[Home]

Summary:ASTERISK-14670: Remote crash on Asterisk 1.6.1.4
Reporter:Julien Mangeard (flop)Labels:
Date Opened:2009-08-17 17:24:51Date Closed:2010-07-21 11:20:22
Priority:CriticalRegression?No
Status:Closed/CompleteComponents:Channels/chan_sip/General
Versions:Frequency of
Occurrence
Related
Issues:
Environment:Attachments:( 0) backtrace.txt
Description:I'm running stress test of my new asterisk enviroment with SIPP from a remote server.
Asterisk crashes (segfault) beetween 200 and 300 simultaneous calls generated by the remote SIPP.


****** ADDITIONAL INFORMATION ******

Similar issue : ASTERISK-1522406
Reproduce on:
 - Dell R300 - RAM 16Go - Intel quad core 2.3 GHtz
 - Debian/Lenny
 - asterisk 1.6.1.1 and asterisk 1.6.1.4
Not reproduce on: (works fine)
 - Dell R300
 - Debian/Lenny
 - asterisk 1.4.26.1

SIPP command : ./sipp  -l 300 -d 30000  -s 42 -i <sipp_server_ip> -p 5061 -sn uac <asterisk_server_ip>

Asterisk configuration :
=== sip.conf ===
[voice-voice1]
       type=peer
       host=sipp_server_ip
       port=5061
       canreinvite=no
       context=from-test
=== extensions.conf ===
[from-test]
       exten => _X.,1,Answer()
       exten => _X.,n,Playback(demo-congrats)
       exten => _X.,n,Playback(demo-congrats)
       exten => _X.,n,Playback(demo-congrats)

In /var/log/messages :
kernel: [368270.827460] asterisk[1947]: segfault at 118 ip 00007ffc66971592 sp 0000000044d12190 error 4 in res_timing_pthread.so[7ffc6696f000+5000]

With higth debug and verbose level, no particular information can be read on Asterisk console.

I've followed the instructions in the backtrace.txt but no core has been generated...

If you need, I can give you a remote access.
Comments:By: Tilghman Lesher (tilghman) 2009-08-17 22:52:00

Does the crash occur, if you load dahdi_dummy, from the DAHDI package, and run with that corresponding timer?

By: Julien Mangeard (flop) 2009-08-18 13:04:10

It's work. I have no segmentation fault in these configuration.

By: Julien Mangeard (flop) 2009-08-22 11:23:36

In fact, I have the same issue... With a core file these time.
You can find a backtrace in attachment.

SIPP Line :
./sipp  -l 500 -d 60000  -s 1001 -i 10.64.33.11 -p 5061 -sn uac 10.64.33.25

dahdi_dummy is loaded :
ivr-media1:/tmp# lsmod            
Module                  Size  Used by
dahdi_dummy             3856  0
dahdi                 195456  1 dahdi_dummy
crc_ccitt               2336  1 dahdi


One time, this output has been written on my terminal :

mpg123: no process killed
*** glibc detected *** /usr/sbin/asterisk: free(): invalid pointer: 0x00000000028a0710 ***
======= Backtrace: =========
/lib/libc.so.6[0x7feb447d1948]
/lib/libc.so.6(cfree+0x76)[0x7feb447d3a56]
/usr/sbin/asterisk(el_end+0x1fd)[0x543d1f]
/usr/sbin/asterisk[0x43a5d3]
/usr/sbin/asterisk[0x43aef9]
/usr/sbin/asterisk[0x43af2a]
/usr/sbin/asterisk(ast_cli_command+0x1aa)[0x47015e]
/usr/sbin/asterisk(ast_cli_command_multiple+0x7a)[0x4703ba]
/usr/sbin/asterisk[0x43930f]
/usr/sbin/asterisk[0x53fbc7]
/lib/libpthread.so.0[0x7feb44344fc7]
/lib/libc.so.6(clone+0x6d)[0x7feb4482d5ad]
======= Memory map: ========
00400000-005c8000 r-xp 00000000 fe:01 1231510                            /usr/sbin/asterisk
007c8000-00803000 rw-p 001c8000 fe:01 1231510                            /usr/sbin/asterisk
00803000-0082a000 rw-p 00000000 00:00 0
0238c000-034d4000 rw-p 00000000 00:00 0                                  [heap]
40027000-40028000 ---p 00000000 00:00 0
40028000-40063000 rw-p 00000000 00:00 0
40063000-40064000 ---p 00000000 00:00 0
40064000-4009f000 rw-p 00000000 00:00 0
400a1000-400a2000 ---p 00000000 00:00 0
400a2000-400dd000 rw-p 00000000 00:00 0
400dd000-400de000 ---p 00000000 00:00 0
400de000-40119000 rw-p 00000000 00:00 0
40119000-4011a000 ---p 00000000 00:00 0
4011a000-40155000 rw-p 00000000 00:00 0
40167000-40168000 ---p 00000000 00:00 0
40168000-401a3000 rw-p 00000000 00:00 0
401a3000-401a4000 ---p 00000000 00:00 0
401a4000-401df000 rw-p 00000000 00:00 0
401f1000-401f2000 ---p 00000000 00:00 0
401f2000-4022d000 rw-p 00000000 00:00 0
4022d000-4022e000 ---p 00000000 00:00 0
4022e000-40269000 rw-p 00000000 00:00 0
40271000-40272000 ---p 00000000 00:00 0
40272000-402ad000 rw-p 00000000 00:00 0
402ad000-402ae000 ---p 00000000 00:00 0
402ae000-402e9000 rw-p 00000000 00:00 0
402e9000-402ea000 ---p 00000000 00:00 0
402ea000-40325000 rw-p 00000000 00:00 0
40325000-40326000 ---p 00000000 00:00 0
40326000-40361000 rw-p 00000000 00:00 0
40361000-40362000 ---p 00000000 00:00 0
40362000-4039d000 rw-p 00000000 00:00 0
403cc000-403cd000 ---p 00000000 00:00 0
403cd000-40408000 rw-p 00000000 00:00 0
4040d000-4040e000 ---p 00000000 00:00 0
4040e000-40449000 rw-p 00000000 00:00 0
40459000-4045a000 ---p 00000000 00:00 0
4045a000-40495000 rw-p 00000000 00:00 0
40495000-40496000 ---p 00000000 00:00 0
40496000-404d1000 rw-p 00000000 00:00 0
404d1000-404d2000 ---p 00000000 00:00 0
404d2000-4050d000 rw-p 00000000 00:00 0
40518000-40519000 ---p 00000000 00:00 0
40519000-40554000 rw-p 00000000 00:00 0
40554000-40555000 ---p 00000000 00:00 0
40555000-40590000 rw-p 00000000 00:00 0
40597000-40598000 ---p 00000000 00:00 0
40598000-405d3000 rw-p 00000000 00:00 0
405d3000-405d4000 ---p 00000000 00:00 0
405d4000-4060f000 rw-p 00000000 00:00 0
4060f000-40610000 ---p 00000000 00:00 0
40610000-4064b000 rw-p 00000000 00:00 0
40660000-40661000 ---p 00000000 00:00 0
40661000-4069c000 rw-p 00000000 00:00 0
406b6000-406b7000 ---p 00000000 00:00 0
406b7000-406f2000 rw-p 00000000 00:00 0
4070f000-40710000 ---p 00000000 00:00 0
40710000-4074b000 rw-p 00000000 00:00 0
4074b000-4074c000 ---p 00000000 00:00 0
4074c000-40787000 rw-p 00000000 00:00 0
40787000-40788000 ---p 00000000 00:00 0
40788000-407c3000 rw-p 00000000 00:00 0
407df000-407e0000 ---p 00000000 00:00 0
407e0000-4081b000 rw-p 00000000 00:00 0
4081b000-4081c000 ---p 00000000 00:00 0
4081c000-40857000 rw-p 00000000 00:00 0
40863000-40864000 ---p 00000000 00:00 0
40864000-4089f000 rw-p 00000000 00:00 0
408d7000-408d8000 ---p 00000000 00:00 0
408d8000-40913000 rw-p 00000000 00:00 0
40913000-40914000 ---p 00000000 00:00 0
40914000-4094f000 rw-p 00000000 00:00 0
40982000-40983000 ---p 00000000 00:00 0
40983000-409be000 rw-p 00000000 00:00 0
409be000-409bf000 ---p 00000000 00:00 0
409bf000-409fa000 rw-p 00000000 00:00 0
409fa000-409fb000 ---p 00000000 00:00 0
409fb000-40a36000 rw-p 00000000 00:00 0
40a36000-40a37000 ---p 00000000 00:00 0
40a37000-40a72000 rw-p 00000000 00:00 0
40a72000-40a73000 ---p 00000000 00:00 0
40a73000-40aae000 rw-p 00000000 00:00 0
40aae000-40aaf000 ---p 00000000 00:00 0
40aaf000-40aea000 rw-p 00000000 00:00 0
40b12000-40b13000 ---p 00000000 00:00 0
40b13000-40b4e000 rw-p 00000000 00:00 0
40b52000-40b53000 ---p 00000000 00:00 0
40b53000-40b8e000 rw-p 00000000 00:00 0
40bbb000-40bbc000 ---p 00000000 00:00 0
40bbc000-40bf7000 rw-p 00000000 00:00 0
40bf7000-40bf8000 ---p 00000000 00:00 0
40bf8000-40c33000 rw-p 00000000 00:00 0
40c33000-40c3400/usr/sbin/safe_asterisk: line 146: 32617 Aborted                 (core dumped) nice -n $PRIORITY ${ASTSBINDIR}/asterisk -f ${CLIARGS} ${ASTARGS} > /dev/${TTY} 2>&1 < /dev/${TTY}

By: Leif Madsen (lmadsen) 2009-09-15 12:15:05

Do you have DONT_OPTIMIZE enabled in your Compiler Flags section of menuselect? After enabling that, please reinstall Asterisk and perform your test again, and then attaching the resulting backtrace to this issue.

The backtrace attached to this issue does not appear to contain any useful information.

Thanks!

By: Leif Madsen (lmadsen) 2009-09-30 09:55:08

I'm closing this issue as it has been waiting on feedback for more than 2 weeks. If the reporter has additional information that can be submitted, than they are welcome to reopen the issue. Thanks!

By: Digium Subversion (svnbot) 2010-07-21 11:15:04

Repository: asterisk
Revision: 278465

U   trunk/res/res_timing_pthread.c

------------------------------------------------------------------------
r278465 | russell | 2010-07-21 11:14:59 -0500 (Wed, 21 Jul 2010) | 41 lines

Use poll() instead of select() in res_timing_pthread to avoid stack corruption.

This code did not properly check FD_SETSIZE to ensure that it did not try to
select() on fds that were too large.  Switching to poll() removes the limitation
on the maximum fd value.

(closes issue ASTERISK-14848)
Reported by: keiron

(closes issue ASTERISK-15960)
Reported by: Eddie Edwards

(closes issue ASTERISK-15349)
Reported by: Hubguru

(closes issue ASTERISK-14670)
Reported by: flop

(closes issue ASTERISK-12249)
Reported by: falves11

(closes issue ASTERISK-13973)
Reported by: vrban

(closes issue ASTERISK-15971)
Reported by: aleksey2000

(closes issue ASTERISK-14385)
Reported by: kowalma

(closes issue ASTERISK-16185)
Reported by: dcabot

(closes issue ASTERISK-16085)
Reported by: glwgoes

(closes issue ASTERISK-15895)
Reported by: erikje

possibly other issues, too ...

------------------------------------------------------------------------

http://svn.digium.com/view/asterisk?view=rev&revision=278465

By: Digium Subversion (svnbot) 2010-07-21 11:20:21

Repository: asterisk
Revision: 278479

_U  branches/1.6.2/
U   branches/1.6.2/res/res_timing_pthread.c

------------------------------------------------------------------------
r278479 | russell | 2010-07-21 11:20:17 -0500 (Wed, 21 Jul 2010) | 48 lines

Merged revisions 278465 via svnmerge from
https://origsvn.digium.com/svn/asterisk/trunk

........
 r278465 | russell | 2010-07-21 11:15:00 -0500 (Wed, 21 Jul 2010) | 41 lines
 
 Use poll() instead of select() in res_timing_pthread to avoid stack corruption.
 
 This code did not properly check FD_SETSIZE to ensure that it did not try to
 select() on fds that were too large.  Switching to poll() removes the limitation
 on the maximum fd value.
 
 (closes issue ASTERISK-14848)
 Reported by: keiron
 
 (closes issue ASTERISK-15960)
 Reported by: Eddie Edwards
 
 (closes issue ASTERISK-15349)
 Reported by: Hubguru
 
 (closes issue ASTERISK-14670)
 Reported by: flop
 
 (closes issue ASTERISK-12249)
 Reported by: falves11
 
 (closes issue ASTERISK-13973)
 Reported by: vrban
 
 (closes issue ASTERISK-15971)
 Reported by: aleksey2000
 
 (closes issue ASTERISK-14385)
 Reported by: kowalma
 
 (closes issue ASTERISK-16185)
 Reported by: dcabot
 
 (closes issue ASTERISK-16085)
 Reported by: glwgoes
 
 (closes issue ASTERISK-15895)
 Reported by: erikje
 
 possibly other issues, too ...
........

------------------------------------------------------------------------

http://svn.digium.com/view/asterisk?view=rev&revision=278479