New Crash asterisk 18.17.1 - PJSIP

learbia · July 26, 2023, 4:36pm

I have a new crash with PJSIP.

!@!@!@! thread1.txt !@!@!@!

$1 = {si_signo = 11, si_errno = 0, si_code = 128, _sifields = {_pad = {0 <repeats 28 times>}, _kill = {si_pid = 0, si_uid = 0}, _timer = {si_tid = 0, si_overrun = 0, si_sigval = {sival_int = 0, sival_ptr = 0x0}}, _rt = {si_pid = 0, si_uid = 0, si_sigval = {sival_int = 0, sival_ptr = 0x0}}, _sigchld = {si_pid = 0, si_uid = 0, si_status = 0, si_utime = 0, si_stime = 0}, _sigfault = {si_addr = 0x0, _addr_lsb = 0, _addr_bnd = {_lower = 0x0, _upper = 0x0}}, _sigpoll = {si_band = 0, si_fd = 0}}}
Signal Stop Print Pass to program Description
SIGSEGV Yes Yes Yes Segmentation fault

Thread 1 (Thread 0x7f388d5c7700 (LWP 7450)):
#0 0x0000560cff00139d in ao2_ref (user_data=user_data@entry=0x623d6761743b3e72, delta=delta@entry=1, tag=tag@entry=0x0, file=file@entry=0x7f3896a06012 “res_pjsip_session.c”, line=line@entry=3639, func=func@entry=0x7f3896a09ba0 <PRETTY_FUNCTION.37966> “ast_sip_dialog_get_session”) at astobj2.c:501
p__LINE = 0x623d6761743b3e5a
obj =
obj_mutex =
obj_rwlock =
obj_lockobj =
current_value =
ret =
privdataoptions =
weakproxy =
lock_state =
PRETTY_FUNCTION = “__ao2_ref”
#1 0x00007f3896a03f45 in ast_sip_dialog_get_session (dlg=dlg@entry=0x7f348c1113c8) at res_pjsip_session.c:3639
inv_session =
session = 0x623d6761743b3e72
PRETTY_FUNCTION = “ast_sip_dialog_get_session”
#2 0x00007f3896a046d2 in session_outgoing_nat_hook (tdata=0x7f354405b908, transport=0x7f372b578ce8) at res_pjsip_session.c:5486
transport_state = 0x7f372b579560
hook = 0x0
sdp_info =
sdp =
dlg = 0x7f348c1113c8
session =
stream =
FUNCTION = “session_outgoing_nat_hook”
PRETTY_FUNCTION = “session_outgoing_nat_hook”
#3 0x00007f3896a733b9 in nat_invoke_hook (obj=, arg=arg@entry=0x7f388d5c6aa0, flags=flags@entry=0) at res_pjsip_nat.c:300
hook =
details = 0x7f388d5c6aa0
#4 0x0000560cff003615 in internal_ao2_traverse (self=self@entry=0x7f379800fe68, flags=flags@entry=OBJ_SEARCH_NONE, cb_fn=cb_fn@entry=0x7f3896a733a0 <nat_invoke_hook>, arg=arg@entry=0x7f388d5c6aa0, data=data@entry=0x0, type=type@entry=AO2_CALLBACK_DEFAULT, tag=0x0, file=0x7f3896a75009 “res_pjsip_nat.c”, line=471, func=0x7f3896a754b8 <PRETTY_FUNCTION.29197> “process_nat”) at astobj2_container.c:328
match = 3
ret = 0x0
cb_default = 0x7f3896a733a0 <nat_invoke_hook>
cb_withdata = 0x0
node = 0x7f3798389898
traversal_state = 0x7f388d5c6900
orig_lock = AO2_LOCK_REQ_MUTEX
multi_container = 0x0
multi_iterator = 0x0
PRETTY_FUNCTION = “internal_ao2_traverse”
#5 0x0000560cff003b7c in __ao2_callback (c=c@entry=0x7f379800fe68, flags=flags@entry=OBJ_SEARCH_NONE, cb_fn=cb_fn@entry=0x7f3896a733a0 <nat_invoke_hook>, arg=arg@entry=0x7f388d5c6aa0, tag=tag@entry=0x0, file=file@entry=0x7f3896a75009 “res_pjsip_nat.c”, line=471, func=0x7f3896a754b8 <PRETTY_FUNCTION.29197> “process_nat”) at astobj2_container.c:414
#6 0x00007f3896a73b08 in process_nat (tdata=0x7f354405b908) at res_pjsip_nat.c:471
hook_details = {tdata = 0x7f354405b908, transport = 0x7f372b578ce8}
transport_states = 0x7f3798876270
transport = 0x7f372b578ce8
transport_state = 0x7f372b579560
details = {type = (unknown: 0), transport = 0x560cff5b4fe8, factory = 0x0, local_address = {ptr = 0x0, slen = 0}, local_port = 0}
via = 0x7f3544090ab0
addr = {ss = {ss_family = 2, __ss_padding = “023ıv1337”, ‘000’ <repeats 111 times>, __ss_align = 0}, len = 16}
uri =
hooks = 0x7f379800fe68
PRETTY_FUNCTION = “process_nat”
FUNCTION = “process_nat”
rc =
#7 0x00007f3896a73b08 in nat_on_tx_message (tdata=0x7f354405b908) at res_pjsip_nat.c:480
rc =
#8 0x00007f391a2dc026 in endpt_on_tx_msg (endpt=, tdata=0x7f354405b908) at …/src/pjsip/sip_endpoint.c:1116
status = 0
mod = 0x7f3896a77280 <nat_module>
#9 0x00007f391a2e3715 in pjsip_transport_send (tr=0x560cff5b4fe8, tdata=tdata@entry=0x7f354405b908, addr=addr@entry=0x7f354405baf8, addr_len=addr_len@entry=16, token=token@entry=0x7f3544065b70, cb=cb@entry=0x7f391a2ddda0 <stateless_send_transport_cb>) at …/src/pjsip/sip_transport.c:936
status =
#10 0x00007f391a2ddacf in stateless_send_transport_cb (token=token@entry=0x7f3544065b70, tdata=tdata@entry=0x7f354405b908, sent=, sent@entry=-70002) at …/src/pjsip/sip_util.c:1277
status =
cont = 1
cur_addr = 0x7f354405baf8
cur_addr_len = 16
via =
need_update_via = 1
#11 0x00007f391a2dde1a in stateless_send_transport_cb (sent=-70002, tdata=0x7f354405b908, token=0x7f3544065b70) at …/src/pjsip/sip_util.c:1378
stateless_data = 0x7f3544065b70
need_update_via = 1
stateless_data = 0x7f3544065b70
tdata = 0x7f354405b908
#12 0x00007f391a2dde1a in stateless_send_resolver_callback (status=, token=0x7f3544065b70, addr=) at …/src/pjsip/sip_util.c:1378
stateless_data = 0x7f3544065b70
tdata = 0x7f354405b908
#13 0x00007f3896b0b5d7 in sip_resolve_invoke_user_callback (data=0x7f354438dee8) at res_pjsip/pjsip_resolver.c:206
resolve = 0x7f354438dee8
FUNCTION = “sip_resolve_invoke_user_callback”
PRETTY_FUNCTION = “sip_resolve_invoke_user_callback”
#14 0x0000560cff13bfc7 in ast_taskprocessor_execute (tps=tps@entry=0x7f36b09ed0f0) at taskprocessor.c:1302
local = {local_data = 0x7f3860016eb8, data = 0x7f36b09ed0f0}
t = 0x7f3828009e90
size =
PRETTY_FUNCTION = “ast_taskprocessor_execute”
#15 0x0000560cff1425b0 in execute_tasks (data=0x7f36b09ed0f0) at threadpool.c:1352
tps = 0x7f36b09ed0f0
#16 0x0000560cff13bfc7 in ast_taskprocessor_execute (tps=0x560cff89ae60) at taskprocessor.c:1302
local = {local_data = 0x7f3860016e80, data = 0x7f3860016e80}
t = 0x7f3828000b50
size =
PRETTY_FUNCTION = “ast_taskprocessor_execute”
#17 0x0000560cff142f64 in threadpool_execute (pool=0x560cff899a60) at threadpool.c:367
PRETTY_FUNCTION = “threadpool_execute”
alive =
worker = 0x7f3860016e80
saved_state =
PRETTY_FUNCTION = “worker_start”
#18 0x0000560cff142f64 in worker_active (worker=0x7f3860016e80) at threadpool.c:1137
alive =
worker = 0x7f3860016e80
saved_state =
PRETTY_FUNCTION = “worker_start”
#19 0x0000560cff142f64 in worker_start (arg=arg@entry=0x7f3860016e80) at threadpool.c:1056
worker = 0x7f3860016e80
saved_state =
PRETTY_FUNCTION = “worker_start”
#20 0x0000560cff14ad5c in dummy_start (data=) at utils.c:1574
__cancel_buf = {__cancel_jmp_buf = {{__cancel_jmp_buf = {139880105578384, -4916207256594877894, 139881010990078, 139881010990079, 139880866543360, 139880373950336, 5023489633478439482, 1720341682639663674}, __mask_was_saved = 0}}, __pad = {0x7f388d5c6ed0, 0x0, 0x7f388d5c7700, 0x7f3870001780}}
__cancel_arg = 0x7f388d5c7700
__not_first_call =
ret =
a = {start_routine = 0x560cff142b70 <worker_start>, data = 0x7f3860016e80, name = }
PRETTY_FUNCTION = “dummy_start”
#21 0x00007f3919b1bfa3 in start_thread (arg=) at pthread_create.c:486
ret =
pd =
now =
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {139880866543360, -4916207256594877894, 139881010990078, 139881010990079, 139880866543360, 139880373950336, 5023489633505702458, 5022688891092922938}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
not_first_call =
#22 0x00007f39196f306f in clone () at …/sysdeps/unix/sysv/linux/x86_64/clone.S:95

jcolp · July 26, 2023, 4:42pm

The current version is 18.19.0, does it occur under that version?

david551 · July 26, 2023, 5:08pm

Please markup logs and configuration files as preformatted text:


!@!@!@! thread1.txt !@!@!@!

$1 = {si_signo = 11, si_errno = 0, si_code = 128, _sifields = {_pad = {0 <repeats 28 times>}, _kill = {si_pid = 0, si_uid = 0}, _timer = {si_tid = 0, si_overrun = 0, si_sigval = {sival_int = 0, sival_ptr = 0x0}}, _rt = {si_pid = 0, si_uid = 0, si_sigval = {sival_int = 0, sival_ptr = 0x0}}, _sigchld = {si_pid = 0, si_uid = 0, si_status = 0, si_utime = 0, si_stime = 0}, _sigfault = {si_addr = 0x0, _addr_lsb = 0, _addr_bnd = {_lower = 0x0, _upper = 0x0}}, _sigpoll = {si_band = 0, si_fd = 0}}}
Signal        Stop	Print	Pass to program	Description
SIGSEGV       Yes	Yes	Yes		Segmentation fault

Thread 1 (Thread 0x7f388d5c7700 (LWP 7450)):
#0  0x0000560cff00139d in __ao2_ref (user_data=user_data@entry=0x623d6761743b3e72, delta=delta@entry=1, tag=tag@entry=0x0, file=file@entry=0x7f3896a06012 "res_pjsip_session.c", line=line@entry=3639, func=func@entry=0x7f3896a09ba0 <__PRETTY_FUNCTION__.37966> "ast_sip_dialog_get_session") at astobj2.c:501
        p__LINE__ = 0x623d6761743b3e5a
        obj = <optimized out>
        obj_mutex = <optimized out>
        obj_rwlock = <optimized out>
        obj_lockobj = <optimized out>
        current_value = <optimized out>
        ret = <optimized out>
        privdataoptions = <optimized out>
        weakproxy = <optimized out>
        lock_state = <optimized out>
        __PRETTY_FUNCTION__ = "__ao2_ref"
#1  0x00007f3896a03f45 in ast_sip_dialog_get_session (dlg=dlg@entry=0x7f348c1113c8) at res_pjsip_session.c:3639
        inv_session = <optimized out>
        session = 0x623d6761743b3e72
        __PRETTY_FUNCTION__ = "ast_sip_dialog_get_session"
#2  0x00007f3896a046d2 in session_outgoing_nat_hook (tdata=0x7f354405b908, transport=0x7f372b578ce8) at res_pjsip_session.c:5486
        transport_state = 0x7f372b579560
        hook = 0x0
        sdp_info = <optimized out>
        sdp = <optimized out>
        dlg = 0x7f348c1113c8
        session = <optimized out>
        stream = <optimized out>
        __FUNCTION__ = "session_outgoing_nat_hook"
        __PRETTY_FUNCTION__ = "session_outgoing_nat_hook"
#3  0x00007f3896a733b9 in nat_invoke_hook (obj=<optimized out>, arg=arg@entry=0x7f388d5c6aa0, flags=flags@entry=0) at res_pjsip_nat.c:300
        hook = <optimized out>
        details = 0x7f388d5c6aa0
#4  0x0000560cff003615 in internal_ao2_traverse (self=self@entry=0x7f379800fe68, flags=flags@entry=OBJ_SEARCH_NONE, cb_fn=cb_fn@entry=0x7f3896a733a0 <nat_invoke_hook>, arg=arg@entry=0x7f388d5c6aa0, data=data@entry=0x0, type=type@entry=AO2_CALLBACK_DEFAULT, tag=0x0, file=0x7f3896a75009 "res_pjsip_nat.c", line=471, func=0x7f3896a754b8 <__PRETTY_FUNCTION__.29197> "process_nat") at astobj2_container.c:328
        match = 3
        ret = 0x0
        cb_default = 0x7f3896a733a0 <nat_invoke_hook>
        cb_withdata = 0x0
        node = 0x7f3798389898
        traversal_state = 0x7f388d5c6900
        orig_lock = AO2_LOCK_REQ_MUTEX
        multi_container = 0x0
        multi_iterator = 0x0
        __PRETTY_FUNCTION__ = "internal_ao2_traverse"
#5  0x0000560cff003b7c in __ao2_callback (c=c@entry=0x7f379800fe68, flags=flags@entry=OBJ_SEARCH_NONE, cb_fn=cb_fn@entry=0x7f3896a733a0 <nat_invoke_hook>, arg=arg@entry=0x7f388d5c6aa0, tag=tag@entry=0x0, file=file@entry=0x7f3896a75009 "res_pjsip_nat.c", line=471, func=0x7f3896a754b8 <__PRETTY_FUNCTION__.29197> "process_nat") at astobj2_container.c:414
#6  0x00007f3896a73b08 in process_nat (tdata=0x7f354405b908) at res_pjsip_nat.c:471
        hook_details = {tdata = 0x7f354405b908, transport = 0x7f372b578ce8}
        transport_states = 0x7f3798876270
        transport = 0x7f372b578ce8
        transport_state = 0x7f372b579560
        details = {type = (unknown: 0), transport = 0x560cff5b4fe8, factory = 0x0, local_address = {ptr = 0x0, slen = 0}, local_port = 0}
        via = 0x7f3544090ab0
        addr = {ss = {ss_family = 2, __ss_padding = "023ıv1337", '000' <repeats 111 times>, __ss_align = 0}, len = 16}
        uri = <optimized out>
        hooks = 0x7f379800fe68
        __PRETTY_FUNCTION__ = "process_nat"
        __FUNCTION__ = "process_nat"
        rc = <optimized out>
#7  0x00007f3896a73b08 in nat_on_tx_message (tdata=0x7f354405b908) at res_pjsip_nat.c:480
        rc = <optimized out>
#8  0x00007f391a2dc026 in endpt_on_tx_msg (endpt=<optimized out>, tdata=0x7f354405b908) at ../src/pjsip/sip_endpoint.c:1116
        status = 0
        mod = 0x7f3896a77280 <nat_module>
#9  0x00007f391a2e3715 in pjsip_transport_send (tr=0x560cff5b4fe8, tdata=tdata@entry=0x7f354405b908, addr=addr@entry=0x7f354405baf8, addr_len=addr_len@entry=16, token=token@entry=0x7f3544065b70, cb=cb@entry=0x7f391a2ddda0 <stateless_send_transport_cb>) at ../src/pjsip/sip_transport.c:936
        status = <optimized out>
#10 0x00007f391a2ddacf in stateless_send_transport_cb (token=token@entry=0x7f3544065b70, tdata=tdata@entry=0x7f354405b908, sent=<optimized out>, sent@entry=-70002) at ../src/pjsip/sip_util.c:1277
        status = <optimized out>
        cont = 1
        cur_addr = 0x7f354405baf8
        cur_addr_len = 16
        via = <optimized out>
        need_update_via = 1
#11 0x00007f391a2dde1a in stateless_send_transport_cb (sent=-70002, tdata=0x7f354405b908, token=0x7f3544065b70) at ../src/pjsip/sip_util.c:1378
        stateless_data = 0x7f3544065b70
        need_update_via = 1
        stateless_data = 0x7f3544065b70
        tdata = 0x7f354405b908
#12 0x00007f391a2dde1a in stateless_send_resolver_callback (status=<optimized out>, token=0x7f3544065b70, addr=<optimized out>) at ../src/pjsip/sip_util.c:1378
        stateless_data = 0x7f3544065b70
        tdata = 0x7f354405b908
#13 0x00007f3896b0b5d7 in sip_resolve_invoke_user_callback (data=0x7f354438dee8) at res_pjsip/pjsip_resolver.c:206
        resolve = 0x7f354438dee8
        __FUNCTION__ = "sip_resolve_invoke_user_callback"
        __PRETTY_FUNCTION__ = "sip_resolve_invoke_user_callback"
#14 0x0000560cff13bfc7 in ast_taskprocessor_execute (tps=tps@entry=0x7f36b09ed0f0) at taskprocessor.c:1302
        local = {local_data = 0x7f3860016eb8, data = 0x7f36b09ed0f0}
        t = 0x7f3828009e90
        size = <optimized out>
        __PRETTY_FUNCTION__ = "ast_taskprocessor_execute"
#15 0x0000560cff1425b0 in execute_tasks (data=0x7f36b09ed0f0) at threadpool.c:1352
        tps = 0x7f36b09ed0f0
#16 0x0000560cff13bfc7 in ast_taskprocessor_execute (tps=0x560cff89ae60) at taskprocessor.c:1302
        local = {local_data = 0x7f3860016e80, data = 0x7f3860016e80}
        t = 0x7f3828000b50
        size = <optimized out>
        __PRETTY_FUNCTION__ = "ast_taskprocessor_execute"
#17 0x0000560cff142f64 in threadpool_execute (pool=0x560cff899a60) at threadpool.c:367
        __PRETTY_FUNCTION__ = "threadpool_execute"
        alive = <optimized out>
        worker = 0x7f3860016e80
        saved_state = <optimized out>
        __PRETTY_FUNCTION__ = "worker_start"
#18 0x0000560cff142f64 in worker_active (worker=0x7f3860016e80) at threadpool.c:1137
        alive = <optimized out>
        worker = 0x7f3860016e80
        saved_state = <optimized out>
        __PRETTY_FUNCTION__ = "worker_start"
#19 0x0000560cff142f64 in worker_start (arg=arg@entry=0x7f3860016e80) at threadpool.c:1056
        worker = 0x7f3860016e80
        saved_state = <optimized out>
        __PRETTY_FUNCTION__ = "worker_start"
#20 0x0000560cff14ad5c in dummy_start (data=<optimized out>) at utils.c:1574
        __cancel_buf = {__cancel_jmp_buf = {{__cancel_jmp_buf = {139880105578384, -4916207256594877894, 139881010990078, 139881010990079, 139880866543360, 139880373950336, 5023489633478439482, 1720341682639663674}, __mask_was_saved = 0}}, __pad = {0x7f388d5c6ed0, 0x0, 0x7f388d5c7700, 0x7f3870001780}}
        __cancel_arg = 0x7f388d5c7700
        __not_first_call = <optimized out>
        ret = <optimized out>
        a = {start_routine = 0x560cff142b70 <worker_start>, data = 0x7f3860016e80, name = <optimized out>}
        __PRETTY_FUNCTION__ = "dummy_start"
#21 0x00007f3919b1bfa3 in start_thread (arg=<optimized out>) at pthread_create.c:486
        ret = <optimized out>
        pd = <optimized out>
        now = <optimized out>
        unwind_buf = {cancel_jmp_buf = {{jmp_buf = {139880866543360, -4916207256594877894, 139881010990078, 139881010990079, 139880866543360, 139880373950336, 5023489633505702458, 5022688891092922938}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
        not_first_call = <optimized out>
#22 0x00007f39196f306f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Also optimised builds are almost impossible to debug, and this sort of error can be the result of memory corruption elsewhere in the code, so one really needs to know what else was going on, so need very verbose logs.

learbia · July 26, 2023, 10:19pm

I will try with 18.19.0

system · August 25, 2023, 10:20pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Crash asterisk 18.17.1 Asterisk SIP	3	144	May 11, 2023
Asterisk SIGSEGV Segmentation fault on pjsip 18.20.x and 20.6.0 Asterisk SIP	3	155	April 7, 2024
CRASH asterisk 18.9.0 Asterisk Support	6	401	March 5, 2022
Crash Asterisk 18.20.2 Asterisk SIP	3	173	January 20, 2024
Crash Asterisk 18.2.2 Asterisk SIP	4	399	April 21, 2021

New Crash asterisk 18.17.1 - PJSIP

Related topics