[asterisk-bugs] [JIRA] (ASTERISK-26092) [Segfault] in res_rtp_asterisk.c:4268 after Remotely bridged channels
Mark Michelson (JIRA)
noreply at issues.asterisk.org
Tue Jun 7 13:22:56 CDT 2016
[ https://issues.asterisk.org/jira/browse/ASTERISK-26092?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Mark Michelson updated ASTERISK-26092:
--------------------------------------
Attachment: ASTERISK-26092.diff
I am attaching ASTERISK-26092.diff . I believe this patch should prevent the crash from occurring. Please test and let me know if it causes the reported crash to go away.
The native RTP bridge code tells the channel drivers that they need to update their RTP instance in order to do direct media. The native RTP bridge code does the proper thing by having the channel locked during this operation. The PJSIP channel driver queues a task onto the session's task queue in order to perform the RTP changes. The problem is that in that queued task, chan_pjsip is not locking the channel when altering the RTP properties. This results in the session's queue destroying the RTCP structure at the same time that the channel's thread is attempting to read from it. This patch corrects this problem by having the queued task that alters the RTP instance also lock the channel, thereby granting exclusive access to the underlying RTP structures.
> [Segfault] in res_rtp_asterisk.c:4268 after Remotely bridged channels
> ---------------------------------------------------------------------
>
> Key: ASTERISK-26092
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-26092
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Resources/res_rtp_asterisk
> Affects Versions: 13.9.0
> Environment: Debian, Pjsip
> Reporter: Niklas Larsson
> Attachments: ASTERISK-26092.diff, backtrace.txt, HOMER_CID_1586769a-6960-4b55-b098-c3b5865ef0c6.txt, HOMER_CID_88f0d5c4a4565701c6cb00013e1a6592 at 192.168.1.3.txt
>
>
> Segfault happens after:
> {code}
> [2016-06-07 12:41:23] VERBOSE[13780][C-0000074b] app_dial.c: PJSIP/wid4663-0000131b answered PJSIP/wid4661-0000131a
> [2016-06-07 12:41:23] VERBOSE[13802][C-0000074b] bridge_channel.c: Channel PJSIP/wid4663-0000131b joined 'simple_bridge' basic-bridge <ac9e9cd6-a3c2-4c37-bd34-48fc42bad3cd>
> [2016-06-07 12:41:23] VERBOSE[13780][C-0000074b] bridge_channel.c: Channel PJSIP/wid4661-0000131a joined 'simple_bridge' basic-bridge <ac9e9cd6-a3c2-4c37-bd34-48fc42bad3cd>
> [2016-06-07 12:41:23] VERBOSE[13780][C-0000074b] bridge.c: Bridge ac9e9cd6-a3c2-4c37-bd34-48fc42bad3cd: switching from simple_bridge technology to native_rtp
> [2016-06-07 12:41:23] VERBOSE[13780][C-0000074b] bridge_native_rtp.c: Remotely bridged 'PJSIP/wid4661-0000131a' and 'PJSIP/wid4663-0000131b' - media will flow directly between them
> [2016-06-07 12:41:23] VERBOSE[13780][C-0000074b] bridge_native_rtp.c: Remotely bridged 'PJSIP/wid4661-0000131a' and 'PJSIP/wid4663-0000131b' - media will flow directly between them
> [2016-06-07 12:41:39] Asterisk 13.9.0 built by root @ uc15.example.com on a x86_64 running Linux on 2016-01-21 12:53:22 UTC
> {code}
> Attached backtrace
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list