[asterisk-bugs] [JIRA] (ASTERISK-26727) FRACK!, Failed assertion bad magic number 0x0
Andreas Krüger (JIRA)
noreply at issues.asterisk.org
Wed Jan 18 08:27:10 CST 2017
Andreas Krüger created ASTERISK-26727:
-----------------------------------------
Summary: FRACK!, Failed assertion bad magic number 0x0
Key: ASTERISK-26727
URL: https://issues.asterisk.org/jira/browse/ASTERISK-26727
Project: Asterisk
Issue Type: Bug
Security Level: None
Components: Resources/res_pjsip
Affects Versions: 14.2.1
Reporter: Andreas Krüger
Severity: Critical
We're seeing some crashes when switching from 13.10 to 14.2.1.
{code}
FRACK!, Failed assertion bad magic number 0x0 for object 0x7ffff0015bd8 (0) at line 3595 in endpt_send_request of res_pjsip.c
[2017-01-18 13:34:02] ERROR[61333]: res_pjsip.c:3587 endpt_send_request: Error 171060 'Unsupported transport (PJSIP_EUNSUPTRANSPORT)' sending OPTIONS request to endpoint 10000-79QFUTEZ5
[2017-01-18 13:34:02] ERROR[61333]: res_pjsip.c:3595 endpt_send_request: FRACK!, Failed assertion bad magic number 0x0 for object 0x7ffff0015bd8 (0)
Got 19 backtrace records
#0: [0x6306a9] /usr/sbin/asterisk(__ast_assert_failed+0x8d) [0x6306a9]
#1: [0x4603b5] /usr/sbin/asterisk() [0x4603b5]
#2: [0x46042c] /usr/sbin/asterisk(__ao2_lock+0x61) [0x46042c]
#3: [0x7fffb3a18b54] /usr/lib/asterisk/modules/res_pjsip.so(+0x11b54) [0x7fffb3a18b54]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffb1a6b700 (LWP 61333)]
0x00007ffff78f93e4 in grp_lock_dec_ref () from /usr/lib/libasteriskpj.so
{code}
Ran asterisk inside GDB in interactive mode, and did a backtrace on it:
{code}
(gdb) bt
#0 0x00007ffff78f93e4 in grp_lock_dec_ref () from /usr/lib/libasteriskpj.so
#1 0x00007ffff78f9451 in pj_grp_lock_dec_ref () from /usr/lib/libasteriskpj.so
#2 0x00007ffff7907cb1 in cancel_timer () from /usr/lib/libasteriskpj.so
#3 0x00007ffff7907d1b in pj_timer_heap_cancel_if_active () from /usr/lib/libasteriskpj.so
#4 0x00007fffb3a18b6d in endpt_send_request (endpoint=0x7fffb802eb00, tdata=0x7ffff0011bf8, timeout=3000, token=0x29c34, cb=<optimized out>) at res_pjsip.c:3596
#5 0x00007fffb3a1aef2 in ast_sip_send_out_of_dialog_request (tdata=0x7ffff00146b8, endpoint=endpoint at entry=0x7fffb802eb00, timeout=3000, token=token at entry=0x1ffb030, callback=callback at entry=0x7fffb3a1f5b0 <qualify_contact_cb>) at res_pjsip.c:3776
#6 0x00007fffb3a1f222 in qualify_contact (endpoint=endpoint at entry=0x0, contact=contact at entry=0x1ffb030) at res_pjsip/pjsip_options.c:434
#7 0x00007fffb3a1f533 in qualify_contact_task (obj=0x1ffb030) at res_pjsip/pjsip_options.c:509
#8 0x0000000000615c80 in ast_taskprocessor_execute (tps=0x13ae278) at taskprocessor.c:967
#9 0x000000000061f547 in execute_tasks (data=0x13ae278) at threadpool.c:1322
#10 0x0000000000615c80 in ast_taskprocessor_execute (tps=0x13aaae8) at taskprocessor.c:967
#11 0x000000000061d2a2 in threadpool_execute (pool=0x13a9a78) at threadpool.c:351
#12 0x000000000061edd0 in worker_active (worker=0x7fffec005f38) at threadpool.c:1105
#13 0x000000000061eb6b in worker_start (arg=0x7fffec005f38) at threadpool.c:1024
#14 0x000000000062d38c in dummy_start (data=0x7fffec002910) at utils.c:1230
#15 0x00007ffff5a470a5 in start_thread (arg=0x7fffb1a6b700) at pthread_create.c:309
#16 0x00007ffff502acfd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111
{code}
and full:
{code}
(gdb) bt full
#0 0x00007ffff78f93e4 in grp_lock_dec_ref () from /usr/lib/libasteriskpj.so
No symbol table info available.
#1 0x00007ffff78f9451 in pj_grp_lock_dec_ref () from /usr/lib/libasteriskpj.so
No symbol table info available.
#2 0x00007ffff7907cb1 in cancel_timer () from /usr/lib/libasteriskpj.so
No symbol table info available.
#3 0x00007ffff7907d1b in pj_timer_heap_cancel_if_active () from /usr/lib/libasteriskpj.so
No symbol table info available.
#4 0x00007fffb3a18b6d in endpt_send_request (endpoint=0x7fffb802eb00, tdata=0x7ffff0011bf8, timeout=3000, token=0x29c34, cb=<optimized out>) at res_pjsip.c:3596
timers_cancelled = 1601398130
errmsg = "Unsupported transport (PJSIP_EUNSUPTRANSPORT)\000\000\000P\274\000\360\377\177", '\000' <repeats 14 times>, "\377\377\377\377\270F\001\360\377\177\000"
req_wrapper = 0x7ffff0015bd8
endpt = 0x13af9c8
selector = {type = PJSIP_TPSELECTOR_NONE, u = {transport = 0x0, listener = 0x0, ptr = 0x0}}
#5 0x00007fffb3a1aef2 in ast_sip_send_out_of_dialog_request (tdata=0x7ffff00146b8, endpoint=endpoint at entry=0x7fffb802eb00, timeout=3000, token=token at entry=0x1ffb030, callback=callback at entry=0x7fffb3a1f5b0 <qualify_contact_cb>) at res_pjsip.c:3776
supplement = 0x0
contact = 0x1ffb030
__PRETTY_FUNCTION__ = "ast_sip_send_out_of_dialog_request"
#6 0x00007fffb3a1f222 in qualify_contact (endpoint=endpoint at entry=0x0, contact=contact at entry=0x1ffb030) at res_pjsip/pjsip_options.c:434
tdata = 0x7ffff00146b8
endpoint_local = 0x7fffb802eb00
__PRETTY_FUNCTION__ = "qualify_contact"
#7 0x00007fffb3a1f533 in qualify_contact_task (obj=0x1ffb030) at res_pjsip/pjsip_options.c:509
contact = 0x1ffb030
res = <optimized out>
__PRETTY_FUNCTION__ = "qualify_contact_task"
#8 0x0000000000615c80 in ast_taskprocessor_execute (tps=0x13ae278) at taskprocessor.c:967
local = {local_data = 0x0, data = 0x629f5c <ast_threadstorage_set_ptr+60>}
t = 0x7fffd0008020
size = 1
__PRETTY_FUNCTION__ = "ast_taskprocessor_execute"
#9 0x000000000061f547 in execute_tasks (data=0x13ae278) at threadpool.c:1322
tps = 0x13ae278
#10 0x0000000000615c80 in ast_taskprocessor_execute (tps=0x13aaae8) at taskprocessor.c:967
local = {local_data = 0x13a9a58, data = 0x13a9a20}
t = 0x7fffd0007af0
size = 20617816
__PRETTY_FUNCTION__ = "ast_taskprocessor_execute"
#11 0x000000000061d2a2 in threadpool_execute (pool=0x13a9a78) at threadpool.c:351
__PRETTY_FUNCTION__ = "threadpool_execute"
#12 0x000000000061edd0 in worker_active (worker=0x7fffec005f38) at threadpool.c:1105
alive = 32767
#13 0x000000000061eb6b in worker_start (arg=0x7fffec005f38) at threadpool.c:1024
worker = 0x7fffec005f38
saved_state = ALIVE
---Type <return> to continue, or q <return> to quit---
__PRETTY_FUNCTION__ = "worker_start"
#14 0x000000000062d38c in dummy_start (data=0x7fffec002910) at utils.c:1230
__cancel_buf = {__cancel_jmp_buf = {{__cancel_jmp_buf = {140736173881088, 5220049284479118540, 1, 0, 140736173881792, 140736173881088, 5220049284468632780, -5220177046801552180}, __mask_was_saved = 0}}, __pad = {0x7fffb1a6aef0, 0x0, 0x0, 0x0}}
__cancel_routine = 0x4544dd <ast_unregister_thread>
__cancel_arg = 0x7fffb1a6b700
__not_first_call = 0
ret = 0x0
a = {start_routine = 0x61eae4 <worker_start>, data = 0x7fffec005f38, name = 0x7fffec006bf0 "worker_start started at [ 1079] threadpool.c worker_thread_start()"}
lock_info = 0x7ffff0002330
mutex_attr = {__size = "\001\000\000", __align = 1}
__PRETTY_FUNCTION__ = "dummy_start"
#15 0x00007ffff5a470a5 in start_thread (arg=0x7fffb1a6b700) at pthread_create.c:309
__res = <optimized out>
pd = 0x7fffb1a6b700
now = <optimized out>
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140736173881088, -5220177298626908980, 1, 0, 140736173881792, 140736173881088, 5220049284472827084, 5220198837969415372}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
not_first_call = <optimized out>
pagesize_m1 = <optimized out>
sp = <optimized out>
freesize = <optimized out>
__PRETTY_FUNCTION__ = "start_thread"
#16 0x00007ffff502acfd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111
No locals.
{code}
The only thing we did not do was to do ast-db-manage upgrade the database. But im unsure if it's related here.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list