[asterisk-bugs] [Asterisk 0012063]: Two Asterisk crashes

noreply at bugs.digium.com noreply at bugs.digium.com
Mon Feb 25 16:04:55 CST 2008 

A NOTE has been added to this issue. 
====================================================================== 
http://bugs.digium.com/view.php?id=12063 
====================================================================== 
Reported By:                norman
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   12063
Category:                   Channels/chan_sip/General
Reproducibility:            random
Severity:                   crash
Priority:                   normal
Status:                     new
Asterisk Version:           1.4.18 
SVN Branch (only for SVN checkouts, not tarball releases): N/A 
SVN Revision (number only!):  
Disclaimer on File?:        N/A 
Request Review:              
====================================================================== 
Date Submitted:             02-25-2008 10:43 CST
Last Modified:              02-25-2008 16:04 CST
====================================================================== 
Summary:                    Two Asterisk crashes
Description: 
I had two Asterisk crashes or lockups within 2 hours today. However, it ran
all weekend without a problem. I was running under Valgrind, but the first
crash apparently Valgrind can't track down. I had another like this one
last week. Basically, Valgrind runs out of thread slots and one is
corrupt:

Thread 18: status = VgTs_WaitSys
==20183==    at 0x4000792: (within /lib/ld-2.3.6.so)
==20183==    by 0x28ADD17: ???

(I believe this is while trying to lock a mutex.) I have compiled with
MALLOC_DEBUG and those files are zero length. I have the verbose 3 output
for these, but the first is 500 MB. I do have some previous (in the
valgrind log) that I reported with http://bugs.digium.com/view.php?id=11960 that
were not fixed. Those deal
with ast_log accessing free'd memory in chan_sip.

The second log is more interesting. Lots of errors like this:

==7874== Thread 7:
==7874== Invalid read of size 4
==7874==    at 0x59D0671: ??? (chan_sip.c:4564)
==7874==    by 0x5A03A9A: ??? (chan_sip.c:15366)
==7874==    by 0x80AD830: ast_io_wait (io.c:279)
==7874==    by 0x5A0477C: ??? (chan_sip.c:15613)
==7874==    by 0x810003C: dummy_start (utils.c:852)
==7874==    by 0x403123F: start_thread (in
/lib/tls/i686/cmov/libpthread-2.3.6.so)
==7874==    by 0x4FAF49D: clone (in /lib/tls/i686/cmov/libc-2.3.6.so)
==7874==  Address 0x719d4d0 is 136 bytes inside a block of size 5,620
free'd
==7874==    at 0x401D40C: free (vg_replace_malloc.c:323)
==7874==    by 0x8072362: __ast_free_region (astmm.c:174)
==7874==    by 0x80726EE: __ast_free (astmm.c:208)
==7874==    by 0x8081D5F: ast_channel_free (channel.c:1202)
==7874==    by 0x8082A22: ast_hangup (channel.c:1496)
==7874==    by 0x697BD42: ??? (app_dial.c:1726)
==7874==    by 0x697BF6D: ??? (app_dial.c:1760)
==7874==    by 0x80BE5EE: pbx_exec (pbx.c:532)
==7874==    by 0x80C19E7: pbx_extension_helper (pbx.c:1851)
==7874==    by 0x80C2AE1: ast_spawn_extension (pbx.c:2306)
==7874==    by 0x80C2FFD: __ast_pbx_run (pbx.c:2408)
==7874==    by 0x80C3DB2: pbx_thread (pbx.c:2623)

and

==7874== Invalid read of size 4
==7874==    at 0x4033197: pthread_mutex_trylock (in
/lib/tls/i686/cmov/libpthread-2.3.6.so)
==7874==    by 0x59C4937: ??? (lock.h:706)
==7874==    by 0x5A04394: ??? (chan_sip.c:15540)
==7874==    by 0x810003C: dummy_start (utils.c:852)
==7874==    by 0x403123F: start_thread (in
/lib/tls/i686/cmov/libpthread-2.3.6.so)
==7874==    by 0x4FAF49D: clone (in /lib/tls/i686/cmov/libc-2.3.6.so)
==7874==  Address 0x719d4bc is 116 bytes inside a block of size 5,620
free'd
==7874==    at 0x401D40C: free (vg_replace_malloc.c:323)
==7874==    by 0x8072362: __ast_free_region (astmm.c:174)
==7874==    by 0x80726EE: __ast_free (astmm.c:208)
==7874==    by 0x8081D5F: ast_channel_free (channel.c:1202)
==7874==    by 0x8082A22: ast_hangup (channel.c:1496)
==7874==    by 0x697BD42: ??? (app_dial.c:1726)
==7874==    by 0x697BF6D: ??? (app_dial.c:1760)
==7874==    by 0x80BE5EE: pbx_exec (pbx.c:532)
==7874==    by 0x80C19E7: pbx_extension_helper (pbx.c:1851)
==7874==    by 0x80C2AE1: ast_spawn_extension (pbx.c:2306)
==7874==    by 0x80C2FFD: __ast_pbx_run (pbx.c:2408)
==7874==    by 0x80C3DB2: pbx_thread (pbx.c:2623)

I'll upload these files.
====================================================================== 

---------------------------------------------------------------------- 
 Corydon76 - 02-25-08 16:04  
---------------------------------------------------------------------- 
Looks like you don't have the verbosity of DEBUG turned up, so this is
going to be harder to debug.

Please increase the debug level, with "core set debug 5" and obtain
another pair of valgrind and log output.  You may want to issues a "logger
rotate" prior to this, to ensure we're only seeing the log from when
valgrind starts. 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
02-25-08 16:04  Corydon76      Note Added: 0082905                          
======================================================================

More information about the asterisk-bugs mailing list