| Summary: | ASTERISK-26832: res_pjsip: Segfault when calling pjsip_hdr_print_on in sip_msg.c:581 | ||||
| Reporter: | Ross Beer (rossbeer) | Labels: | pjsip | ||
| Date Opened: | 2017-03-02 09:40:08.000-0600 | Date Closed: | 2018-01-17 12:28:18.000-0600 | ||
| Priority: | Major | Regression? | |||
| Status: | Closed/Complete | Components: | Channels/chan_pjsip | ||
| Versions: | 13.14.0 13.18.5 GIT | Frequency of Occurrence | Occasional | ||
| Related Issues: |
| ||||
| Environment: | CentOS 6 | Attachments: | ( 0) backtrace_20170203_clean.txt | ||
| Description: | A segfault is thrown regularly when sending ‘183 Session Progress’ messages.
The issue happens in sip_msg.c here: {noformat} PJ_DEF(int) pjsip_hdr_print_on( void *hdr_ptr, char *buf, pj_size_t len) { pjsip_hdr *hdr = (pjsip_hdr*) hdr_ptr; return (*hdr->vptr->print_on)(hdr_ptr, buf, len); <<< HERE } {noformat} Please see attached backtrace. | ||||
| Comments: | By: Asterisk Team (asteriskteam) 2017-03-02 09:40:09.844-0600 Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution. A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report. Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process]. By: Ross Beer (rossbeer) 2018-01-04 09:41:43.507-0600 This issue is now happening daily, I have sent a full backtrace to George Joseph By: Jan Rozhon (loki) 2018-01-04 09:55:23.145-0600 In my case, all crashes appear during sending 183 Session Progress messages. I have like 10 backtraces all pointing to a crash caused by this message. So I configured my edge asterisk boxes (all on 13.13-cert branch experiencing no issue of this kind) to filter the message and send 180 ringing instead. Since I did that like 6 weeks ago, I have had no crash of my central (experiencing problems) box because of this bug. Hope this helps narrow down the possible causes. By: George Joseph (gjoseph) 2018-01-04 19:51:17.635-0600 Jan, do you still have any of those backtraces? By: George Joseph (gjoseph) 2018-01-04 19:54:14.589-0600 Nevermind. I just saw it in the other issue. By: Jan Rozhon (loki) 2018-01-05 01:35:50.290-0600 George, if it can help you somehow (sorry, I dont have such a deep insight), I have backtraces from asterisk with BETTER_BACKTRACES as well. Just let me know. By: Friendly Automation (friendly-automation) 2018-01-17 12:28:18.990-0600 Change 7976 merged by Joshua Colp: pjproject_bundled: Prevent crash on bad outgoing header [https://gerrit.asterisk.org/7976|https://gerrit.asterisk.org/7976] By: Friendly Automation (friendly-automation) 2018-01-17 12:28:33.684-0600 Change 7975 merged by Joshua Colp: pjproject_bundled: Prevent crash on bad outgoing header [https://gerrit.asterisk.org/7975|https://gerrit.asterisk.org/7975] By: Friendly Automation (friendly-automation) 2018-01-17 12:34:34.467-0600 Change 7977 merged by Jenkins2: pjproject_bundled: Prevent crash on bad outgoing header [https://gerrit.asterisk.org/7977|https://gerrit.asterisk.org/7977] | ||||