[asterisk-dev] Asterisk 13.17.1 Crash on ConfBridge - NetGen ATA

Tue Dec 19 13:55:46 CST 2017

On Tue, Dec 19, 2017 at 1:45 PM, Bryant Zimmerman <BryantZ at zktech.com>
wrote:

> We are having an issue with asterisk 13.17.1 dumping when a call from a
> NetGen Smart ATA drops into a confbridge
> The call props up and then things just go wrong. I have talked with the
> support guys at NetGen and they have requested I work start with the
> asterisk dev group so we can figure out what is causing this issue and why
> asterisk is dumping. They are willing to fix anything from their end but we
> have not been able to figure out what in their rtp stream is triggering
> this.  Their ATA's seem to work out side of the confbridge without issues
> so far. Any ideas are appreciated. The asterisk dump is by far my biggest
> concern.
>
> Below is the first part of the dump Backtrack. I have attached a copy of
> the complete Backtrack. I need to know what more would be needed to get to
> the bottom of this issue. As it stands now the NetGen Smart ATA will cause
> asterisk 13 to crash if placed into a confbridge.  http://www.
> netgencommunications.com/
> The support guy said we could contact them at
> support at netgencommunications.com
>
>    -- Executing [s at Core_ConfBridge_Basic:11] ConfBridge("PJSIP/6162480909.351-00000000",
> "6162480909.~Promo~GA1,,,sample_user_menu") in new stack
>        > 0x7f3ff800b4c0 -- Probation passed - setting RTP source address
> to 192.168.209.194:10020
>     -- Channel CBAnn/6162480909.~Promo~GA1-00000000;2 joined 'softmix'
> base-bridge <4a00cdad-91cb-4924-8abe-8dc9cad08f10>
>     -- <PJSIP/6162480909.351-00000000> Playing 'conf-onlyperson.ulaw'
> (language 'en')
> UBNTU-ROSSI-GUEST*CLI> *** Error in `/usr/sbin/asterisk': malloc(): memory
> corruption: 0x00007f3fac00c220 ***
> ======= Backtrace: =========
> /lib/x86_64-linux-gnu/libc.so.6(+0x777e5)[0x7f402147b7e5]
> /lib/x86_64-linux-gnu/libc.so.6(+0x8213e)[0x7f402148613e]
> /lib/x86_64-linux-gnu/libc.so.6(__libc_malloc+0x54)[0x7f4021488184]
> /usr/sbin/asterisk(ast_json_malloc+0xa)[0x52a23a]
> /usr/lib/x86_64-linux-gnu/libjansson.so.4(json_object+0xb)[0x7f40227ab7bb]
> /usr/lib/x86_64-linux-gnu/libjansson.so.4(+0x6505)[0x7f40227aa505]
> /usr/lib/x86_64-linux-gnu/libjansson.so.4(json_vpack_ex+
> 0x99)[0x7f40227aaa09]
> /usr/sbin/asterisk(ast_json_vpack+0x34)[0x52b6a4]
> /usr/sbin/asterisk(ast_json_pack+0xa1)[0x52b7c1]
> /usr/lib/asterisk/modules/res_rtp_asterisk.so(+0x10df3)[0x7f3f90994df3]
> /usr/lib/asterisk/modules/res_rtp_asterisk.so(+0x11a99)[0x7f3f90995a99]
> /usr/lib/asterisk/modules/res_rtp_asterisk.so(+0x13bcb)[0x7f3f90997bcb]
> /usr/sbin/asterisk(ast_rtp_instance_read+0x36)[0x588076]
> /usr/lib/asterisk/modules/chan_pjsip.so(+0x8cd7)[0x7f3f7c57ccd7]
> /usr/sbin/asterisk[0x4bc042]
> /usr/sbin/asterisk[0x50f3f1]
> /usr/sbin/asterisk(ast_stream_and_wait+0x56)[0x511bbe]
> /usr/lib/asterisk/modules/app_confbridge.so(+0xb716)[0x7f3f915d7716]
> /usr/lib/asterisk/modules/app_confbridge.so(+0xd5f6)[0x7f3f915d95f6]
> /usr/sbin/asterisk(pbx_exec+0xbd)[0x579155]
> /usr/sbin/asterisk[0x56e0c3]
> /usr/sbin/asterisk(ast_spawn_extension+0x18)[0x56feb8]
> /usr/lib/asterisk/modules/app_macro.so(+0x2c02)[0x7f3f6f8a6c02]
> /usr/sbin/asterisk(pbx_exec+0xbd)[0x579155]
> /usr/sbin/asterisk[0x56e0c3]
> /usr/sbin/asterisk[0x5703d1]
> /usr/sbin/asterisk[0x57190b]
> /usr/sbin/asterisk[0x5e45fd]
> /lib/x86_64-linux-gnu/libpthread.so.0(+0x76ba)[0x7f4021f436ba]
> /lib/x86_64-linux-gnu/libc.so.6(clone+0x6d)[0x7f402150b3dd]
>

Your backtrace has no symbols.  However it looks like this security issue
https://issues.asterisk.org/jira/browse/ASTERISK-27429 dealing with RTCP
that was
just released on November 30 in v13.18.4.

Richard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20171219/325b3a04/attachment.html>