[asterisk-bugs] [JIRA] (ASTERISK-27230) Segfault in pj_timer_heap_poll
Ross Beer (JIRA)
noreply at issues.asterisk.org
Thu Oct 12 11:03:21 CDT 2017
[ https://issues.asterisk.org/jira/browse/ASTERISK-27230?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ross Beer updated ASTERISK-27230:
---------------------------------
Comment: was deleted
(was: The crash always happens when accessing "std->fail;". Would a check for NULL resolve the issue here or would it have a cascade effect?
{noformat}
static int sync_task(void *data)
{
struct sync_task_data *std = data;
int ret;
std->fail = std->task(std->task_data);
/*
* Once we unlock std->lock after signaling, we cannot access
* std again. The thread waiting within
* ast_sip_push_task_synchronous() is free to continue and
* release its local variable (std).
*/
ast_mutex_lock(&std->lock);
std->complete = 1;
ast_cond_signal(&std->cond);
ret = std->fail; <------ *** Segfault Here ***
ast_mutex_unlock(&std->lock);
return ret;
}
{noformat}
I have a feeling that this happens when an endpoint has been removed from the realtime database and a task is then run for the endpoint.)
> Segfault in pj_timer_heap_poll
> ------------------------------
>
> Key: ASTERISK-27230
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-27230
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Channels/chan_pjsip
> Affects Versions: GIT
> Environment: Fedora 23
> Reporter: Ross Beer
> Assignee: George Joseph
> Attachments: core-asterisk-103311-Asterisk7-1504005395-thread1.txt, core-asterisk-158440-Asterisk5-1504033325-thread1.txt, core-asterisk-172816-Asterisk7-1507310948-thread1.txt, core-asterisk-40920-Asterisk7-1507023780-thread1.txt, core-asterisk-5713-1507134548-thread1.txt
>
>
> There is a segfault on multiple instances in pj_timer_heap_poll. Please see attached back traces.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list