| Summary: | ASTERISK-09423: chan_iax2 crash when seeding dynamic peers | ||
| Reporter: | Nic Bellamy (nic_bellamy) | Labels: | |
| Date Opened: | 2007-05-10 17:50:04 | Date Closed: | 2007-05-10 18:17:20 |
| Priority: | Critical | Regression? | No |
| Status: | Closed/Complete | Components: | Core/General |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ( 0) iax2_seeding_crash.patch | |
| Description: | When first loading the chan_iax2.so module, the following sequence happens: load_module() reg_source_db() iax2_poke_peer() [... snip ...] iax2_transmit() iax2_transmit() calls pthread_kill(netthreadid, SIGURG) to wake up the transmit thread, however at this point start_network_thread() hasn't run yet, so netthreadid == AST_PTHREADT_NULL, and pthread_kill() segfaults. This appears to be somewhat data-dependant, as it's only just started doing it recently after adding some extra dynamic IAX2 peers. One it starts, it happens every time until you remove astdb. My data is full of customer names, passwords, IPs etc. so I won't be sharing that sorry :-) "Works for me" patch attached. ****** ADDITIONAL INFORMATION ****** Backtrace from vanilla 1.2.18 built with "dont-optimize": #0 0xb7ef5e2a in pthread_kill () from /lib/tls/libpthread.so.0 #1 0xb76540f5 in iax2_transmit (fr=0x81e8e90) at chan_iax2.c:2566 #2 0xb765952c in iax2_send (pvt=0x81e7cf0, f=0xbfa1d370, ts=0, seqno=-1, now=0, transfer=0, final=0) at chan_iax2.c:4122 #3 0xb765b46f in __send_command (i=0x81e7cf0, type=6 '\006', command=30, ts=0, data=0x0, datalen=0, seqno=-1, now=0, transfer=0, final=0) at chan_iax2.c:4703 #4 0xb765b4cf in send_command (i=0x81e7cf0, type=6 '\006', command=30, ts=0, data=0x0, datalen=0, seqno=-1) at chan_iax2.c:4708 ASTERISK-1 0xb766bd9f in iax2_poke_peer (peer=0x81e4348, heldcall=0) at chan_iax2.c:7968 ASTERISK-2 0xb766023a in reg_source_db (p=0x81e4348) at chan_iax2.c:5717 ASTERISK-3 0xb76702ed in set_config (config_file=0xb767b8db "iax.conf", reload=0) at chan_iax2.c:9003 ASTERISK-4 0xb76722a8 in load_module () at chan_iax2.c:9795 ASTERISK-5 0x0805cb4a in __load_resource (resource_name=0x815fa17 "chan_iax2.so", cfg=0x813b768) at loader.c:414 ASTERISK-6 0x0805d11b in load_modules (preload_only=0) at loader.c:554 ASTERISK-7 0x080b7987 in main (argc=2, argv=0xbfa1daa4) at asterisk.c:2405 (gdb) up #1 0xb76540f5 in iax2_transmit (fr=0x81e8e90) at chan_iax2.c:2566 2566 pthread_kill(netthreadid, SIGURG); (gdb) print (int) netthreadid $1 = -1 | ||
| Comments: | By: Jason Parker (jparker) 2007-05-10 18:17:20 Fixed in svn 1.2, 1.4 and trunk in revisions 63828, 63830, and 63832. Thanks! | ||