search

OpenSIPS / opensips

OpenSIPS is a GPL implementation of a multi-functionality SIP Server that targets to deliver a high-level technical solution (performance, security and quality) to be used in professional SIP server platforms.
https://opensips.org
Other
1.25k stars 575 forks source link

[CRASH] in module "trace" while bridging legs without Media URI #3423

Closed kertor closed 2 weeks ago

kertor commented 2 months ago

OpenSIPS version you are running

version: opensips 3.4.5 (x86_64/linux)
flags: STATS: On, DISABLE_NAGLE, USE_MCAST, SHM_MMAP, PKG_MALLOC, Q_MALLOC, F_MALLOC, HP_MALLOC, DBG_MALLOC, FAST_LOCK-FUTEX-ADAPTIVE_WAIT, ENCRYPT-CFG
ADAPTIVE_WAIT_LOOPS=1024, MAX_RECV_BUFFER_SIZE 262144, MAX_LISTEN 16, MAX_URI_SIZE 1024, BUF_SIZE 65535
poll method support: poll, epoll, sigio_rt, select.
git revision: a81afc112
main.c compiled on  with gcc 9

Crash Core Dump

#0  0x00007f13fdd5f6a2 in context_put_ptr (type=CONTEXT_GLOBAL, data=0x7f14008bab30, pos=5, ctx=<optimized out>)
    at ../tm/../../context.h:161
        __FUNCTION__ = "context_put_ptr"
#1  trace_b2b_transaction (msg=0x0, trans=0x7f1400a1ce60, param=0x7f14008bab30) at tracer.c:1431
        info = 0x7f14008bab30
        t = 0x7f1400a1ce60
        __FUNCTION__ = "trace_b2b_transaction"
#2  0x00007f13fddaeb86 in t_uac (method=0x7f13fe2480c0 <method_invite>, headers=0x7ffd1df6ba10, body=0x0,
    dialog=0x7f14823b1fd0, cb=0x7f13fe282650 <b2b_server_tm_cback>, cbp=<optimized out>,
    release_func=0x7f13fe262d30 <shm_free_param>) at uac.c:536
        to_su = {s = {sa_family = 2, sa_data = "\023\342\254\035\002\325\000\000\000\000\000\000\000"}, sin = {
            sin_family = 2, sin_port = 57875, sin_addr = {s_addr = 3573685676},
            sin_zero = "\000\000\000\000\000\000\000"}, sin6 = {sin6_family = 2, sin6_port = 57875,
            sin6_flowinfo = 3573685676, sin6_addr = {__in6_u = {__u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {
                  0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, sin6_scope_id = 0}}
        new_cell = 0x7f1400a1ce60
        request = 0x7f1400a1d038
        req = 0x0
        buf_req = 0x0
        backup = 0x561929a7d1f0 <global_avps>
        buf = 0x7ffd1df6b850 "\002"
        buf_len = 502708304
        ret = -1
        flags = <optimized out>
        hi = <optimized out>
        method_id = 32765
        proxy = 0x7f14823b2148
        it = <optimized out>
        __FUNCTION__ = "t_uac"
#3  0x00007f13fddb01fc in req_within (method=<optimized out>, headers=<optimized out>, body=<optimized out>,
    dialog=<optimized out>, completion_cb=<optimized out>, cbp=<optimized out>,
    release_func=0x7f13fe262d30 <shm_free_param>) at uac.c:663
        __FUNCTION__ = "req_within"
#4  0x00007f13fe26d61b in b2b_send_indlg_req (dlg=dlg@entry=0x7f1400956f78, et=et@entry=B2B_SERVER,
    b2b_key=b2b_key@entry=0x7f1400917510, method=method@entry=0x7f13fe2480c0 <method_invite>,
    ehdr=ehdr@entry=0x7ffd1df6ba10, maxfwd=<optimized out>, body=0x0, no_cb=0) at dlg.c:2294
        b2b_key_shm = 0x7f14008ef1f0
        td = 0x7f14823b1fd0
        tm_cback = 0x7f13fe282650 <b2b_server_tm_cback>
        build_dlg = <optimized out>
        method_value = <optimized out>
        result = <optimized out>
        __FUNCTION__ = "b2b_send_indlg_req"
#5  0x00007f13fe26f70a in _b2b_send_request (dlg=0x7f1400956f78, req_data=0x7ffd1df6baf0) at dlg.c:2501
        et = B2B_SERVER
        b2b_key = <optimized out>
        method = 0x7f13fe2480c0 <method_invite>
        dlginfo = <optimized out>
        hash_index = 11700
        local_index = 32615
        ehdr = {s = 0x7f13fe29f380 <buf> "Contact: <sip:172.29.2.212>\r\n", len = 29}
        table = <optimized out>
        method_value = 1
        ret = <optimized out>
        storage = {buffer = {s = 0x667edbcd <error: Cannot access memory at address 0x667edbcd>, len = 9532672},
          front_pointer = 0x0, size = 9119544, type = 32532, src_id = 0}
        b2b_ev = -1
        __FUNCTION__ = "_b2b_send_request"
#6  0x00007f13fe1de0a1 in bridging_start_old_ent (old_entity=0x7f1400917500, new_entity=0x7f1400a162b0,
    provmedia_uri=provmedia_uri@entry=0x0, body=body@entry=0x0, hdrs=0x0, tuple=<optimized out>, tuple=<optimized out>)
    at bridging.c:1365
        req_data = {et = B2B_SERVER, b2b_key = 0x7f1400917510, method = 0x7f13fe2480c0 <method_invite>,
          extra_headers = 0x0, client_headers = 0x7f1400917560, body = 0x0, dlginfo = 0x7f14009ea3d0, maxfwd = 0,
          no_cb = 0}
        __FUNCTION__ = "bridging_start_old_ent"
#7  0x00007f13fe1ed7bf in b2bl_timer_bridge_retry (ticks=<optimized out>, param=<optimized out>) at bridging.c:2402
        tuple = 0x7f14008b26d0
        it = 0x7f1400b18268
        last = <optimized out>
        next = <optimized out>
        __FUNCTION__ = "b2bl_timer_bridge_retry"

Describe the traffic that generated the bug OpenSIPS crashes due to the "tracer" module during bridging. If you completely comment out "tracer" in the OpenSIPS config (in the module section and the routes section), the crashes stop.

To Reproduce

  1. Use "tracer" module;
  2. Bridge legs with something like: 
    b2b_bridge("peer", $var(client_name),, $var(bridge_flags));
  3. Interesting, but problem is not reproduces if call b2b_bridge with Media URI: 
    b2b_bridge("peer", $var(client_name), $var(media_uri), $var(bridge_flags));

Relevant System Logs

Jun 28 16:16:08 [1729851] INFO:B2BL_REQUEST [ACK] scenario=[in] ci=server.11843.630811.1719591343.1039543058 fu=sip:+22222222222@3.3.3.3;user=phone tu=sip:+11111111111@1.1.1.1 ru=sip:10.10.10.212 du=<null> <10.10.10.211:5070->udp:10.10.10.212:5060>
Jun 28 16:16:08 [1729851] INFO:b2b_pass_request()
Jun 28 16:16:08 [1729851] INFO:DEBUG LOCAL in rm=ACK si=3.3.3.3 |ci=fghdgdfg-eXJuHFUFAgwMagZTGWZqe3ZuHCQBAAIWBANVA21lZnQ-| fu=sip:+22222222222@3.3.3.3 tu=sip:+11111111111@1.1.1.1 ru=sip:1.1.1.1:5060;transport=udp;did=SENiXxdaQA4JAgVMenp4bVQdAwMCAAdbeHgiLQVdQ0RXR0NfPScmZABaVAkKAQ5MeSZnbQEGVgUtNUIGOHlnaFYdAg0WBwdMcHRsalQFAA-- du=sip:1.1.1.1:5060;transport=udp;did=SENiXxdaQA4JAgVMenp4bVQdAwMCAAdbeHgiLQVdQ0RXR0NfPScmZABaVAkKAQ5MeSZnbQEGVgUtNUIGOHlnaFYdAg0WBwdMcHRsalQFAA-- [<null>][<null>] sin=udp:3.3.3.3:5060 sout=udp:3.3.3.3:5060
Jun 28 16:16:11 [1729864] CRITICAL:core:sig_usr: segfault in process pid: 1729864, id: 19
Jun 28 16:16:12 [1729848] WARNING:core:timer_ticker: timer task <b2bl-bridge-retry> already scheduled 950 ms ago (now 231040 ms), skipping execution
Jun 28 16:16:13 [1729848] WARNING:core:timer_ticker: timer task <b2bl-bridge-retry> already scheduled 1940 ms ago (now 232030 ms), skipping execution
Jun 28 16:16:14 [1729848] WARNING:core:timer_ticker: timer task <b2bl-bridge-retry> already scheduled 2930 ms ago (now 233020 ms), skipping execution

OS/environment information

Additional context

github-actions[bot] commented 1 month ago

Any updates here? No progress has been made in the last 15 days, marking as stale. Will close this issue if no further updates are made in the next 30 days.

github-actions[bot] commented 2 weeks ago

Marking as closed due to lack of progress for more than 30 days. If this issue is still relevant, please re-open it with additional details.