| Summary: | ASTERISK-11259: Crash on iax2 channel hangup | ||
| Reporter: | Andrey Solovyev (corruptor) | Labels: | |
| Date Opened: | 2008-01-18 05:25:55.000-0600 | Date Closed: | 2008-04-02 12:54:26 |
| Priority: | Critical | Regression? | No |
| Status: | Closed/Complete | Components: | Channels/chan_iax2 |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ( 0) bt.txt | |
| Description: | Server (A) is IAX -> SIP and IAX -> ZAP All calls are coming from another asterisk server X. Callflow: ServerX -> iax -> ServerA -> sip (or) zap (e1) Crashes appear when I have more then 30 iax channels. There are also many attempts via this iax trunk which we have to deny (by sending Congestion). Before crash asterisk writes to log: [Jan 18 06:40:26] VERBOSE[4246] logger.c: -- Hungup 'IAX2/pbx3-51' [Jan 18 06:40:26] WARNING[4246] channel.c: Channel 'IAX2/pbx3-51' may not have been hung up properly This is the only reason I've set category to chan_iax2. I don't see any referenced to iax in bt so I might set category incorrectly. bt is attached. ****** ADDITIONAL INFORMATION ****** System info: Intel Core 2 Duo. 2Gb Ram. Openvox D110P card. uname -r 2.6.22.9-91.fc7 iax.conf on serverA [pbx3] type=friend username=user secret=secret host=1.1.1.1 qualify=yes ; Make sure this peer is alive disallow=all allow=g729 trunk=yes context=from-pbx3 | ||
| Comments: | By: Dmitry Andrianov (dimas) 2008-01-18 20:52:48.000-0600 crash in free() almost always means some kind of memory corruption which may happened long before the actual crash. If I were you, I would run Asterisk under valgrind to find who really corrupts memory. PS: nice nickname btw :) By: Joshua C. Colp (jcolp) 2008-01-31 14:10:36.000-0600 What was happening while this crash happened? Do you have the console output? Have you tried it under valgrind? Can you reproduce it? By: jmls (jmls) 2008-02-17 13:06:13.000-0600 dimas, please reply wrt file's comment By: Dmitry Andrianov (dimas) 2008-02-17 14:10:27.000-0600 Why me? It is not me opened the issue. By: jmls (jmls) 2008-02-17 14:13:41.000-0600 Sorry Dimas. My fingers were too fast for my brain ;) By: jmls (jmls) 2008-02-17 14:13:56.000-0600 corruptor, please reply wrt file's comment By: Digium Subversion (svnbot) 2008-02-29 17:30:56.000-0600 Repository: asterisk Revision: 105409 U branches/1.4/main/autoservice.c ------------------------------------------------------------------------ r105409 | russell | 2008-02-29 17:30:48 -0600 (Fri, 29 Feb 2008) | 23 lines Fix a major bug in autoservice. There was a race condition in the handling of the list of channels in autoservice. The problem was that it was possible for a channel to get removed from autoservice and destroyed, while the autoservice was still messing with the channel. This led to memory corruption, and caused crashes. This explains multiple backtraces I have seen that have references to autoservice, but do to the nature of the issue (memory corruption), could cause crashes in a number of areas. (fixes the crash in BE-386) (closes issue ASTERISK-11165) (closes issue ASTERISK-11391) The following issues could be related. If you are the reporter of one of these, please update to include this fix and try again. (potentially fixes issue ASTERISK-10713) (potentially fixes issue ASTERISK-11545) (potentially fixes issue ASTERISK-11058) (potentially fixes issue ASTERISK-11453) (potentially fixes issue ASTERISK-10713) (potentially fixes issue ASTERISK-11437) (potentially fixes issue ASTERISK-11259) ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=105409 By: Digium Subversion (svnbot) 2008-02-29 17:33:02.000-0600 Repository: asterisk Revision: 105410 _U trunk/ U trunk/main/autoservice.c ------------------------------------------------------------------------ r105410 | russell | 2008-02-29 17:33:00 -0600 (Fri, 29 Feb 2008) | 31 lines Merged revisions 105409 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r105409 | russell | 2008-02-29 17:34:32 -0600 (Fri, 29 Feb 2008) | 23 lines Fix a major bug in autoservice. There was a race condition in the handling of the list of channels in autoservice. The problem was that it was possible for a channel to get removed from autoservice and destroyed, while the autoservice was still messing with the channel. This led to memory corruption, and caused crashes. This explains multiple backtraces I have seen that have references to autoservice, but do to the nature of the issue (memory corruption), could cause crashes in a number of areas. (fixes the crash in BE-386) (closes issue ASTERISK-11165) (closes issue ASTERISK-11391) The following issues could be related. If you are the reporter of one of these, please update to include this fix and try again. (potentially fixes issue ASTERISK-10713) (potentially fixes issue ASTERISK-11545) (potentially fixes issue ASTERISK-11058) (potentially fixes issue ASTERISK-11453) (potentially fixes issue ASTERISK-10713) (potentially fixes issue ASTERISK-11437) (potentially fixes issue ASTERISK-11259) ........ ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=105410 By: Digium Subversion (svnbot) 2008-02-29 17:57:04.000-0600 Repository: asterisk Revision: 105409 U branches/1.4/main/autoservice.c ------------------------------------------------------------------------ r105409 | russell | 2008-02-29 17:34:32 -0600 (Fri, 29 Feb 2008) | 23 lines Fix a major bug in autoservice. There was a race condition in the handling of the list of channels in autoservice. The problem was that it was possible for a channel to get removed from autoservice and destroyed, while the autoservice thread was still messing with the channel. This led to memory corruption, and caused crashes. This explains multiple backtraces I have seen that have references to autoservice, but do to the nature of the issue (memory corruption), could cause crashes in a number of areas. (fixes the crash in BE-386) (closes issue ASTERISK-11165) (closes issue ASTERISK-11391) The following issues could be related. If you are the reporter of one of these, please update to include this fix and try again. (potentially fixes issue ASTERISK-10713) (potentially fixes issue ASTERISK-11545) (potentially fixes issue ASTERISK-11058) (potentially fixes issue ASTERISK-11453) (potentially fixes issue ASTERISK-10713) (potentially fixes issue ASTERISK-11437) (potentially fixes issue ASTERISK-11259) ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=105409 By: Digium Subversion (svnbot) 2008-02-29 17:57:35.000-0600 Repository: asterisk Revision: 105410 _U trunk/ U trunk/main/autoservice.c ------------------------------------------------------------------------ r105410 | russell | 2008-02-29 17:36:46 -0600 (Fri, 29 Feb 2008) | 31 lines Merged revisions 105409 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r105409 | russell | 2008-02-29 17:34:32 -0600 (Fri, 29 Feb 2008) | 23 lines Fix a major bug in autoservice. There was a race condition in the handling of the list of channels in autoservice. The problem was that it was possible for a channel to get removed from autoservice and destroyed, while the autoservice thread was still messing with the channel. This led to memory corruption, and caused crashes. This explains multiple backtraces I have seen that have references to autoservice, but do to the nature of the issue (memory corruption), could cause crashes in a number of areas. (fixes the crash in BE-386) (closes issue ASTERISK-11165) (closes issue ASTERISK-11391) The following issues could be related. If you are the reporter of one of these, please update to include this fix and try again. (potentially fixes issue ASTERISK-10713) (potentially fixes issue ASTERISK-11545) (potentially fixes issue ASTERISK-11058) (potentially fixes issue ASTERISK-11453) (potentially fixes issue ASTERISK-10713) (potentially fixes issue ASTERISK-11437) (potentially fixes issue ASTERISK-11259) ........ ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=105410 By: Jason Parker (jparker) 2008-04-02 12:54:16 No response, assumed fixed. | ||