| Summary: | ASTERISK-14358: [patch] segfault in iax2_hangup Asterisk revision 201600 | ||
| Reporter: | David Brillert (aragon) | Labels: | |
| Date Opened: | 2009-06-22 10:39:07 | Date Closed: | 2009-06-29 12:04:06 |
| Priority: | Critical | Regression? | No |
| Status: | Closed/Complete | Components: | Channels/chan_iax2 |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ( 0) iax_spin_issue_1.4.diff ( 1) valgrind.txt | |
| Description: | While hammer testing Asterisk to debug issue 15109 and while running Valgrind I experienced a segfault in IAX2 ****** ADDITIONAL INFORMATION ****** valgrind.txt uploaded | ||
| Comments: | By: David Brillert (aragon) 2009-06-22 13:15:56 Just segfaulted again so it looks like this is reproducible. Valgrind data was pretty much identical. It happened during a reload and the convert application was in use at the time. Although this is a new ticket it does appear to be related to 15109 since the crash occurs during reload and when moh is used or audio files are being converted. Here are the last few lines of CLI -- Added extension 's' priority 2 to default-app-calltrace-perform [Jun 22 12:16:48] WARNING[7463]: mp3/interface.c:215 decodeMP3: Junk at the beginning of frame 54414757 -- Added extension 's' priority 3 to default-app-calltrace-perform -- Added extension 's' priority 4 to default-app-calltrace-perform [Jun 22 12:16:50] ERROR[7463]: utils.c:966 ast_carefulwrite: write() returned error: Broken pipe -- Added extension 's' priority 5 to default-app-calltrace-perform -- Remote UNIX connection disconnected -- Added extension 's' priority 6 to default-app-calltrace-perform By: David Brillert (aragon) 2009-06-24 14:07:04 I just found this in the CLI while issuing moh reload during sound conversion, maybe related... [Jun 24 14:59:35] WARNING[9587]: chan_iax2.c:1080 __send_lagrq: d I was supposed to send a LAGRQ with callno 13984, but no such call exists (and I cannot remove lagid, either). *CLI> iax show channels No such command 'iax show channels' (type 'help iax show' for other possible commands) *CLI> iax2 show channels Channel Peer Username ID (Lo/Rem) Seq (Tx/Rx) Lag Jitter JitBuf Format FirstMsg LastMsg (None) 192.168.30.254 (None) 12105/00000 00001/00000 00000ms 0000ms 0040ms unknow Tx:REGREQ Tx:REGREQ 1 active IAX channel *CLI> == Refreshing DNS lookups. core show channels Channel Location State Application(Data) 0 active channels 0 of 600 max active calls ( 0.00% of capacity) By: David Vossel (dvossel) 2009-06-26 17:56:41 uploaded a patch. Do you still have your test environment set up where you can test it? By: David Brillert (aragon) 2009-06-26 19:14:10 Thanks for the patch. yes I can test early next week By: David Vossel (dvossel) 2009-06-29 09:40:59 If you can, hold up on testing that patch. I found an issue with it that could cause another problem. I should have another patch uploaded shortly. By: David Brillert (aragon) 2009-06-29 10:09:27 OK By: David Vossel (dvossel) 2009-06-29 12:00:30 the new patch I've uploaded should resolve the issue. If it doesn't re-open the issue. By: Digium Subversion (svnbot) 2009-06-29 12:04:05 Repository: asterisk Revision: 204067 U branches/1.4/channels/chan_iax2.c ------------------------------------------------------------------------ r204067 | dvossel | 2009-06-29 12:04:05 -0500 (Mon, 29 Jun 2009) | 14 lines segfault after SPINLOCK schedule delete Using the SPINLOCK schedule delete macro can result in the iax_pvt lock being given up. This makes it possible for the iax_pvt to dissappear when we thought we held the mutex the entire time. To resolve this, the iax_pvt's ref count is incremented. (closes issue ASTERISK-14358) Reported by: aragon Patches: iax_spin_issue_1.4.diff uploaded by dvossel (license 671) Tested by: aragon, dvossel ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=204067 | ||