Asterisk 13.22.0 Segmentation fault PJSIP TLS+SRTP about 60 endpoints

Hi, community!
We get Segmentation fault on freepbx distro after half year stable operation.
FreePBX 14.0.11
Asterisk 13.22.0
We use TLS+SRTP for all endpoints on PJSIP

/var/log/asterisk/full
[2019-07-16 10:24:45] ERROR[17503] astobj2.c: FRACK!, Failed assertion user_data is NULL (0)
[2019-07-16 10:24:45] VERBOSE[17503] logger.c: Got 26 backtrace records

/var/log/messages
Jul 16 10:24:45 freepbx kernel: asterisk[17503]: segfault at 30 ip 00000000005c80ef sp 00007f8701a1f7c0 error 4 in asterisk[400000+38d000]

I have files but can’t attach them with “create a new topic” form as a new user.
core-2019-07-16T10-24-46+0300-brief.txt
core-2019-07-16T10-24-46+0300-full.txt
core-2019-07-16T10-24-46+0300-locks.txt
core-2019-07-16T10-24-46+0300-thread1.txt

Please copy the backtrace from failing thread (the one executing assert) directly into the forum, marking it as preformatted text.

However, note that FreePBX binaries are not generally suitable for debugging, so there there may be little that can be done with it.

For crashes, create an issue at https://issues.asterisk.org
You can attach the backtrace files there.

Before doing that however, Asterisk 13.22 is a year old so upgrading to the latest stable release will be our first recommendation.

!@!@!@! thread1.txt !@!@!@!

$1 = {si_signo = 11, si_errno = 0, si_code = 1, _sifields = {_pad = {48, 0, 0, 0, 1990000080, -27418, -1268143895, -1, 0 <repeats 20 times>}, _kill = {si_pid = 48, si_uid = 0}, _timer = {si_tid = 48, si_overrun = 0, si_sigval = {sival_int = 0, sival_ptr = 0x0}}, _rt = {si_pid = 48, si_uid = 0, si_sigval = {sival_int = 0, sival_ptr = 0x0}}, _sigchld = {si_pid = 48, si_uid = 0, si_status = 0, si_utime = 8546985262637383680, si_stime = -5446636551352118042}, _sigfault = {si_addr = 0x30}, _sigpoll = {si_band = 48, si_fd = 0}}}
Signal        Stop	Print	Pass to program	Description
SIGSEGV       Yes	Yes	Yes		Segmentation fault

Thread 1 (Thread 0x7f8701a20700 (LWP 17503)):
#0  0x00000000005c80ef in topic_remove_subscription ()
No symbol table info available.
#1  0x00000000005c7afd in stasis_unsubscribe ()
No symbol table info available.
#2  0x00000000005c7d25 in stasis_unsubscribe_and_join ()
No symbol table info available.
#3  0x00007f86d0eb2e8d in unsubscribe_stasis () from /usr/lib64/asterisk/modules/res_pjsip_mwi.so
No symbol table info available.
#4  0x00007f86d0eb2f9a in endpoint_receives_unsolicited_mwi_for_mailbox () from /usr/lib64/asterisk/modules/res_pjsip_mwi.so
No symbol table info available.
#5  0x00007f86d0eb354b in create_mwi_subscriptions_for_endpoint () from /usr/lib64/asterisk/modules/res_pjsip_mwi.so
No symbol table info available.
#6  0x00007f86d0eb386c in mwi_contact_changed () from /usr/lib64/asterisk/modules/res_pjsip_mwi.so
No symbol table info available.
#7  0x00000000005c489d in sorcery_observer_notify_create ()
No symbol table info available.
#8  0x000000000045e5ce in internal_ao2_traverse ()
No symbol table info available.
#9  0x000000000045e8eb in __ao2_callback ()
No symbol table info available.
#10 0x00000000005c48e3 in sorcery_observers_notify_create ()
No symbol table info available.
#11 0x00000000005e4965 in ast_taskprocessor_execute ()
No symbol table info available.
#12 0x00000000005ee123 in execute_tasks ()
No symbol table info available.
#13 0x00000000005e4965 in ast_taskprocessor_execute ()
No symbol table info available.
#14 0x00000000005ec3fa in threadpool_execute ()
No symbol table info available.
#15 0x00000000005eda99 in worker_active ()
No symbol table info available.
#16 0x00000000005ed852 in worker_start ()
No symbol table info available.
#17 0x00000000005f9c08 in dummy_start ()
No symbol table info available.
#18 0x00007f877d4d9dd5 in start_thread () from /lib64/libpthread.so.0
No symbol table info available.
#19 0x00007f877c7b6ead in clone () from /lib64/libc.so.6
No symbol table info available.

Ask on the https://community.freepbx.org/ whether there is a detached symbol table available for your version of FreePBX.

If not, you will need to rebuild from source with appropriate options, and reproduce the fault.

Even with the symbol table, you are likely to get a lot of “optimised out” messages, which will make the bactrace of limited value.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.