[asterisk-bugs] [Asterisk 0013623]: Asterisk segfaults when using SIP session timers
Asterisk Bug Tracker
noreply at bugs.digium.com
Tue Apr 21 13:16:19 CDT 2009
A NOTE has been added to this issue.
======================================================================
http://bugs.digium.com/view.php?id=13623
======================================================================
Reported By: Nik Soggia
Assigned To: rjain
======================================================================
Project: Asterisk
Issue ID: 13623
Category: Channels/chan_sip/General
Reproducibility: always
Severity: crash
Priority: normal
Status: assigned
Asterisk Version: 1.6.1-beta1
Regression: No
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!):
Request Review:
======================================================================
Date Submitted: 2008-10-06 05:46 CDT
Last Modified: 2009-04-21 13:16 CDT
======================================================================
Summary: Asterisk segfaults when using SIP session timers
Description:
My Asterisk 1.6.0-rc6 shows the same symptoms as in issue 0012919: under
moderate or heavy traffic it keeps crashing randomly about every half an
hour.
Inbound traffic is coming from a single equipment (not under my control)
that always sends "Session-Expires" in the SIP packet. In the additional
information I enclosed a typical incoming packet.
I set "session-timers = refuse" in sip.conf [general] last friday and it
didn't crash anymore in about three days. after a so long time without a
single crash I think that we can say that it fixed the problem.
I collected 23 core dumps in about 10 hours, it is a production machine
that suddendly started crashing and I had no time to recompile and enable
thread debugging as recommended. In the additional information I enclosed
all the backtraces.
The backtraces show that the crash is mostly inside proc_session_timer(),
but in different lines, as if p->stimer disappears just after the initial
consistency check (maybe the channel is closing exactly when the timer
expires?).
Should you need the core dumps (about 130 Mb), I can send them to you
privately, they contain lots of confidential data and I can't make them
public.
======================================================================
Relationships ID Summary
----------------------------------------------------------------------
related to 0012919 Segmentation fault in "Session tim...
======================================================================
----------------------------------------------------------------------
(0103544) widgetii (reporter) - 2009-04-21 13:16
http://bugs.digium.com/view.php?id=13623#c103544
----------------------------------------------------------------------
Seems that in stop_session_timer() function ast_sched_del() invoked and
than later asterisk try to get already deleted p->stimer structure. For
example,
/*! \brief Session-Timers: Restart session timer */
static void restart_session_timer(struct sip_pvt *p)
{
if (!p->stimer) {
ast_log(LOG_WARNING, "Null stimer in restart_session_timer
- %s\n", p->callid);
return;
}
- In this piece of code we checking p->stimer, that yet existing. But in
this moment in another thread ast_sched_del() function called, and then
p->stimer structure stops live.
if (p->stimer->st_active == TRUE) {
- In this piece of code we get nonexisting value and hence asterisk
crashes.
Need help from Asterisk developers to introduce lock support in this code.
Issue History
Date Modified Username Field Change
======================================================================
2009-04-21 13:16 widgetii Note Added: 0103544
======================================================================
More information about the asterisk-bugs
mailing list