ASTERISK-26727: FRACK!, Failed assertion bad magic number 0x0

[Home]

Summary: ASTERISK-26727: FRACK!, Failed assertion bad magic number 0x0

Reporter: Andreas Krüger (woopstar) Labels:

Date Opened: 2017-01-18 08:25:18.000-0600 Date Closed: 2017-01-18 08:29:51.000-0600

Priority: Critical Regression?

Status: Closed/Complete Components: Resources/res_pjsip

Versions: 14.2.1 Frequency of
Occurrence

Related
Issues:
duplicates ASTERISK-26699 res_pjsip: Assertion when sending OPTIONS request to endpoint

duplicates ASTERISK-26725 astobj2.c: FRACK!, Failed assertion bad magic number

Environment: Attachments:

Description: We're seeing some crashes when switching from 13.10 to 14.2.1.

{code}
FRACK!, Failed assertion bad magic number 0x0 for object 0x7ffff0015bd8 (0) at line 3595 in endpt_send_request of res_pjsip.c
[2017-01-18 13:34:02] ERROR[61333]: res_pjsip.c:3587 endpt_send_request: Error 171060 'Unsupported transport (PJSIP_EUNSUPTRANSPORT)' sending OPTIONS request to endpoint 10000-79QFUTEZ5
[2017-01-18 13:34:02] ERROR[61333]: res_pjsip.c:3595 endpt_send_request: FRACK!, Failed assertion bad magic number 0x0 for object 0x7ffff0015bd8 (0)
Got 19 backtrace records
#0: [0x6306a9] /usr/sbin/asterisk(__ast_assert_failed+0x8d) [0x6306a9]
#1: [0x4603b5] /usr/sbin/asterisk() [0x4603b5]
#2: [0x46042c] /usr/sbin/asterisk(__ao2_lock+0x61) [0x46042c]
#3: [0x7fffb3a18b54] /usr/lib/asterisk/modules/res_pjsip.so(+0x11b54) [0x7fffb3a18b54]
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fffb1a6b700 (LWP 61333)]
0x00007ffff78f93e4 in grp_lock_dec_ref () from /usr/lib/libasteriskpj.so
{code}

Ran asterisk inside GDB in interactive mode, and did a backtrace on it:

{code}
(gdb) bt
#0 0x00007ffff78f93e4 in grp_lock_dec_ref () from /usr/lib/libasteriskpj.so
#1 0x00007ffff78f9451 in pj_grp_lock_dec_ref () from /usr/lib/libasteriskpj.so
#2 0x00007ffff7907cb1 in cancel_timer () from /usr/lib/libasteriskpj.so
#3 0x00007ffff7907d1b in pj_timer_heap_cancel_if_active () from /usr/lib/libasteriskpj.so
#4 0x00007fffb3a18b6d in endpt_send_request (endpoint=0x7fffb802eb00, tdata=0x7ffff0011bf8, timeout=3000, token=0x29c34, cb=<optimized out>) at res_pjsip.c:3596
#5 0x00007fffb3a1aef2 in ast_sip_send_out_of_dialog_request (tdata=0x7ffff00146b8, endpoint=endpoint@entry=0x7fffb802eb00, timeout=3000, token=token@entry=0x1ffb030, callback=callback@entry=0x7fffb3a1f5b0 <qualify_contact_cb>) at res_pjsip.c:3776
#6 0x00007fffb3a1f222 in qualify_contact (endpoint=endpoint@entry=0x0, contact=contact@entry=0x1ffb030) at res_pjsip/pjsip_options.c:434
#7 0x00007fffb3a1f533 in qualify_contact_task (obj=0x1ffb030) at res_pjsip/pjsip_options.c:509
#8 0x0000000000615c80 in ast_taskprocessor_execute (tps=0x13ae278) at taskprocessor.c:967
#9 0x000000000061f547 in execute_tasks (data=0x13ae278) at threadpool.c:1322
#10 0x0000000000615c80 in ast_taskprocessor_execute (tps=0x13aaae8) at taskprocessor.c:967
#11 0x000000000061d2a2 in threadpool_execute (pool=0x13a9a78) at threadpool.c:351
#12 0x000000000061edd0 in worker_active (worker=0x7fffec005f38) at threadpool.c:1105
#13 0x000000000061eb6b in worker_start (arg=0x7fffec005f38) at threadpool.c:1024
#14 0x000000000062d38c in dummy_start (data=0x7fffec002910) at utils.c:1230
#15 0x00007ffff5a470a5 in start_thread (arg=0x7fffb1a6b700) at pthread_create.c:309
#16 0x00007ffff502acfd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111
{code}

and full:

{code}
(gdb) bt full
#0 0x00007ffff78f93e4 in grp_lock_dec_ref () from /usr/lib/libasteriskpj.so
No symbol table info available.
#1 0x00007ffff78f9451 in pj_grp_lock_dec_ref () from /usr/lib/libasteriskpj.so
No symbol table info available.
#2 0x00007ffff7907cb1 in cancel_timer () from /usr/lib/libasteriskpj.so
No symbol table info available.
#3 0x00007ffff7907d1b in pj_timer_heap_cancel_if_active () from /usr/lib/libasteriskpj.so
No symbol table info available.
#4 0x00007fffb3a18b6d in endpt_send_request (endpoint=0x7fffb802eb00, tdata=0x7ffff0011bf8, timeout=3000, token=0x29c34, cb=<optimized out>) at res_pjsip.c:3596
timers_cancelled = 1601398130
errmsg = "Unsupported transport (PJSIP_EUNSUPTRANSPORT)\000\000\000P\274\000\360\377\177", '\000' <repeats 14 times>, "\377\377\377\377\270F\001\360\377\177\000"
req_wrapper = 0x7ffff0015bd8
endpt = 0x13af9c8
selector = {type = PJSIP_TPSELECTOR_NONE, u = {transport = 0x0, listener = 0x0, ptr = 0x0}}
#5 0x00007fffb3a1aef2 in ast_sip_send_out_of_dialog_request (tdata=0x7ffff00146b8, endpoint=endpoint@entry=0x7fffb802eb00, timeout=3000, token=token@entry=0x1ffb030, callback=callback@entry=0x7fffb3a1f5b0 <qualify_contact_cb>) at res_pjsip.c:3776
supplement = 0x0
contact = 0x1ffb030
__PRETTY_FUNCTION__ = "ast_sip_send_out_of_dialog_request"
#6 0x00007fffb3a1f222 in qualify_contact (endpoint=endpoint@entry=0x0, contact=contact@entry=0x1ffb030) at res_pjsip/pjsip_options.c:434
tdata = 0x7ffff00146b8
endpoint_local = 0x7fffb802eb00
__PRETTY_FUNCTION__ = "qualify_contact"
#7 0x00007fffb3a1f533 in qualify_contact_task (obj=0x1ffb030) at res_pjsip/pjsip_options.c:509
contact = 0x1ffb030
res = <optimized out>
__PRETTY_FUNCTION__ = "qualify_contact_task"
#8 0x0000000000615c80 in ast_taskprocessor_execute (tps=0x13ae278) at taskprocessor.c:967
local = {local_data = 0x0, data = 0x629f5c <ast_threadstorage_set_ptr+60>}
t = 0x7fffd0008020
size = 1
__PRETTY_FUNCTION__ = "ast_taskprocessor_execute"
#9 0x000000000061f547 in execute_tasks (data=0x13ae278) at threadpool.c:1322
tps = 0x13ae278
#10 0x0000000000615c80 in ast_taskprocessor_execute (tps=0x13aaae8) at taskprocessor.c:967
local = {local_data = 0x13a9a58, data = 0x13a9a20}
t = 0x7fffd0007af0
size = 20617816
__PRETTY_FUNCTION__ = "ast_taskprocessor_execute"
#11 0x000000000061d2a2 in threadpool_execute (pool=0x13a9a78) at threadpool.c:351
__PRETTY_FUNCTION__ = "threadpool_execute"
#12 0x000000000061edd0 in worker_active (worker=0x7fffec005f38) at threadpool.c:1105
alive = 32767
#13 0x000000000061eb6b in worker_start (arg=0x7fffec005f38) at threadpool.c:1024
worker = 0x7fffec005f38
saved_state = ALIVE
---Type <return> to continue, or q <return> to quit---
__PRETTY_FUNCTION__ = "worker_start"
#14 0x000000000062d38c in dummy_start (data=0x7fffec002910) at utils.c:1230
__cancel_buf = {__cancel_jmp_buf = {{__cancel_jmp_buf = {140736173881088, 5220049284479118540, 1, 0, 140736173881792, 140736173881088, 5220049284468632780, -5220177046801552180}, __mask_was_saved = 0}}, __pad = {0x7fffb1a6aef0, 0x0, 0x0, 0x0}}
__cancel_routine = 0x4544dd <ast_unregister_thread>
__cancel_arg = 0x7fffb1a6b700
__not_first_call = 0
ret = 0x0
a = {start_routine = 0x61eae4 <worker_start>, data = 0x7fffec005f38, name = 0x7fffec006bf0 "worker_start started at [ 1079] threadpool.c worker_thread_start()"}
lock_info = 0x7ffff0002330
mutex_attr = {__size = "\001\000\000", __align = 1}
__PRETTY_FUNCTION__ = "dummy_start"
#15 0x00007ffff5a470a5 in start_thread (arg=0x7fffb1a6b700) at pthread_create.c:309
__res = <optimized out>
pd = 0x7fffb1a6b700
now = <optimized out>
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140736173881088, -5220177298626908980, 1, 0, 140736173881792, 140736173881088, 5220049284472827084, 5220198837969415372}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}}
not_first_call = <optimized out>
pagesize_m1 = <optimized out>
sp = <optimized out>
freesize = <optimized out>
__PRETTY_FUNCTION__ = "start_thread"
#16 0x00007ffff502acfd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111
No locals.
{code}

The only thing we did not do was to do ast-db-manage upgrade the database. But im unsure if it's related here.

Comments: By: Asterisk Team (asteriskteam) 2017-01-18 08:25:19.327-0600

Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution.

A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report.

Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process].