Hugh Waite writes:
I see that core_hash has moved from /lib/kcore/hash_func.h (in 3.2) to /hashes.h but I think the algorithm is the same one. Maybe pua is passing a null or uninitialised string?
after getting the debug symbols, i see this:
(gdb) where #0 0x00007fe3b4db0f9f in core_hash (s1=0x7fe3b1866a01, s2=0x0, size=512) at ../../hashes.h:279 #1 0x00007fe3b4db233f in publ_cback_func (t=0x7fe3b1866d20, type=1024, ps=0x7fffa7086230) at send_publish.c:246 #2 0x00007fe3b9834907 in run_trans_callbacks_internal (cb_lst=0x7fe3b1866d90, type=1024, trans=0x7fe3b1866d20, params=0x7fffa7086230) at t_hooks.c:290 #3 0x00007fe3b9834a19 in run_trans_callbacks (type=1024, trans=0x7fe3b1866d20, req=0x0, rpl=0x7fe3b9d78c88, code=200) at t_hooks.c:317 #4 0x00007fe3b985c6fa in local_reply (t=0x7fe3b1866d20, p_msg=0x7fe3b9d78c88, branch=0, msg_status=200, cancel_data=0x7fffa7086490) at t_reply.c:2001 #5 0x00007fe3b985db30 in reply_received (p_msg=0x7fe3b9d78c88) at t_reply.c:2350 #6 0x000000000044fee5 in forward_reply (msg=0x7fe3b9d78c88) at forward.c:790 #7 0x0000000000489180 in receive_msg ( buf=0x7fe3b1868350 "SIP/2.0 200 OK\r\nVia: SIP/2.0/TCP 192.98.103.10:8080;branch=z9hG4bK2d38.cbac1124", '0' <repeats 24 times>, ".0;received=127.0.0.1\r\nTo: sip:jh@vm.test.fi;tag=4a664ec84c547b2d0bc0fe8965f834e4-d075\r\nFrom: sip"..., len=461, rcv_info=0x7fe3b1868088) at receive.c:270 #8 0x0000000000501a8c in receive_tcp_msg ( tcpbuf=0x7fe3b1868350 "SIP/2.0 200 OK\r\nVia: SIP/2.0/TCP 192.98.103.10:8080;branch=z9hG4bK2d38.cbac1124", '0' <repeats 24 times>, ".0;received=127.0.0.1\r\nTo: sip:jh@vm.test.fi;tag=4a664ec84c547b2d0bc0fe8965f834e4-d075\r\nFrom: sip"..., len=461, rcv_info=0x7fe3b1868088, con=0x7fe3b1868070) at tcp_read.c:1044 #9 0x0000000000502740 in tcp_read_req (con=0x7fe3b1868070, bytes_read=0x7fffa708693c, read_flags=0x7fffa7086938) at tcp_read.c:1231 #10 0x0000000000503759 in handle_io (fm=0x7fe3b9d66740, events=1, idx=-1) at tcp_read.c:1403 #11 0x00000000004fe363 in io_wait_loop_epoll (h=0x897ce0, t=2, repeat=0) at io_wait.h:1092 #12 0x0000000000504431 in tcp_receive_loop (unix_sock=20) at tcp_read.c:1572 #13 0x00000000004f9920 in tcp_init_children () at tcp_main.c:4952 #14 0x000000000045c9fb in main_loop () at main.c:1718 #15 0x000000000045f29c in main (argc=16, argv=0x7fffa7086de8) at main.c:2546
at frame #1, i see:
(gdb) frame 1 #1 0x00007fe3b4db233f in publ_cback_func (t=0x7fe3b1866d20, type=1024, ps=0x7fffa7086230) at send_publish.c:246 246 hash_code= core_hash(hentity->pres_uri, NULL, HASH_SIZE); (gdb) print hentity->pres_uri $1 = (str *) 0x7fe3b1866a01
looks like that str does not point to anything real:
(gdb) print hentity->pres_uri.len $3 = 1835890035 (gdb) print hentity->pres_uri.s $4 = 0x2d6567617373656d <Address 0x2d6567617373656d out of bounds>
-- juha