Re: [sr-dev] SER crash : Segmentation fault

[inge]

Hi Andrei,

I'm Nicolas and I'm working with Adrien on crashes experienced on our
SER server during the last months.

We had 4 crashes on 11 jun 2009, 13 aug 2009, 11 sept 2009 and 12 sept
2009.
Every of this crash have a similar call flow, as seen in the one
attached: SER crashes when trying to process an ACK from the CPE for the
previously relayed "482 Loop Detected" from the gateway.

>From coredump analysis, the crash occures when trying to match the ack
totag with a the out of bound local_totag from the corresponding tm
entry (see attached coredump analysis)

It seems to me that there is a bug, and I didn't find any patch for
this, even in the last 2.0 versions.

Do you have any idea about this problem ?
Is this bug already known ?

Sincerely,

Nicolas LEROY

Le mercredi 09 septembre 2009 à 12:26 +0200, Andrei Pelinescu-Onciul a
écrit :
> On Aug 20, 2009 at 10:40, inge <i...@legos.fr> wrote:
> > Hi Andrei,
> > 
> > As I understand, this changelog only apply to the tm module.
> > Is there any clues that this module caused the crash we experienced ?
> 
> Yes, according to the backtrace it crashed in tm. It looks like the tag
> value was corrupted (one possible explanation is that matching against a
> deleted transaction was attempted). It's also possible but much more
> unlikely that despite the backtrace info the crash is not related to tm
> (e.g. some other module corrupting shared memory).
> 
> > 
> > We would like to determine which of the known and corrected bug could
> > have caused the crash, in order to find a short-time workaround letting
> > us some time to deploy abn upgrade to the latest rel in the 0.9.0
> > branch.
> 
> That would be quite hard since we don't know yet if the crash is really
> fixed in the latest 0.9.x
> If you can reproduce the crash, then you could try a test instalation of
> the latest 0.9.x and see if the crash is fixed.
> It's very easy to upgrade between 0.9.x versions. There are no config or
> db changes, the only differences are bug fixes.
> 
> If it still crashes with the latest 0.9.x, then the next step would be
> to compile it with debugging info, in an attempt to get more meaningful
> backtraces.
> 
> 
> Andrei
> 
> > 
> > Le mardi 18 ao??t 2009 ?? 09:00 +0200, Andrei Pelinescu-Onciul a ??crit :
> > > On Aug 17, 2009 at 14:42, inge <i...@legos.fr> wrote:
> > > > Hi Andrei,
> > > > 
> > > > Hope you are fine.
> > > > Do you have any update on our crash ?
> > > > Is there anything we can do to find the segmentation fault cause, maybe
> > > > as a well-known bug, without bothering you ?
> > > 
> > > 
> > > There are lots of changes between 0.9.5-pre and the latest 0.9.x
> > > version.
> > > You should try updating to the latest code on the rel_0_9_0 branch and
> > > see if you run into this problem again.
> > > To get the latest 0.9.x code either get the latest snapshot from
> > >  http://ftp.iptel.org/pub/ser/daily-snapshots/stable/ , use cvs to
> > >  get the rel_0_9_0 branch
> > >  (CVSROOT=:pserver:anonym...@cvs.berlios.de:/cvsroot/ser ;
> > >  export CVSROOT ; cvs co -r rel_0_9_0 sip_router ), or use git and the
> > >  ser repository (see http://sip-router.org/wiki/git/ser-repository).
> > > 
> > > Here's a short changelog for tm, between 0.9.5 and 0.9.7+
> > >  (git log --oneline v_0_9_5..origin/rel_0_9_0 modules/tm):
> > > - tm: fix delete_cell() when the transaction is referenced
> > > - variable timer fix: variable timers (avps) won't be exteneded anymore 
> > > - fix for free_rdata_list() which used to access the "next" pointer af
> > > - deadlock when t_relay-ing a message from the failure_route fixed  (e2e
> > > - added sems specific patch. This patch is present in the ser version ship
> > > - added diversion and rpid header cloning
> > > -bug fix: tm insert_timer used to eat too much cpu, decreasing dramatic
> > > - fixed misplaced set_avp list, courtesy of cesc.sa...@gmail.com
> > > - int2reverse_hex/reverse_hex2int fixes  (tm with large "labels" was aff
> > > - fix of local ACK matching provided by cesc.sa...@gmail.com
> > > - avp race condition fix (backported from HEAD)
> > > - CANCEL terminates retransmission timers properly (backported)
> > > 
> > > 
> > > Andrei
> > > 
> > > 
> > > > 
> > > > Le vendredi 14 ao??t 2009 ?? 17:03 +0200, inge a ??crit :
> > > > > Please find the requested information in attached.
> > > > > 
> > > > > I'm aware of the need for an update. It's in the list of tasks to be
> > > > > done, however, the priority is to troubleshoot the problem and maybe
> > > > > find a workaround.
> > > > > 
> > > > > Regards,
> > > > > 
> > > > > Adrien
> > > > > 
> > > > > Le vendredi 14 ao??t 2009 ?? 16:34 +0200, Andrei Pelinescu-Onciul a
> > > > > ??crit :
> > > > > > On Aug 14, 2009 at 15:01, inge <i...@legos.fr> wrote:
> > > > > > > Hi Andrei,
> > > > > > > 
> > > > > > > Thanks for your reply.
> > > > > > > 
> > > > > > > I use ser 0.9.5-pre4. 
> > > > > > > 
> > > > > > > I don't really understand the bug you have identify, where can I 
> > > > > > > find a
> > > > > > > description ?
> > > > > > 
> > > > > > Sorry, I was wrong (that bug was in RR and appears only in newer 
> > > > > > code).
> > > > > > 
> > > > > > Could you run gdb on the core again , type "frame 0" and then send 
> > > > > > me the 
> > > > > > output of the following commands:
> > > > > > 
> > > > > > print p_cell
> > > > > > print p_msg
> > > > > > print p_msg->buf
> > > > > > print p_cell->uas.local_totag.len
> > > > > > print p_cell->uas.local_totag.s
> > > > > > print p_msg->to
> > > > > > print p_msg->to->parsed
> > > > > > print *((struct to_body*)(p_msg->to->parsed))
> > > > > > print ((struct to_body*)(p_msg->to->parsed))->tag_value.len
> > > > > > print ((struct to_body*)(p_msg->to->parsed))->tag_value.s
> > > > > > 
> > > > > > 
> > > > > > Andrei
> > > > > > P.S.: you could try also upgrading to ser 2.0, 2.1 or sip-router.
> > > > > > 
> > > > > > 
> > > > > > > 
> > > > > > > Regards,
> > > > > > > 
> > > > > > > Adrien
> > > > > > > 
> > > > > > > Le vendredi 14 ao??t 2009 ?? 14:45 +0200, Andrei Pelinescu-Onciul 
> > > > > > > a
> > > > > > > ??crit :
> > > > > > > > On Aug 13, 2009 at 15:32, inge <i...@legos.fr> wrote:
> > > > > > > > > Hi Klaus,
> > > > > > > > > 
> > > > > > > > > Thanks.
> > > > > > > > > 
> > > > > > > > > I put the output of gdb in attached.
> > > > > > > > > 
> > > > > > > > > I hope someone can decrypt this. Thank you.
> > > > > > > > 
> > > > > > > > 
> > > > > > > > If you are using ser 2.1/latest cvs or sip-router then just 
> > > > > > > > update to
> > > > > > > > the latest cvs or git. It's a known fixed bug (sip router
> > > > > > > > git 6fcd5e or ser 2.1 commit starting with "rr: fix from header
> > > > > > > > access").
> > > > > > > > 
> > > > > > > > If you are using another version then tell me which one (ser 
> > > > > > > > -V) 
> > > > > > > > and I'll fix it.
> > > > > > > > 
> > > > > > > > Andrei
> > > > > > > > 
> > > > > > > > > 
> > > > > > > > > Le jeudi 13 ao??t 2009 ?? 13:53 +0200, Klaus Darilion a 
> > > > > > > > > ??crit :
> > > > > > > > > > locate the core file (either in the working dir or /tmp or 
> > > > > > > > > > /)
> > > > > > > > > > then execute:
> > > > > > > > > > 
> > > > > > > > > > gdb /usr/local/sbin/ser /path/to/core
> > > > > > > > > > (gdb) bt
> > > > > > > > > > 
> > > > > > > > > > regards
> > > > > > > > > > klaus
> > > > > > > > > > 
> > > > > > > > > > inge schrieb:
> > > > > > > > > > > Hi all,
> > > > > > > > > > > 
> > > > > > > > > > > My SER process had crashed today with the following logs
> > > > > > > > > > > in /var/log/messages : 
> > > > > > > > > > > 
> > > > > > > > > > > ser[378]: child process 418 exited by a signal 11
> > > > > > > > > > > ser[378]: core was generated
> > > > > > > > > > > ser[378]: INFO: terminating due to SIGCHLD
> > > > > > > > > > > ser[421]: INFO: signal 15 received
> > > > > > > > > > > ...
> > > > > > > > > > > 
> > > > > > > > > > > Can someone help me to determine what kind of problem is 
> > > > > > > > > > > it ? I think I
> > > > > > > > > > > need to use gdb to extract some information from the core 
> > > > > > > > > > > dump. How can
> > > > > > > > > > > I use it to extract the uses informations ?
> > > > > > > > > > > 
> > > > > > > > > > > Regards,
> > > > > > > > > > > 
> > > > > > > > > > > Adrien
> > > > > > > > > > > 
> > > > > > > > > > > 
> > > > > > > > > > > _______________________________________________
> > > > > > > > > > > sr-dev mailing list
> > > > > > > > > > > sr-dev@lists.sip-router.org
> > > > > > > > > > > http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
> > > > > > > > 
> > > > > > > > > #0  0x00e964d3 in matching_3261 (p_msg=0x81647e8, 
> > > > > > > > > trans=0xbff74f38, skip_method=4294967294) at t_lookup.c:222
> > > > > > > > > 222             if 
> > > > > > > > > (memcmp(get_to(ack)->tag_value.s,p_cell->uas.local_totag.s,
> > > > > > > > > (gdb) bt
> > > > > > > > > #0  0x00e964d3 in matching_3261 (p_msg=0x81647e8, 
> > > > > > > > > trans=0xbff74f38, skip_method=4294967294) at t_lookup.c:222
> > > > > > > > > #1  0x00e96aff in t_lookup_request (p_msg=0x81647e8, 
> > > > > > > > > leave_new_locked=1) at t_lookup.c:421
> > > > > > > > > #2  0x00e992a0 in t_newtran (p_msg=0x81647e8) at 
> > > > > > > > > t_lookup.c:1085
> > > > > > > > > #3  0x00e9116a in t_relay_to (p_msg=0x81647e8, proxy=0x0, 
> > > > > > > > > proto=0, replicate=0) at t_funcs.c:224
> > > > > > > > > #4  0x00e9c410 in w_t_relay (p_msg=0x81647e8, _foo=0x0, 
> > > > > > > > > _bar=0x0) at tm.c:889
> > > > > > > > > #5  0x0804fc81 in do_action (a=0x8117818, msg=0x81647e8) at 
> > > > > > > > > action.c:610
> > > > > > > > > #6  0x0805099d in run_actions (a=0x8117818, msg=0x81647e8) at 
> > > > > > > > > action.c:718
> > > > > > > > > #7  0x08073f08 in eval_elem (e=0x8117840, msg=0x81647e8) at 
> > > > > > > > > route.c:605
> > > > > > > > > #8  0x08074392 in eval_expr (e=0x8117840, msg=0x81647e8) at 
> > > > > > > > > route.c:654
> > > > > > > > > #9  0x080743ce in eval_expr (e=0x8117860, msg=0x81647e8) at 
> > > > > > > > > route.c:670
> > > > > > > > > #10 0x0804ec95 in do_action (a=0x8117bc8, msg=0x81647e8) at 
> > > > > > > > > action.c:586
> > > > > > > > > #11 0x0805099d in run_actions (a=0x8117630, msg=0x81647e8) at 
> > > > > > > > > action.c:718
> > > > > > > > > #12 0x0804ffdf in do_action (a=0x8114f70, msg=0x81647e8) at 
> > > > > > > > > action.c:375
> > > > > > > > > #13 0x0805099d in run_actions (a=0x8114f70, msg=0x81647e8) at 
> > > > > > > > > action.c:718
> > > > > > > > > #14 0x0804ecd3 in do_action (a=0x8114fc0, msg=0x81647e8) at 
> > > > > > > > > action.c:603
> > > > > > > > > #15 0x0805099d in run_actions (a=0x8114fc0, msg=0x81647e8) at 
> > > > > > > > > action.c:718
> > > > > > > > > #16 0x0804ecd3 in do_action (a=0x8114fe8, msg=0x81647e8) at 
> > > > > > > > > action.c:603
> > > > > > > > > #17 0x0805099d in run_actions (a=0x8114fe8, msg=0x81647e8) at 
> > > > > > > > > action.c:718
> > > > > > > > > #18 0x0804ecd3 in do_action (a=0x8115010, msg=0x81647e8) at 
> > > > > > > > > action.c:603
> > > > > > > > > #19 0x0805099d in run_actions (a=0x8115010, msg=0x81647e8) at 
> > > > > > > > > action.c:718
> > > > > > > > > #20 0x0804ecd3 in do_action (a=0x8115038, msg=0x81647e8) at 
> > > > > > > > > action.c:603
> > > > > > > > > #21 0x0805099d in run_actions (a=0x8115038, msg=0x81647e8) at 
> > > > > > > > > action.c:718
> > > > > > > > > #22 0x0804ecd3 in do_action (a=0x8115060, msg=0x81647e8) at 
> > > > > > > > > action.c:603
> > > > > > > > > #23 0x0805099d in run_actions (a=0x810fe88, msg=0x81647e8) at 
> > > > > > > > > action.c:718
> > > > > > > > > #24 0x0806d062 in receive_msg (
> > > > > > > > >     buf=0x80d61e0 "ACK sip:0389719...@domain.tld:5060 
> > > > > > > > > SIP/2.0\r\nMax-Forwards: 16\r\nContent-Length: 0\r\nVia: 
> > > > > > > > > SIP/2.0/UDP 
> > > > > > > > > 10.0.140.147:5060;branch=z9hG4bK4f1b8571c\r\nCall-ID: 
> > > > > > > > > bf85c76a5e2066256679e3945f6b4...@10.0.140.147\r\nf"..., 
> > > > > > > > > len=592, rcv_info=0xbff76340) at receive.c:165
> > > > > > > > > #25 0x080843cc in udp_rcv_loop () at udp_server.c:472
> > > > > > > > > #26 0x0805cdaf in main_loop () at main.c:1056
> > > > > > > > > #27 0x0805e40b in main (argc=1, argv=0xbff76504) at 
> > > > > > > > > main.c:1592
> > > > > > > > > 
> > > > > > > > 
> > > > > > > > > _______________________________________________
> > > > > > > > > sr-dev mailing list
> > > > > > > > > sr-dev@lists.sip-router.org
> > > > > > > > > http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
> > > > > > > > 
> > > > > _______________________________________________
> > > > > sr-dev mailing list
> > > > > sr-dev@lists.sip-router.org
> > > > > http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev

2009/09/12;10:24:23;CPE -> sip_proxy;INVITE sip:called...@ourdomaine.fr:5060 SIP/2.0.
2009/09/12;10:24:23;sip_proxy -> CPE;SIP/2.0 407 Proxy Authentication Required.
2009/09/12;10:24:23;CPE -> sip_proxy;ACK sip:called...@ourdomaine.fr:5060 SIP/2.0.
2009/09/12;10:24:23;CPE -> sip_proxy;INVITE sip:called...@ourdomaine.fr:5060 SIP/2.0.
2009/09/12;10:24:23;CPE -> sip_proxy;INVITE sip:called...@ourdomaine.fr:5060 SIP/2.0.
2009/09/12;10:24:24;CPE -> sip_proxy;INVITE sip:called...@ourdomaine.fr:5060 SIP/2.0.
2009/09/12;10:24:26;CPE -> sip_proxy;INVITE sip:called...@ourdomaine.fr:5060 SIP/2.0.
2009/09/12;10:24:26;sip_proxy -> CPE;SIP/2.0 100 trying -- your call is important to us.
2009/09/12;10:24:26;sip_proxy -> sip_gateway;INVITE sip:called...@sip_gateway:5060 SIP/2.0.
2009/09/12;10:24:26;sip_gateway -> sip_proxy;SIP/2.0 100 Trying.
2009/09/12;10:24:26;sip_proxy -> CPE;SIP/2.0 100 trying -- your call is important to us.
2009/09/12;10:24:26;sip_proxy -> CPE;SIP/2.0 100 trying -- your call is important to us.
2009/09/12;10:24:26;sip_proxy -> CPE;SIP/2.0 100 trying -- your call is important to us.
2009/09/12;10:24:26;sip_proxy -> sip_gateway;INVITE sip:called...@sip_gateway:5060 SIP/2.0.
2009/09/12;10:24:26;sip_gateway -> sip_proxy;SIP/2.0 482 Loop Detected.
2009/09/12;10:24:26;sip_proxy -> sip_gateway;ACK sip:called...@sip_gateway:5060 SIP/2.0.
2009/09/12;10:24:26;sip_proxy -> CPE;SIP/2.0 482 Loop Detected.
2009/09/12;10:24:26;CPE -> sip_proxy;ACK sip:called...@ourdomaine.fr:5060 SIP/2.0.
2009/09/12;10:24:27;sip_gateway -> sip_proxy;SIP/2.0 183 Session Progress.
2009/09/12;10:24:28;sip_gateway -> sip_proxy;SIP/2.0 183 Session Progress.
2009/09/12;10:24:30;sip_gateway -> sip_proxy;SIP/2.0 183 Session Progress.
2009/09/12;10:24:34;sip_gateway -> sip_proxy;SIP/2.0 183 Session Progress.
2009/09/12;10:24:35;sip_gateway -> sip_proxy;SIP/2.0 200 OK.
2009/09/12;10:24:35;sip_gateway -> sip_proxy;SIP/2.0 200 OK.
2009/09/12;10:24:36;sip_gateway -> sip_proxy;SIP/2.0 200 OK.
2009/09/12;10:24:38;sip_gateway -> sip_proxy;SIP/2.0 200 OK.
2009/09/12;10:24:42;sip_gateway -> sip_proxy;SIP/2.0 200 OK.
2009/09/12;10:24:46;sip_gateway -> sip_proxy;SIP/2.0 200 OK.
2009/09/12;10:24:50;sip_gateway -> sip_proxy;SIP/2.0 200 OK.
2009/09/12;10:24:54;sip_gateway -> sip_proxy;SIP/2.0 200 OK.
2009/09/12;10:24:58;sip_gateway -> sip_proxy;SIP/2.0 200 OK.
2009/09/12;10:25:02;sip_gateway -> sip_proxy;SIP/2.0 200 OK.
2009/09/12;10:25:06;sip_gateway -> sip_proxy;SIP/2.0 200 OK.
2009/09/12;10:25:10;sip_gateway -> sip_proxy;BYE sip:calling...@cpe:5060 SIP/2.0.
2009/09/12;10:25:11;sip_gateway -> sip_proxy;BYE sip:calling...@cpe:5060 SIP/2.0.
2009/09/12;10:25:12;sip_gateway -> sip_proxy;BYE sip:calling...@cpe:5060 SIP/2.0.
2009/09/12;10:25:14;sip_gateway -> sip_proxy;BYE sip:calling...@cpe:5060 SIP/2.0.
2009/09/12;10:25:18;sip_gateway -> sip_proxy;BYE sip:calling...@cpe:5060 SIP/2.0.
2009/09/12;10:25:22;sip_gateway -> sip_proxy;BYE sip:calling...@cpe:5060 SIP/2.0.
2009/09/12;10:25:26;sip_gateway -> sip_proxy;BYE sip:calling...@cpe:5060 SIP/2.0.
2009/09/12;10:25:30;sip_gateway -> sip_proxy;BYE sip:calling...@cpe:5060 SIP/2.0.
2009/09/12;10:25:34;sip_gateway -> sip_proxy;BYE sip:calling...@cpe:5060 SIP/2.0.
2009/09/12;10:25:38;sip_gateway -> sip_proxy;BYE sip:calling...@cpe:5060 SIP/2.0.
2009/09/12;10:25:42;sip_gateway -> sip_proxy;BYE sip:calling...@cpe:5060 SIP/2.0.

[r...@sip_proxy ~]# gdb ser /core.8946
GNU gdb Red Hat Linux (6.3.0.0-1.63rh)
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...Using host libthread_db 
library "/lib/tls/libthread_db.so.1".

Core was generated by `/usr/local/sbin/ser'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /lib/libdl.so.2...done.
Loaded symbols for /lib/libdl.so.2
Reading symbols from /lib/libresolv.so.2...done.
Loaded symbols for /lib/libresolv.so.2
Reading symbols from /lib/tls/libc.so.6...done.
Loaded symbols for /lib/tls/libc.so.6
Reading symbols from /lib/ld-linux.so.2...done.
Loaded symbols for /lib/ld-linux.so.2
Reading symbols from /usr/local/lib/ser/modules/mysql.so...done.
Loaded symbols for /usr/local/lib/ser/modules/mysql.so
Reading symbols from /usr/lib/mysql/libmysqlclient.so.14...done.
Loaded symbols for /usr/lib/mysql/libmysqlclient.so.14
Reading symbols from /usr/lib/libz.so.1...done.
Loaded symbols for /usr/lib/libz.so.1
Reading symbols from /lib/libcrypt.so.1...done.
Loaded symbols for /lib/libcrypt.so.1
Reading symbols from /lib/libnsl.so.1...done.
Loaded symbols for /lib/libnsl.so.1
Reading symbols from /lib/tls/libm.so.6...done.
Loaded symbols for /lib/tls/libm.so.6
Reading symbols from /lib/libssl.so.4...done.
Loaded symbols for /lib/libssl.so.4
Reading symbols from /lib/libcrypto.so.4...done.
Loaded symbols for /lib/libcrypto.so.4
Reading symbols from /usr/lib/libgssapi_krb5.so.2...done.
Loaded symbols for /usr/lib/libgssapi_krb5.so.2
Reading symbols from /usr/lib/libkrb5.so.3...done.
Loaded symbols for /usr/lib/libkrb5.so.3
Reading symbols from /lib/libcom_err.so.2...done.
Loaded symbols for /lib/libcom_err.so.2
Reading symbols from /usr/lib/libk5crypto.so.3...done.
Loaded symbols for /usr/lib/libk5crypto.so.3
Reading symbols from /usr/local/lib/ser/modules/sl.so...done.
Loaded symbols for /usr/local/lib/ser/modules/sl.so
Reading symbols from /usr/local/lib/ser/modules/tm.so...done.
Loaded symbols for /usr/local/lib/ser/modules/tm.so
Reading symbols from /usr/local/lib/ser/modules/rr.so...done.
Loaded symbols for /usr/local/lib/ser/modules/rr.so
Reading symbols from /usr/local/lib/ser/modules/maxfwd.so...done.
Loaded symbols for /usr/local/lib/ser/modules/maxfwd.so
Reading symbols from /usr/local/lib/ser/modules/usrloc.so...done.
Loaded symbols for /usr/local/lib/ser/modules/usrloc.so
Reading symbols from /usr/local/lib/ser/modules/registrar.so...done.
Loaded symbols for /usr/local/lib/ser/modules/registrar.so
Reading symbols from /usr/local/lib/ser/modules/auth.so...done.
Loaded symbols for /usr/local/lib/ser/modules/auth.so
Reading symbols from /usr/local/lib/ser/modules/auth_db.so...done.
Loaded symbols for /usr/local/lib/ser/modules/auth_db.so
Reading symbols from /usr/local/lib/ser/modules/acc.so...done.
Loaded symbols for /usr/local/lib/ser/modules/acc.so
Reading symbols from /usr/local/lib/ser/modules/exec.so...done.
Loaded symbols for /usr/local/lib/ser/modules/exec.so
Reading symbols from /usr/local/lib/ser/modules/group.so...done.
Loaded symbols for /usr/local/lib/ser/modules/group.so
Reading symbols from /usr/local/lib/ser/modules/print.so...done.
Loaded symbols for /usr/local/lib/ser/modules/print.so
Reading symbols from /usr/local/lib/ser/modules/textops.so...done.
Loaded symbols for /usr/local/lib/ser/modules/textops.so
Reading symbols from /usr/local/lib/ser/modules/nathelper.so...done.
Loaded symbols for /usr/local/lib/ser/modules/nathelper.so
Reading symbols from /usr/local/lib/ser/modules/uri.so...done.
Loaded symbols for /usr/local/lib/ser/modules/uri.so
Reading symbols from /usr/local/lib/ser/modules/uri_db.so...done.
Loaded symbols for /usr/local/lib/ser/modules/uri_db.so
Reading symbols from /usr/local/lib/ser/modules/domain.so...done.
Loaded symbols for /usr/local/lib/ser/modules/domain.so
Reading symbols from /usr/local/lib/ser/modules/permissions.so...done.
Loaded symbols for /usr/local/lib/ser/modules/permissions.so
Reading symbols from /usr/local/lib/ser/modules/xlog.so...done.
Loaded symbols for /usr/local/lib/ser/modules/xlog.so
Reading symbols from /usr/local/lib/ser/modules/avpops.so...done.
Loaded symbols for /usr/local/lib/ser/modules/avpops.so
Reading symbols from /lib/libnss_files.so.2...done.
Loaded symbols for /lib/libnss_files.so.2
Reading symbols from /lib/libnss_dns.so.2...done.
Loaded symbols for /lib/libnss_dns.so.2
#0  0x00c754d3 in matching_3261 (p_msg=0x8161450, trans=0xbfebfc58, 
skip_method=4294967294) at t_lookup.c:222
222             if (memcmp(get_to(ack)->tag_value.s,p_cell->uas.local_totag.s,
(gdb) bt
#0  0x00c754d3 in matching_3261 (p_msg=0x8161450, trans=0xbfebfc58, 
skip_method=4294967294) at t_lookup.c:222
#1  0x00c75aff in t_lookup_request (p_msg=0x8161450, leave_new_locked=1) at 
t_lookup.c:421
#2  0x00c782a0 in t_newtran (p_msg=0x8161450) at t_lookup.c:1085
#3  0x00c7016a in t_relay_to (p_msg=0x8161450, proxy=0x0, proto=0, replicate=0) 
at t_funcs.c:224
#4  0x00c7b410 in w_t_relay (p_msg=0x8161450, _foo=0x0, _bar=0x0) at tm.c:889
#5  0x0804fc81 in do_action (a=0x81175d8, msg=0x8161450) at action.c:610
#6  0x0805099d in run_actions (a=0x81175d8, msg=0x8161450) at action.c:718
#7  0x08073f08 in eval_elem (e=0x8117600, msg=0x8161450) at route.c:605
#8  0x08074392 in eval_expr (e=0x8117600, msg=0x8161450) at route.c:654
#9  0x080743ce in eval_expr (e=0x8117620, msg=0x8161450) at route.c:670
#10 0x0804ec95 in do_action (a=0x8117988, msg=0x8161450) at action.c:586
#11 0x0805099d in run_actions (a=0x81173f0, msg=0x8161450) at action.c:718
#12 0x0804ffdf in do_action (a=0x8114d30, msg=0x8161450) at action.c:375
#13 0x0805099d in run_actions (a=0x8114d30, msg=0x8161450) at action.c:718
#14 0x0804ecd3 in do_action (a=0x8114d80, msg=0x8161450) at action.c:603
#15 0x0805099d in run_actions (a=0x8114d80, msg=0x8161450) at action.c:718
#16 0x0804ecd3 in do_action (a=0x8114da8, msg=0x8161450) at action.c:603
#17 0x0805099d in run_actions (a=0x8114da8, msg=0x8161450) at action.c:718
#18 0x0804ecd3 in do_action (a=0x8114dd0, msg=0x8161450) at action.c:603
#19 0x0805099d in run_actions (a=0x8114dd0, msg=0x8161450) at action.c:718
#20 0x0804ecd3 in do_action (a=0x8114df8, msg=0x8161450) at action.c:603
#21 0x0805099d in run_actions (a=0x8114df8, msg=0x8161450) at action.c:718
#22 0x0804ecd3 in do_action (a=0x8114e20, msg=0x8161450) at action.c:603
#23 0x0805099d in run_actions (a=0x810fc48, msg=0x8161450) at action.c:718
#24 0x0806d062 in receive_msg (
    buf=0x80d61e0 "ACK sip:called...@ourdomaine.fr:5060 
SIP/2.0\r\nMax-Forwards: 16\r\nContent-Length: 0\r\nVia: SIP/2.0/UDP 
10.0.140.55:5060;branch=z9hG4bK25172cd1a\r\nCall-ID: 
9c938b669c56ba80e30d30f8f0c56...@10.0.140.55\r\nfro"..., len=588, 
rcv_info=0xbfec1060) at receive.c:165
#25 0x080843cc in udp_rcv_loop () at udp_server.c:472
#26 0x0805cdaf in main_loop () at main.c:1056
#27 0x0805e40b in main (argc=1, argv=0xbfec1224) at main.c:1592
(gdb) frame 0
#0  0x00c754d3 in matching_3261 (p_msg=0x8161450, trans=0xbfebfc58, 
skip_method=4294967294) at t_lookup.c:222
222             if (memcmp(get_to(ack)->tag_value.s,p_cell->uas.local_totag.s,
(gdb) print p_cell
$1 = (struct cell *) 0xb682afa8
(gdb) print p_msg
$2 = (struct sip_msg *) 0x8161450
(gdb) print p_msg->buf
$3 = 0x80d61e0 "ACK sip:called...@ourdomaine.fr:5060 SIP/2.0\r\nMax-Forwards: 
16\r\nContent-Length: 0\r\nVia: SIP/2.0/UDP 
10.0.140.55:5060;branch=z9hG4bK25172cd1a\r\nCall-ID: 
9c938b669c56ba80e30d30f8f0c56...@10.0.140.55\r\nfro"...
(gdb) print p_cell->uas.local_totag.len
$4 = 12
(gdb) print p_cell->uas.local_totag.s
$5 = 0xae03d5fa <Address 0xae03d5fa out of bounds>
(gdb) print p_msg->to
$6 = (struct hdr_field *) 0x814d2e8
(gdb) print p_msg->to->parsed
$7 = (void *) 0x814ff80
(gdb) print *((struct to_body*)(p_msg->to->parsed))
$8 = {error = 1, body = {
    s = 0x80d62e5 "sip:called...@ourdomaine.fr:5060;tag=EDB8C004-590\r\nCSeq: 
155799441 ACK\r\nProxy-Authorization:Digest 
response=\"3fde33962e5e5a59a81df692ae0b0892\",username=\"calling_nb\",realm=\"ourdomaine.fr\",nonce=\"4aab5be"...,
 len = 32}, uri = {
    s = 0x80d62e5 "sip:called...@ourdomaine.fr:5060;tag=EDB8C004-590\r\nCSeq: 
155799441 ACK\r\nProxy-Authorization:Digest 
response=\"3fde33962e5e5a59a81df692ae0b0892\",username=\"calling_nb\",realm=\"ourdomaine.fr\",nonce=\"4aab5be"...,
 len = 32}, display = {s = 0x0, len = 0}, tag_value = {
    s = 0x80d630a "EDB8C004-590\r\nCSeq: 155799441 
ACK\r\nProxy-Authorization:Digest 
response=\"3fde33962e5e5a59a81df692ae0b0892\",username=\"calling_nb\",realm=\"ourdomaine.fr\",nonce=\"4aab5be3ffdca620edce514dd81e02e22c52cae4\",ur"...,
 len = 12}, param_lst = 0x8150130, last_param = 0x8150130}
(gdb) print ((struct to_body*) (p_msg->to->parsed))->tag_value.len
$9 = 12
(gdb) print ((struct to_body*) (p_msg->to->parsed))->tag_value.s
$10 = 0x80d630a "EDB8C004-590\r\nCSeq: 155799441 
ACK\r\nProxy-Authorization:Digest 
response=\"3fde33962e5e5a59a81df692ae0b0892\",username=\"calling_nb\",realm=\"ourdomaine.fr\",nonce=\"4aab5be3ffdca620edce514dd81e02e22c52cae4\",ur"...
(gdb)          

_______________________________________________
sr-dev mailing list
sr-dev@lists.sip-router.org
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev