[asterisk-bugs] [Asterisk 0015848]: [patch] segfault when transferring a queue caller

Asterisk Bug Tracker noreply at bugs.digium.com
Thu Nov 5 19:54:17 CST 2009 

A NOTE has been added to this issue. 
====================================================================== 
https://issues.asterisk.org/view.php?id=15848 
====================================================================== 
Reported By:                fhackenberger
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   15848
Category:                   Channels/General
Reproducibility:            random
Severity:                   crash
Priority:                   normal
Status:                     ready for review
Target Version:             1.6.1.2
Asterisk Version:           Older 1.6.1 
JIRA:                       SWP-327 
Regression:                 No 
Reviewboard Link:            
SVN Branch (only for SVN checkouts, not tarball releases): 1.6.1 
SVN Revision (number only!): 209515 
Request Review:              
====================================================================== 
Date Submitted:             2009-09-08 03:55 CDT
Last Modified:              2009-11-05 19:54 CST
====================================================================== 
Summary:                    [patch] segfault when transferring a queue caller
Description: 
The segfault happens after transferring (SIP re-invite) a queue call.

https://issues.asterisk.org/view.php?id=0  0xb7d5da04 in
__pthread_mutex_unlock_usercnt () from
/lib/tls/i686/cmov/libpthread.so.0
https://issues.asterisk.org/view.php?id=0  0xb7d5da04 in
__pthread_mutex_unlock_usercnt () from
/lib/tls/i686/cmov/libpthread.so.0
https://issues.asterisk.org/view.php?id=1  0xb61ef779 in sip_hangup
(ast=0xb3902a20) at
/tmp/buildd/asterisk-1.6.1.0~dfsg/include/asterisk/lock.h:1708
https://issues.asterisk.org/view.php?id=2  0x08087eb9 in ast_do_masquerade
(original=0x8722db8) at
channel.c:4406
https://issues.asterisk.org/view.php?id=3  0x0808b589 in ast_waitfor_nandfds
(c=0xb41fa200, n=2, fds=0x0, nfds=0,
exception=0x0, outfd=0x0, ms=0xb41fa214) at channel.c:2004
https://issues.asterisk.org/view.php?id=4  0x0808bb4f in ast_waitfor_n
(c=0xb41fa200, n=2, ms=0xb41fa214) at
channel.c:2318
https://issues.asterisk.org/view.php?id=5  0x0808e2d4 in ast_channel_bridge
(c0=0x8722db8, c1=0x87407f8,
config=0xb41fa61c, fo=0xb41fa2ec, rc=0xb41fa2e8) at channel.c:4733
https://issues.asterisk.org/view.php?id=6  0x080b06b6 in ast_bridge_call
(chan=0x8722db8, peer=0x87407f8,
config=0xb41fa61c) at features.c:2538
https://issues.asterisk.org/view.php?id=7  0xb5bfa2e9 in dial_exec_full
(chan=0x8722db8, data=0xb41fd138,
peerflags=0xb41fae90, continue_exec=0x0) at app_dial.c:1986
https://issues.asterisk.org/view.php?id=8  0xb5bfc174 in dial_exec
(chan=0x8722db8, data=0xb41fd138) at
app_dial.c:2060
https://issues.asterisk.org/view.php?id=9  0x080ddab5 in pbx_exec (c=0x8722db8,
app=0x82b0d00, data=0xb41fd138)
at pbx.c:960
https://issues.asterisk.org/view.php?id=10 0x080e4632 in pbx_extension_helper
(c=0x8722db8, con=0x0,
context=0x8723028 "agents", exten=0x8723078 "972605572372450", priority=9,
    label=0x0, callerid=0x848d910 "0314224713906", action=E_SPAWN,
found=0xb41ff244, combined_find_spawn=1) at pbx.c:3201
https://issues.asterisk.org/view.php?id=11 0x080e6ecc in __ast_pbx_run
(c=0x8722db8, args=0x0) at pbx.c:3745
https://issues.asterisk.org/view.php?id=12 0x080e89d0 in pbx_thread
(data=0x8722db8) at pbx.c:4032
https://issues.asterisk.org/view.php?id=13 0x0811ca47 in dummy_start
(data=0x86be7f8) at utils.c:968
https://issues.asterisk.org/view.php?id=14 0xb7d5a4fb in start_thread () from
/lib/tls/i686/cmov/libpthread.so.0
https://issues.asterisk.org/view.php?id=15 0xb6f7be5e in clone () from
/lib/tls/i686/cmov/libc.so.6

====================================================================== 

---------------------------------------------------------------------- 
 (0113250) alecdavis (reporter) - 2009-11-05 19:54
 https://issues.asterisk.org/view.php?id=15848#c113250 
---------------------------------------------------------------------- 
We may be seeing similar here. Twice today. No debug yet, just waiting for
next crash, have recompiled with DON'T OPTIMIZE.

It's not reproducible, I've tried!
I believe the transfer is an attended trasnfer as you see the incomimg
line (DAHDI/1-1) start music on hold, then the iaxtrunk, then they both
stop music then seems to be all over.

console output is all I have so far.
</pre>!! Unknown IE 50 (cs5, Unknown Information Element)
    -- Executing [9340 at incoming:1] NoOp("DAHDI/1-1", "Incoming call
callingsubaddr= calledsubaddr=") in new stack
    -- Executing [9340 at incoming:2] GotoIf("DAHDI/1-1",
"1?internal,8801,1") in new stack
    -- Goto (internal,8801,1)
    -- Executing [8801 at internal:1] NoOp("DAHDI/1-1", "queue 2 dialled
callingsubaddr= calledsubaddr=") in new stack
    -- Executing [8801 at internal:2] NoOp("DAHDI/1-1", "Queue_member
logged=2 free=2") in new stack
    -- Executing [8801 at internal:3] Ringing("DAHDI/1-1", "") in new stack
    -- Accepting call from '95551234' to '9340' on channel 0/1, span 1
    -- Executing [8801 at internal:4] GotoIf("DAHDI/1-1", "0?nightservice")
in new stack
    -- Executing [8801 at internal:5] GotoIf("DAHDI/1-1", "1?noannounce") in
new stack
    -- Goto (internal,8801,11)
    -- Executing [8801 at internal:11] Queue("DAHDI/1-1", "queue2,rhH,,,90")
in new stack
  == Using SIP RTP CoS mark 5
  == Using SIP RTP CoS mark 5
  == Extension Changed 8820[internal] new state Ringing for Notify User
9001
  == Extension Changed 8820[internal] new state Ringing for Notify User
9000
    -- SIP/9015-000003ef is ringing
    -- SIP/9001-000003f0 is ringing
  == Extension Changed 8820[internal] new state InUse for Notify User
9001
    -- SIP/9001-000003f0 answered DAHDI/1-1
  == Extension Changed 8820[internal] new state InUse for Notify User
9000
    -- Started music on hold, class 'default', on DAHDI/1-1
  == Using SIP RTP CoS mark 5
    -- Executing [5053 at internal:1] Dial("SIP/9001-000003f1",
"IAX2/siteb/5053,,r") in new stack
    -- Called siteb/5053
    -- Call accepted by 192.168.x.yy (format alaw)
    -- Format for call is alaw
    -- IAX2/siteb-21016 is proceeding passing it to SIP/9001-000003f1
    -- IAX2/siteb-21016 is ringing
    -- IAX2/siteb-21016 answered SIP/9001-000003f1
    -- Started music on hold, class 'default', on IAX2/siteb-21016
    -- Stopped music on hold on DAHDI/1-1
    -- Stopped music on hold on IAX2/siteb-21016
sitea*CLI>
Disconnected from Asterisk server
Executing last minute cleanups
Asterisk cleanly ending (0).</pre> 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2009-11-05 19:54 alecdavis      Note Added: 0113250                          
======================================================================

More information about the asterisk-bugs mailing list