| Summary: | ASTERISK-07448: crash * on accepting call with H323 | ||
| Reporter: | Alexey Maximov (amax) | Labels: | |
| Date Opened: | 2006-08-02 15:42:20 | Date Closed: | 2006-08-30 09:14:06 |
| Priority: | Critical | Regression? | No |
| Status: | Closed/Complete | Components: | Channels/chan_h323 |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ||
| Description: | See additional information. ****** ADDITIONAL INFORMATION ****** == Manager registered action DBGet == Manager registered action DBPut Asterisk Ready. *CLI> ==32285== Thread 10: ==32285== Invalid read of size 4 ==32285== at 0x7B0B400: PThread::PXBlockOnIO(int, int, PTimeInterval const&) (in /usr/lib64/libpt_linux_x86_64_r.so.1.8.7) ==32285== by 0x7AF2C19: PChannel::PXSetIOBlock(PChannel::PXBlockType, PTimeInterval const&) (in /usr/lib64/libpt_linux_x86_64_r.so.1.8.7) ==32285== by 0x7ADB910: PSocket::os_accept(PSocket&, sockaddr*, int*) (in /usr/lib64/libpt_linux_x86_64_r.so.1.8.7) ==32285== by 0x7AD0D55: PTCPSocket::Accept(PSocket&) (in /usr/lib64/libpt_linux_x86_64_r.so.1.8.7) ==32285== by 0x7526D21: H323ListenerTCP::Accept(PTimeInterval const&) (in /usr/lib64/libh323_linux_x86_64_n.so.1.15.6) ==32285== by 0x7528CC0: H323ListenerTCP::Main() (in /usr/lib64/libh323_linux_x86_64_n.so.1.15.6) ==32285== by 0x7B0C568: PThread::PX_ThreadStart(void*) (in /usr/lib64/libpt_linux_x86_64_r.so.1.8.7) ==32285== by 0x4C2F379: start_thread (in /lib64/libpthread-2.4.so) ==32285== by 0x530997C: clone (in /lib64/libc-2.4.so) ==32285== Address 0x80 is not stack'd, malloc'd or (recently) free'd ==32285== ==32285== Process terminating with default action of signal 11 (SIGSEGV) ==32285== Access not within mapped region at address 0x80 ==32285== at 0x7B0B400: PThread::PXBlockOnIO(int, int, PTimeInterval const&) (in /usr/lib64/libpt_linux_x86_64_r.so.1.8.7) ==32285== by 0x7AF2C19: PChannel::PXSetIOBlock(PChannel::PXBlockType, PTimeInterval const&) (in /usr/lib64/libpt_linux_x86_64_r.so.1.8.7) ==32285== by 0x7ADB910: PSocket::os_accept(PSocket&, sockaddr*, int*) (in /usr/lib64/libpt_linux_x86_64_r.so.1.8.7) ==32285== by 0x7AD0D55: PTCPSocket::Accept(PSocket&) (in /usr/lib64/libpt_linux_x86_64_r.so.1.8.7) ==32285== by 0x7526D21: H323ListenerTCP::Accept(PTimeInterval const&) (in /usr/lib64/libh323_linux_x86_64_n.so.1.15.6) ==32285== by 0x7528CC0: H323ListenerTCP::Main() (in /usr/lib64/libh323_linux_x86_64_n.so.1.15.6) ==32285== by 0x7B0C568: PThread::PX_ThreadStart(void*) (in /usr/lib64/libpt_linux_x86_64_r.so.1.8.7) ==32285== by 0x4C2F379: start_thread (in /lib64/libpthread-2.4.so) ==32285== by 0x530997C: clone (in /lib64/libc-2.4.so) ==32285== by 0x380191F4: (within /usr/lib64/valgrind/amd64-linux/memcheck) --32285-- Discarding syms at 0x10F33000-0x1103E000 in /lib64/libnss_files-2.4.so due to munmap() ==32285== ==32285== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 451 from 1) ==32285== ==32285== 1 errors in context 1 of 1: ==32285== Invalid read of size 4 ==32285== at 0x7B0B400: PThread::PXBlockOnIO(int, int, PTimeInterval const&) (in /usr/lib64/libpt_linux_x86_64_r.so.1.8.7) ==32285== by 0x7AF2C19: PChannel::PXSetIOBlock(PChannel::PXBlockType, PTimeInterval const&) (in /usr/lib64/libpt_linux_x86_64_r.so.1.8.7) ==32285== by 0x7ADB910: PSocket::os_accept(PSocket&, sockaddr*, int*) (in /usr/lib64/libpt_linux_x86_64_r.so.1.8.7) ==32285== by 0x7AD0D55: PTCPSocket::Accept(PSocket&) (in /usr/lib64/libpt_linux_x86_64_r.so.1.8.7) ==32285== by 0x7526D21: H323ListenerTCP::Accept(PTimeInterval const&) (in /usr/lib64/libh323_linux_x86_64_n.so.1.15.6) ==32285== by 0x7528CC0: H323ListenerTCP::Main() (in /usr/lib64/libh323_linux_x86_64_n.so.1.15.6) ==32285== by 0x7B0C568: PThread::PX_ThreadStart(void*) (in /usr/lib64/libpt_linux_x86_64_r.so.1.8.7) ==32285== by 0x4C2F379: start_thread (in /lib64/libpthread-2.4.so) ==32285== by 0x530997C: clone (in /lib64/libc-2.4.so) ==32285== Address 0x80 is not stack'd, malloc'd or (recently) free'd --32285-- --32285-- supp: 451 Fedora-Core-5-hack3-ld24 ==32285== ==32285== IN SUMMARY: 1 errors from 1 contexts (suppressed: 451 from 1) ==32285== ==32285== malloc/free: in use at exit: 741,705 bytes in 6,034 blocks. ==32285== malloc/free: 12,204 allocs, 6,170 frees, 1,547,177 bytes allocated. ==32285== ==32285== searching for pointers to 6,034 not-freed blocks. ==32285== checked 11,929,496 bytes. ==32285== ==32285== LEAK SUMMARY: ==32285== definitely lost: 4,674 bytes in 99 blocks. ==32285== possibly lost: 5,534 bytes in 33 blocks. ==32285== still reachable: 731,497 bytes in 5,902 blocks. ==32285== suppressed: 0 bytes in 0 blocks. ==32285== Use --leak-check=full to see details of leaked memory. --32285-- memcheck: sanity checks: 514 cheap, 21 expensive --32285-- memcheck: auxmaps: 0 auxmap entries (0k, 0M) in use --32285-- memcheck: auxmaps: 0 searches, 0 comparisons --32285-- memcheck: SMs: n_issued = 298 (4768k, 4M) --32285-- memcheck: SMs: n_deissued = 8 (128k, 0M) --32285-- memcheck: SMs: max_noaccess = 524287 (8388592k, 8191M) --32285-- memcheck: SMs: max_undefined = 0 (0k, 0M) --32285-- memcheck: SMs: max_defined = 2955 (47280k, 46M) --32285-- memcheck: SMs: max_non_DSM = 290 (4640k, 4M) --32285-- memcheck: max sec V bit nodes: 3 (0k, 0M) --32285-- memcheck: set_sec_vbits8 calls: 4 (new: 3, updates: 1) --32285-- memcheck: max shadow mem size: 8784k, 8M --32285-- translate: fast SP updates identified: 24,920 ( 89.5%) --32285-- translate: generic_known SP updates identified: 2,223 ( 7.9%) --32285-- translate: generic_unknown SP updates identified: 689 ( 2.4%) --32285-- tt/tc: 79,114 tt lookups requiring 108,220 probes --32285-- tt/tc: 79,114 fast-cache updates, 6 flushes --32285-- transtab: new 27,082 (726,809 -> 12,662,302; ratio 174:10) [0 scs] --32285-- transtab: dumped 0 (0 -> ??) --32285-- transtab: discarded 121 (2,097 -> ??) --32285-- scheduler: 48,586,136 jumps (bb entries). --32285-- scheduler: 514/73,819 major/minor sched events. --32285-- sanity: 515 cheap, 21 expensive checks. --32285-- exectx: 30,011 lists, 5,017 contexts (avg 0 per list) --32285-- exectx: 18,821 searches, 42,002 full compares (2,231 per 1000) --32285-- exectx: 0 cmp2, 1,353 cmp4, 0 cmpAll Killed output from gdb here =================================================== msk ~ # gdb --args asterisk -f GNU gdb 6.5 Copyright (C) 2006 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "x86_64-pc-linux-gnu"...Using host libthread_db library "/lib/libthread_db.so.1". (gdb) r Starting program: /usr/sbin/asterisk -f [Thread debugging using libthread_db enabled] [New Thread 47206336298544 (LWP 4938)] [New Thread 1074006352 (LWP 4941)] [Thread 1074006352 (LWP 4941) exited] [New Thread 1074006352 (LWP 4942)] Aug 3 00:40:23 NOTICE[4938]: cdr.c:1191 do_reload: CDR simple logging enabled. [New Thread 1074272592 (LWP 4943)] [New Thread 1074538832 (LWP 4944)] Aug 3 00:40:23 WARNING[4938]: pbx.c:4795 ast_add_extension2: Unable to register extension '205528', priority 6 in 'voronezh', already in use Aug 3 00:40:23 WARNING[4938]: pbx_config.c:1744 pbx_load_module: Unable to register extension at line 204 Aug 3 00:40:23 WARNING[4938]: pbx.c:4795 ast_add_extension2: Unable to register extension '83452494844', priority 6 in 'tumen', already in use Aug 3 00:40:23 WARNING[4938]: pbx_config.c:1744 pbx_load_module: Unable to register extension at line 224 [New Thread 1074805072 (LWP 4945)] [New Thread 1075071312 (LWP 4946)] [New Thread 1075337552 (LWP 4947)] [New Thread 1075603792 (LWP 4948)] [New Thread 1075870032 (LWP 4952)] [New Thread 1076136272 (LWP 4953)] [New Thread 1076402512 (LWP 4954)] [New Thread 1076668752 (LWP 4955)] [New Thread 1076934992 (LWP 4956)] Aug 3 00:40:24 WARNING[4938]: config.c:495 process_text_line: Unknown directive 'codec=G7231' at line 214 of oh323.conf Aug 3 00:40:24 WARNING[4938]: config.c:495 process_text_line: Unknown directive 'frames=2' at line 215 of oh323.conf Aug 3 00:40:24 WARNING[4938]: config.c:495 process_text_line: Unknown directive 'codec=G729' at line 216 of oh323.conf Aug 3 00:40:24 WARNING[4938]: config.c:495 process_text_line: Unknown directive 'frames=2' at line 217 of oh323.conf [New Thread 1077201232 (LWP 4959)] [New Thread 1077467472 (LWP 4960)] [New Thread 1077733712 (LWP 4961)] Aug 3 00:40:28 NOTICE[4938]: cdr_addon_mysql.c:376 my_load_module: MySQL database table not specified. Assuming "cdr" [New Thread 1077999952 (LWP 4984)] [Thread 1077999952 (LWP 4984) exited] [New Thread 1077999952 (LWP 5029)] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 1076136272 (LWP 4953)] 0x00002aaaacd0c400 in PThread::PXBlockOnIO () from /usr/lib/libpt_linux_x86_64_r.so.1.8.7 (gdb) bt #0 0x00002aaaacd0c400 in PThread::PXBlockOnIO () from /usr/lib/libpt_linux_x86_64_r.so.1.8.7 #1 0x00002aaaaccf3c1a in PChannel::PXSetIOBlock () from /usr/lib/libpt_linux_x86_64_r.so.1.8.7 #2 0x00002aaaaccdc911 in PSocket::os_accept () from /usr/lib/libpt_linux_x86_64_r.so.1.8.7 #3 0x00002aaaaccd1d56 in PTCPSocket::Accept () from /usr/lib/libpt_linux_x86_64_r.so.1.8.7 #4 0x00002aaaac727d22 in H323ListenerTCP::Accept () from /usr/lib/libh323_linux_x86_64_n.so.1.15.6 ASTERISK-1 0x00002aaaac729cc1 in H323ListenerTCP::Main () from /usr/lib/libh323_linux_x86_64_n.so.1.15.6 ASTERISK-2 0x00002aaaacd0d569 in PThread::PX_ThreadStart () from /usr/lib/libpt_linux_x86_64_r.so.1.8.7 ASTERISK-3 0x00002aef143ef37a in start_thread () from /lib/libpthread.so.0 ASTERISK-4 0x00002aef14acb97d in clone () from /lib/libc.so.6 ASTERISK-5 0x0000000000000000 in ?? () (gdb) (gdb) i r rax 0x5e2ae0 6171360 rbx 0x17 23 rcx 0x0 0 rdx 0x0 0 rsi 0x0 0 rdi 0x5e2b60 6171488 rbp 0x2 0x2 rsp 0x40247ec0 0x40247ec0 r8 0x520 1312 r9 0x1359 4953 r10 0x40247f50 1076133712 r11 0x2aaaacd0d2f0 46912532173552 r12 0x2 2 r13 0x0 0 r14 0x40247f20 1076133664 r15 0x40247fe0 1076133856 rip 0x2aaaacd0c400 0x2aaaacd0c400 <PThread::PXBlockOnIO(int, int, PTimeInterval const&)+336> eflags 0x10246 [ PF ZF IF RF ] cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x63 99 gs 0x0 0 (gdb) | ||
| Comments: | By: Serge Vecher (serge-v) 2006-08-02 15:46:42 which h323 channel driver is this? By: Alexey Maximov (amax) 2006-08-03 00:41:32 internal H323 By: John Martin (jfp_martin) 2006-08-04 16:38:15 Hi Amax, Looks like it's OpenH323/PWLib that's blowing up... Can I ask a few questions as well: - What endpoint/device are you calling? - Have you had calls working to this endpoint? - Have you had calls working at all? - Have you been able to make calls to the endpoint that is causing problems by using OhPhone from the same version of OpenH323 (i.e. to check that the OpenH323 stack you're using is working ok for you)? - The versions of PWLib and OpenH323 you're using are development versions, have you tried a more recent release version? - Are you using a GateKeeper? - Is fast start enabled? - Can you supply an Ethereal trace of the problem? John By: Thiago Maluf (malufrj) 2006-08-10 13:58:21 With this informations is possible help you. By: Paul Cadach (pcadach) 2006-08-10 14:16:55 Large debugging information moved from "Description" to "Additional Information" field to shrink e-mail notifications. By: Serge Vecher (serge-v) 2006-08-25 11:18:50 amax, AuPix: please check out PCAdach's branch in 7705 and see if it fixes the issue. Thanks. By: Paul Cadach (pcadach) 2006-08-25 12:08:03 As I can see the bug raised on 64-bit platform and probably related to platform-specific behaviour of OpenH323/PWLib. By: Paul Cadach (pcadach) 2006-08-25 12:10:28 Please, provide additional information as noted by AuPix (~0049838). By: Paul Cadach (pcadach) 2006-08-30 09:14:05 amax: Update your OpenH323 to 1.18.0 and PWLib to 1.10.0 and re-test. If it still get faulted - re-open the bug. | ||