janus 0.7.2 crash when conn_check_handle_inbound_stun

[pgj007]

#0  0x00007f9551c9b207 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:55
#1  0x00007f9551c9c8f8 in __GI_abort () at abort.c:90
#2  0x00007f9553525665 in g_assertion_message (domain=domain@entry=0x7f9553ded90a "libnice", file=file@entry=0x7f9553df324e "conncheck.c", line=line@entry=1914, func=func@entry=0x7f9553df3710 <__FUNCTION__.28937> "priv_mark_pair_nominated", message=message@entry=0x7f94115ac230 "assertion failed: (pair->state == NICE_CHECK_DISCOVERED)") at gtestutils.c:2532
#3  0x00007f95535256ca in g_assertion_message_expr (domain=domain@entry=0x7f9553ded90a "libnice", file=file@entry=0x7f9553df324e "conncheck.c", line=line@entry=1914, func=func@entry=0x7f9553df3710 <__FUNCTION__.28937> "priv_mark_pair_nominated", expr=expr@entry=0x7f9553df1fe8 "pair->state == NICE_CHECK_DISCOVERED") at gtestutils.c:2555
#4  0x00007f9553dd33bf in priv_mark_pair_nominated (agent=agent@entry=0x7f950000d140 [NiceAgent], stream=stream@entry=0x7f9428000c70 [NiceStream], component=component@entry=0x7f9428003ea0 [NiceComponent], localcand=localcand@entry=0x7f94fc006070, remotecand=remotecand@entry=0x7f9508004e80) at conncheck.c:1914
#5  0x00007f9553dd66ef in conn_check_handle_inbound_stun (use_candidate=1, msg=0x7f94f4fe8160, rbuf_len=80, sockptr=0x7f9404009f50, toaddr=0x7f94f4fe89b0, rcand=<optimized out>, lcand=0x7f94fc006070, component=0x7f9428003ea0 [NiceComponent], stream=0x7f9428000c70 [NiceStream], agent=0x7f950000d140 [NiceAgent]) at conncheck.c:2876
#6  0x00007f9553dd66ef in conn_check_handle_inbound_stun (agent=agent@entry=0x7f950000d140 [NiceAgent], stream=stream@entry=0x7f9428000c70 [NiceStream], component=0x7f9428003ea0 [NiceComponent], nicesock=0x7f9404009f50, from=0x7f94f4fe89b0, buf=buf@entry=0x7f9411600b10 "", len=100) at conncheck.c:4229
#7  0x00007f9553dcec53 in agent_recv_message_unlocked (agent=agent@entry=0x7f950000d140 [NiceAgent], stream=stream@entry=0x7f9428000c70 [NiceStream], component=component@entry=0x7f9428003ea0 [NiceComponent], nicesock=0x7f9404009f50, message=message@entry=0x7f94f4fe8ac0) at agent.c:4009
#8  0x00007f9553dcee85 in component_io_cb (gsocket=<optimized out>, condition=<optimized out>, user_data=0x7f9500005a20) at agent.c:5326
#9  0x00007f9553a96ff6 in socket_source_dispatch (source=0x7f942963c0d0, callback=0x7f9553dcecf0 <component_io_cb>, user_data=0x7f9500005a20) at gsocket.c:3833
#10 0x00007f95534ff049 in g_main_context_dispatch (context=0x7f9508009620) at gmain.c:3175
#11 0x00007f95534ff049 in g_main_context_dispatch (context=context@entry=0x7f9508009620) at gmain.c:3828
#12 0x00007f95534ff3a8 in g_main_context_iterate (context=0x7f9508009620, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3901
#13 0x00007f95534ff67a in g_main_loop_run (loop=0x7f950800d690) at gmain.c:4097
#14 0x000000000042d199 in janus_ice_handle_thread (data=0x7f95080094e0) at ice.c:1086
#15 0x00007f95535264f0 in g_thread_proxy (data=0x7f950800d850) at gthread.c:784
#16 0x00007f9552039dd5 in start_thread (arg=0x7f94f4ff9700) at pthread_create.c:307
#17 0x00007f9551d62ead in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111

The client and server are both in NAT. When the client is opened, the server crashes.

[lminiero]

@pgj007 please stop pasting these dumps inline as they are. They mess up the automatic github issue linking. Fixing it for you for the second time...

[pgj007]

@lminiero Ok, I'll be more careful next time

[lminiero]

Looks like a libnice issue. Make sure you're using libnice master: if you are, you may want to report it on their repo. Closing.

[pgj007]

@lminiero ok

[tmatth]

I opened an issue here since we observed the same crash happening with libnice 0.1.15:
https://gitlab.freedesktop.org/libnice/libnice/issues/94
Better info here https://gitlab.freedesktop.org/libnice/libnice/issues/95

[tmatth]

This has been fixed upstream, you'll probably want to update libnice:
https://gitlab.freedesktop.org/libnice/libnice/commit/6afcb580ae8118e189b24c74f0832c8cfff39f4e