[sr-dev] [tracker] Comment added: crash in 4.1.6 with uac_replace_from
sip-router
bugtracker at sip-router.org
Mon Oct 13 11:11:14 CEST 2014
THIS IS AN AUTOMATED MESSAGE, DO NOT REPLY.
The following task has a new comment added:
FS#479 - crash in 4.1.6 with uac_replace_from
User who did this - Klaus Darilion (klaus3000)
----------
(gdb) bt full
#0 0xb75f2221 in ?? () from /lib/i686/cmov/libc.so.6
No symbol table info available.
#1 0xb75bf86f in vfprintf () from /lib/i686/cmov/libc.so.6
No symbol table info available.
#2 0xb7647346 in __vsyslog_chk () from /lib/i686/cmov/libc.so.6
No symbol table info available.
#3 0xb76474c7 in syslog () from /lib/i686/cmov/libc.so.6
No symbol table info available.
#4 0xb65d7a76 in restore_uri_reply (rpl=0xb72bba68, rpl_hdr=0xb724e23c, req_hdr=0xb2749760, stored_value=0xbf93bb20) at replace.c:674
l = 0xbf93bb20
body = 0x82f38a8
new_val = {s = 0x11 <Address 0x11 out of bounds>, len = -1235288064}
len = 114
p = 0xb72649ac "\001"
__FUNCTION__ = "restore_uri_reply"
#5 0xb65d85f5 in restore_uris_reply (t=0xb2743318, type=2, p=0xbf93bbec) at replace.c:751
req = 0xb2748d94
rpl = 0xb72bba68
avp_value = {n = 1413190832, s = {s = 0x543b94b0 <Address 0x543b94b0 out of bounds>, len = -1226628284}, re = 0x543b94b0}
__FUNCTION__ = "restore_uris_reply"
#6 0xb6dcf3a9 in run_trans_callbacks_internal (cb_lst=0xb2743358, type=2, trans=0xb2743318, params=0xbf93bbec) at t_hooks.c:290
cbp = 0xb2747ac8
backup_from = 0x82f3830
backup_to = 0x82f3834
backup_dom_from = 0x82f3838
backup_dom_to = 0x82f383c
backup_uri_from = 0x82f3828
backup_uri_to = 0x82f382c
backup_xavps = 0x82f38bc
__FUNCTION__ = "run_trans_callbacks_internal"
#7 0xb6dcf4ba in run_trans_callbacks (type=2, trans=0xb2743318, req=0xb2748d94, rpl=0xb72bba68, code=200) at t_hooks.c:317
params = {req = 0xb2748d94, rpl = 0xb72bba68, param = 0xb2747ad4, code = 200, flags = 0, branch = 0, t_rbuf = 0x0, dst = 0x0, send_buf = {s = 0x0,
len = 0}}
#8 0xb6dd4ea6 in t_reply_matching (p_msg=0xb72bba68, p_branch=0xbf93bf7c) at t_lookup.c:1027
p_cell = 0xb2743318
hash_index = 53753
entry_label = 0
branch_id = 0
hashi = 0x82e385c "9f1d.491180a5fd9ae00657af986cc90ea171.0\r\nVia: SIP/2.0/UDP 10.10.0.51:25740;received=44.111.33.3;branch=z9hG4bK-d8754z-3d05d174695cef52-1---d8754z-;rport=15405\r\nFrom: \"004960214099419\" <sip:test at foobar"...
branchi = 0x82e3882 "0\r\nVia: SIP/2.0/UDP 10.10.0.51:25740;received=44.111.33.3;branch=z9hG4bK-d8754z-3d05d174695cef52-1---d8754z-;rport=15405\r\nFrom: \"004960214099419\" <sip:test at foobar.com>;tag=ac183e00\r\nTo: \"0043150564163"...
p = 0x82e3882 "0\r\nVia: SIP/2.0/UDP 10.10.0.51:25740;received=44.111.33.3;branch=z9hG4bK-d8754z-3d05d174695cef52-1---d8754z-;rport=15405\r\nFrom: \"004960214099419\" <sip:test at foobar.com>;tag=ac183e00\r\nTo: \"0043150564163"...
n = 0x82e3883 "\r\nVia: SIP/2.0/UDP 10.10.0.51:25740;received=44.111.33.3;branch=z9hG4bK-d8754z-3d05d174695cef52-1---d8754z-;rport=15405\r\nFrom: \"004960214099419\" <sip:test at foobar.com>;tag=ac183e00\r\nTo: \"00431505641636"...
hash_bucket = 0xb26daac8
hashl = 4
branchl = 1
scan_space = 1
cseq_method = {s = 0x82e39ce "BYE\r\nContact: <sip:11.222.111.132:5060>\r\nContent-Length: 0\r\n\r\n", len = 3}
req_method = {
s = 0xb2749198 "BYE sip:11.222.111.132:5060 SIP/2.0\r\nVia: SIP/2.0/UDP 10.10.0.51:25740;branch=z9hG4bK-d8754z-3d05d174695cef52-1---d8754z-;rport\r\nMax-Forwards: 69\r\nRoute: <sip:80.86.190.20;lr;ftag=ac183e00;did=4c1.327"..., len = 3}
loopi = 0x82e3861 "491180a5fd9ae00657af986cc90ea171.0\r\nVia: SIP/2.0/UDP 10.10.0.51:25740;received=44.111.33.3;branch=z9hG4bK-d8754z-3d05d174695cef52-1---d8754z-;rport=15405\r\nFrom: \"004960214099419\" <sip:test at foobar.com>"...
loopl = 32
is_cancel = 0
__FUNCTION__ = "t_reply_matching"
---Type <return> to continue, or q <return> to quit---
#9 0xb6dd5f12 in t_check_msg (p_msg=0xb72bba68, param_branch=0xbf93bf7c) at t_lookup.c:1130
local_branch = 865320516
canceled = -1217654720
ret = 0
__FUNCTION__ = "t_check_msg"
#10 0xb6dd63e4 in t_check (p_msg=0xb72bba68, param_branch=0xbf93bf7c) at t_lookup.c:1172
ret = -1221870640
#11 0xb6df2c95 in reply_received (p_msg=0xb72bba68) at t_reply.c:2188
msg_status = -1080836196
last_uac_status = -1218542693
ack = 0x92e46d0 ""
ack_len = 3076436486
branch = 0
reply_status = -1218590561
onreply_route = -1217650700
cancel_data = {cancel_bitmap = 8200, reason = {cause = 0, u = {text = {s = 0xb76c1ff4 "|-\024", len = -1217650700}, e2e_cancel = 0xb76c1ff4,
packed_hdrs = {s = 0xb76c1ff4 "|-\024", len = -1217650700}}}}
uac = 0x92e46d0
t = 0xbf93bfb4
lack_dst = {send_sock = 0xb76c33a0, to = {s = {sa_family = 8180, sa_data = "l\267 at H.\t\221\037\000\000\061q^\267"}, sin = {sin_family = 8180,
sin_port = 46956, sin_addr = {s_addr = 154028096}, sin_zero = "\221\037\000\000\061q^\267"}, sin6 = {sin6_family = 8180, sin6_port = 46956,
sin6_flowinfo = 154028096, sin6_addr = {__in6_u = {__u6_addr8 = "\221\037\000\000\061q^\267\272\363^\267N\005j\267", __u6_addr16 = {8081, 0,
28977, 46942, 62394, 46942, 1358, 46954}, __u6_addr32 = {8081, 3076419889, 3076453306, 3077178702}}}, sin6_scope_id = 3076436486}},
id = -1218539036, proto = -11 '\365', send_flags = {f = 31 '\037', blst_imask = 0 '\000'}}
backup_user_from = 0x179
backup_user_to = 0x78
backup_domain_from = 0xb76c33a0
backup_domain_to = 0xb76c1ff4
backup_uri_from = 0xb76c33a0
backup_uri_to = 0x0
backup_xavps = 0xbf93bfd0
replies_locked = -1218516819
branch_ret = -1217645616
prev_branch = 91976
blst_503_timeout = -1217645664
hf = 0xb76c1ff4
onsend_params = {req = 0xb76a256f, rpl = 0xb76c1040, param = 0x3393bfd4, code = 808529969, flags = 1349, branch = 46954, t_rbuf = 0xbf93c014,
dst = 0xbf93bfef, send_buf = {s = 0x1f91 <Address 0x1f91 out of bounds>, len = 83896}}
ctx = {rec_lev = -1217654720, run_flags = -1080836325, last_retcode = -1218384535, jmp_env = {{__jmpbuf = {154028121, -1080836326, 2, -1217780369,
1, 2}, __mask_was_saved = 808529969, __saved_mask = {__val = {3077178693, 3214131076, 3077178719, 3077184746, 3077178702, 153097056,
3077312096, 3214130972, 11, 0, 0, 8181, 2, 4294967295, 2, 8, 154028123, 3077316596, 3077316596, 154027728, 3076436486, 3214130956,
3076424603, 3066798033, 3076376735, 3077316596, 154027728, 3214130980, 377, 128, 842216352, 3077316596}}}}}
__FUNCTION__ = "reply_received"
#12 0x0809ef89 in do_forward_reply (msg=0xb72bba68, mode=0) at forward.c:777
new_buf = 0x0
dst = {send_sock = 0x0, to = {s = {sa_family = 0, sa_data = '\000' <repeats 13 times>}, sin = {sin_family = 0, sin_port = 0, sin_addr = {
s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, sin6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u = {
__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}},
id = 0, proto = 0 '\000', send_flags = {f = 0 '\000', blst_imask = 0 '\000'}}
new_len = 1
r = 1
s = 0xb6c0bf19 "\270\001"
len = 46
__FUNCTION__ = "do_forward_reply"
#13 0x0809f7e8 in forward_reply (msg=0xb72bba68) at forward.c:860
No locals.
#14 0x080e3343 in receive_msg (
buf=0x82e3820 "SIP/2.0 200 Ok\r\nVia: SIP/2.0/UDP 80.86.190.20;branch=z9hG4bK9f1d.491180a5fd9ae00657af986cc90ea171.0\r\nVia: SIP/2.0/UDP 10.10.0.51:25740;received=44.111.33.3;branch=z9hG4bK-d8754z-3d05d174695cef52-1---d"..., len=496, rcv_info=0xbf93c230) at receive.c:273
---Type <return> to continue, or q <return> to quit---
msg = 0xb72bba68
ctx = {rec_lev = 7, run_flags = 0, last_retcode = 0, jmp_env = {{__jmpbuf = {-1080835664, -1080835736, -1080835724, 114, -1217382152, 0},
__mask_was_saved = 1, __saved_mask = {__val = {7200, 134561919, 3071791552, 3071791552, 3214131672, 135772984, 0, 1024, 3214131608,
135713307, 2992051372, 1, 1, 3077332992, 153773640, 4294967295, 3077582836, 134561919, 1, 3214131648, 3077523814, 1, 3077333816, 7, 0,
135713433, 50195, 3072766456, 4, 0, 3076031240, 7}}}}}
ret = 0
inb = {
s = 0x82e3820 "SIP/2.0 200 Ok\r\nVia: SIP/2.0/UDP 80.86.190.20;branch=z9hG4bK9f1d.491180a5fd9ae00657af986cc90ea171.0\r\nVia: SIP/2.0/UDP 10.10.0.51:25740;received=44.111.33.3;branch=z9hG4bK-d8754z-3d05d174695cef52-1---d"..., len = 496}
__FUNCTION__ = "receive_msg"
#15 0x081710c3 in udp_rcv_loop () at udp_server.c:536
len = 496
buf = "SIP/2.0 200 Ok\r\nVia: SIP/2.0/UDP 80.86.190.20;branch=z9hG4bK9f1d.491180a5fd9ae00657af986cc90ea171.0\r\nVia: SIP/2.0/UDP 10.10.0.51:25740;received=44.111.33.3;branch=z9hG4bK-d8754z-3d05d174695cef52-1---d"...
tmp = 0x59c23c63 <Address 0x59c23c63 out of bounds>
from = 0xb726b1f4
fromlen = 16
ri = {src_ip = {af = 2, len = 4, u = {addrl = {2223034705, 135071565, 2, 2}, addr32 = {2223034705, 135071565, 2, 2}, addr16 = {53585, 33920, 1869,
2061, 2, 0, 2, 0}, addr = "Q?\204M\a\r\b\002\000\000\000\002\000\000"}}, dst_ip = {af = 2, len = 4, u = {addrl = {348018256, 0, 0, 0},
addr32 = {348018256, 0, 0, 0}, addr16 = {22096, 5310, 0, 0, 0, 0, 0, 0}, addr = "PV\276\024", '\000' <repeats 11 times>}}, src_port = 5060,
dst_port = 5060, proto_reserved1 = 0, proto_reserved2 = 0, src_su = {s = {sa_family = 2,
sa_data = "\023\304Q?\204\000\000\000\000\000\000\000"}, sin = {sin_family = 2, sin_port = 50195, sin_addr = {s_addr = 2223034705},
sin_zero = "\000\000\000\000\000\000\000"}, sin6 = {sin6_family = 2, sin6_port = 50195, sin6_flowinfo = 2223034705, sin6_addr = {__in6_u = {
__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}},
bind_address = 0xb71b68f8, proto = 1 '\001'}
__FUNCTION__ = "udp_rcv_loop"
#16 0x080adff3 in main_loop () at main.c:1619
i = 1
pid = 0
si = 0xb71b68f8
si_desc = "udp receiver child=1 sock=80.86.190.20:5060\000\000\000\000\000\035\001\000\000\001\000\000\000 \034\000\000\a", '\000' <repeats 11 times>"\210, Ó\277Ih\017\b49)\267\000\000\000\000\270Ó\277Tys\262\b\320\027\267B\000\000\000\003\000\000\000\000\000\000\000\020\063(\t\000\000\000\000\270Ó\277\003i\017\b"
nrprocs = 2
__FUNCTION__ = "main_loop"
#17 0x080b10c1 in main (argc=13, argv=0xbf93c514) at main.c:2547
cfg_stream = 0x91fb008
c = -1
r = 0
tmp = 0xbf93d998 ""
tmp_len = -1218880859
port = -1080835032
proto = -1218780219
options = 0x82087c4 ":f:cm:M:dVIhEeb:l:L:n:vKrRDTN:W:w:t:u:g:P:G:SQ:O:a:A:"
ret = -1
seed = 3283447642
rfd = 4
debug_save = 0
debug_flag = 0
dont_fork_cnt = 0
n_lst = 0x81f3740
p = 0xbf93c468 "\350e\277\246\\Y\267\r"
__FUNCTION__ = "main"
----------
More information can be found at the following URL:
http://sip-router.org/tracker/index.php?do=details&task_id=479#comment1664
You are receiving this message because you have requested it from the Flyspray bugtracking system. If you did not expect this message or don't want to receive mails in future, you can change your notification settings at the URL shown above.
More information about the sr-dev
mailing list