[asterisk-bugs] [JIRA] (ASTERISK-30418) Crash in ConfBridge
Asterisk Team (JIRA)
noreply at issues.asterisk.org
Wed Feb 8 11:25:03 CST 2023
[ https://issues.asterisk.org/jira/browse/ASTERISK-30418?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Asterisk Team updated ASTERISK-30418:
-------------------------------------
Status: Waiting for Feedback (was: Waiting for Feedback)
> Crash in ConfBridge
> --------------------
>
> Key: ASTERISK-30418
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-30418
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Applications/app_confbridge
> Affects Versions: 18.16.0
> Environment: Server has a 6 core Intel CPU with 16 gigs of RAM.
> The OS is OpenSuSE 15.3 and is running Vicidial
> Reporter: Michael Cargile
> Assignee: Asterisk Team
> Severity: Major
>
> My dev system keeps crashing while running Asterisk 18.16.0. I am in the process of validating our software with Asterisk 18. This time it seems to have seg faulted in the ConfBridge code. It crashed previously with a double free, but sadly I had forgotten to compile with DONT_OPTIMIZE so the dump was useless. Here is the back trace for the Seg Fault:
> {quote}
> Core was generated by `/usr/sbin/asterisk -vvvvvvvvvvvvvvvvvvvvvgcT'.
> Program terminated with signal SIGSEGV, Segmentation fault.
> #0 0x00007f75374455ae in _int_malloc () from /lib64/libc.so.6
> [Current thread is 1 (Thread 0x7f738acce700 (LWP 11401))]
> (gdb) bt
> #0 0x00007f75374455ae in _int_malloc () from /lib64/libc.so.6
> #1 0x00007f7537447d72 in calloc () from /lib64/libc.so.6
> #2 0x0000000000468d7e in __ast_repl_calloc (nmemb=1, size=530, file=0x6a8674 "translate.c", lineno=465, func=0x6a9190 <__PRETTY_FUNCTION__.17450> "ast_trans_frameout") at astmm.c:1537
> #3 0x0000000000468fa5 in __ast_calloc (nmemb=1, size=530, file=0x6a8674 "translate.c", lineno=465, func=0x6a9190 <__PRETTY_FUNCTION__.17450> "ast_trans_frameout") at astmm.c:1607
> #4 0x000000000050e3b0 in __ast_frdup (f=0x7f73a40a63b8, file=0x6a8674 "translate.c", line=465, func=0x6a9190 <__PRETTY_FUNCTION__.17450> "ast_trans_frameout") at frame.c:346
> #5 0x000000000050dd90 in __ast_frisolate (fr=0x7f73a40a63b8, file=0x6a8674 "translate.c", line=465, func=0x6a9190 <__PRETTY_FUNCTION__.17450> "ast_trans_frameout") at frame.c:206
> #6 0x00000000005d9c92 in ast_trans_frameout (pvt=0x7f73a40a63b0, datalen=0, samples=0) at translate.c:465
> #7 0x00000000005d9cb6 in default_frameout (pvt=0x7f73a40a63b0) at translate.c:470
> #8 0x00000000005da414 in ast_translate (path=0x7f73a40a63b0, f=0x7f73a403bb00, consume=0) at translate.c:624
> #9 0x00000000004ff681 in ast_writestream (fs=0x7f73a408b080, f=0x7f73a403bb00) at file.c:287
> #10 0x00000000004b2343 in ast_write_stream (chan=0x7f74f801f010, stream_num=0, fr=0x7f749001df40) at channel.c:5480
> #11 0x0000000000496ada in bridge_channel_handle_write (bridge_channel=0x7f73a4095590) at bridge_channel.c:2469
> #12 0x000000000049732d in bridge_channel_wait (bridge_channel=0x7f73a4095590) at bridge_channel.c:2782
> #13 0x0000000000497c83 in bridge_channel_internal_join (bridge_channel=0x7f73a4095590) at bridge_channel.c:2947
> #14 0x000000000047b862 in ast_bridge_join (bridge=0x7f740002b560, chan=0x7f74f801f010, swap=0x0, features=0x7f738acca7d0, tech_args=0x7f738acca7f8, flags=0) at bridge.c:1679
> #15 0x00007f74d9189bc1 in confbridge_exec (chan=0x7f74f801f010, data=0x7f738acca9b0 "9600074,vici_agent_bridge,vici_customer_user") at app_confbridge.c:2887
> #16 0x00000000005545ed in pbx_exec (c=0x7f74f801f010, app=0x21086f0, data=0x7f738acca9b0 "9600074,vici_agent_bridge,vici_customer_user") at pbx_app.c:492
> #17 0x000000000054006d in pbx_extension_helper (c=0x7f74f801f010, con=0x0, context=0x7f74f801f9d0 "default", exten=0x7f74f801fa20 "9600074", priority=3, label=0x0, callerid=0x7f74f801c600 "9999024847", action=E_SPAWN, found=0x7f738accdc4c, combined_find_spawn=1)
> at pbx.c:2948
> #18 0x0000000000543e7e in ast_spawn_extension (c=0x7f74f801f010, context=0x7f74f801f9d0 "default", exten=0x7f74f801fa20 "9600074", priority=3, callerid=0x7f74f801c600 "9999024847", found=0x7f738accdc4c, combined_find_spawn=1) at pbx.c:4203
> #19 0x0000000000544b34 in __ast_pbx_run (c=0x7f74f801f010, args=0x0) at pbx.c:4377
> #20 0x0000000000546499 in ast_pbx_run_args (c=0x7f74f801f010, args=0x0) at pbx.c:4749
> #21 0x00000000005464c3 in ast_pbx_run (c=0x7f74f801f010) at pbx.c:4758
> #22 0x0000000000486fca in ast_bridge_run_after_goto (chan=0x7f74f801f010) at bridge_after.c:530
> #23 0x000000000047bc80 in bridge_channel_ind_thread (data=0x7f74f803c210) at bridge.c:1773
> #24 0x00000000005e1708 in dummy_start (data=0x7f74f804f1b0) at utils.c:1574
> #25 0x00007f753830594a in start_thread () from /lib64/libpthread.so.0
> #26 0x00007f75374bdd0f in clone () from /lib64/libc.so.6
> (gdb) bt full
> #0 0x00007f75374455ae in _int_malloc () from /lib64/libc.so.6
> No symbol table info available.
> #1 0x00007f7537447d72 in calloc () from /lib64/libc.so.6
> No symbol table info available.
> #2 0x0000000000468d7e in __ast_repl_calloc (nmemb=1, size=530, file=0x6a8674 "translate.c", lineno=465, func=0x6a9190 <__PRETTY_FUNCTION__.17450> "ast_trans_frameout") at astmm.c:1537
> No locals.
> #3 0x0000000000468fa5 in __ast_calloc (nmemb=1, size=530, file=0x6a8674 "translate.c", lineno=465, func=0x6a9190 <__PRETTY_FUNCTION__.17450> "ast_trans_frameout") at astmm.c:1607
> p = 0x7f73a40746a0
> __FUNCTION__ = "__ast_calloc"
> #4 0x000000000050e3b0 in __ast_frdup (f=0x7f73a40a63b8, file=0x6a8674 "translate.c", line=465, func=0x6a9190 <__PRETTY_FUNCTION__.17450> "ast_trans_frameout") at frame.c:346
> out = 0x0
> len = 530
> srclen = 9
> buf = 0x0
> frames = 0x7f73a40746a0
> __PRETTY_FUNCTION__ = "__ast_frdup"
> #5 0x000000000050dd90 in __ast_frisolate (fr=0x7f73a40a63b8, file=0x6a8674 "translate.c", line=465, func=0x6a9190 <__PRETTY_FUNCTION__.17450> "ast_trans_frameout") at frame.c:206
> out = 0x7f73a40a6618
> newdata = 0x7f73a403bb00
> __PRETTY_FUNCTION__ = "__ast_frisolate"
> #6 0x00000000005d9c92 in ast_trans_frameout (pvt=0x7f73a40a63b0, datalen=0, samples=0) at translate.c:465
> f = 0x7f73a40a63b8
> __PRETTY_FUNCTION__ = "ast_trans_frameout"
> #7 0x00000000005d9cb6 in default_frameout (pvt=0x7f73a40a63b0) at translate.c:470
> No locals.
> #8 0x00000000005da414 in ast_translate (path=0x7f73a40a63b0, f=0x7f73a403bb00, consume=0) at translate.c:624
> current = 0x0
> p = 0x7f73a40a63b0
> out = 0x7f73a403bb00
> delivery = {tv_sec = 0, tv_usec = 0}
> has_timing_info = 0
> ts = 0
> len = 0
> seqno = 0
> __FUNCTION__ = "ast_translate"
> #9 0x00000000004ff681 in ast_writestream (fs=0x7f73a408b080, f=0x7f73a403bb00) at file.c:287
> trf = 0x0
> res = -1
> __FUNCTION__ = "ast_writestream"
> __PRETTY_FUNCTION__ = "ast_writestream"
> #10 0x00000000004b2343 in ast_write_stream (chan=0x7f74f801f010, stream_num=0, fr=0x7f749001df40) at channel.c:5480
> jump = -640
> cur = 0x7f73a403bb00
> stream = 0x7f749cd31df0
> default_stream = 0x7f749cd31df0
> res = -1
> f = 0x7f73a403bb00
> count = 0
> hooked = 0
> __PRETTY_FUNCTION__ = "ast_write_stream"
> __FUNCTION__ = "ast_write_stream"
> #11 0x0000000000496ada in bridge_channel_handle_write (bridge_channel=0x7f73a4095590) at bridge_channel.c:2469
> fr = 0x7f749001df40
> sync_payload = 0x7f74f801efd0
> num = 0
> msg = 0x7f73a4095578
> __PRETTY_FUNCTION__ = "bridge_channel_handle_write"
> __FUNCTION__ = "bridge_channel_handle_write"
> #12 0x000000000049732d in bridge_channel_wait (bridge_channel=0x7f73a4095590) at bridge_channel.c:2782
> ms = -1
> outfd = 400
> chan = 0x0
> __PRETTY_FUNCTION__ = "bridge_channel_wait"
> __FUNCTION__ = "bridge_channel_wait"
> #13 0x0000000000497c83 in bridge_channel_internal_join (bridge_channel=0x7f73a4095590) at bridge_channel.c:2947
> res = 0
> indicate_src_change = 0 '\000'
> channel_features = 0x0
> peer = 0x0
> swap = 0x0
> __FUNCTION__ = "bridge_channel_internal_join"
> __PRETTY_FUNCTION__ = "bridge_channel_internal_join"
> #14 0x000000000047b862 in ast_bridge_join (bridge=0x7f740002b560, chan=0x7f74f801f010, swap=0x0, features=0x7f738acca7d0, tech_args=0x7f738acca7f8, flags=0) at bridge.c:1679
> bridge_channel = 0x7f73a4095590
> res = 0
> __PRETTY_FUNCTION__ = "ast_bridge_join"
> --Type <RET> for more, q to quit, c to continue without paging--c
> #15 0x00007f74d9189bc1 in confbridge_exec (chan=0x7f74f801f010, data=0x7f738acca9b0 "9600074,vici_agent_bridge,vici_customer_user") at app_confbridge.c:2887
> res = 0
> volume_adjustments = {0, 0}
> quiet = 0
> async_delete_task_pushed = 0
> parse = 0x7f738acc72d0 "9600074"
> b_profile_name = 0x7f738acc72d8 "vici_agent_bridge"
> u_profile_name = 0x7f738acc72ea "vici_customer_user"
> menu_profile_name = 0x0
> conference = 0x7f740002a190
> user = {conference = 0x7f740002a190, b_profile = {name = "vici_agent_bridge", '\000' <repeats 110 times>, language = "en", '\000' <repeats 37 times>, rec_file = '\000' <repeats 4095 times>, rec_options = '\000' <repeats 127 times>, rec_command = '\000' <repeats 127 times>, flags = 304, max_members = 10, internal_sample_rate = 8000, maximum_sample_rate = 0, mix_interval = 20, sounds = 0x2106b80, regcontext = '\000' <repeats 79 times>, video_update_discard = 2000, remb_send_interval = 0, remb_estimated_bitrate = 0}, u_profile = {name = "vici_customer_user", '\000' <repeats 109 times>, pin = '\000' <repeats 79 times>, moh_class = '\000' <repeats 127 times>, announcement = '\000' <repeats 4095 times>, flags = 1585156, announce_user_count_all_after = 0, talking_threshold = 160, silence_threshold = 2500, timeout = 0}, menu_name = "default_menu", '\000' <repeats 115 times>, name_rec_location = '\000' <repeats 4095 times>, chan = 0x7f74f801f010, features = {dtmf_hooks = 0x7f73a40ac910, other_hooks = 0x7f73a40ac9a0, interval_hooks = 0x7f73a40ac9f0, feature_flags = {flags = 0}, interval_sequence = 0, usable = 0, mute = 0, dtmf_passthrough = 1, inhibit_colp = 0, text_messaging = 1}, tech_args = {talking_threshold = 160, silence_threshold = 2500, drop_silence = 1}, suspended_moh = 0, muted = 0, kicked = 0, playing_moh = 0, talking = 0, post_join_list = {first = 0x0, last = 0x0}, list = {next = 0x0}}
> join_hook_data = 0x7f73a4066130
> leave_hook_data = 0x7f73a404a630
> args = {argc = 3, {argv = {0x7f738acc72d0 "9600074", 0x7f738acc72d8 "vici_agent_bridge", 0x7f738acc72ea "vici_customer_user", 0x0}, {conf_name = 0x7f738acc72d0 "9600074", b_profile_name = 0x7f738acc72d8 "vici_agent_bridge", u_profile_name = 0x7f738acc72ea "vici_customer_user", menu_profile_name = 0x0}}}
> __FUNCTION__ = "confbridge_exec"
> __PRETTY_FUNCTION__ = "confbridge_exec"
> #16 0x00000000005545ed in pbx_exec (c=0x7f74f801f010, app=0x21086f0, data=0x7f738acca9b0 "9600074,vici_agent_bridge,vici_customer_user") at pbx_app.c:492
> res = 0
> u = 0x7f73a404e5c0
> saved_c_appl = 0x7f74e9cb60c0 "AppDial"
> saved_c_data = 0x7f74e9cb60c8 "(Outgoing Line)"
> __PRETTY_FUNCTION__ = "pbx_exec"
> #17 0x000000000054006d in pbx_extension_helper (c=0x7f74f801f010, con=0x0, context=0x7f74f801f9d0 "default", exten=0x7f74f801fa20 "9600074", priority=3, label=0x0, callerid=0x7f74f801c600 "9999024847", action=E_SPAWN, found=0x7f738accdc4c, combined_find_spawn=1) at pbx.c:2948
> e = 0x21db870
> app = 0x21086f0
> substitute = 0x7f738acca920 "${EXTEN},vici_agent_bridge,vici_customer_user"
> q = {incstack = {0x0 <repeats 512 times>}, stacklen = 0, status = 5, swo = 0x0, data = 0x0, foundcontext = 0x7f74f801f9d0 "default"}
> passdata = "9600074,vici_agent_bridge,vici_customer_user\000----NODEBUG-----16-----ANSWER-----7-----0-----SIP 200 OK)\000\000\020)\006\340s\177\000\000\000\000\000\000\000\000\000\000P\037\006\340s\177\000\000PJSIP/9999022682 at dial41,,tTo", '\000' <repeats 3404 times>...
> matching_action = 0
> __FUNCTION__ = "pbx_extension_helper"
> #18 0x0000000000543e7e in ast_spawn_extension (c=0x7f74f801f010, context=0x7f74f801f9d0 "default", exten=0x7f74f801fa20 "9600074", priority=3, callerid=0x7f74f801c600 "9999024847", found=0x7f738accdc4c, combined_find_spawn=1) at pbx.c:4203
> No locals.
> #19 0x0000000000544b34 in __ast_pbx_run (c=0x7f74f801f010, args=0x0) at pbx.c:4377
> digit = 0
> invalid = 0
> timeout = 0
> dst_exten = "\000\373f\000\000\000\000\000\320?g\000\000\000\000\000\260\333̊h\004\000\000\353\366f\000\000\000\000\000\320?g\000\000\000\000\000\353\366f\000\000\000\000\000\260\333̊s\177\000\000\374\230F\000\000\000\000\000\260\333̊\000\000\000\000\240\373f\000\000\000\000\000\031Gf\000h\004\000\000\320?g\000\000\000\000\000\353\366f\000\000\000\000\000\020\360\001\370t\177\000\000\240F\a\244s\177\000\000\320\357\001\370t\177\000\000\000\000\000\000\001\000\000\000\240!\001\370t\177\000\000\260\333̊s\177\000\000\370\357\001\370t\177\000\000KyL\000\000\000\000\000\370\357\001\370t\177\000\000p\334̊s\177\000\000\345RJ", '\000' <repeats 13 times>, "\271)R\000\000\000\000\000"...
> pos = 0
> found = 1
> res = 0
> autoloopflag = 0
> error = 0
> pbx = 0x7f73a405a2b0
> callid = 12830
> __FUNCTION__ = "__ast_pbx_run"
> __PRETTY_FUNCTION__ = "__ast_pbx_run"
> #20 0x0000000000546499 in ast_pbx_run_args (c=0x7f74f801f010, args=0x0) at pbx.c:4749
> res = AST_PBX_SUCCESS
> __FUNCTION__ = "ast_pbx_run_args"
> #21 0x00000000005464c3 in ast_pbx_run (c=0x7f74f801f010) at pbx.c:4758
> No locals.
> #22 0x0000000000486fca in ast_bridge_run_after_goto (chan=0x7f74f801f010) at bridge_after.c:530
> goto_failed = 0
> #23 0x000000000047bc80 in bridge_channel_ind_thread (data=0x7f74f803c210) at bridge.c:1773
> bridge_channel = 0x7f74f803c210
> chan = 0x7f74f801f010
> __PRETTY_FUNCTION__ = "bridge_channel_ind_thread"
> #24 0x00000000005e1708 in dummy_start (data=0x7f74f804f1b0) at utils.c:1574
> __cancel_buf = {__cancel_jmp_buf = {{__cancel_jmp_buf = {0, -2404430039997251268, 140134343594126, 140134343594127, 140134343594416, 17, -2404430039972085444, 2325733980844425532}, __mask_was_saved = 0}}, __pad = {0x7f738accded0, 0x0, 0xc59f9f7b26d69800, 0x7f7538518480 <__pthread_keys+1024>}}
> __cancel_routine = 0x45f066 <ast_unregister_thread>
> __cancel_arg = 0x7f738acce700
> __not_first_call = 0
> ret = 0x11
> a = {start_routine = 0x47baf0 <bridge_channel_ind_thread>, data = 0x7f74f803c210, name = 0x7f74f8025900 "bridge_channel_ind_thread started at [ 1846] bridge.c bridge_impart_internal()"}
> __PRETTY_FUNCTION__ = "dummy_start"
> #25 0x00007f753830594a in start_thread () from /lib64/libpthread.so.0
> No symbol table info available.
> #26 0x00007f75374bdd0f in clone () from /lib64/libc.so.6
> No symbol table info available.
> {quote}
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list