5 Feb
2019
5 Feb
'19
12:40 p.m.
Juha Heinanen writes:
Kamailio 5.2 crashed when it received 480 reply to
INVITE. Below is
backtrace from the core file.
The crash happens in t_reply.c on the last line of this block:
uac=&t->uac[branch];
LM_DBG("org. status uas=%d, uac[%d]=%d local=%d is_invite=%d)\n",
t->uas.status, branch, uac->last_received,
is_local(t), is_invite(t));
last_uac_status=uac->last_received;
Earlier it was checked that the transaction was found. Its uac[0]
seems to be broken.
pcap shows that kamailio receives from the uas two "180 ringing" replies
30 secs apart after which fr_inv_timeout hits. at that point kamailio
sends "408 request timeout" to uac and gets back ack. then 45 secs
later, kamailio gets one more "180 ringing" reply from the uas followed
by several 480 replies. one of them crashes kamailio.
-- juha