| Summary: | ASTERISK-28156: Race condition involving session->media (res_pjsip_session) leads to crash. | ||
| Reporter: | Paulo Vicentini (pvicentini) | Labels: | pjsip |
| Date Opened: | 2018-11-08 06:30:05.000-0600 | Date Closed: | 2019-01-30 07:05:30.000-0600 |
| Priority: | Major | Regression? | |
| Status: | Closed/Complete | Components: | Channels/chan_pjsip Core/Bridging |
| Versions: | 13.20.0 | Frequency of Occurrence | Occasional |
| Related Issues: | |||
| Environment: | Attachments: | ||
| Description: | We are experiencing a crash due to a misuse of session->media container between threads running (bridge_channel_ind_thread / pbx_thread) (at t38_framehook_read function) and the thread running ast_taskprocessor_execute (res/res_pjsip_session.c:session_end)
Depending on the SIP flow (during a disconnection) and the threads' code path, the session->media container is being destroyed (and set to NULL) by the thread running ast_taskprocessor_execute while the thread running t38_framehook_read is still referring to it. | ||
| Comments: | By: Asterisk Team (asteriskteam) 2018-11-08 06:30:08.216-0600 Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution. A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report. Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process]. By: Paulo Vicentini (pvicentini) 2018-11-08 06:30:57.024-0600 Sending a patch in a while... By: Ross Beer (rossbeer) 2019-01-14 09:10:08.559-0600 I beleive I am seeing the same issue: {NOFORMAT} [2019-01-14 14:58:09] ERROR[173287]: astobj2_container.c:493 __ao2_find: FRACK!, Failed assertion 0 (0) [2019-01-14 14:58:09] ERROR[173287]: Got 13 backtrace records # 0: /usr/sbin/asterisk(__ast_assert_failed+0x84) [0x60accf] # 1: /usr/sbin/asterisk() [0x45cf86] # 2: /usr/sbin/asterisk(__ao2_find+0x41) [0x45dbaa] # 3: /usr/lib64/asterisk/modules/res_pjsip_t38.so(+0x2cc4) [0x7ff4fe7dbcc4] # 4: /usr/sbin/asterisk(ast_taskprocessor_execute+0x10d) [0x5f2252] # 5: /usr/sbin/asterisk() [0x5fbcb5] # 6: /usr/sbin/asterisk(ast_taskprocessor_execute+0x10d) [0x5f2252] # 7: /usr/sbin/asterisk() [0x5f9f0f] # 8: /usr/sbin/asterisk() [0x5fb5a3] # 9: /usr/sbin/asterisk() [0x5fb35c] #10: /usr/sbin/asterisk() [0x607b73] #11: /usr/lib64/libpthread.so.0(+0x7dd5) [0x7ff8244ccdd5] #12: /usr/lib64/libc.so.6(clone+0x6d) [0x7ff82386eead] {NOFORMAT} By: Friendly Automation (friendly-automation) 2019-01-30 07:05:32.367-0600 Change 10601 merged by Friendly Automation: res/res_pjsip: Fix crash due to misuse of session->media between threads. [https://gerrit.asterisk.org/10601|https://gerrit.asterisk.org/10601] | ||