[sr-dev] [kamailio/kamailio] Segmentation fault on tm:t_should_relay_response (#1875)

Fernando S. Santos notifications at github.com
Fri Mar 1 13:02:30 CET 2019


After applying the patch i started to get this new crash, and with only one transaction the crash was already occurring. When I removed the changes made by #1875, the segfault on tmx stopped happening again.

```
(gdb) frame 0
#0  0x00007f4e5094a934 in pv_get_tm_reply_code (msg=0x7f4e2cd14cb8, param=0x7f4e55a61328, res=0x7fffd5915aa0) at t_var.c:528
528                                             code = t->uac[branch].last_received;
(gdb) p *t
$2 = {next_c = 0x7f4e2c7ae270, prev_c = 0x7f4e2cd11d88, hash_index = 12317, label = 1021694037, flags = 329, nr_of_outgoings = 1, fcount = 0, ref_count = {val = 1}, from = {
    s = 0x7f4e2cd0f831 "From: \"82065\" <sip:16994660926 at X.X.X.132>;tag=as2d23aaa7\r\nTo: <sip:777045516992546314 at X.X.X.38>\r\nContact: <sip:16994660926 at X.X.X.132:5060>\r\nCall-ID: 7b434108222cd5ef0c4b0b4b4e8ddad2 at 200"..., len = 63}, callid = {
    s = 0x7f4e2cd0f8cc "Call-ID: 7b434108222cd5ef0c4b0b4b4e8ddad2 at X.X.X.132:5060\r\nCSeq: 102 INVITE\r\nUser-Agent: Asterisk PBX 11.22.0\r\nDate: Fri, 01 Mar 2019 05:20:01 GMT\r\nAllow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER,"..., len = 63}, cseq_n = {
    s = 0x7f4e2cd0f90b "CSeq: 102 INVITE\r\nUser-Agent: Asterisk PBX 11.22.0\r\nDate: Fri, 01 Mar 2019 05:20:01 GMT\r\nAllow: INVITE, ACK, CANCEL, OPTIONS, BYE, REFER, SUBSCRIBE, NOTIFY, INFO, PUBLISH, MESSAGE\r\nSupported: replaces"..., len = 9}, to = {
    s = 0x7f4e2cd0f870 "To: <sip:777045516992546314 at X.X.X.38>\r\nContact: <sip:16994660926 at X.X.X.132:5060>\r\nCall-ID: 7b434108222cd5ef0c4b0b4b4e8ddad2 at X.X.X.132:5060\r\nCSeq: 102 INVITE\r\nUser-Agent: Asterisk PBX 11"..., len = 44}, method = {
    s = 0x7f4e2cd0f7a0 "INVITE sip:777045516992546314 at X.X.X.38 SIP/2.0\r\nVia: SIP/2.0/UDP X.X.X.132:5060;TH=div;branch=z9hG4bK560e0ea1;rport\r\nMax-Forwards: 69\r\nFrom: \"82065\" <sip:16994660926 at X.X.X.132>;tag=as2d"..., len = 6}, tmcb_hl = {
    first = 0x7f4e2cd113a8, reg_types = 1048738}, wait_timer = {next = 0x0, prev = 0x0, expire = 0, initial_timeout = 0, data = 0x7f4e2cd0d928, f = 0x7f4e50c2151b <timer_fixup+1251>, flags = 1, slow_idx = 0}, uas = {request = 0x0, end_request = 0x7f4e2cd0f078 "\001",
    response = {rbtype = 1120, flags = 11473, t_active = 32590, branch = 0, buffer_len = 100, buffer = 0x174 <Address 0x174 out of bounds>, my_T = 0x7f4e2cd104c8, timer = {next = 0x7f4e2cd0d928, prev = 0x0, expire = 0, initial_timeout = 0, data = 0x0, f = 0x0,
        flags = 1354895338, slow_idx = 32590}, dst = {send_sock = 0x0, to = {s = {sa_family = 6952, sa_data = "\322TN\177\000\000\002\000\023\304\310b\201\204"}, sin = {sin_family = 6952, sin_port = 21714, sin_addr = {s_addr = 32590},
            sin_zero = "\002\000\023\304\310b\201\204"}, sin6 = {sin6_family = 6952, sin6_port = 21714, sin6_flowinfo = 32590, sin6_addr = {__in6_u = {__u6_addr8 = "\002\000\023\304\310b\201\204\000\000\000\000\000\000\000", __u6_addr16 = {2, 50195, 25288, 33921, 0, 0,
                  0, 0}, __u6_addr32 = {3289579522, 2223071944, 0, 0}}}, sin6_scope_id = 0}}, id = 0, proto = 0 '\000', send_flags = {f = 0, blst_imask = 0}}, retr_expire = 1, fr_expire = 0}, local_totag = {s = 0x0, len = 751895980}, cancel_reas = 0x0, status = 0},
  uac = 0x64, async_backup = {backup_route = 751885120, backup_branch = 32590, blind_uac = 0, ruri_new = 0}, fwded_totags = 0x0, uri_avps_from = 0x0, uri_avps_to = 0x7f4e2cd10ff8, user_avps_from = 0x0, user_avps_to = 0x0, domain_avps_from = 0x0, domain_avps_to = 0x0,
  xavps_list = 0x0, reply_mutex = {val = 0}, reply_locker_pid = {val = 0}, reply_rec_lock_level = 1, fr_timeout = 89742, fr_inv_timeout = 0, rt_t1_timeout_ms = 32, rt_t2_timeout_ms = 0, end_of_life = 96, relayed_reply_branch = 500, on_failure = 4000,
  on_branch_failure = 59989, on_reply = 3998, on_branch = 65534, on_branch_delayed = 0, md5 = 0x7f4e2cd0db18 ""}
```

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/1875#issuecomment-468643254
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-dev/attachments/20190301/64a35383/attachment.html>


More information about the sr-dev mailing list