| Summary: | ASTERISK-27099: Segfault in pjsip_message_ip_updater | ||
| Reporter: | Ross Beer (rossbeer) | Labels: | |
| Date Opened: | 2017-06-30 09:00:57 | Date Closed: | 2017-12-19 07:48:10.000-0600 |
| Priority: | Major | Regression? | |
| Status: | Closed/Complete | Components: | Channels/chan_pjsip |
| Versions: | 14.5.0 GIT | Frequency of Occurrence | Frequent |
| Related Issues: | |||
| Environment: | Fedora 23 | Attachments: | ( 0) core.asterisk.90630.1499242994-thread1_CLEAN.txt ( 1) core.asterisk.txt |
| Description: | Asterisk segfaults when replying to a message and selecting the transport:
{noformat} #0 0x00007f728d704577 in __strncasecmp_l_avx () at /usr/lib64/libc.so.6 #1 0x00007f729058c203 in pj_stricmp (str1=0x7f71400ce440, str2=0x7f71b5332930 <x_name>) at ../include/pj/string_i.h:222 min = 9 res = 32626 #2 0x00007f72904dff54 in pjsip_param_find (param_list=0x7f71400ce3b0, name=0x7f71b5332930 <x_name>) at ../src/pjsip/sip_uri.c:38 p = 0x7f71400ce430 #3 0x00007f71b5109f14 in multihomed_on_tx_message (tdata=0x7f71400cd958) at res_pjsip/pjsip_message_ip_updater.c:184 x_name = {ptr = 0x7f71b5121761 "x-ast-txp", slen = 9} x_transport = <optimized out> fromto = <optimized out> contact = <optimized out> hdr = 0x7f71400ce280 restrictions = 0x0 prm = {tp_type = 1074583896, tp_sel = 0x7f71b5121506, dst_host = {ptr = 0x7f71b5335f90 <response_headers+16> "", slen = 140126345917488}, local_if = 57842972, ret_addr = {ptr = 0x7f71b5127378 "res_pjsip/pjsip_global_headers.c", slen = 140124382617272}, ret_port = 40128, ret_tp = 0x7f71400cd958} cseq = <optimized out> via = <optimized out> from = <optimized out> __PRETTY_FUNCTION__ = "multihomed_on_tx_message" {noformat} | ||
| Comments: | By: Asterisk Team (asteriskteam) 2017-06-30 09:00:58.863-0500 Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution. A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report. Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process]. By: Rusty Newton (rnewton) 2017-07-03 11:53:25.877-0500 Thanks for the report. Probably need the usual information if available or possible: * Debug log correlating to crash * PJSIP trace included in debug log * non-optimized trace By: Ross Beer (rossbeer) 2017-07-03 12:08:11.897-0500 I'm not sure why the backtrace has 'optimized out' in it as Asterisk is compiled with 'DONT_OPTMIZE'. I am unable to reproduce the issue on the fly, therefore, I am unable to provide the PJSIP trace and debug log. The next time the issue happens I will try to collect as much information as possible By: Ross Beer (rossbeer) 2017-07-05 04:21:12.305-0500 I have just uploaded another backtrace for this issue. One thing that has confused me is the following line: {noformat} #8 0x00007fed0977bda8 in pjsip_endpt_send_response2 (endpt=0xc48128, rdata=0x7febb000b988, tdata=0x7fec800e4b98, token=0x0, cb=0x0) at ../src/pjsip/sip_util.c:1814 res_addr = {transport = 0x266fc08, addr = {addr = {sa_family = 2}, ipv4 = {sin_family = 2, sin_port = 50451, sin_addr = {s_addr = 864256081}, sin_zero = "000000000000000000000"}, ipv6 = {sin6_family = 2, sin6_port = 50451, sin6_flowinfo = 864256081, sin6_addr = {s6_addr = "000000000000000000000000b256X002000000000", u6_addr32 = {0, 0, 39366152, 0}}, sin6_scope_id = 2952844368}}, addr_len = 16, dst_host = {flag = 4, type = PJSIP_TRANSPORT_UDP, addr = {host = {ptr = 0x7fec800e57b0 "X.X.131.51 8 ", slen = 13}, port = 5061}}} status = 0 {noformat} Specifically the following line: {noformat} dst_host = {flag = 4, type = PJSIP_TRANSPORT_UDP, addr = {host = {ptr = 0x7fec800e57b0 "X.X.131.51 8 ", slen = 13}, port = 5061}}} {noformat} The IP address has the IP and then ' 8 ', is this expected in this field? The 5061 port threw me but that's the destination host, so that could well be the case for UDP however mostly used for TLS. At the time of the crash, there are no log entries. Only minutes before and once Asterisk restarts. Regarding the optimised trace, Asterisk has been compiled correctly, therefore, shouldn't be showing optimised fields. The crash looks related to the PJSIP library, does the don't optimise flag get passed on building to the bundled version? By: George Joseph (gjoseph) 2017-07-05 07:36:54.730-0500 I have unredacted backtraces. | ||