[sr-dev] [kamailio/kamailio] Kamailio crashes immediately after receiving SIP ACK if TLS is used (#2028)
Mathias Schneuwly
notifications at github.com
Wed Sep 11 10:29:05 CEST 2019
Unfortunately I lost the previous core dump, but as the problem is reproducible I got a new immediately. I will post also the output of the previous commands to be consistent.
```
(gdb) frame 0
#0 0xb6b614c6 in populate_leg_info (dlg=0xb4c02160, msg=0xb7290f40, t=0xb4bcebec, leg=1, tag=0xbffd6a3c) at dlg_handlers.c:257
257 in dlg_handlers.c
(gdb) p *msg
$1 = {id = 789, pid = 25937, tval = {tv_sec = 1567515555, tv_usec = 751287}, fwd_send_flags = {f = 0, blst_imask = 0}, rpl_send_flags = {f = 0, blst_imask = 0}, first_line = {type = 2, flags = 1, len = 16,
u = {request = {method = {
s = 0xb4bbbda8 "SIP/2.0 200 OK\r\nTo: \"1234\" <sip:1234 at 192.168.147.1>;tag=260e667f257a6e50i0\r\nFrom: \"CP8861-1\" <sip:1011000 at 192.168.147.1>;tag=f466e3bf705127fo0\r\nCall-ID: 90120efc-780b80b7 at 192.168.147.100\r\nCSeq: 101 IN"..., len = 7}, uri = {
s = 0xb4bbbdb0 "200 OK\r\nTo: \"1234\" <sip:1234 at 192.168.147.1>;tag=260e667f257a6e50i0\r\nFrom: \"CP8861-1\" <sip:1011000 at 192.168.147.1>;tag=f466e3bf705127fo0\r\nCall-ID: 90120efc-780b80b7 at 192.168.147.100\r\nCSeq: 101 INVITE\r\nVi"..., len = 3}, version = {
s = 0xb4bbbdb4 "OK\r\nTo: \"1234\" <sip:1234 at 192.168.147.1>;tag=260e667f257a6e50i0\r\nFrom: \"CP8861-1\" <sip:1011000 at 192.168.147.1>;tag=f466e3bf705127fo0\r\nCall-ID: 90120efc-780b80b7 at 192.168.147.100\r\nCSeq: 101 INVITE\r\nVia: S"..., len = 2}, method_value = 200}, reply = {version = {
s = 0xb4bbbda8 "SIP/2.0 200 OK\r\nTo: \"1234\" <sip:1234 at 192.168.147.1>;tag=260e667f257a6e50i0\r\nFrom: \"CP8861-1\" <sip:1011000 at 192.168.147.1>;tag=f466e3bf705127fo0\r\nCall-ID: 90120efc-780b80b7 at 192.168.147.100\r\nCSeq: 101 IN"..., len = 7}, status = {
s = 0xb4bbbdb0 "200 OK\r\nTo: \"1234\" <sip:1234 at 192.168.147.1>;tag=260e667f257a6e50i0\r\nFrom: \"CP8861-1\" <sip:1011000 at 192.168.147.1>;tag=f466e3bf705127fo0\r\nCall-ID: 90120efc-780b80b7 at 192.168.147.100\r\nCSeq: 101 INVITE\r\nVi"..., len = 3}, reason = {
s = 0xb4bbbdb4 "OK\r\nTo: \"1234\" <sip:1234 at 192.168.147.1>;tag=260e667f257a6e50i0\r\nFrom: \"CP8861-1\" <sip:1011000 at 192.168.147.1>;tag=f466e3bf705127fo0\r\nCall-ID: 90120efc-780b80b7 at 192.168.147.100\r\nCSeq: 101 INVITE\r\nVia: S"..., len = 2}, statuscode = 200}}}, via1 = 0xb72469f0, via2 = 0xb724442c, headers = 0xb7244140, last_header = 0xb72441e8, parsed_flag = 18446744073709551615, h_via1 = 0xb7246a98,
h_via2 = 0xb7244818, callid = 0xb7244394, to = 0xb7244140, cseq = 0xb7244770, from = 0xb7246aec, contact = 0xb72468ac, maxforwards = 0x0, route = 0x0, record_route = 0xb724486c, content_type = 0xb72441e8,
content_length = 0xb72442b8, authorization = 0x0, expires = 0x0, proxy_auth = 0x0, supported = 0xb7244194, require = 0x0, proxy_require = 0x0, unsupported = 0x0, allow = 0xb72418c0, event = 0x0,
accept = 0x0, accept_language = 0x0, organization = 0x0, priority = 0x0, subject = 0x0, user_agent = 0x0, server = 0xb7246b94, content_disposition = 0x0, diversion = 0x0, rpid = 0x0, refer_to = 0x0,
session_expires = 0x0, min_se = 0x0, sipifmatch = 0x0, subscription_state = 0x0, date = 0x0, identity = 0x0, identity_info = 0x0, pai = 0x0, ppi = 0x0, path = 0x0, privacy = 0x0, min_expires = 0x0,
body = 0x0,
eoh = 0xb4bbc154 "\r\nv=0\r\no=- 2117 2117 IN IP4 192.168.148.101\r\ns=-\r\nc=IN IP4 192.168.148.101\r\nt=0 0\r\nm=audio 16418 RTP/SAVP 0 101\r\na=rtpmap:0 PCMU/8000\r\na=rtpmap:101 telephone-event/8000\r\na=fmtp:101 0-15\r\na=ptime:20\r\na"...,
unparsed = 0xb4bbc154 "\r\nv=0\r\no=- 2117 2117 IN IP4 192.168.148.101\r\ns=-\r\nc=IN IP4 192.168.148.101\r\nt=0 0\r\nm=audio 16418 RTP/SAVP 0 101\r\na=rtpmap:0 PCMU/8000\r\na=rtpmap:101 telephone-event/8000\r\na=fmtp:101 0-15\r\na=ptime:20\r\na"..., rcv = {src_ip = {af = 2, len = 4, u = {addrl = {26519744, 0, 0, 0}, addr32 = {26519744, 0, 0, 0}, addr16 = {43200, 404, 0, 0, 0, 0, 0, 0},
addr = "\300\250\224\001", '\000' <repeats 11 times>}}, dst_ip = {af = 2, len = 4, u = {addrl = {16885952, 0, 0, 0}, addr32 = {16885952, 0, 0, 0}, addr16 = {43200, 257, 0, 0, 0, 0, 0, 0},
addr = "\300\250\001\001", '\000' <repeats 11 times>}}, src_port = 5071, dst_port = 48826, proto_reserved1 = 3144, proto_reserved2 = 0, src_su = {s = {sa_family = 2,
sa_data = "\023\317\300\250\224\001\000\000\000\000\000\000\000"}, sin = {sin_family = 2, sin_port = 53011, sin_addr = {s_addr = 26519744}, sin_zero = "\000\000\000\000\000\000\000"}, sin6 = {
sin6_family = 2, sin6_port = 53011, sin6_flowinfo = 26519744, sin6_addr = {__in6_u = {__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}},
sin6_scope_id = 0}}, bind_address = 0x0, proto = 3 '\003'},
buf = 0xb4bbbda8 "SIP/2.0 200 OK\r\nTo: \"1234\" <sip:1234 at 192.168.147.1>;tag=260e667f257a6e50i0\r\nFrom: \"CP8861-1\" <sip:1011000 at 192.168.147.1>;tag=f466e3bf705127fo0\r\nCall-ID: 90120efc-780b80b7 at 192.168.147.100\r\nCSeq: 101 IN"..., len = 1235, new_uri = {s = 0x0, len = 0}, dst_uri = {s = 0x0, len = 0}, parsed_uri_ok = 0, parsed_uri = {user = {s = 0x0, len = 0}, passwd = {s = 0x0, len = 0}, host = {s = 0x0,
len = 0}, port = {s = 0x0, len = 0}, params = {s = 0x0, len = 0}, sip_params = {s = 0x0, len = 0}, headers = {s = 0x0, len = 0}, port_no = 0, proto = 0, type = ERROR_URI_T, flags = 0, transport = {
s = 0x0, len = 0}, ttl = {s = 0x0, len = 0}, user_param = {s = 0x0, len = 0}, maddr = {s = 0x0, len = 0}, method = {s = 0x0, len = 0}, lr = {s = 0x0, len = 0}, r2 = {s = 0x0, len = 0}, gr = {s = 0x0,
len = 0}, transport_val = {s = 0x0, len = 0}, ttl_val = {s = 0x0, len = 0}, user_param_val = {s = 0x0, len = 0}, maddr_val = {s = 0x0, len = 0}, method_val = {s = 0x0, len = 0}, lr_val = {s = 0x0,
len = 0}, r2_val = {s = 0x0, len = 0}, gr_val = {s = 0x0, len = 0}}, parsed_orig_ruri_ok = 0, parsed_orig_ruri = {user = {s = 0x0, len = 0}, passwd = {s = 0x0, len = 0}, host = {s = 0x0, len = 0},
port = {s = 0x0, len = 0}, params = {s = 0x0, len = 0}, sip_params = {s = 0x0, len = 0}, headers = {s = 0x0, len = 0}, port_no = 0, proto = 0, type = ERROR_URI_T, flags = 0, transport = {s = 0x0, len = 0},
ttl = {s = 0x0, len = 0}, user_param = {s = 0x0, len = 0}, maddr = {s = 0x0, len = 0}, method = {s = 0x0, len = 0}, lr = {s = 0x0, len = 0}, r2 = {s = 0x0, len = 0}, gr = {s = 0x0, len = 0},
transport_val = {s = 0x0, len = 0}, ttl_val = {s = 0x0, len = 0}, user_param_val = {s = 0x0, len = 0}, maddr_val = {s = 0x0, len = 0}, method_val = {s = 0x0, len = 0}, lr_val = {s = 0x0, len = 0},
r2_val = {s = 0x0, len = 0}, gr_val = {s = 0x0, len = 0}}, add_rm = 0xb724423c, body_lumps = 0x0, reply_lump = 0x0, add_to_branch_s = '\000' <repeats 57 times>, add_to_branch_len = 0, hash_index = 0,
msg_flags = 32768, flags = 2, xflags = {0, 0}, set_global_address = {s = 0x0, len = 0}, set_global_port = {s = 0x0, len = 0}, force_send_socket = 0x0, path_vec = {s = 0x0, len = 0}, instance = {s = 0x0,
len = 0}, reg_id = 0, ruid = {s = 0x0, len = 0}, location_ua = {s = 0x0, len = 0}, ldv = {flow = {decoded = 0, rcv = {src_ip = {af = 0, len = 0, u = {addrl = {0, 0, 0, 0}, addr32 = {0, 0, 0, 0}, addr16 = {
0, 0, 0, 0, 0, 0, 0, 0}, addr = '\000' <repeats 15 times>}}, dst_ip = {af = 0, len = 0, u = {addrl = {0, 0, 0, 0}, addr32 = {0, 0, 0, 0}, addr16 = {0, 0, 0, 0, 0, 0, 0, 0},
addr = '\000' <repeats 15 times>}}, src_port = 0, dst_port = 0, proto_reserved1 = 0, proto_reserved2 = 0, src_su = {s = {sa_family = 0, sa_data = '\000' <repeats 13 times>}, sin = {sin_family = 0,
sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, sin6 = {sin6_family = 0, sin6_port = 0, sin6_flowinfo = 0, sin6_addr = {__in6_u = {
__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}, bind_address = 0x0, proto = 0 '\000'}}}}
(gdb) p msg->rcv.bind_address
$2 = (struct socket_info *) 0x0
(gdb) p *msg->rcv.bind_address
Cannot access memory at address 0x0
(gdb) frame 10
#10 0x08276179 in tcp_read_req (con=0xb4bbbbd0, bytes_read=0xbffd7df4, read_flags=0xbffd7dec) at core/tcp_read.c:1631
1631 core/tcp_read.c: No such file or directory.
in core/tcp_read.c
(gdb) p *con
$3 = {s = 46, fd = 13, write_lock = {val = 0}, id = 3144, reader_pid = 25937, rcv = {src_ip = {af = 2, len = 4, u = {addrl = {26519744, 0, 0, 0}, addr32 = {26519744, 0, 0, 0}, addr16 = {43200, 404, 0, 0, 0, 0,
0, 0}, addr = "\300\250\224\001", '\000' <repeats 11 times>}}, dst_ip = {af = 2, len = 4, u = {addrl = {16885952, 0, 0, 0}, addr32 = {16885952, 0, 0, 0}, addr16 = {43200, 257, 0, 0, 0, 0, 0, 0},
addr = "\300\250\001\001", '\000' <repeats 11 times>}}, src_port = 5071, dst_port = 48826, proto_reserved1 = 3144, proto_reserved2 = 0, src_su = {s = {sa_family = 2,
sa_data = "\023\317\300\250\224\001\000\000\000\000\000\000\000"}, sin = {sin_family = 2, sin_port = 53011, sin_addr = {s_addr = 26519744}, sin_zero = "\000\000\000\000\000\000\000"}, sin6 = {
sin6_family = 2, sin6_port = 53011, sin6_flowinfo = 26519744, sin6_addr = {__in6_u = {__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}},
sin6_scope_id = 0}}, bind_address = 0x0, proto = 3 '\003'}, req = {next = 0x0,
buf = 0xb4bbbda8 "SIP/2.0 200 OK\r\nTo: \"1234\" <sip:1234 at 192.168.147.1>;tag=260e667f257a6e50i0\r\nFrom: \"CP8861-1\" <sip:1011000 at 192.168.147.1>;tag=f466e3bf705127fo0\r\nCall-ID: 90120efc-780b80b7 at 192.168.147.100\r\nCSeq: 101 IN"...,
start = 0xb4bbbda8 "SIP/2.0 200 OK\r\nTo: \"1234\" <sip:1234 at 192.168.147.1>;tag=260e667f257a6e50i0\r\nFrom: \"CP8861-1\" <sip:1011000 at 192.168.147.1>;tag=f466e3bf705127fo0\r\nCall-ID: 90120efc-780b80b7 at 192.168.147.100\r\nCSeq: 101 IN"..., pos = 0xb4bbc27b "", parsed = 0xb4bbc27b "",
body = 0xb4bbc156 "v=0\r\no=- 2117 2117 IN IP4 192.168.148.101\r\ns=-\r\nc=IN IP4 192.168.148.101\r\nt=0 0\r\nm=audio 16418 RTP/SAVP 0 101\r\na=rtpmap:0 PCMU/8000\r\na=rtpmap:101 telephone-event/8000\r\na=fmtp:101 0-15\r\na=ptime:20\r\na=s"..., b_size = 16383, content_len = 293, chunk_size = 0, flags = 11, bytes_to_go = 0, error = TCP_REQ_OK, state = H_BODY}, refcnt = {val = 2}, type = PROTO_TLS, flags = 24,
send_flags = {f = 0, blst_imask = 0}, state = S_CONN_OK, extra_data = 0xb4c13798, timer = {next = 0x84a8e54, prev = 0x84a8e54, expire = 298560062, initial_timeout = 80, data = 0xb4bbbbd0,
f = 0x8277109 <tcpconn_read_timeout>, flags = 512, slow_idx = 0}, timeout = 298560066, lifetime = 9600, id_hash = 72, id_next = 0x0, id_prev = 0x0, c_next = 0x0, c_prev = 0x0, con_aliases = {{
parent = 0xb4bbbbd0, next = 0x0, prev = 0x0, port = 5071, hash = 690}, {parent = 0xb4bbbbd0, next = 0x0, prev = 0x0, port = 5071, hash = 2466}, {parent = 0xb4bbbbd0, next = 0x0, prev = 0x0, port = 5071,
hash = 1637}, {parent = 0x0, next = 0x0, prev = 0x0, port = 0, hash = 0}, {parent = 0x0, next = 0x0, prev = 0x0, port = 0, hash = 0}, {parent = 0x0, next = 0x0, prev = 0x0, port = 0, hash = 0}, {
parent = 0x0, next = 0x0, prev = 0x0, port = 0, hash = 0}, {parent = 0x0, next = 0x0, prev = 0x0, port = 0, hash = 0}, {parent = 0x0, next = 0x0, prev = 0x0, port = 0, hash = 0}, {parent = 0x0,
next = 0x0, prev = 0x0, port = 0, hash = 0}, {parent = 0x0, next = 0x0, prev = 0x0, port = 0, hash = 0}, {parent = 0x0, next = 0x0, prev = 0x0, port = 0, hash = 0}}, aliases = 3, wbuf_q = {first = 0x0,
last = 0x0, wr_timeout = 0, queued = 0, offset = 0, last_used = 0}}
```
I saw that frame 10 wrote something about No such file or directory. Do I need to load the sources somehow? If so, can you tell me how?
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/kamailio/kamailio/issues/2028#issuecomment-530278350
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.kamailio.org/pipermail/sr-dev/attachments/20190911/4fbb02d7/attachment-0001.html>
More information about the sr-dev
mailing list