Closed magic-bear closed 4 years ago
@magic-bear does refer_id
exist when you invoke it? Can you provide a libasan dump or gdb stacktrace of the segfault? As a side note, please test on master as well, just to rule out the chance this may have been fixed.
refer_id does not yet exist when set - in this example, i am defining it for the first time, manually.
#1136 janus_sip_handler (data=<optimized out>) at plugins/janus_sip.c:3276
transfer = 0x0
ha1_secret = <optimized out>
authuser = <optimized out>
uri = <optimized out>
srtp_profile = <optimized out>
srtp = <optimized out>
from_hdr = "sip:magicbear@testing.com", '\000' <repeats 992 times>
aar = <optimized out>
sdperror = "3600\000joubert\000\060\060", '\000' <repeats 84 times>
sdp = <optimized out>
request_callid = <optimized out>
referred_by = 0x0
msg_simulcast = <optimized out>
require_srtp = <optimized out>
target_uri = {data = "sip\000\061\062\060\064\062\062\065\071\071\071\071\000testing.com", '\000' <repeats 983 times>, url = {{
url_pad = "\000\000\000\000\000", url_type = 1 '\001', url_root = 0 '\000', url_scheme = 0x7f4a85ce5210 "sip", url_user = 0x7f4a85ce5214 "12042259999",
url_password = 0x0, url_host = 0x7f4a85ce5220 "testing.com", url_port = 0x0, url_path = 0x0, url_params = 0x0, url_headers = 0x0, url_fragment = 0x0}}}
msg_sdp_type = <optimized out>
callid = 0x7f4a700067e0 "4YRqSesBJ5DNNKlPXKOIhNV"
secret = <optimized out>
offer_srtp = <optimized out>
uri_text = <optimized out>
custom_headers = "X-Outbound: true\r\n", '\000' <repeats 1870 times>...
msg_sdp = <optimized out>
parsed_sdp = <optimized out>
refer_id = 153092680
session = 0x7f4a7c007730
request = <optimized out>
request_text = <optimized out>
result = 0x0
__FUNCTION__ = "janus_sip_handler"
msg = 0x7f4a5c01acc0
error_code = 0
error_cause = "Wrong state (not in a call?)", '\000' <repeats 483 times>
root = <optimized out>
#1 0x00007f4a8ba00415 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#2 0x00007f4a8af8efa3 in start_thread (arg=<optimized out>) at pthread_create.c:486
ret = <optimized out>
pd = <optimized out>
now = <optimized out>
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {139958049208064, 7147267784192413170, 140722614460942, 140722614460943, 139958049208064, 0, -7087195000447840782,
-7087214598491484686}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
not_first_call = <optimized out>
#3 0x00007f4a8aebf4cf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
No locals.```
Another post to follow with master.. just building it.
I think I have a fix.
ok cool - i have a master trace as well:
Here is the gdb from master:
Thread 5 "sip handler" received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7f4a3a02a700 (LWP 31195)]
0x00007f4a3a3ecd74 in janus_sip_handler (data=<optimized out>) at plugins/janus_sip.c:3295
3295 plugins/janus_sip.c: No such file or directory.
(gdb) backtrace full
#0 0x00007f4a3a3ecd74 in janus_sip_handler (data=<optimized out>) at plugins/janus_sip.c:3295
transfer = 0x0
ha1_secret = <optimized out>
authuser = <optimized out>
uri = <optimized out>
srtp_profile = <optimized out>
srtp = <optimized out>
from_hdr = "sip:mbear@hr.example.com", '\000' <repeats 992 times>
aar = <optimized out>
sdperror = "3600\000bear", '\000' <repeats 87 times>
sdp = <optimized out>
request_callid = <optimized out>
referred_by = 0x0
msg_simulcast = <optimized out>
require_srtp = <optimized out>
target_uri = {data = "sip\000\061\062\060\064\062\062\065\071\071\071\071\000internal.example.com", '\000' <repeats 983 times>, url = {{
url_pad = "\000\000\000\000\000", url_type = 1 '\001', url_root = 0 '\000', url_scheme = 0x7f4a3a028210 "sip", url_user = 0x7f4a3a028214 "12042259999",
url_password = 0x0, url_host = 0x7f4a3a028220 "internal.example.com", url_port = 0x0, url_path = 0x0, url_params = 0x0, url_headers = 0x0, url_fragment = 0x0}}}
msg_sdp_type = <optimized out>
callid = 0x7f4a240069a0 "4YRqSesBJ5DNNKlPXKOIhNV"
secret = <optimized out>
offer_srtp = <optimized out>
uri_text = <optimized out>
custom_headers = "X-Outbound: true\r\n", '\000' <repeats 1870 times>...
msg_sdp = <optimized out>
parsed_sdp = <optimized out>
refer_id = 153092680
session = 0x7f4a30007e60
request = <optimized out>
request_text = <optimized out>
result = 0x0
__FUNCTION__ = "janus_sip_handler"
msg = <optimized out>
error_code = 0
error_cause = '\000' <repeats 511 times>
root = <optimized out>
#1 0x00007f4a3fd46415 in ?? () from /lib/x86_64-linux-gnu/libglib-2.0.so.0
No symbol table info available.
#2 0x00007f4a3f2d4fa3 in start_thread (arg=<optimized out>) at pthread_create.c:486
ret = <optimized out>
pd = <optimized out>
now = <optimized out>
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {139956777559808, 1468820787416209790, 140723467048702, 140723467048703, 139956777559808, 0, -1515961842585364098,
-1515968270699259522}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
not_first_call = <optimized out>
#3 0x00007f4a3f2054cf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
No locals.
ok cool - i have a master trace as well:
Nice, the line number matches my patch.
@lminiero github is currently having issues (see https://www.githubstatus.com/ ) so hopefully you're able to see https://github.com/meetecho/janus-gateway/pull/1963
refer_id does not yet exist when set - in this example, i am defining it for the first time, manually.
refer_id
is something you receive from Janus, not something you set yourself. Check the description in #1815 for the specific syntax, but basically:
refer_id
Janus generatedrefer_id
I see @tmatth beat me to it (thanks for the super fast fix, Tristan!), but the cause was indeed the non-existing refer_id
, which means the transfer
struct we look for doesn't exist either: we had a check on it not being NULL already, but not for headers too, which is where it crashed for you.
@lminiero github is currently having issues (see https://www.githubstatus.com/ ) so hopefully you're able to see #1963
I can, but approving your PR failed due to the same issue apparently :disappointed:
@magic-bear this should fix your segfault, but to get transfers working, please refer to the steps I sketched in a previous message.
Thanks for the super fast turnaround. I totally agree I was doing the transfer incorrectly in the first place but better safe than sorry where segfaults are concerned :)
Thanks for the super fast turnaround. I totally agree I was doing the transfer incorrectly in the first place but better safe than sorry where segfaults are concerned :)
Yeah I should've clarified that I was only fixing the crash (which is pretty obvious), not the usage.
Hi All,
I was tinkering with the attended transfer feature, and inadvertently found a segfault. I was able to reproduce the issue multiple times on janus 0.8.1
To reproduce, start a phone call on the master handle. Add a helper, and start a second call. Then issue:
The number in the refer_id appears to cause segfault for any number. I just have some 1s and 0s as a placeholder.