Re: [Semsdev] [core] SIGSEGV in AmSessionProcessorThread

Wed, 09 Apr 2014 00:32:32 -0700 

Hi Michael,
thanks a lot for detailed bug report! I will look on it as soon as possible.
        Vaclav

On St, bře 26, 2014 at 02:34:56 +0200, Michael Furmur wrote:
> hi community,
> 
> i caught sigsegv in case when 200OK arrived after rtp timeout event and
> sems was working with SBC module
> 
> (gdb) bt 8
> #0  AmSession::getLocalTag (this=0x0)
> #1  0x00000000004a61a7 in AmB2BMedia::updateStreams
> (this=0x7fffec004950, a_leg=false, local_sdp=..., remote_sdp=...,
> ctrl=ctrl@entry=0x7fffec002fe8)
> #2  0x00000000005007cf in AmB2BSession::onSdpCompleted
> (this=this@entry=0x7fffec002b50, local_sdp=..., remote_sdp=...)
> #3  0x00007ffff41b32f9 in CallLeg::onSdpCompleted
> (this=this@entry=0x7fffec002b50, offer=..., answer=...)
> #4  0x000000000052c181 in AmSipDialog::onSdpCompleted (this=0x7fffec003cf0)
> #5  0x000000000051a907 in AmOfferAnswer::onReplyIn
> (this=this@entry=0x7fffec004070, reply=...)
> #6  0x000000000052f2ef in AmSipDialog::onRxReplyStatus
> (this=0x7fffec003cf0, reply=..., t_uac_it=...)
> #7  0x000000000047d160 in AmBasicSipDialog::onRxReply
> (this=0x7fffec003cf0, reply=...)
> (More stack frames follow...)
> 
> (gdb) frame 1
> #1  0x00000000004a61a7 in AmB2BMedia::updateStreams
> (this=0x7fffec004950, a_leg=false, local_sdp=..., remote_sdp=...,
> ctrl=ctrl@entry=0x7fffec002fe8)
> 959       TRACE("%s (%c): updating streams with local & remote SDP\n",
> (gdb) p a
> $2 = (AmB2BSession *) 0x0
> (gdb) p b
> $3 = (AmB2BSession *) 0x0
> 
> 
> so segfault happened here:
> 
> core/AmB2BMedia.cpp:
>  957 void AmB2BMedia::updateStreams(bool a_leg, const AmSdp &local_sdp,
> const AmSdp &remote_sdp, RelayController *ctrl)
>  958 {
>  959   TRACE("%s (%c): updating streams with local & remote SDP\n",
>  960       a_leg ? a->getLocalTag().c_str() : b->getLocalTag().c_str(),
>  961       a_leg ? 'A': 'B');
> 
> thus AmB2BMedia doesn't properly process streams changes due to
> RtpTimeout event.
> 
> it would be nice decide what's correct behavior in this case. (maybe
> remove session in early state on rtptimeout or consider possibility that
> streams may be removed before OK arrived)
> 
> sipp uas scenario to reproduce this case present in attach
> 
> -- 
> Best Regards
> Michael Furmur
> 

> <?xml version="1.0" encoding="ISO-8859-1" ?>
> <!DOCTYPE scenario SYSTEM "sipp.dtd">
> 
> <scenario name="UAS responder with delays">
> 
>       <recv request="INVITE" crlf="true">
>       </recv>
> 
>       <pause milliseconds="24"/>
> 
>       <send>
>     <![CDATA[
> 
>       SIP/2.0 100 Giving a try
>       [last_Via:]
>       [last_From:]
>       [last_To:];tag=[pid]SIPpTag01[call_number]
>       [last_Call-ID:]
>       [last_CSeq:]
>       Contact: <sip:[local_ip]:[local_port];transport=[transport]>
>       Server: VCSR
>       Content-Length: 0
> 
>     ]]>
>       </send>
> 
>       <pause milliseconds="2470"/>
> 
>       <send>
>     <![CDATA[
> 
>       SIP/2.0 183 Session Progress
>       [last_Via:]
>       [last_From:]
>       [last_To:];tag=[pid]SIPpTag01[call_number]
>       [last_Call-ID:]
>       [last_CSeq:]
>       Contact: <sip:[local_ip]:[local_port];transport=[transport]>
>       Content-Disposition: session; handling=required
>       Content-Type: application/sdp
>       Content-Length: [len]
>       
>       v=0
>       o=Sonus_UAC 6574 4936 IN IP4 [local_ip]
>       s=SIP Media Capabilities
>       c=IN IP4 [local_ip]
>       t=0 0
>       m=audio 6116 RTP/AVP 0 101
>       a=direction: passive
>       a=rtpmap:0 PCMU/8000
>       a=rtpmap:101 telephone-event/8000
>       a=fmtp:101 0-15
>       a=sendrecv
>       a=ptime:20
> 
>     ]]>
>       </send>
> 
>       <pause milliseconds="25736"/>
> 
>       <send>
>     <![CDATA[
> 
>       SIP/2.0 180 Ringing
>       [last_Via:]
>       [last_From:]
>       [last_To:];tag=[pid]SIPpTag01[call_number]
>       [last_Call-ID:]
>       [last_CSeq:]
>       Contact: <sip:[local_ip]:[local_port];transport=[transport]>
>       Content-Disposition: session; handling=required
>       Content-Type: application/sdp
>       Content-Length: [len]
>       
>       v=0
>       o=Sonus_UAC 6574 4936 IN IP4 [local_ip]
>       s=SIP Media Capabilities
>       c=IN IP4 [local_ip]
>       t=0 0
>       m=audio 6116 RTP/AVP 0 101
>       a=direction: passive
>       a=rtpmap:0 PCMU/8000
>       a=rtpmap:101 telephone-event/8000
>       a=fmtp:101 0-15
>       a=sendrecv
>       a=ptime:20
> 
>     ]]>
>       </send>
> 
>       <pause milliseconds="25052"/>
> 
>       <send>
>     <![CDATA[
> 
>       SIP/2.0 200 OK
>       [last_Via:]
>       [last_From:]
>       [last_To:]
>       [last_Call-ID:]
>       [last_CSeq:]
>       Contact: <sip:[local_ip]:[local_port];transport=[transport]>
>       Content-Disposition: session; handling=required
>       Content-Type: application/sdp
>       Content-Length: [len]
>       
>       v=0
>       o=Sonus_UAC 6574 4936 IN IP4 [local_ip]
>       s=SIP Media Capabilities
>       c=IN IP4 [local_ip]
>       t=0 0
>       m=audio 6116 RTP/AVP 0 101
>       a=direction: passive
>       a=rtpmap:0 PCMU/8000
>       a=rtpmap:101 telephone-event/8000
>       a=fmtp:101 0-15
>       a=sendrecv
>       a=ptime:20
> 
>     ]]>
>       </send>
> 
>       <timewait milliseconds="4000"/>
> 
>       <ResponseTimeRepartition value="10, 20, 30, 40, 50, 100, 150, 200"/>
>       <CallLengthRepartition value="10, 50, 100, 500, 1000, 5000, 10000"/>
> 
> </scenario>
> 

> _______________________________________________
> Semsdev mailing list
> [email protected]
> http://lists.iptel.org/mailman/listinfo/semsdev

_______________________________________________
Semsdev mailing list
[email protected]
http://lists.iptel.org/mailman/listinfo/semsdev

Reply via email to