Summary:ASTERISK-18750: crash on parking a call
Reporter:Tzafrir Cohen (tzafrir)Labels:
Date Opened:2011-10-24 10:25:39Date Closed:2011-10-25 09:43:07
Versions: Frequency of
Environment:Attachments:( 0) park_crash.diff
Description:System is asterisk (Asterisk 2.2-rc1 packages). Call comes in through DAHDI (PRI) to an agent (SIP). Agent parks the call. After a while releases on it and parks it again. Repeating this 3-6 times leads to a crash at the time of parking:

#0  0x007cfc2d in pthread_mutex_lock () from /lib/libpthread.so.0
#1  0x00719ca6 in pthread_mutex_lock () from /lib/libc.so.6
#2  0x0817c174 in ast_sched_runq (con=0x0) at sched.c:605
#3  0x08101e64 in waitstream_core (c=0xc174b98, breakon=0x81bbc6e "", forward=0x81bbc6e "", reverse=0x81bbc6e "", skip_ms=0, audiofd=-1, cmdfd=-1, context=0x0) at file.c:1208
#4  0x0810240a in ast_waitstream (c=0xbc0c110, breakon=0x81bbc6e "") at file.c:1332
#5  0x08167e78 in say_digit_str_full (chan=0xbc0c110, str=0xb4848294 "701", ints=0x81bbc6e "", lang=0xbeee8af "en", audiofd=-1, ctrlfd=-1) at say.c:261
#6  0x080af97d in ast_say_digits_full (chan=0xbc0c110, num=701, ints=0x81bbc6e "", lang=0xbeee8af "en") at channel.c:8062
#7  ast_say_digits (chan=0xbc0c110, num=701, ints=0x81bbc6e "", lang=0xbeee8af "en") at channel.c:8034
#8  0x080fb6c3 in park_call_full (chan=0xb615bc50, peer=0xbc0c110, args=0xb484a728) at features.c:1499
#9  0x080fbfbe in masq_park_call (rchan=0xbc0c110, peer=0xbc0c110, timeout=<value optimized out>, extout=0x0, play_announcement=0, args=0xb484a728) at features.c:1601
#10 0x080fc271 in manager_park (s=0xb484b1b0, m=0xb484af70) at features.c:6899
#11 0x08126d93 in process_message (s=0xb484b1b0, m=0xb484af70) at manager.c:4530
#12 0x081287b3 in do_message (s=0xb484b1b0) at manager.c:4690
#13 0x081311f7 in session_do (data=0xb9a0028) at manager.c:4781
#14 0x08185a02 in handle_tcptls_connection (data=0xb9a0028) at tcptls.c:233
#15 0x0819217b in dummy_start (data=0x94d5f78) at utils.c:1004
#16 0x007cd832 in start_thread () from /lib/libpthread.so.0
#17 0x0070d46e in clone () from /lib/libc.so.6

The attached patch seems to be a work around: c->sched was already NULL (cleaned up at hanguup time?)
Comments:By: Richard Mudgett (rmudgett) 2011-10-24 11:08:44.333-0500

See SVN v1.8 commit -r334840.  That should have already fixed this issue.

By: Michael Spiceland (mspiceland) 2011-10-24 11:16:00.522-0500

Tzafrir, this should be fixed by [r334840|http://svnview.digium.com/svn/asterisk?view=revision&revision=334840], which came after the release you are reporting against.  Can you retest with and see if this resolves the issue for you?

By: Tzafrir Cohen (tzafrir) 2011-10-25 08:20:08.220-0500

That patch fixed the crash, indeed. I missed it when looking at the log. Closing.

By: Richard Mudgett (rmudgett) 2011-10-25 09:43:07.925-0500

Already fixed in v1.8.8-rc2.