[asterisk-bugs] [Asterisk 0012063]: Two Asterisk crashes

noreply at bugs.digium.com noreply at bugs.digium.com
Mon Feb 25 12:57:19 CST 2008 

A NOTE has been added to this issue. 
====================================================================== 
http://bugs.digium.com/view.php?id=12063 
====================================================================== 
Reported By:                norman
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   12063
Category:                   Channels/chan_sip/General
Reproducibility:            random
Severity:                   crash
Priority:                   normal
Status:                     new
Asterisk Version:           1.4.18 
SVN Branch (only for SVN checkouts, not tarball releases): N/A 
SVN Revision (number only!):  
Disclaimer on File?:        N/A 
Request Review:              
====================================================================== 
Date Submitted:             02-25-2008 10:43 CST
Last Modified:              02-25-2008 12:57 CST
====================================================================== 
Summary:                    Two Asterisk crashes
Description: 
I had two Asterisk crashes or lockups within 2 hours today. However, it ran
all weekend without a problem. I was running under Valgrind, but the first
crash apparently Valgrind can't track down. I had another like this one
last week. Basically, Valgrind runs out of thread slots and one is
corrupt:

Thread 18: status = VgTs_WaitSys
==20183==    at 0x4000792: (within /lib/ld-2.3.6.so)
==20183==    by 0x28ADD17: ???

(I believe this is while trying to lock a mutex.) I have compiled with
MALLOC_DEBUG and those files are zero length. I have the verbose 3 output
for these, but the first is 500 MB. I do have some previous (in the
valgrind log) that I reported with http://bugs.digium.com/view.php?id=11960 that
were not fixed. Those deal
with ast_log accessing free'd memory in chan_sip.

The second log is more interesting. Lots of errors like this:

==7874== Thread 7:
==7874== Invalid read of size 4
==7874==    at 0x59D0671: ??? (chan_sip.c:4564)
==7874==    by 0x5A03A9A: ??? (chan_sip.c:15366)
==7874==    by 0x80AD830: ast_io_wait (io.c:279)
==7874==    by 0x5A0477C: ??? (chan_sip.c:15613)
==7874==    by 0x810003C: dummy_start (utils.c:852)
==7874==    by 0x403123F: start_thread (in
/lib/tls/i686/cmov/libpthread-2.3.6.so)
==7874==    by 0x4FAF49D: clone (in /lib/tls/i686/cmov/libc-2.3.6.so)
==7874==  Address 0x719d4d0 is 136 bytes inside a block of size 5,620
free'd
==7874==    at 0x401D40C: free (vg_replace_malloc.c:323)
==7874==    by 0x8072362: __ast_free_region (astmm.c:174)
==7874==    by 0x80726EE: __ast_free (astmm.c:208)
==7874==    by 0x8081D5F: ast_channel_free (channel.c:1202)
==7874==    by 0x8082A22: ast_hangup (channel.c:1496)
==7874==    by 0x697BD42: ??? (app_dial.c:1726)
==7874==    by 0x697BF6D: ??? (app_dial.c:1760)
==7874==    by 0x80BE5EE: pbx_exec (pbx.c:532)
==7874==    by 0x80C19E7: pbx_extension_helper (pbx.c:1851)
==7874==    by 0x80C2AE1: ast_spawn_extension (pbx.c:2306)
==7874==    by 0x80C2FFD: __ast_pbx_run (pbx.c:2408)
==7874==    by 0x80C3DB2: pbx_thread (pbx.c:2623)

and

==7874== Invalid read of size 4
==7874==    at 0x4033197: pthread_mutex_trylock (in
/lib/tls/i686/cmov/libpthread-2.3.6.so)
==7874==    by 0x59C4937: ??? (lock.h:706)
==7874==    by 0x5A04394: ??? (chan_sip.c:15540)
==7874==    by 0x810003C: dummy_start (utils.c:852)
==7874==    by 0x403123F: start_thread (in
/lib/tls/i686/cmov/libpthread-2.3.6.so)
==7874==    by 0x4FAF49D: clone (in /lib/tls/i686/cmov/libc-2.3.6.so)
==7874==  Address 0x719d4bc is 116 bytes inside a block of size 5,620
free'd
==7874==    at 0x401D40C: free (vg_replace_malloc.c:323)
==7874==    by 0x8072362: __ast_free_region (astmm.c:174)
==7874==    by 0x80726EE: __ast_free (astmm.c:208)
==7874==    by 0x8081D5F: ast_channel_free (channel.c:1202)
==7874==    by 0x8082A22: ast_hangup (channel.c:1496)
==7874==    by 0x697BD42: ??? (app_dial.c:1726)
==7874==    by 0x697BF6D: ??? (app_dial.c:1760)
==7874==    by 0x80BE5EE: pbx_exec (pbx.c:532)
==7874==    by 0x80C19E7: pbx_extension_helper (pbx.c:1851)
==7874==    by 0x80C2AE1: ast_spawn_extension (pbx.c:2306)
==7874==    by 0x80C2FFD: __ast_pbx_run (pbx.c:2408)
==7874==    by 0x80C3DB2: pbx_thread (pbx.c:2623)

I'll upload these files.
====================================================================== 

---------------------------------------------------------------------- 
 norman - 02-25-08 12:57  
---------------------------------------------------------------------- 
I've uploaded the last 28 minutes of the log. Note that all of these errors
listed before the too many threads error happened way, way earlier (Friday
at the latest.) I'll also upload the much shorter logs from the second
crash. In this one, something got locked and never came back. 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
02-25-08 12:57  norman         Note Added: 0082881                          
======================================================================

More information about the asterisk-bugs mailing list