Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

a bug in stunc_resp_handler #2

Open
lxlenovostar opened this issue Jun 10, 2019 · 0 comments
Open

a bug in stunc_resp_handler #2

lxlenovostar opened this issue Jun 10, 2019 · 0 comments

Comments

@lxlenovostar
Copy link 

static void stunc_resp_handler(int err, uint16_t scode, const char *reason,
			       const struct stun_msg *msg, void *arg)
{
	struct ice_conncheck *cc = arg;
	struct ice_candpair *pair = cc->pair;
	struct trice *icem = cc->icem;
	struct stun_attr *attr;
	bool success = (err == 0) && (scode == 0);
	(void)reason;

	if (!icem) {
		DEBUG_WARNING("stun response: no icem\n");
	}

	if (cc->term)
		return;

	trice_tracef(icem, success ? 32 : 31,
		     "[%u] Rx %H <--- %H '%u %s'%H\n",
		     pair->lcand->attr.compid,
		     trice_cand_print, pair->lcand,
		     trice_cand_print, pair->rcand,
		     scode, reason, print_err, &err);

	if (err) {
		DEBUG_NOTICE("stun response: [%H --> %H] %m\n",
			     trice_cand_print, pair->lcand,
			     trice_cand_print, pair->rcand,
			     err);

		trice_candpair_failed(pair, err, scode);
		goto out;
	}

backtrace:

#0  0xb6c842f4 in stunc_resp_handler (err=110, scode=<optimized out>, reason=<optimized out>, msg=0x0, arg=0x2a2db8) at src/trice/connchk.c:202
        cc = 0x2a2db8
        pair = 0x38c188
        icem = 0x4a65c0
        attr = <optimized out>
        success = <optimized out>
#1  0xb6e0ef60 in completed (ct=0x449ea8, err=110, scode=0, reason=0x0, msg=0x0) at src/stun/ctrans.c:65
        resph = 0xb6c842ad <stunc_resp_handler>
        arg = 0x2a2db8
#2  0xb6e0f0b2 in timeout_handler (arg=0x449ea8) at src/stun/ctrans.c:102
        ct = 0x449ea8
        cfg = 0x4b2950
        err = 110
#3  0xb6e35d20 in call_handler (th=0xb6e0efe9 <timeout_handler+8>, arg=0x449ea8) at src/tmr/tmr.c:70
        tick = 1560150070939
        diff = 0
#4  0xb6e35dda in tmr_poll (tmrl=0xb6f7b678 <global_re+24>) at src/tmr/tmr.c:116
        jfs = 1560150070939
#5  0xb6e37600 in re_main (signalh=0xd365 <handle_signal_handler>) at src/main/main.c:997
        re = 0xb6f7b660 <global_re>
        err = 0

(gdb)  print *((struct ice_candpair *)(*(struct ice_conncheck *)0x2a2db8).pair)
$9 = {le = {prev = 0x0, next = 0x0, list = 0x0, data = 0x0}, icem = 0x0, comp = 0x0, lcand = 0x0, rcand = 0x0, def = false, valid = false, nominated = false, state = ICE_CANDPAIR_FROZEN, 
  pprio = 0, ct_conn = 0x0, err = 0, scode = 0}
(gdb)  print *((struct trice *)(*(struct ice_conncheck *)0x2a2db8).icem)
$10 = {conf = {nom = ICE_NOMINATION_AGGRESSIVE, debug = false, trace = false, ansi = true, enable_prflx = true}, lrole = ICE_ROLE_CONTROLLED, tiebrk = 11420834005876552669, 
  lufrag = 0x1ec118 "bQOuno5QYlhdyzAq", lpwd = 0x1796e0 "000bkD20U7300eFHK2Q1B9LevVF2NjiW", rufrag = 0x26aed8 "m5qT", rpwd = 0x47bf8 "zTnoJq0jisUe6oCYQzRr9JtS", lcandl = {head = 0x44d4fc, 
    tail = 0x274cfc}, rcandl = {head = 0x14e36c, tail = 0x2790a4}, checkl = {head = 0x1c45c0, tail = 0x1eb8e0}, validl = {head = 0x0, tail = 0x0}, reqbufl = {head = 0x0, tail = 0x0}, 
  checklist = 0x324520, connl = {head = 0x0, tail = 0x0}, sw = 0x0}

pair->lcand is 0x0, and we use it in :

	trice_tracef(icem, success ? 32 : 31,
		     "[%u] Rx %H <--- %H '%u %s'%H\n",
		     pair->lcand->attr.compid,
		     trice_cand_print, pair->lcand,
		     trice_cand_print, pair->rcand,
		     scode, reason, print_err, &err);
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@lxlenovostar