[asterisk-bugs] [JIRA] (ASTERISK-27170) segfault in pj_sockaddr_in_set_str_addr

nappsoft (JIRA) noreply at issues.asterisk.org
Tue Aug 15 06:13:08 CDT 2017


    [ https://issues.asterisk.org/jira/browse/ASTERISK-27170?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=238094#comment-238094 ] 

nappsoft edited comment on ASTERISK-27170 at 8/15/17 6:11 AM:
--------------------------------------------------------------

Just out of curiosity one question: is there a way to force a hangup for a certain channel being completed before the hangup of the bridged channel?. First my current test-scenario: A calls B, C picksup the ringing channel for B with PickupChan

Now usually I see the HANGUP CEL entry for Channel C being made before the CEL entry for channel A (no matter, whether I hangup phone A or C first or whether I do a channel request hangup for one or the other channel). But according to both crashlogs it's the other way round in the crashing scenarios: I see debug log for the CEL entry for Channel A but no entry for channel C (but in the second case, when libsqlite3 was crashing, this happened while writing out the CEL log entry for channel C. This is not in the log because of output buffers I guess). I just don't manage to reproduce the "different hangup order" scenario, maybe this would help to reproduce the crash...


was (Author: nappsoft):
Just out of curiosity one question: is there a way to force a hangup for a certain channel being completed before the hangup of the bridged channel?. First my current test-scenario: A calls B, C picksup the ringing channel for B with PickupChan

Now usually I see the CEL entry for Channel C being made before the CEL entry for channel A (no matter, whether I hangup phone A or C first or whether I do a channel request hangup for one or the other channel). But according to both crashlogs it's the other way round in the crashing scenarios: I see debug log for the CEL entry for Channel A but no entry for channel C (but in the second case, when libsqlite3 was crashing, this happened while writing out the CEL log entry for channel C. This is not in the log because of output buffers I guess). I just don't manage to reproduce the "different hangup order" scenario, maybe this would help to reproduce the crash...

> segfault in pj_sockaddr_in_set_str_addr
> ---------------------------------------
>
>                 Key: ASTERISK-27170
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-27170
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: PBX/General
>    Affects Versions: 13.16.0
>         Environment: 64bit linux musl 1.1.15
>            Reporter: nappsoft
>            Assignee: Unassigned
>         Attachments: crashlog.txt, trace_cel_crash.txt, trace.txt, valgrind2.txt
>
>
> From time to time asterisk crashes in pj_sockaddr_i_set_str_add. The asterisk version we use is 13.16.0 with some stability patches that flew into 13.17.0 (we will update to 13.17.0 soon). But we already had the same crashes with unpatched 13.16.0 versions and with older versions as well.
> According to the sip traces the last thing that happened was a sip transfer. The messageflow was:
> REFER (Phone) -> 202 Accepted (PBX) -> NOTIFY Trying (PBX) -> NOTIFY OK (PBX) -> BYE (Phone) - > OK (PBX for the BYE message) -> OK (Phone for the NOTIFY Trying) -> OK (Phone for the NOTIFY OK)
> As these are embedded systems with limited resources it's always difficult to make crash dumps there or to run asterisk in gdb... I'll try to get some complete backtraces in the future, but maybe somebody has an idea based on the described scenario. => maybe there is a race condition when the Phone sends OK messages for the NOTIFY messages after that the phone has already sent a BYE for the same call?



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list