Bug#882145: asterisk: pjsip show history causes segmentation fault

Bernhard Schmidt berni at birkenwald.de
Mon Nov 20 19:44:24 UTC 2017 

Control: tags -1 + confirmed

On Sun, Nov 19, 2017 at 04:59:30PM +0100, Benoit Panizzon wrote:

Hi,

> I could reproduce apparently two different segmentation faults by doing the following:
> 
> pjsip set history on
> pjsip show history
> 
> [8677620.301738] asterisk[24252]: segfault at 7fb600000000 ip 00007fb5f434426a sp 00007fb623ffdf80 error 4 in res_pjsip_history.so[7fb5f4341000+6000]
> [8677680.807810] asterisk[25015]: segfault at 7f2200000000 ip 00007f21b822c26a sp 00007f21ebffdf80 error 4 in res_pjsip_history.so[7f21b8229000+6000]
> [8677741.313448] asterisk[25324]: segfault at 21000 ip 00007f02251d8800 sp 00007f01a0f62788 error 4 in libc-2.24.so[7f0225158000+195000]
> 
> As I am on the task of migrating from chan_sip to pjsip, my only config at the moment is one phone, just to figure out how pjsip exactly works:

FTR, I can reproduce this. The backtrace is 

0x00007fff8d3a11d0 in sprint_list_entry (entry=entry at entry=0x555555d91ff8, line=line at entry=0x7fffabc902b0 "[2001:4ca0:0:10a:215:65ff:feb7:4e7e]:11922", len=256) at res_pjsip_history.c:663
663     res_pjsip_history.c: No such file or directory.
(gdb) bt
#0  0x00007fff8d3a11d0 in sprint_list_entry (entry=entry at entry=0x555555d91ff8, line=line at entry=0x7fffabc902b0 "[2001:4ca0:0:10a:215:65ff:feb7:4e7e]:11922", len=256) at res_pjsip_history.c:663
#1  0x00007fff8d3a24d3 in history_on_tx_msg (tdata=<optimized out>) at res_pjsip_history.c:711
#2  0x00007fffd262321e in ?? () from /usr/lib/x86_64-linux-gnu/libpjsip.so.2
#3  0x00007fffd2629a62 in pjsip_transport_send () from /usr/lib/x86_64-linux-gnu/libpjsip.so.2
#4  0x00007fffd2624c53 in ?? () from /usr/lib/x86_64-linux-gnu/libpjsip.so.2
#5  0x00007fffd2624f72 in ?? () from /usr/lib/x86_64-linux-gnu/libpjsip.so.2
#6  0x00007fffd262824e in pjsip_resolve () from /usr/lib/x86_64-linux-gnu/libpjsip.so.2
#7  0x00007fffd2626b4d in pjsip_endpt_send_request_stateless () from /usr/lib/x86_64-linux-gnu/libpjsip.so.2
#8  0x00007fffd2636f6f in ?? () from /usr/lib/x86_64-linux-gnu/libpjsip.so.2
#9  0x00007fffd2637456 in ?? () from /usr/lib/x86_64-linux-gnu/libpjsip.so.2
#10 0x00007fffd26395b7 in pjsip_tsx_send_msg () from /usr/lib/x86_64-linux-gnu/libpjsip.so.2
#11 0x00007fffd2639a8f in pjsip_endpt_send_request () from /usr/lib/x86_64-linux-gnu/libpjsip.so.2
#12 0x00007fffaf99b319 in endpt_send_request (endpoint=endpoint at entry=0x555555f5e058, tdata=tdata at entry=0x555555f7bc68, timeout=timeout at entry=3000, token=token at entry=0x555555ec7b58, 
    cb=0x7fffaf99b510 <send_request_cb>) at res_pjsip.c:3609
#13 0x00007fffaf99dd58 in ast_sip_send_out_of_dialog_request (tdata=0x555555f7bc68, endpoint=endpoint at entry=0x555555f5e058, timeout=3000, token=token at entry=0x555555fc8d08, 
    callback=callback at entry=0x7fffaf9a1590 <qualify_contact_cb>) at res_pjsip.c:3756
#14 0x00007fffaf9a12aa in qualify_contact (endpoint=endpoint at entry=0x0, contact=contact at entry=0x555555fc8d08) at res_pjsip/pjsip_options.c:444
#15 0x00007fffaf9a1533 in qualify_contact_task (obj=0x555555fc8d08) at res_pjsip/pjsip_options.c:519
#16 0x00005555556f80e8 in ast_taskprocessor_execute ()
#17 0x00005555556ffd90 in ?? ()
#18 0x00005555556f80e8 in ast_taskprocessor_execute ()
#19 0x00005555556ff764 in ?? ()
#20 0x0000555555707d7c in ?? ()
#21 0x00007ffff5d4a494 in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0
#22 0x00007ffff4954aff in clone () from /lib/x86_64-linux-gnu/libc.so.6

Unfortunately I did not find an obvious reason and I could not find an
upstream bug as well. 

I currently don't have much time to dive into this. If you have time
verifying this on sid would be helpful.

Bernhard

More information about the Pkg-voip-maintainers mailing list