I'm using LCR as a GSM <-> SIP interface and I've been trying to figure out why MO calls result in a segfault. I am running openbsc on cdc548cb and LCR on  c14326641a built and run on an ubuntu 14.04 64bit.

From what I've investigated so far, the request_uri passed to sofia-sip is malformed.

Has anyone seen this problem before? Would appreciate pointers.

Here are the full logs and stack trace:

** LCR  Version 1.14
000000 DEBUG (in route.c/getrulesetbyname() line 1928): ruleset main found.
000000 DEBUG (in sip.cpp/sip_init() line 1997): SIP globals initialized
000000 DEBUG (in gsm.cpp/mncc_socket_retry_cb() line 1443): Connected to MNCC socket /tmp/bsc_mncc!
su_port_create(0x6ad410): epoll_create() => 0: OK
su_socket_port_init(0x6ad410, 0x7ffff7dcf880) called
su_pthread_port_init(0x6ad410, 0x7ffff7dcf880) called
nua: nua_create: entering
[New Thread 0x7ffff6c52700 (LWP 11520)]
su_port_create(0x7ffff00008c0): epoll_create() => 0: OK
su_socket_port_init(0x7ffff00008c0, 0x7ffff7dcf880) called
su_pthread_port_init(0x7ffff00008c0, 0x7ffff7dcf880) called
nua: nua_stack_init: entering
nua: nua_stack_set_params: entering
soa_create("default", 0x7ffff0001130, 0x7ffff0001230) called
soa_set_params(static::0x7ffff0001920, ...) called
soa_set_params(static::0x7ffff0001920, ...) called
nta_agent_create: initialized hash tables
nta_agent_create: initialized transports
nta_agent_create: initialized random identifiers
nta_agent_create: initialized timer
nta_agent_create: initialized resolver
tport_create(): 0x7ffff0003df0
nta: master transport created
tport_bind_server(0x7ffff0003df0) to */127.0.0.1:5062/sip
tport_bind_server(0x7ffff0003df0): calling tport_listen for udp
tport_alloc_primary(0x7ffff0003df0): new primary tport 0x7ffff0004470
tport_listen(0x7ffff0004470): listening at udp/127.0.0.1:5062/sip
tport_bind_server(0x7ffff0003df0): calling tport_listen for tcp
tport_alloc_primary(0x7ffff0003df0): new primary tport 0x7ffff0004910
tport_listen(0x7ffff0004910): listening at tcp/127.0.0.1:5062/sip
nta: bound to (127.0.0.1:5062;transport=*)
nta: agent_init_via: SIP/2.0/udp 127.0.0.1:5062 (sip)
nta: agent_init_via: SIP/2.0/tcp 127.0.0.1:5062 (sip)
nta: Via fields initialized
nta: Contact header created
nua_register: Adding contact URL '127.0.0.1' to list.
nua: nua_set_params: entering
nua((nil)): sent signal r_set_params
000000 DEBUG (in sip.cpp/sip_init_inst() line 1942): SIP interface created (inst=0x6acce0)
nua((nil)): recv signal r_set_params
nua: nua_stack_set_params: entering
soa_set_params(static::0x7ffff0001920, ...) called
nua((nil)): event r_set_params 200 OK
LCR 1.14 started, waiting for calls...
000000 TRACE 15.01.16 11:36:21.011 --: LCR 1.14 started, waiting for calls...
nua: nua_application_event: entering
000000 DEBUG (in sip.cpp/sip_callback() line 1785): Event 23 from stack received (handle=(nil))
000000 DEBUG (in port.cpp/Port() line 210): new port (1) of type 0x3101, name 'gsm-0-in' interface 'gsm'
000000 DEBUG (in gsm.cpp/Pgsm() line 239): Created new GSMPort(gsm-0-in).
000000 DEBUG (in gsm_bs.cpp/Pgsm_bs() line 56): Created new GSMBSPort(gsm-0-in).
000000 TRACE 15.01.16 11:37:28.210 CH(1): New call ref LCR<->BSC  callref new=0x8000000d
000000 TRACE 15.01.16 11:37:28.210 CH(1): Codec negotiation LCR<->BSC  bearer capa='given by MS'  speech version='Full Rate given'
000000 TRACE 15.01.16 11:37:28.210 CH(1): MNCC_SETUP_IND LCR<->BSC  calling number=639360100037 imsi=901550000000824  dialing number=12345678
000000 DEBUG (in endpoint.cpp/Endpoint() line 48): EPOINT(1): Allocating enpoint 1 and connecting it with: ioport
000000 DEBUG (in endpoint.cpp/portlist_new() line 150): EPOINT(1) allocating port_list, attaching to port 1
000000 DEBUG (in appbridge.cpp/EndpointAppBridge() line 31): Bridge endpoint created
000000 DEBUG (in port.cpp/epointlist_new() line 131): PORT(1) allocating epoint_list.
000000 TRACE 15.01.16 11:37:28.211 CH(1): MNCC_CALL_PROC_REQ LCR<->BSC  progress coding=3 location=1 descr=8
000000 DEBUG (in port.cpp/new_state() line 283): PORT(gsm-0-in) new state PORT_STATE_IDLE --> PORT_STATE_IN_PROCEEDING
000000 TRACE 15.01.16 11:37:28.211 CH(1): MNCC_FRAME_RECV LCR<->BSC
000000 DEBUG (in gsm_bs.cpp/setup_ind() line 631): Request RTP peer info, before forwarding setup
000000 DEBUG (in gsm.cpp/rtp_create_ind() line 869): Got RTP peer info (7f000001,52103) forwarding setup
000000 DEBUG (in message.c/_message_put() line 70): message MESSAGE_SETUP written from 140733193388033 to 140733193388033 (memory 6b1a50 at file gsm.cpp, line 872)
000000 DEBUG (in message.c/message_get() line 115): message MESSAGE_SETUP reading from 1 to 140733193388033 (memory 6b1a50)
000000 DEBUG (in appbridge.cpp/port_setup() line 94): EPOINT(1) epoint received setup from='639360100037' to='12345678'
000000 DEBUG (in port.cpp/Port() line 210): new port (2) of type 0x2002, name 'sip-0-out' interface 'sip'
000000 DEBUG (in sip.cpp/Psip() line 72): Created new Psip(sip-0-out).
000000 DEBUG (in endpoint.cpp/portlist_new() line 150): EPOINT(1) allocating port_list, attaching to port 2
000000 DEBUG (in message.c/_message_put() line 70): message MESSAGE_SETUP written from 1 to 2 (memory 6b1a50 at file message.c, line 94)
000000 DEBUG (in message.c/_message_put() line 70): message MESSAGE_BRIDGE written from 1 to 1 (memory 6b6c00 at file appbridge.cpp, line 222)
000000 DEBUG (in message.c/_message_put() line 70): message MESSAGE_BRIDGE written from 1 to 2 (memory 6ba6e0 at file appbridge.cpp, line 225)
000000 DEBUG (in message.c/message_get() line 115): message MESSAGE_SETUP reading from 140733193388033 to 2 (memory 6b1a50)
000000 DEBUG (in sip.cpp/message_setup() line 954): Doing Setup (inst 0x6acce0)
000000 DEBUG (in sip.cpp/message_setup() line 961): RTP info given by remote, forward that
000000 DEBUG (in sip.cpp/message_setup() line 968): local ip 7f000001 port 52103
000000 DEBUG (in sip.cpp/message_setup() line 969): remote ip 00000000 port 0
nua: nh_create_handle: entering
000000 TRACE 15.01.16 11:37:28.816 CH(2): NEW handle  handle new=0x6b09c0
000000 DEBUG (in sip.cpp/message_setup() line 1038): Using SDP for invite: v=0
o=LCR-Sofia-SIP 0 0 IN IP4 127.0.0.1
s=SIP Call
c=IN IP4 127.0.0.1
t=0 0
m=audio 52103 RTP/AVP 3
a=rtpmap:3 GSM/8000
000000 TRACE 15.01.16 11:37:28.816 CH(2): INVITE  from uri=sip:639360100037@127.0.0.1:5062  to uri=sip:12345678@192.168.40.100:5060  rtp ip=127.0.0.1 port=52103,52104 payload=GSM:3
nua: nua_invite: entering
nua(0x6b09c0): sent signal r_invite
000000 DEBUG (in port.cpp/new_state() line 283): PORT(sip-0-out) new state PORT_STATE_IDLE --> PORT_STATE_OUT_SETUP
000000 DEBUG (in sip.cpp/message_setup() line 1069): do proceeding
000000 DEBUG (in port.cpp/new_state() line 283): PORT(sip-0-out) new state PORT_STATE_OUT_SETUP --> PORT_STATE_OUT_PROCEEDING
000000 DEBUG (in message.c/_message_put() line 70): message MESSAGE_PROCEEDING written from 2 to 1 (memory 6be1c0 at file sip.cpp, line 1072)
000000 DEBUG (in port.cpp/epointlist_new() line 131): PORT(2) allocating epoint_list.
000000 DEBUG (in message.c/message_get() line 115): message MESSAGE_BRIDGE reading from 1 to 1 (memory 6b6c00)
000000 DEBUG (in port.cpp/message_epoint() line 657): PORT(gsm-0-in) bridging to id 1
nua(0x6b09c0): recv signal r_invite
000000 DEBUG (in port.cpp/bridge() line 1305): Port 1 creating not existing bridge 1.
000000 DEBUG (in message.c/message_get() line 115): message MESSAGE_BRIDGE reading from 1 to 2 (memory 6ba6e0)
000000 DEBUG (in port.cpp/message_epoint() line 657): PORT(sip-0-out) bridging to id 1
nua: nua_stack_set_params: entering
000000 DEBUG (in port.cpp/bridge() line 1290): Port 2 found existing bridge 1.
000000 DEBUG (in message.c/message_get() line 115): message MESSAGE_PROCEEDING reading from 2 to 1 (memory 6be1c0)
000000 DEBUG (in appbridge.cpp/port_other() line 259): EPOINT(8) epoint received message 7070144 from port
000000 DEBUG (in message.c/_message_put() line 70): message MESSAGE_PROCEEDING written from 1 to 140733193388033 (memory 6be1c0 at file message.c, line 94)
000000 DEBUG (in message.c/message_get() line 115): message MESSAGE_PROCEEDING reading from 1 to 1 (memory 6be1c0)
nua(0x6b09c0): adding session usage
nta_leg_tcreate(0x7ffff0006b00)
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7ffff6c52700 (LWP 11520)]
strlen () at ../sysdeps/x86_64/strlen.S:106
106 ../sysdeps/x86_64/strlen.S: No such file or directory.
(gdb) bt
#0  strlen () at ../sysdeps/x86_64/strlen.S:106
#1  0x00007ffff7b70896 in url_xtra (url=url@entry=0x7ffff00075d0) at url.c:1048
#2  0x00007ffff7b2deaf in sip_request_create (home=home@entry=0x7ffff0006fc0, method=method@entry=sip_method_invite, name=0x7ffff7b916e2 <sip_method_name_invite> "INVITE",
    name@entry=0x7ffff7b8ed49 "INVITE", uri=uri@entry=0x7ffff00075d0, version=version@entry=0x0) at sip_basic.c:225
#3  0x00007ffff7ae3512 in nta_msg_request_complete (msg=msg@entry=0x7ffff0006fc0, leg=leg@entry=0x7ffff0006b00, method=method@entry=sip_method_invite,
    method_name=method_name@entry=0x7ffff7b8ed49 "INVITE", request_uri=0x7ffff00075d0, request_uri@entry=0x0) at nta.c:3890
#4  0x00007ffff7b07d92 in nua_client_request_sendmsg (cr=cr@entry=0x7ffff0005af0) at nua_client.c:803
#5  0x00007ffff7b08de9 in nua_client_request_try (cr=0x7ffff0005af0) at nua_client.c:708
#6  0x00007ffff7b06b93 in nua_client_init_request0 (cr=0x7ffff0005af0) at nua_client.c:605
#7  nua_client_init_request (cr=0x7ffff0005af0) at nua_client.c:442
#8  0x00007ffff7b07246 in nua_client_create (nh=nh@entry=0x6b09c0, event=event@entry=31, methods=methods@entry=0x7ffff7dc4d20 <nua_invite_client_methods>, tags=tags@entry=0x6b0eb0)
    at nua_client.c:199
#9  0x00007ffff7b1cc61 in nua_stack_invite (nua=nua@entry=0x6adc80, nh=nh@entry=0x6b09c0, e=e@entry=nua_r_invite, tags=tags@entry=0x6b0eb0) at nua_session.c:705
#10 0x00007ffff7b03eb3 in nua_stack_signal (nua=0x6adc80, msg=<optimized out>, ee=0x6b0e88) at nua_stack.c:582
#11 0x00007ffff7b522b2 in su_base_port_execute_msgs (queue=0x0) at su_base_port.c:280
#12 0x00007ffff7b527bd in su_base_port_run (self=0x7ffff00008c0) at su_base_port.c:335
#13 0x00007ffff7b52f10 in su_pthread_port_clone_main (varg=0x7fffffffe4c0) at su_pthread_port.c:324
#14 0x00007ffff7840182 in start_thread (arg=0x7ffff6c52700) at pthread_create.c:312
#15 0x00007ffff6d4d47d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111