[asterisk-bugs] [JIRA] (ASTERISK-27037) Segfault in pjsip

Martin Tomec (JIRA) noreply at issues.asterisk.org
Fri Jun 9 04:36:57 CDT 2017 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-27037?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=237369#comment-237369 ] 

Martin Tomec edited comment on ASTERISK-27037 at 6/9/17 4:36 AM:
-----------------------------------------------------------------

It seems that the {{pj_grp_lock_t}} structure is corupted/destroyed
{noformat}
print *glock
$2 = {base = {lock_object = 0x7fd6d40b7c88, acquire = 0x7fd720136b30 <grp_lock_acquire>, tryacquire = 0x7fd720136a80 <grp_lock_tryacquire>, release = 0x7fd720136c00 <grp_lock_release>, destroy = 0x7fd7201367d0 <grp_lock_destroy>},
  pool = 0x0, ref_cnt = 0x7fd6d40b7d18, own_lock = 0x7fd6d40b7d70, owner = 0x0, owner_cnt = 0, lock_list = {prev = 0x7fd6e00c61d8, next = 0x7fd6e00c61d8, prio = 0, lock = 0x0}, destroy_list = {prev = 0x7fd6fc00e958,
    next = 0x7fd6fc00e958, comp = 0x0, handler = 0x0}}
(gdb) print &(glock->lock_list)
$3 = (grp_lock_item *) 0x7fd6d40b7cd8
{noformat}
(gdb)  print *(glock->ref_cnt)
$4 = {mutex = 0x7fd6d40b7d28, value = 0}
{{glock->lock_list.next}} should point to 0x7fd6d40b7cd8, not 0x7fd6e00c61d8 and {{glock->pool}} shouldnt be NULL.


was (Author: matesstar):
It seems that the {{pj_grp_lock_t}} structure is corupted/destroyed
{noformat}
print *glock
$2 = {base = {lock_object = 0x7fd6d40b7c88, acquire = 0x7fd720136b30 <grp_lock_acquire>, tryacquire = 0x7fd720136a80 <grp_lock_tryacquire>, release = 0x7fd720136c00 <grp_lock_release>, destroy = 0x7fd7201367d0 <grp_lock_destroy>},
  pool = 0x0, ref_cnt = 0x7fd6d40b7d18, own_lock = 0x7fd6d40b7d70, owner = 0x0, owner_cnt = 0, lock_list = {prev = 0x7fd6e00c61d8, next = 0x7fd6e00c61d8, prio = 0, lock = 0x0}, destroy_list = {prev = 0x7fd6fc00e958,
    next = 0x7fd6fc00e958, comp = 0x0, handler = 0x0}}
(gdb) print &(glock->lock_list)
$3 = (grp_lock_item *) 0x7fd6d40b7cd8
{noformat}
{{glock->lock_list.next}} should point to 0x7fd6d40b7cd8, not 0x7fd6e00c61d8 and {{glock->pool}} shouldnt be NULL.

> Segfault in pjsip
> -----------------
>
>                 Key: ASTERISK-27037
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-27037
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: pjproject/pjsip
>    Affects Versions: 13.15.1
>         Environment: CentOS 7.3
>            Reporter: Martin Tomec
>         Attachments: backtrace.txt, endpoint.txt
>
>
> We were experiencing frequent asterisk crash in production enviroment. Maybe it was caused by some mallformed webrtc registration. For now we can´t reproduce the issue, so I send only backtrace from coredump. In logs I failed to find any common line for all crashes, only this is suspicious:
> {noformat}
> [Jun  7 12:10:55] ERROR[21634] res_pjsip.c: Error 171060 'Unsupported transport (PJSIP_EUNSUPTRANSPORT)' sending OPTIONS request to endpoint webrtc_kaplan
> {noformat}
> Please let mi know if I can get more from coredump or log



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list