[sr-dev] crash while parsing uri

Juha Heinanen jh at tutpro.com
Thu Dec 16 19:15:12 CET 2010 

sr master crashes while parsing uri.  looks like it is related to db
acc_extra, but don't know which uri it was. actually, when i look at my
db_extra var, it contains $ru and the rest are avps.  so perhaps the
crash came while parsing request-uri.

-- juha

Program terminated with signal 11, Segmentation fault.
[New process 17398]
#0  parse_uri (buf=0x20000000a <Address 0x20000000a out of bounds>, 
    len=1249306511, uri=0x2b0fc2c9bb28) at parser/parse_uri.c:389
389		scheme=buf[0]+(buf[1]<<8)+(buf[2]<<16)+(buf[3]<<24);
(gdb) where
#0  parse_uri (buf=0x20000000a <Address 0x20000000a out of bounds>, 
    len=1249306511, uri=0x2b0fc2c9bb28) at parser/parse_uri.c:389
#1  0x00000000004fe88f in parse_sip_msg_uri (msg=0x2b0fc2c9b748)
    at parser/parse_uri.c:1407
#2  0x00002b0fc11158d5 in pv_get_ruri (msg=0x2b0fc2c9bb28, param=0x984238, 
    res=0x2b0fc2c9b9c8) at pv_core.c:207
#3  0x0000000000466743 in pv_get_spec_value (msg=0x2b0fc2c9b748, sp=0x984220, 
    value=0x2b0fc2c9b9c8) at pvapi.c:988
#4  0x00002b0fc175167c in extra2strar (extra=0x984210, rq=0x2b0fc2c9b748, 
    val_arr=<value optimized out>, int_arr=0x2b0fc1968f7c, 
    type_arr=0x2b0fc19690c7 "") at acc_extra.c:262
#5  0x00002b0fc1750720 in acc_db_request (rq=0x2b0fc2c9b748) at acc.c:385
#6  0x00002b0fc1752bd8 in on_missed (t=<value optimized out>, 
    req=0x2b0fc2c9b748, reply=<value optimized out>, code=503)
    at acc_logic.c:356
#7  0x00002b0fc1753654 in tmcb_func (t=0x2b0fc2c93ad0, 
    type=<value optimized out>, ps=<value optimized out>) at acc_logic.c:399
#8  0x00002b0fbe84d1ac in run_trans_callbacks_internal (
    cb_lst=0x2b0fc2c93b40, type=128, trans=0x2b0fc2c93ad0, 
    params=0x7fffee58ed20) at t_hooks.c:290
#9  0x00002b0fbe84d40a in run_trans_callbacks (type=27, 
    trans=<value optimized out>, req=0x246, rpl=0x20000000a, code=6)
    at t_hooks.c:317
#10 0x00002b0fbe86d8cc in _reply_light (trans=0x2b0fc2c93ad0, 
    buf=0x8a4dc0 "SIP/2.0 503 Service not available\r\nVia: SIP/2.0/TCP 192.98.100.10;branch=z9hG4bK2ee1.89c63a36.0\r\nVia: SIP/2.0/UDP 192.168.0.169:5074;received=192.98.100.128;rport=62461;branch=z9hG4bKuukwknpo\r\nTo: <si"..., 
    len=455, code=503, to_tag=<value optimized out>, 
    to_tag_len=<value optimized out>, lock=1, bm=0x7fffee58eea0)
---Type <return> to continue, or q <return> to quit--- 
    at t_reply.c:646
#11 0x00002b0fbe86eaf1 in _reply (trans=0x2b0fc2c93ad0, p_msg=0x8d77e0, 
    code=503, text=<value optimized out>, lock=1) at t_reply.c:726
#12 0x00002b0fbe85df55 in w_t_reply_wrp (m=0x8d77e0, 
    code=<value optimized out>, txt=<value optimized out>) at tm.c:1256
#13 0x00002b0fbf9362cd in send_reply (msg=0x8d77e0, code=503, 
    reason=0x7fffee58f000) at sl.c:268
#14 0x00002b0fbf9365e5 in w_send_reply (msg=0x8d77e0, 
    p1=<value optimized out>, p2=0x930d18 "xO\223") at sl.c:306
#15 0x0000000000415ab6 in do_action (h=0x7fffee5915c0, a=0x934d50, 
    msg=0x8d77e0) at action.c:1100
#16 0x000000000041c462 in run_actions (h=0x7fffee5915c0, a=0x934d50, 
    msg=0x8d77e0) at action.c:1588
#17 0x000000000041620c in do_action (h=0x7fffee5915c0, a=0x934fa0, 
    msg=0x8d77e0) at action.c:1089
#18 0x000000000041c462 in run_actions (h=0x7fffee5915c0, a=0x934fa0, 
    msg=0x8d77e0) at action.c:1588
#19 0x000000000041620c in do_action (h=0x7fffee5915c0, a=0x935090, 
    msg=0x8d77e0) at action.c:1089
#20 0x000000000041c462 in run_actions (h=0x7fffee5915c0, a=0x933c60, 
    msg=0x8d77e0) at action.c:1588
#21 0x000000000041620c in do_action (h=0x7fffee5915c0, a=0x935a10, 
    msg=0x8d77e0) at action.c:1089
#22 0x000000000041c462 in run_actions (h=0x7fffee5915c0, a=0x935a10, 
    msg=0x8d77e0) at action.c:1588
#23 0x0000000000415b57 in do_action (h=0x7fffee5915c0, a=0x942688, 
    msg=0x8d77e0) at action.c:1392
#24 0x000000000041c462 in run_actions (h=0x7fffee5915c0, a=0x931f88, 
    msg=0x8d77e0) at action.c:1588
---Type <return> to continue, or q <return> to quit---
#25 0x00000000004176ff in do_action (h=0x7fffee5915c0, a=0x931c88, 
    msg=0x8d77e0) at action.c:712
#26 0x000000000041c462 in run_actions (h=0x7fffee5915c0, a=0x92bfb8, 
    msg=0x8d77e0) at action.c:1588
#27 0x00000000004176ff in do_action (h=0x7fffee5915c0, a=0x8d4858, 
    msg=0x8d77e0) at action.c:712
#28 0x000000000041c462 in run_actions (h=0x7fffee5915c0, a=0x87dc00, 
    msg=0x8d77e0) at action.c:1588
#29 0x00000000004176ff in do_action (h=0x7fffee5915c0, a=0x87cb58, 
    msg=0x8d77e0) at action.c:712
#30 0x000000000041c462 in run_actions (h=0x7fffee5915c0, a=0x877578, 
    msg=0x8d77e0) at action.c:1588
#31 0x000000000041c723 in run_top_route (a=0x877578, msg=0x8d77e0, 
    c=<value optimized out>) at action.c:1661
#32 0x00000000004704fe in receive_msg (
    buf=0x2b0fc2c8f430 "INVITE *********\r\n"..., 
    len=<value optimized out>, rcv_info=0x2b0fc2c8f168) at receive.c:205
#33 0x00000000004cc1d1 in tcp_read_req (con=0x2b0fc2c8f150, 
    bytes_read=0x7fffee591930, read_flags=0x7fffee59192c) at tcp_read.c:978
#34 0x00000000004ccc2e in handle_io (fm=0x98c1d8, events=1, idx=-1)
    at tcp_read.c:1150
#35 0x00000000004cf760 in tcp_receive_loop (unix_sock=<value optimized out>)
    at io_wait.h:1091
#36 0x00000000004a8fb7 in tcp_init_children () at tcp_main.c:4819
#37 0x000000000044da94 in main_loop () at main.c:1632
#38 0x000000000044ffd0 in main (argc=<value optimized out>, 
    argv=0x7fffee591cd8) at main.c:2398

More information about the sr-dev mailing list