[asterisk-bugs] [JIRA] Updated: (ASTERISK-20237) Assert failure in res_rtp_asterisk calling pj_mutex_unlock after a few calls

Mark Michelson (JIRA) noreply at issues.asterisk.org
Fri Aug 17 15:33:07 CDT 2012 

     [ https://issues.asterisk.org/jira/browse/ASTERISK-20237?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Mark Michelson updated ASTERISK-20237:
--------------------------------------

    Attachment: ASTERISK-20237.patch

As discussed on IRC, a likely cause for the corruption is that pjlib ends up referencing data that went out of scope long ago. The patch I'm uploading (ASTERISK-20237.patch) changes the pj_thread_desc structure to be stored in thread-local storage. In my local tests, valgrind's numerous errors disappeared. My hope is that this also means the corruption that led to the crash is also cleared up. Please test and let me know how things go.

> Assert failure in res_rtp_asterisk calling pj_mutex_unlock after a few calls
> ----------------------------------------------------------------------------
>
>                 Key: ASTERISK-20237
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-20237
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_sip/General, Resources/res_rtp_asterisk
>    Affects Versions: 11.0.0-beta1
>         Environment: Ubuntu 10.04.1 LTS
>            Reporter: Jeremy Pepper
>            Assignee: Jeremy Pepper
>         Attachments: ASTERISK-20237.patch, valgrind.log
>
>
> I have a single SIP account configured to register a softphone to a test server. After making a few calls, I invariably get this error:
> {noformat}
> asterisk: ../src/pj/os_core_unix.c:1276: pj_mutex_unlock: Assertion `mutex->owner == pj_thread_this()' failed.
> Aborted (core dumped)
> {noformat}
> GDB provides this backtrace:
> {noformat}
> #0  0xb7857430 in __kernel_vsyscall ()
> #1  0xb7718651 in *__GI_raise (sig=6)
>     at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
> #2  0xb771ba82 in *__GI_abort () at abort.c:92
> #3  0xb7711718 in *__GI___assert_fail (
>     assertion=0xb5facce4 "mutex->owner == pj_thread_this()", 
>     file=0xb5faca78 "../src/pj/os_core_unix.c", line=1276, 
>     function=0xb5face18 "pj_mutex_unlock") at assert.c:81
> #4  0xb5f9788e in pj_mutex_unlock (mutex=0xb78443ec)
>     at ../src/pj/os_core_unix.c:1276
> #5  0xb5f9710d in pj_atomic_get (atomic_var=0x93ba440)
>     at ../src/pj/os_core_unix.c:888
> #6  0xb5f7fbb8 in pj_stun_session_destroy (sess=0x93b9e4c)
>     at ../src/pjnath/stun_session.c:542
> #7  0xb5f75c9a in destroy_ice (ice=0x93cf29c, reason=0)
>     at ../src/pjnath/ice_session.c:474
> #8  0xb5f75db3 in pj_ice_sess_destroy (ice=0x93cf29c)
>     at ../src/pjnath/ice_session.c:503
> #9  0xb5f687f4 in ast_rtp_destroy (instance=0x93bb0bc)
>     at res_rtp_asterisk.c:1236
> #10 0x081908a9 in instance_destructor (obj=0x93bb0bc) at rtp_engine.c:212
> #11 0x0808f486 in internal_ao2_ref (user_data=<value optimized out>, 
>     delta=<value optimized out>, file=<value optimized out>, line=539, 
>     func=0x81f496e "__ao2_ref") at astobj2.c:461
> #12 0x0818eeb9 in ast_rtp_instance_destroy (instance=0x93bb0bc)
>     at rtp_engine.c:231
> #13 0xb654dc98 in __sip_destroy (p=0x93b23cc, lockowner=1, lockdialoglist=1)
>     at chan_sip.c:6152
> #14 0xb654e74d in sip_destroy (p=0x93b23cc) at chan_sip.c:6430
> #15 0xb654fdbe in sip_destroy_fn (p=0x93b23cc) at chan_sip.c:6419
> #16 0x0808f486 in internal_ao2_ref (user_data=<value optimized out>, 
>     delta=<value optimized out>, file=<value optimized out>, line=539, 
>     func=0x81f496e "__ao2_ref") at astobj2.c:461
> #17 0xb652ce4a in dialog_unref_debug (p=0x0, 
>     tag=0xb65d61e0 "Let's unbump the count in the unlink so the poor pvt can disappear if it is time", file=0xb65cac48 "chan_sip.c", line=3171, 
>     func=0xb65d3e89 "dialog_unlink_all") at chan_sip.c:2329
> #18 0xb6540437 in dialog_unlink_all (dialog=0x93b23cc) at chan_sip.c:3171
> #19 0xb6540d1f in dialog_needdestroy (dialogobj=0x93b23cc, arg=0x0, flags=6)
>     at chan_sip.c:18591
> #20 0x08091334 in internal_ao2_callback (c=<value optimized out>, 
>     flags=<value optimized out>, cb_fn=<value optimized out>, arg=0x0, 
>     data=0x0, type=DEFAULT, tag=0x0, file=0x0, line=0, func=0x0)
>     at astobj2.c:1083
> #21 0x08091a1a in __ao2_callback (c=0x8f196ec, flags=6, 
>     cb_fn=0xb6540ab0 <dialog_needdestroy>, arg=0x0) at astobj2.c:1188
> #22 0xb6594f96 in do_monitor (data=0x0) at chan_sip.c:28033
> #23 0x081d2cab in dummy_start (data=0x8f26fa8) at utils.c:1026
> #24 0xb738b96e in start_thread (arg=0xb6653b70) at pthread_create.c:300
> #25 0xb77bb98e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130
> {noformat}
> I can't reproduce the issue with thread debugging enabled and optimization disabled.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the asterisk-bugs mailing list