP/2.0/UDP
192.168.1.3:5107;rport=5107;received=209.102.231.81;branch=z9hG4bK-f9d34206\r\nRecord-Route"...,
len=672, rcv_info=0x7fff3ec3c3d0) at receive.c:194
#3  0x000000000046e8f2 in udp_rcv_loop () at udp_server.c:438
#4  0x00000000004221e1 in main (argc=<value optimized out>,
argv=0x7fff3ec3c5d8) at main.c:779

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=743020&aid=1899005&group_id=139143



More information about the Devel mailing list