Crash Asterisk 18.2.2

Hello I have a situation in Asterisk.

One or two times for week the asterisk crash

Out of kernel:
asterisk[8219]: segfault at 270 ip 00007fb98cc4d587 sp 00007fb895211d48 error 6 in libasteriskpj.so.2

Backtrace core-thread1.txt
!@!@!@! thread1.txt !@!@!@!

$1 = {si_signo = 11, si_errno = 0, si_code = 1, _sifields = {_pad = {624, 0 <repeats 27 times>}, _kill = {si_pid = 624, si_uid = 0}, _timer = {si_tid = 624, si_overrun = 0, si_sigval = {sival_int = 0, sival_ptr = 0x0}}, _rt = {si_pid = 624, si_uid = 0, si_sigval = {sival_int = 0, sival_ptr = 0x0}}, _sigchld = {si_pid = 624, si_uid = 0, si_status = 0, si_utime = 0, si_stime = 0}, _sigfault = {si_addr = 0x270}, _sigpoll = {si_band = 624, si_fd = 0}}}
Signal Stop Print Pass to program Description
SIGSEGV Yes Yes Yes Segmentation fault

Thread 1 (Thread 0x7fb895212700 (LWP 8219)):
#0 0x00007fb98cc4d587 in pjsip_evsub_set_mod_data (sub=0x0, mod_id=30, data=0x0) at …/src/pjsip-simple/evsub.c:368
No locals.
#1 0x00007fb8eafaf97f in refer_progress_notify (data=0x7fb8c8050a10) at res_pjsip_refer.c:132
sub = 0x7fb93c38ba78
tdata = 0x45d0ec <__ao2_lock+204>
PRETTY_FUNCTION = “refer_progress_notify”
#2 0x000000000059936e in ast_taskprocessor_execute (tps=tps@entry=0x7fb93c2e32c0) at taskprocessor.c:1237
local = {local_data = 0x7fb98430f3f0, data = 0x7fb93c2e32c0}
t = 0x7fb8c803b950
PRETTY_FUNCTION = “ast_taskprocessor_execute”
#3 0x000000000059ffb0 in execute_tasks (data=0x7fb93c2e32c0) at threadpool.c:1354
tps = 0x7fb93c2e32c0
#4 0x000000000059936e in ast_taskprocessor_execute (tps=0x31d3870) at taskprocessor.c:1237
local = {local_data = 0x7fb98430f3f0, data = 0x31d2190}
t = 0x7fb8c803b9b0
PRETTY_FUNCTION = “ast_taskprocessor_execute”
#5 0x00000000005a0b60 in threadpool_execute (pool=) at threadpool.c:367
No locals.
#6 worker_active (worker=) at threadpool.c:1137
No locals.
#7 worker_start (arg=0x7fb8b4020060) at threadpool.c:1056
PRETTY_FUNCTION = “worker_start”
#8 0x00000000005a8009 in dummy_start (data=) at utils.c:1299
__cancel_buf = {__cancel_jmp_buf = {{__cancel_jmp_buf = {140431270676000, -7408128810574701169, 140432181550126, 140432181550127, 140430752178176, 7, 7367924565589859727, -7408128177181713009}, __mask_was_saved = 0}}, __pad = {0x7fb895211ef0, 0x0, 0x7fb98a333542 <__libc_thread_freeres+34>, 0x7fb8ea53ab9f}}
__cancel_arg = 0x7fb895212700
__not_first_call =
ret =
a = {start_routine = 0x5a07b0 <worker_start>, data = 0x7fb8b4020060, name = 0x7fb8b4010620 “worker_start started at [ 1111] threadpool.c worker_thread_start()”}
PRETTY_FUNCTION = “dummy_start”
#9 0x00007fb98afee4a4 in start_thread (arg=0x7fb895212700) at pthread_create.c:456
__res =
pd = 0x7fb895212700
now =
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140430752687872, -7408128810574701169, 140432181550126, 140432181550127, 140430752178176, 7, 7367924565568888207, 7368487008932568463}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
not_first_call =
pagesize_m1 =
sp =
freesize =
PRETTY_FUNCTION = “start_thread”
#10 0x00007fb98a2d1d0f in clone () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.

This was reported as an issue[1] and will be fixed in 18.3.0 which is currently in release candidate status.

[1] [ASTERISK-29313] res_pjsip_refer: Segfault in progress notify - Digium/Asterisk JIRA

Good new, do you know when the next version is available ?

We just released the second set of release candidates today based on some feedback that was received. If no other issues are reported, then I’d expect within a week or so.