Summary: | ASTERISK-15396: chan_unistim randomly crashes | ||
Reporter: | Barry Flanagan (barryf) | Labels: | |
Date Opened: | 2010-01-05 03:51:23.000-0600 | Date Closed: | 2011-07-27 09:11:32 |
Priority: | Critical | Regression? | No |
Status: | Closed/Complete | Components: | Channels/chan_unistim |
Versions: | Frequency of Occurrence | ||
Related Issues: | |||
Environment: | Attachments: | ||
Description: | Having a problem with Asterisk segfaulting due to the chan_unistim driver. Appears to happen when calls are put on hold (atxfer), and one of the channels disappears. Backtrace included below ****** ADDITIONAL INFORMATION ****** #0 0x00007f9260efec2d in local_ast_moh_stop (chan=0x0) at res_musiconhold.c:1405 #1 0x000000000045e5f4 in ast_moh_stop (chan=0x0) at channel.c:5465 #2 0x00007f9259f9ad3f in key_dial_page (pte=0xcd1680, keycode=92 '\\') at chan_unistim.c:2722 #3 0x00007f9259f9d135 in process_request (size=14, buf=0x820180 "", pte=0xcd1680) at chan_unistim.c:3390 #4 0x00007f9259f9de10 in parsing (size=14, buf=0x820180 "", pte=0xcd1680, addr_from=0x7f9259f8df90) at chan_unistim.c:3571 ASTERISK-1 0x00007f9259f9f10f in unistimsock_read (id=0x821480, fd=11, events=1, ignore=0x0) at chan_unistim.c:3893 ASTERISK-2 0x000000000049e348 in ast_io_wait (ioc=0x821190, howlong=1000) at io.c:288 ASTERISK-3 0x00007f9259fa14ef in do_monitor (data=0x0) at chan_unistim.c:4561 ASTERISK-4 0x0000000000512ad2 in dummy_start (data=0x8967f0) at utils.c:861 ASTERISK-5 0x00007f92656cb3ba in start_thread () from /lib/libpthread.so.0 ASTERISK-6 0x00007f9265bc9fcd in clone () from /lib/libc.so.6 ASTERISK-7 0x0000000000000000 in ?? () (gdb) bt full #0 0x00007f9260efec2d in local_ast_moh_stop (chan=0x0) at res_musiconhold.c:1405 state = (struct moh_files_state *) 0x0 #1 0x000000000045e5f4 in ast_moh_stop (chan=0x0) at channel.c:5465 No locals. #2 0x00007f9259f9ad3f in key_dial_page (pte=0xcd1680, keycode=92 '\\') at chan_unistim.c:2722 No locals. #3 0x00007f9259f9d135 in process_request (size=14, buf=0x820180 "", pte=0xcd1680) at chan_unistim.c:3390 keycode = 92 '\\' tmpbuf = "10.80.60\000\000\000\000\000\000\000\000####", '\0' <repeats 12 times>, "########?e\222\177\000\000\000\000\000\000\000\000\000\000\006\000\000\000\000\000\000\0000##Y\222\177\000\000\000\000\000\000\000\000\000\000W\000\000\000\000\000\000\000&/#####2\177\000\000#\026##000\000\000\000\000\220##Y\222\177\000\000\200\001\202\000\000\000\000\000W9\004\000\006\000\000\000\220##Y\222\177\000\000\020\000\000\000\000\000\000\000p##Y\222\177\000\000\001\000\000\000\000\000\000\000\220##Y\222\177\000\000 ", '\0' <repeats 11 times>, "\222\177\000\000\000\000\000\000\000\000\000\000\200\001\202\000\000\000\000\000\006\000\000"... __PRETTY_FUNCTION__ = "process_request" #4 0x00007f9259f9de10 in parsing (size=14, buf=0x820180 "", pte=0xcd1680, addr_from=0x7f9259f8df90) at chan_unistim.c:3571 sbuf = (short unsigned int *) 0x820180 seq = 34 tmpbuf = "10.80.60.8\000e\222\177\000\000\000\000\000\000\000\000\000\000\v\000\000\000\000\000\000\000\200##Y\222\177", '\0' <repeats 18 times>, "&/#####2\177\000\000X\233##000\000\000\000\000H\233##000\000\000\000\000##236##000\000\000\000\000###Y\v\000\000\000H\233##000\000\000\000\000\020\000\000\000\222\177\000\000#######2\177\000\000\001\000\000\000\000\000\000\000###Y\222\177\000\000 ", '\0' <repeats 15 times>, "\031#\000\000\000\000\000\000##236##000\000\000\000\000\v\000\000\000\000\000\000\000####\222\177\000\000###Y\222\177\000\000\034", '\0' <repeats 15 times>, "0##Y\222\177", '\0' <repeats 18 times>... __PRETTY_FUNCTION__ = "parsing" ASTERISK-1 0x00007f9259f9f10f in unistimsock_read (id=0x821480, fd=11, events=1, ignore=0x0) at chan_unistim.c:3893 addr_from = {sin_family = 2, sin_port = 34835, sin_addr = {s_addr = 138170378}, sin_zero = "\000\000\000\000\000\000\000"} cur = (struct unistimsession *) 0xcd1680 found = 1 tmp = 9 dw_num_bytes_rcvd = 14 __PRETTY_FUNCTION__ = "unistimsock_read" ASTERISK-2 0x000000000049e348 in ast_io_wait (ioc=0x821190, howlong=1000) at io.c:288 res = 1 x = 0 origcnt = 1 ASTERISK-3 0x00007f9259fa14ef in do_monitor (data=0x0) at chan_unistim.c:4561 cur = (struct unistimsession *) 0x0 dw_timeout = 1220 tick = 4257677328 res = 1000 ---Type <return> to continue, or q <return> to quit--- reloading = 0 ASTERISK-4 0x0000000000512ad2 in dummy_start (data=0x8967f0) at utils.c:861 __cancel_buf = {__cancel_jmp_buf = {{__cancel_jmp_buf = {0, 6491803952329878801, 0, 0, 140266759839808, 140735045479168, 6491803952304712977, -6542826326245806831}, __mask_was_saved = 0}}, __pad = {0x7f9259f8e1b0, 0x0, 0x0, 0x0}} __cancel_routine = (void (*)(void *)) 0x433ac6 <ast_unregister_thread> __cancel_arg = (void *) 0x7f9259f8e950 not_first_call = 0 ret = (void *) 0x0 a = {start_routine = 0x7f9259fa12c1 <do_monitor>, data = 0x0, name = 0x896810 "do_monitor", ' ' <repeats 11 times>, "started at [ 4600] chan_unistim.c restart_monitor()"} ASTERISK-5 0x00007f92656cb3ba in start_thread () from /lib/libpthread.so.0 No symbol table info available. ASTERISK-6 0x00007f9265bc9fcd in clone () from /lib/libc.so.6 No symbol table info available. ASTERISK-7 0x0000000000000000 in ?? () No symbol table info available. | ||
Comments: | By: Barry Flanagan (barryf) 2010-01-19 09:35:07.000-0600 I am still getting this exact crash. Any one any ideas for a fix? Thanks. By: Barry Flanagan (barryf) 2010-02-12 09:18:19.000-0600 Happened again today: #0 0x00007f924017de44 in local_ast_moh_stop (chan=0x0) at res_musiconhold.c:1431 1431 struct moh_files_state *state = chan->music_state; (gdb) bt full #0 0x00007f924017de44 in local_ast_moh_stop (chan=0x0) at res_musiconhold.c:1431 state = (struct moh_files_state *) 0x0 #1 0x000000000045e38f in ast_moh_stop (chan=0x0) at channel.c:5462 No locals. #2 0x00007f923837fd3f in key_dial_page (pte=0xf54f30, keycode=92 '\\') at chan_unistim.c:2722 No locals. #3 0x00007f9238382135 in process_request (size=14, buf=0x8860f0 "", pte=0xf54f30) at chan_unistim.c:3390 keycode = 92 '\\' tmpbuf = "10.80.60.4 Unknown request packet\n\000???????aC\222\177\000\000\000\000\000\000\000\000\000\000\006\000\000\000\000\000\000\0000-78\222\177\000\000\000\000\000\000\000\000\000\000?D\a,\222\177\000\000&\17778\222\177\000\000hO?\000\000\000\000\000\220/78\222\177\000\000?`\210\000\000\000\000\000?\"\t\000\006\000\000\000\220/78\222\177\000\000\020\000\000\000\000\000\000\000p-78\222\177\000\000\001\000\000\000\000\000\000\000\220-78\222\177\000\000 ", '\0' <repeats 11 times>, "\222\177\000\000\000\000\000\000\000\000\000\000?`\210\000\000\000\000\000\006"... __PRETTY_FUNCTION__ = "process_request" #4 0x00007f9238382e10 in parsing (size=14, buf=0x8860f0 "", pte=0xf54f30, addr_from=0x7f9238372f90) at chan_unistim.c:3571 sbuf = (short unsigned int *) 0x8860f0 seq = 409 tmpbuf = "10.80.60.23\00098\000\000\000\000\000\000\000\000\000\000\v\000\000\000\000\000\000\000\200.78\222\177", '\0' <repeats 18 times>, "&\17778\222\177\000\000x??\000\000\000\000\000h??\000\000\000\000\000???\000\000\000\000\000?/78\v\000\000\000h??\000\000\000\000\000\020\000\000\000\222\177\000\000?.78\222\177\000\000\001\000\000\000\000\000\000\000?.78\222\177\000\000 ", '\0' <repeats 16 times>, "?\000\000\000\000\000\000???\000\000\000\000\000\v\000\000\000\000\000\000\000?.78\222\177\000\000?.78\222\177\000\000\034", '\0' <repeats 15 times>, "0/78\222\177", '\0' <repeats 18 times>... __PRETTY_FUNCTION__ = "parsing" ASTERISK-1 0x00007f923838410f in unistimsock_read (id=0x889630, fd=11, events=1, ignore=0x0) at chan_unistim.c:3893 addr_from = {sin_family = 2, sin_port = 34835, sin_addr = {s_addr = 389828618}, sin_zero = "\000\000\000\000\000\000\000"} cur = (struct unistimsession *) 0xf54f30 found = 1 tmp = 4 dw_num_bytes_rcvd = 14 __PRETTY_FUNCTION__ = "unistimsock_read" ASTERISK-2 0x000000000049dfa4 in ast_io_wait (ioc=0x887100, howlong=1000) at io.c:288 res = 1 x = 0 origcnt = 1 ASTERISK-3 0x00007f92383864ef in do_monitor (data=0x0) at chan_unistim.c:4561 cur = (struct unistimsession *) 0x0 dw_timeout = 1569 tick = 3266685229 res = 1000 reloading = 0 ASTERISK-4 0x0000000000512617 in dummy_start (data=0x88a1c0) at utils.c:861 __cancel_buf = {__cancel_jmp_buf = {{__cancel_jmp_buf = {0, 3322408761729821053, 0, 0, 140266183454784, 140734469092656, 3322408761754986877, -3368725616947811971}, __mask_was_saved = 0}}, __pad = {0x7f92383731b0, 0x0, 0x0, 0x0}} __cancel_routine = (void (*)(void *)) 0x4338a6 <ast_unregister_thread> __cancel_arg = (void *) 0x7f9238373950 not_first_call = 0 ret = (void *) 0x0 a = {start_routine = 0x7f92383862c1 <do_monitor>, data = 0x0, name = 0x88a1e0 "do_monitor", ' ' <repeats 11 times>, "started at [ 4600] chan_unistim.c restart_monitor()"} ---Type <return> to continue, or q <return> to quit--- ASTERISK-5 0x00007f924311c3ba in start_thread () from /lib/libpthread.so.0 No symbol table info available. ASTERISK-6 0x00007f924361afcd in clone () from /lib/libc.so.6 No symbol table info available. ASTERISK-7 0x0000000000000000 in ?? () No symbol table info available. By: Barry Flanagan (barryf) 2010-02-24 07:40:13.000-0600 In desperation I have commented out the case stanza associated with the following: #2 0x00007f923837fd3f in key_dial_page (pte=0xf54f30, keycode=92 '\\') at chan_unistim.c:2722 .. and replaced it with a log notice, as this appears to be where the crash occurs. So far, no more crashes and my users get by using the hook to hang up. I am not even sure under what circumstances this routine would be run. It does not get used that often from what I can see. By: Russell Bryant (russell) 2011-07-27 09:11:25.415-0500 Per the Asterisk maintenance timeline page at http://www.asterisk.org/asterisk-versions maintenance (bug) support for the 1.4 and 1.6.x branches has ended. For continued maintenance support please move to the 1.8 branch which is a long term support (LTS) branch. For more information about branch support, please see https://wiki.asterisk.org/wiki/display/AST/Asterisk+Versions If this is still an issue, please open a new issue so it can be re-triaged appropriately. Thanks! |