[Freeswitch-users] Crash on 1.6 when using ICE

王聡 cong.wang.itsherpa at gmail.com
Tue May 29 10:29:08 UTC 2018 

Hey all,

Recently I upgraded my FS server from 1.4 to 1.6.20 and enabled video record, but frequently crash occurred.
The coredump file shows the crash occurred in handle_ice() function by a memory error like this:

#0  switch_sockaddr_get_port (sa=0x0) at src/switch_apr.c:924
No locals.
#1  0x00007f5aa524e662 in handle_ice (rtp_session=0x7f57e01a2138, ice=0x7f57e01a0cf0, data=0x0, len=140015398758072) at src/switch_rtp.c:1231
        ipbuf = “58.93.127.1", '\000' <repeats 37 times>
        cmp = -1521403865
        stunbuf = "\001\001\000,!\022\244B\001o\025\177\236\006\262X\226Q\321$\000 \000\b\000\001:\266\033O\023`\000\b\000\024z\204%(\307>\352'\254jn\"K\255\227\376텠6\200(\000\004\366\065\062\177", '\000' <repeats 447 times>
        rpacket = 0x7f59defcc2d0
        remote_ip = 0x1ba4 <error: Cannot access memory at address 0x1ba4>
        from_addr = 0x7f57e01a0cf0
        bytes = 64
        buf = “58.93.127.1", '\000' <repeats 67 times>
        port = 7076
        buf2 = '\000' <repeats 79 times>
        packet = 0x1ba4
        attr = 0x7f57e01b26b8
        end_buf = 0x0
        username = "76MHJVvjVqM37tvJ:b94edc3e\000\000\000\000\000\000\000\000"
        buf = "\001\000T\000!\022\244B\001o\025\177\236\006\262X\226Q\321$\006\000\031\000\067\066MHJVvjVqM37tvJ:b94edc3e\000\000\000$\000\004\000n\377\377\377*\200\b\000n\033\004H0:9\254\b\000\024\000K\203Ə\264\242\063\303G\367\265\061\226v\233\206F\210\001G(\200\004\000iU\316\354", '\000' <repeats 407 times>
        xlen = -553860400
        __func__ = "handle_ice"
#2  0x00007f5aa5252428 in read_rtp_packet (rtp_session=0x7f57e01a2138, bytes=0x7f59defcc740, flags=0x0, pmapP=0x0, poll_status=SWITCH_STATUS_SUCCESS, return_jb_packet=SWITCH_FALSE) at src/switch_rtp.c:5691
        ts = 3759842008
        sync = -535125288
        now = 140027297347623
        __PRETTY_FUNCTION__ = "read_rtp_packet"
        __func__ = "read_rtp_packet"

More test shows that the crash occurred when client switched its network during a call. 
It always crash at the same point when I switched from wifi to carrier network.
And the crash disappeared after I disabled the ICE settings in client.

However, the same setting works well on previous server (1.4), so is there any changes on ICE solution between 1.4 and 1.6.20? Or the video record is the reason?

Server: 
	Old: FreeSWITCH Version 1.4.26+git~20160205T175853Z~ca9207aa32~64bit (git ca9207a 2016-02-05 17:58:53Z 64bit)
	New: FreeSWITCH Version 1.6.20+git~20180123T214909Z~987c9b9a2a~64bit (git 987c9b9 2018-01-23 21:49:09Z 64bit)

Client:
	Custom SIP phone based on LibLinphone

Regards.

More information about the FreeSWITCH-users mailing list