Summary:ASTERISK-18155: bridge_softmix.c line 149 (softmix_bridge_leave): Error: attempt to destroy invalid mutex '&sc->lock'
Reporter:Kevin Reeves (superkvn)Labels:
Date Opened:2011-07-19 13:56:21Date Closed:2011-09-12 10:51:45
Status:Closed/CompleteComponents:Applications/app_confbridge Core/General
Versions:1.8.2 Frequency of
Environment:CentOS 5.5Attachments:( 0) ASTERISK-18155-1.diff
( 1) backtrace.txt
( 2) backtrace-2011-09-09.txt
Description:Asterisk crashes at seemingly random times with the error:

bridge_softmix.c line 149 (softmix_bridge_leave): Error: attempt to destroy invalid mutex '&sc->lock'.

Happens multiple times throughout the day - even under very low load. I've attached a backtrace of taken from the core dump.
Comments:By: Kevin Reeves (superkvn) 2011-08-09 11:39:34.234-0500

To further document the issue, I'm adding a new backtrace from a similar crash this morning.

By: Kevin Reeves (superkvn) 2011-08-09 13:43:20.761-0500

Debugging this using DDD and an odd thing appears to be happening.

Inside ConfBridge, when joining the conference, the code hits bridges/bridge_multiplexed.c line 237:
               if (winner && winner->bridge) {
                       ast_bridge_handle_trip(winner->bridge, NULL, winner, -1);
Which sends a NULL value for the bridge_channel variable.  And, inside ast_bridge_handle_trip it locates the channel using this code:
       /* If no bridge channel has been provided and the actual channel has been provided find it */
       if (chan && !bridge_channel) {
               bridge_channel = find_bridge_channel(bridge, chan);
The bridge_channel variable it returns has a null bridge_pvt pointer.  So, later on in the code, when it gets into this code the call to ast_mutex_lock call access &sc which is a NULL pointer:

static enum ast_bridge_write_result softmix_bridge_write(struct ast_bridge *bridge, struct ast_bridge_channel *bridge_channel, struct ast_frame *frame)
       struct softmix_channel *sc = bridge_channel->bridge_pvt;
       /* Only accept audio frames, all others are unsupported */
       if (frame->frametype != AST_FRAME_VOICE) {
               return AST_BRIDGE_WRITE_UNSUPPORTED;

I hope this helps guide the debugging.

By: Matthew Nicholson (mnicholson) 2011-09-06 13:41:58.780-0500

Please test with the ASTERISK-18155-1.diff patch.