[sr-dev] 3.3 presence crash
Daniel-Constantin Mierla
miconda at gmail.com
Thu Jun 14 08:37:09 CEST 2012
Hello,
can you print hentity and *hentity in frame 1?
Cheers,
Daniel
On 6/13/12 9:55 PM, Juha Heinanen wrote:
> Hugh Waite writes:
>
>> I see that core_hash has moved from /lib/kcore/hash_func.h (in 3.2) to
>> /hashes.h but I think the algorithm is the same one. Maybe pua is
>> passing a null or uninitialised string?
> after getting the debug symbols, i see this:
>
> (gdb) where
> #0 0x00007fe3b4db0f9f in core_hash (s1=0x7fe3b1866a01, s2=0x0, size=512)
> at ../../hashes.h:279
> #1 0x00007fe3b4db233f in publ_cback_func (t=0x7fe3b1866d20, type=1024,
> ps=0x7fffa7086230) at send_publish.c:246
> #2 0x00007fe3b9834907 in run_trans_callbacks_internal (cb_lst=0x7fe3b1866d90,
> type=1024, trans=0x7fe3b1866d20, params=0x7fffa7086230) at t_hooks.c:290
> #3 0x00007fe3b9834a19 in run_trans_callbacks (type=1024,
> trans=0x7fe3b1866d20, req=0x0, rpl=0x7fe3b9d78c88, code=200)
> at t_hooks.c:317
> #4 0x00007fe3b985c6fa in local_reply (t=0x7fe3b1866d20, p_msg=0x7fe3b9d78c88,
> branch=0, msg_status=200, cancel_data=0x7fffa7086490) at t_reply.c:2001
> #5 0x00007fe3b985db30 in reply_received (p_msg=0x7fe3b9d78c88)
> at t_reply.c:2350
> #6 0x000000000044fee5 in forward_reply (msg=0x7fe3b9d78c88) at forward.c:790
> #7 0x0000000000489180 in receive_msg (
> buf=0x7fe3b1868350 "SIP/2.0 200 OK\r\nVia: SIP/2.0/TCP 192.98.103.10:8080;branch=z9hG4bK2d38.cbac1124", '0' <repeats 24 times>, ".0;received=127.0.0.1\r\nTo: sip:jh at vm.test.fi;tag=4a664ec84c547b2d0bc0fe8965f834e4-d075\r\nFrom: sip"..., len=461, rcv_info=0x7fe3b1868088) at receive.c:270
> #8 0x0000000000501a8c in receive_tcp_msg (
> tcpbuf=0x7fe3b1868350 "SIP/2.0 200 OK\r\nVia: SIP/2.0/TCP 192.98.103.10:8080;branch=z9hG4bK2d38.cbac1124", '0' <repeats 24 times>, ".0;received=127.0.0.1\r\nTo: sip:jh at vm.test.fi;tag=4a664ec84c547b2d0bc0fe8965f834e4-d075\r\nFrom: sip"..., len=461, rcv_info=0x7fe3b1868088, con=0x7fe3b1868070) at tcp_read.c:1044
> #9 0x0000000000502740 in tcp_read_req (con=0x7fe3b1868070,
> bytes_read=0x7fffa708693c, read_flags=0x7fffa7086938) at tcp_read.c:1231
> #10 0x0000000000503759 in handle_io (fm=0x7fe3b9d66740, events=1, idx=-1)
> at tcp_read.c:1403
> #11 0x00000000004fe363 in io_wait_loop_epoll (h=0x897ce0, t=2, repeat=0)
> at io_wait.h:1092
> #12 0x0000000000504431 in tcp_receive_loop (unix_sock=20) at tcp_read.c:1572
> #13 0x00000000004f9920 in tcp_init_children () at tcp_main.c:4952
> #14 0x000000000045c9fb in main_loop () at main.c:1718
> #15 0x000000000045f29c in main (argc=16, argv=0x7fffa7086de8) at main.c:2546
>
> at frame #1, i see:
>
> (gdb) frame 1
> #1 0x00007fe3b4db233f in publ_cback_func (t=0x7fe3b1866d20, type=1024,
> ps=0x7fffa7086230) at send_publish.c:246
> 246 hash_code= core_hash(hentity->pres_uri, NULL, HASH_SIZE);
> (gdb) print hentity->pres_uri
> $1 = (str *) 0x7fe3b1866a01
>
> looks like that str does not point to anything real:
>
> (gdb) print hentity->pres_uri.len
> $3 = 1835890035
> (gdb) print hentity->pres_uri.s
> $4 = 0x2d6567617373656d <Address 0x2d6567617373656d out of bounds>
>
> -- juha
>
>
> _______________________________________________
> sr-dev mailing list
> sr-dev at lists.sip-router.org
> http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
--
Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Kamailio Advanced Training, Seattle, USA, Sep 23-26, 2012 - http://asipto.com/u/katu
Kamailio Practical Workshop, Netherlands, Sep 10-12, 2012 - http://asipto.com/u/kpw
More information about the sr-dev
mailing list