[SR-Users] FW: (Devel) Segmentation fault using pua_dialoginfo

Daniel-Constantin Mierla miconda at gmail.com
Fri Jun 22 09:58:16 CEST 2012 

Hello,

On 6/21/12 10:52 PM, Charles Chance wrote:
> Hi Daniel
>
> It is fixed :-)
>
> What was the problem?

a mistaken free of a parameter that was provided to tm callbacks -- it 
was introduced in one of the previous commits, so it was only in 3.3 
branch, not 3.2.

Cheers,
Daniel

>
> Thanks,
>
> Charles
>
>
>
>
> Daniel-Constantin Mierla <miconda at gmail.com> wrote:
>
>
>            Hello,
>
> can you try with latest master branch -- it should be fixed by:
>
> http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=1d89d7bea854c2e2c646b5d13ba215795325b50f
>
> Cheers,
> Daniel
>
> On 5/29/12 5:52 PM, Daniel-Constantin Mierla wrote:
>> Hello,
>>
>> finally had a chance to look over it. I guess it is some race, 
>> resulting in a memory space being overwritten. The 200ok for publish 
>> with ringing state is processed more or less at the time when 200ok 
>> for invite comes and dialog changes state.
>>
>> Can you re-compile with MEMDBG=1 (edit the Makefile.defs or give it 
>> in the command line parameter) and try again? Maybe the memory 
>> manager can catch the fault operation and provide more details.
>>
>> Cheers,
>> Daniel
>>
>> On 5/17/12 6:58 PM, Charles Chance wrote:
>>>
>>> Hi Daniel,
>>>
>>> I have sent the messages over to you.
>>>
>>> I look forward to hear what you can find.
>>>
>>> Best,
>>>
>>> Charles
>>>
>>> ------------------------------------------------------------------------
>>>
>>> *From:*Daniel-Constantin Mierla [mailto:miconda at gmail.com]
>>> *Sent:* 17 May 2012 15:06
>>> *To:* Charles Chance
>>> *Cc:* 'SIP Router - Kamailio (OpenSER) and SIP Express Router (SER) 
>>> -Users Mailing List'
>>> *Subject:* Re: FW: (Devel) Segmentation fault using pua_dialoginfo
>>>
>>> Hello,
>>>
>>> the content of ps->param is pretty much all invalid. So looks like a 
>>> callback on a freed/invalid parameter, could be a double-callback 
>>> execution.
>>>
>>> Set debug=3 and send all the messages for such case -- it might be 
>>> quite a lot of them, so send them to my email address, the mailing 
>>> list has a limit of message size.
>>>
>>> Cheers,
>>> Daniel
>>>
>>> On 5/17/12 2:13 PM, Charles Chance wrote:
>>>
>>>> Hi,
>>>>
>>>> Requested output as follows:
>>>>
>>>> (gdb) frame 1
>>>>
>>>> #1 publ_cback_func (t=0xb3dc8e38, type=1024, ps=0xbfcdd5d8)
>>>>
>>>>     at send_publish.c:246
>>>>
>>>> 246 hash_code= core_hash(hentity->pres_uri, NULL, HASH_SIZE);
>>>>
>>>> (gdb) p *ps
>>>>
>>>> $2 = {req = 0x0, rpl = 0xb7c30340, param = 0xb3dc3ff4, code = 412, 
>>>> flags = 0,
>>>>
>>>>   branch = 0, t_rbuf = 0x0, dst = 0x0, send_buf = {s = 0x0, len = 0}}
>>>>
>>>> (gdb) p *(ua_pres_t*)(*ps->param)
>>>>
>>>> $3 = {id = {s = 0x20455942 <Address 0x20455942 out of bounds>,
>>>>
>>>>     len = 980445555}, pres_uri = 0x40323531, event = 875444279,
>>>>
>>>>   expires = 875703856, desired_expires = 858861105, flag = 808794676,
>>>>
>>>>   db_flag = 1394618421, cb_param = 0x322f5049, next = 0xa0d302e,
>>>>
>>>>   ua_flag = 979462486, etag = {
>>>>
>>>>     s = 0x50495320 <Address 0x50495320 out of bounds>, len = 
>>>> 808333871},
>>>>
>>>>   tuple_id = {s = 0x5044552f <Address 0x5044552f out of bounds>,
>>>>
>>>>     len = 775436064}, body = 0x322e3034, content_type = {
>>>>
>>>>     s = 0x312e3134 <Address 0x312e3134 out of bounds>, len = 
>>>> 1648047155},
>>>>
>>>>   watcher_uri = 0x636e6172, call_id = {
>>>>
>>>>     s = 0x397a3d68 <Address 0x397a3d68 out of bounds>, len = 
>>>> 1647593320},
>>>>
>>>>   to_tag = {s = 0x3435634b <Address 0x3435634b out of bounds>,
>>>>
>>>>     len = 842149473}, from_tag = {
>>>>
>>>>     s = 0x63306461 <Address 0x63306461 out of bounds>, len = 
>>>> 808334648},
>>>>
>>>>   cseq = 1767246349, version = 1394621025, outbound_proxy = 0x322f5049,
>>>>
>>>>   extra_headers = 0x552f302e, record_route = {
>>>>
>>>>     s = 0x31205044 <Address 0x31205044 out of bounds>, len = 
>>>> 825111097},
>>>>
>>>> remote_contact = {s = 0x312e3836 <Address 0x312e3836 out of bounds>,
>>>>
>>>>     len = 976498224}, contact = {
>>>>
>>>>     s = 0x36373135 <Address 0x36373135 out of bounds>, len = 
>>>> 1701985073}}
>>>>
>>>> Yes, it is a test server so very happy to arrange for remote access 
>>>> if required. In the meantime, I will do a little more digging to 
>>>> try to find out why entity is null.
>>>>
>>>> Cheers,
>>>>
>>>> Charles
>>>>
>>>
>>>
>>> -- 
>>> Daniel-Constantin Mierla -http://www.asipto.com
>>> http://twitter.com/#!/miconda  <http://twitter.com/#%21/miconda>  -http://www.linkedin.com/in/miconda
>>>
>>> ------------------------------------------------------------------------
>>>
>>> No virus found in this message.
>>> Checked by AVG - www.avg.com <http://www.avg.com>
>>> Version: 2012.0.2176 / Virus Database: 2425/5004 - Release Date: 
>>> 05/16/12
>>>
>>
>> -- 
>> Daniel-Constantin Mierla -http://www.asipto.com
>> http://twitter.com/#!/miconda  -http://www.linkedin.com/in/miconda
>> Kamailio Advanced Training, Seattle, USA, Sep 23-26, 2012 -http://asipto.com/u/katu
>>
>>
>
> -- 
> Daniel-Constantin Mierla -http://www.asipto.com
> http://twitter.com/#!/miconda  -http://www.linkedin.com/in/miconda
> Kamailio Advanced Training, Seattle, USA, Sep 23-26, 2012 -http://asipto.com/u/katu
> Kamailio Practical Workshop, Netherlands, Sep 10-12, 2012 -http://asipto.com/u/kpw
>
>

-- 
Daniel-Constantin Mierla - http://www.asipto.com
http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda
Kamailio Advanced Training, Seattle, USA, Sep 23-26, 2012 - http://asipto.com/u/katu
Kamailio Practical Workshop, Netherlands, Sep 10-12, 2012 - http://asipto.com/u/kpw

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20120622/3c59002c/attachment-0001.htm>

More information about the sr-users mailing list