[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Linphone-developers] linphone crash on every incoming call

From: Lyudmila Voronina
Subject: Re: [Linphone-developers] linphone crash on every incoming call
Date: Tue, 10 Jul 2018 16:04:04 +0300

I have built linphone 4.1.1  - Qt 5.9.0

I also had to install:
sudo apt-get install libbsd-dev
sudo apt-get install libglew-dev
sudo apt-get install libturbojpeg
sudo apt-get install doxygen
sudo apt-get install graphviz       //for dot

//Installing python-pystache package
sudo apt-get update
sudo apt-get install python-pystache

I remove my questions.

2018-07-10 8:54 GMT+03:00 Amit Ramkisson <address@hidden>:
Where can i download the latest version of linphone ? 

On Sun, Jun 10, 2018 at 4:40 PM, Pali Rohár <address@hidden> wrote:
Package: linphone
Version: 3.6.1-3
Severity: important

Dear maintainer, linphone always crashes when there is incoming call.
Basically it makes it unusable. I'm CCing also linphone developers.

The most important for crash is stacktrace. So here is output from gdb:

Thread 1 "linphone" received signal SIGSEGV, Segmentation fault.
linphone_core_update_upnp_from_remote_media_description (address@hidden0, md=0x0) at upnp.c:684
684             for (i = 0; i < md->n_total_streams; i++) {

(gdb) print md
$1 = (const SalMediaDescription *) 0x0

(gdb) bt
#0  linphone_core_update_upnp_from_remote_media_description (address@hidden0, md=0x0) at upnp.c:684
#1  0x00007ffff7bb3b29 in linphone_call_new_incoming (address@hidden, address@hidden, address@hidden, address@hidden) at linphonecall.c:571
#2  0x00007ffff7ba6331 in call_received (h=0x555555aa6f20) at callbacks.c:256
#3  0x00007ffff7ba0763 in inc_new_call (ev=0x7fffa0003e70, sal=0x555555990bc0) at sal_eXosip2.c:1435
#4  process_event (ev=0x7fffa0003e70, sal=0x555555990bc0) at sal_eXosip2.c:2779
#5  sal_iterate (sal=0x555555990bc0) at sal_eXosip2.c:2907
#6  0x00007ffff7b95783 in linphone_core_iterate (lc=0x5555558a4410) at linphonecore.c:2107
#7  0x000055555556c290 in ?? ()
#8  0x00007fffef5b6123 in ?? () from /lib/x86_64-linux-gnu/
#9  0x00007fffef5b56aa in g_main_context_dispatch () from /lib/x86_64-linux-gnu/
#10 0x00007fffef5b5a60 in ?? () from /lib/x86_64-linux-gnu/
#11 0x00007fffef5b5d82 in g_main_loop_run () from /lib/x86_64-linux-gnu/
#12 0x00007ffff76503b7 in gtk_main () from /usr/lib/x86_64-linux-gnu/
#13 0x0000555555569cfc in main ()

So linphone is trying to do NULL pointer dereference on line 684 which
makes instant segfault.

Looking at the problematic libphonecall.c file and function
linphone_call_new_incoming()... and there is really a logical error.

        if (md) {
                call->params.has_video &= linphone_core_media_description_contains_video_stream(md);
        linphone_core_update_ice_from_remote_media_description(call, sal_call_get_remote_media_description(op));
        if (linphone_core_update_upnp_from_remote_media_description(call, sal_call_get_remote_media_description(op))<0) {

First there is call to the sal_call_get_remote_media_description()
function and then return value is checked for NULL.

Later there is again call for sal_call_get_remote_media_description()
but return value is not check and it is passed to functions
linphone_core_update_ice_from_remote_media_description() and

And functions linphone_core_update_upnp_from_remote_media_description()
and linphone_core_update_ice_from_remote_media_description() then
dereference md argument without doing any check for NULL.

        for (i = 0; i < md->n_total_streams; i++) {

        if ((md->ice_pwd[0] != '\0') && (md->ice_ufrag[0] != '\0')) {

So check for NULL pointer needs to be done to fix this problem.
Otherwise whole linphone application is unusable as it is not possible
to receive any call.

Pali Rohár

Linphone-developers mailing list

Linphone-developers mailing list

reply via email to

[Prev in Thread] Current Thread [Next in Thread]