Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

coredump when fingerprint is not correct #209

Closed
yangjinecho opened this issue Jul 18, 2018 · 11 comments
Closed

coredump when fingerprint is not correct #209

yangjinecho opened this issue Jul 18, 2018 · 11 comments
Assignees
@ibc
Labels
bug
Milestone
v2 updates

Comments

@yangjinecho
Copy link
Contributor

if happen "fingerprint in the remote certificate (%s) does not match the announced one (%s)", then the woker will coredump, you can test it by revise fingerprint!
@ibc
Copy link
Member

ibc commented Jul 18, 2018

Good catch!

Note for me: In order to easily test it, just add the following at lib/Peer.js line 350:

// TODO: TMP for testing https://github.com/versatica/mediasoup/issues/209
dtlsParameters.fingerprints[0].value = dtlsParameters.fingerprints[0].value.replace(/1/g, 'F');

@ibc ibc self-assigned this Jul 18, 2018
@ibc ibc added the bug label Jul 18, 2018
@ibc ibc added this to the v2 updates milestone Jul 18, 2018
@ibc
Copy link
Member

ibc commented Jul 18, 2018

Core dump in OSX:

Crashed Thread:        0  Dispatch queue: com.apple.main-thread

Exception Type:        EXC_BAD_ACCESS (SIGSEGV)
Exception Codes:       KERN_INVALID_ADDRESS at 0x00000000000000b3
Exception Note:        EXC_CORPSE_NOTIFY

Termination Signal:    Segmentation fault: 11
Termination Reason:    Namespace SIGNAL, Code 0xb
Terminating Process:   exc handler [0]

VM Regions Near 0xb3:
--> 
    __TEXT                 000000010318c000-00000001033f1000 [ 2452K] r-x/rwx SM=COW  /Users/USER/*

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   mediasoup-worker              	0x000000010323802d SSL_ctrl + 736 (ssl_lib.c:1917)
1   mediasoup-worker              	0x00000001031a1630 RTC::DtlsTransport::SetTimeout() + 38
2   mediasoup-worker              	0x00000001031a1c7f RTC::DtlsTransport::ProcessDtlsData(unsigned char const*, unsigned long) + 383 (DtlsTransport.cpp:727)
3   mediasoup-worker              	0x00000001031cbfff non-virtual thunk to RTC::WebRtcTransport::OnPacketRecv(RTC::UdpSocket*, unsigned char const*, unsigned long, sockaddr const*) + 69
4   mediasoup-worker              	0x00000001032229e0 uv__udp_io + 325 (udp.c:210)
5   mediasoup-worker              	0x0000000103225509 uv__io_poll + 1742
6   mediasoup-worker              	0x00000001032179ed uv_run + 314 (core.c:371)
7   mediasoup-worker              	0x000000010319353d Worker::Worker(Channel::UnixStreamSocket*) + 301 (Worker.cpp:37)
8   mediasoup-worker              	0x00000001031f903c main + 1436 (main.cpp:94)
9   libdyld.dylib                 	0x00007fff7fbff015 start + 1

@ibc
Copy link
Member

ibc commented Jul 18, 2018

Confirmed that it happens during the DTLS processing.

@ibc
Copy link
Member

ibc commented Jul 18, 2018

IMGO the issue is in WebRtcTransport.cpp line ~500:

		// Pass the remote fingerprint to the DTLS transport.
		this->dtlsTransport->SetRemoteFingerprint(fingerprint);

		// Run the DTLS transport if ready.
		MayRunDtlsTransport();

It happens that SetRemoteFingerprint() calls ProcessHandshake() which checks CheckRemoteFingerprint() and, if it fails, calls to this->listener->OnDtlsFailed(this);.

WebRtcTransport.OnDtlsFailed() destroys the instance, so also the DtlsTransportinstance. But then we call MayRunDtlsTransport()!

@ibc
Copy link
Member

ibc commented Jul 18, 2018

Not sure about the last comment. It's not what I see in the logs.

@ibc
Copy link
Member

ibc commented Jul 18, 2018
edited

No, it's not like said above.

BTW: a full log detail (with some extra logs added):

  mediasoup:ERROR:mediasoup-worker [id:ovbffxlx#1] src/RTC/WebRtcTransport.cpp:728 | RTC::WebRtcTransport::OnPacketRecv() | IsDtls +4ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/WebRtcTransport.cpp:759 | RTC::WebRtcTransport::OnDtlsDataRecv() +1ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/IceServer.cpp:210 | RTC::IceServer::IsValidTuple() +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/IceServer.cpp:460 | RTC::IceServer::HasTuple() +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/IceServer.cpp:265 | RTC::IceServer::ForceSelectedTuple() +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/IceServer.cpp:460 | RTC::IceServer::HasTuple() +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/IceServer.cpp:485 | RTC::IceServer::SetSelectedTuple() +0ms
  mediasoup:ERROR:mediasoup-worker [id:ovbffxlx#1] src/RTC/WebRtcTransport.cpp:777 | RTC::WebRtcTransport::OnDtlsDataRecv() | DTLS data received, passing it to the DTLS transport +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:689 | RTC::DtlsTransport::ProcessDtlsData() +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:1222 | RTC::DtlsTransport::OnSslInfo() +46ms
  mediasoup:mediasoup-worker [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:1236 | RTC::DtlsTransport::OnSslInfo() | [role:client, action:'SSLv3/TLS write finished'] +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:1222 | RTC::DtlsTransport::OnSslInfo() +0ms
  mediasoup:mediasoup-worker [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:1236 | RTC::DtlsTransport::OnSslInfo() | [role:client, action:'SSLv3/TLS read change cipher spec'] +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:1222 | RTC::DtlsTransport::OnSslInfo() +0ms
  mediasoup:mediasoup-worker [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:1236 | RTC::DtlsTransport::OnSslInfo() | [role:client, action:'SSLv3/TLS read finished'] +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:1222 | RTC::DtlsTransport::OnSslInfo() +1ms
  mediasoup:mediasoup-worker [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:1280 | RTC::DtlsTransport::OnSslInfo() | DTLS handshake done +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:1222 | RTC::DtlsTransport::OnSslInfo() +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:897 | RTC::DtlsTransport::SendPendingOutgoingDtlsData() +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:816 | RTC::DtlsTransport::CheckStatus() +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/handles/Timer.cpp:71 | Timer::Stop() +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:962 | RTC::DtlsTransport::ProcessHandshake() +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:1012 | RTC::DtlsTransport::CheckRemoteFingerprint() +0ms
  mediasoup:ERROR:mediasoup-worker [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:1074 | RTC::DtlsTransport::CheckRemoteFingerprint() | FINGERPRINT DOES NOT MATCH +47ms
  mediasoup:WARN:mediasoup-worker [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:1080 | RTC::DtlsTransport::CheckRemoteFingerprint() | fingerprint in the remote certificate (37:2B:F9:0D:BC:37:13:6F:01:CE:4E:B0:8B:9C:07:15:75:07:34:71:8D:97:E4:81:6F:E3:28:4B:85:A9:97:55) does not match the announced one (37:2B:F9:0D:BC:37:F3:6F:0F:CE:4E:B0:8B:9C:07:F5:75:07:34:7F:8D:97:E4:8F:6F:E3:28:4B:85:A9:97:55) +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:783 | RTC::DtlsTransport::Reset() +2ms
  mediasoup:WARN:mediasoup-worker [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:790 | RTC::DtlsTransport::Reset() | resetting DTLS transport +1ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/handles/Timer.cpp:71 | Timer::Stop() +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:1222 | RTC::DtlsTransport::OnSslInfo() +0ms
  mediasoup:mediasoup-worker [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:1260 | RTC::DtlsTransport::OnSslInfo() | sending DTLS warning alert: close notify +0ms
  mediasoup:ERROR:mediasoup-worker [id:ovbffxlx#1] src/RTC/WebRtcTransport.cpp:1175 | RTC::WebRtcTransport::OnDtlsFailed() | ----------------------------------- OnDtlsFailed +2ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/WebRtcTransport.cpp:1177 | RTC::WebRtcTransport::OnDtlsFailed() +0ms
  mediasoup:WARN:mediasoup-worker [id:ovbffxlx#1] src/RTC/WebRtcTransport.cpp:1184 | RTC::WebRtcTransport::OnDtlsFailed() | DTLS failed +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/Channel/Notifier.cpp:33 | Channel::Notifier::Emit() +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/Transport.cpp:58 | RTC::Transport::Destroy() +1ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/Channel/Notifier.cpp:18 | Channel::Notifier::Emit() +0ms
  mediasoup:WebRtcTransport close() +219ms
  mediasoup:Peer _sendNotification() [method:transportClosed] +315ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/Router.cpp:1598 | RTC::Router::OnTransportClosed() +2ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/WebRtcTransport.cpp:183 | RTC::WebRtcTransport::~WebRtcTransport() +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:583 | RTC::DtlsTransport::Destroy() +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/handles/Timer.cpp:44 | Timer::Destroy() +1ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:570 | RTC::DtlsTransport::~DtlsTransport() +46ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/IceServer.cpp:32 | RTC::IceServer::Destroy() +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/handles/UdpSocket.cpp:154 | UdpSocket::Destroy() +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/Transport.cpp:31 | RTC::Transport::~Transport() +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/handles/Timer.cpp:44 | Timer::Destroy() +0ms
  mediasoup:mediasoup-worker (trace) [id:ovbffxlx#1] src/RTC/DtlsTransport.cpp:922 | RTC::DtlsTransport::SetTimeout() +0ms
  mediasoup:Peer receiveRequest() [method:createProducer] +63ms
  mediasoup:Peer _createProducer() [id:82467159, kind:audio] +3ms
  mediasoup:ERROR:Peer receiveRequest() failed [method:createProducer]: TypeError: WebRtcTransport not found at Peer._createProducer (/Users/ibc/src/mediasoup/lib/Peer.js:869:26) at Promise.resolve.then (/Users/ibc/src/mediasoup/lib/Peer.js:418:19) at <anonymous> at process._tickDomainCallback (internal/process/next_tick.js:228:7) +0ms
  mediasoup:ERROR:Worker child process exited [id:ovbffxlx#1, code:null, signal:SIGSEGV] +0ms

@ibc
Copy link
Member

ibc commented Jul 18, 2018

So the super strange thing is the latest RTC::DtlsTransport::SetTimeout() line once the DtlsTransport was already destroyed!

@ibc
Copy link
Member

ibc commented Jul 18, 2018

Confirmed that SetTimeout() is called once DTLS failed. And it's being called within ProcessDtlsData() which is just called by WebRtcTransport. How is possible if the transport was already failed/closed/destroyed???

@ibc ibc closed this as completed in bf26d2e Jul 18, 2018
@ibc
Copy link
Member

ibc commented Jul 18, 2018

Thanks a lot @yangjinecho. It's fixed in mediasoup 2.2.1.

@Talbot3
Copy link

Talbot3 commented Oct 8, 2018

@ibc could fix it on 1.x

@ibc
Copy link
Member

ibc commented Oct 8, 2018

No, sorry. 1.x is not maintained.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ibc ibc

Labels
bug
Milestone
v2 updates
Development

No branches or pull requests
3 participants
@ibc @Talbot3 @yangjinecho