[asterisk-bugs] [JIRA] (ASTERISK-27707) Segfault after hanging up a queue call where Bridge() was used
lvl (JIRA)
noreply at issues.asterisk.org
Thu Mar 1 07:35:13 CST 2018
lvl created ASTERISK-27707:
------------------------------
Summary: Segfault after hanging up a queue call where Bridge() was used
Key: ASTERISK-27707
URL: https://issues.asterisk.org/jira/browse/ASTERISK-27707
Project: Asterisk
Issue Type: Bug
Security Level: None
Components: Applications/app_queue
Affects Versions: 15.2.1
Reporter: lvl
Steps to reproduce:
1. Call into a queue
2. Have the queue dial an agent
3. Use AMI Redirect() + Bridge() to transfer the agent's channel elsewhere
4. Hangup the call
Around 30% of the time, Asterisk segfaults on https://github.com/asterisk/asterisk/blob/15.2/apps/app_queue.c#L6364 because caller_snapshot is NULL.
{quote}
#0 0x00007f9dbcab5cb3 in handle_hangup (userdata=0x7f9dd4002078, sub=0x7f9dd4018378, msg=0x7f9dfc0302b8) at app_queue.c:6364
queue_data = 0x7f9dd4002078
channel_blob = 0x7f9dfc02f088
caller_snapshot = 0x0
member_snapshot = 0x7f9df4003760
chan = 0x0
reason = CALLER
(gdb) print *queue_data
$2 = {
__field_mgr_pool = 0x7f9dd4002140,
caller_uniqueid = 0x7f9dd4002162 "acme01-1519904274.78",
member_uniqueid = 0x7f9dd400217c "acme01-1519904274.79",
bridge_uniqueid = 0x7f9dd4002196 "b72d5911-db0a-413c-b4a8-0b9549f4ca8c",
{quote}
Apparently, the member channel is sometimes already cleared from the Stasis cache by the time we reach ast_queue_log.
I suggest to at least add an ast_assert and/or null check for caller_snapshot & member_snapshot.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list