search

signalwire / freeswitch

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a versatile software implementation that runs on any commodity hardware. From a Raspberry PI to a multi-core server, FreeSWITCH can unlock the telecommunications potential of any device.
https://freeswitch.com/#getting-started
Other
3.54k stars 1.41k forks source link

crash on free_header #2438

Open harold-yh opened 5 months ago

harold-yh commented 5 months ago

"FreeSWITCH is crashing unpredictably during runtime. How can I determine the specific cause of the crash? "When an incoming call arrives, an outbound call is made through another SIP profile. A Lua script is used to perform the bridge."

freeswitch version:FreeSWITCH (Version 1.10.11-release git f24064f 2023-12-22 18:08:31Z 64bit) is ready os version:CentOS Linux release 7.9.2009 (Core)

The log is as follows:" (gdb) bt full

0 0x00007f1e6396c387 in raise () from /lib64/libc.so.6

No symbol table info available.

1 0x00007f1e6396da78 in abort () from /lib64/libc.so.6

No symbol table info available.

2 0x00007f1e639aef67 in __libc_message () from /lib64/libc.so.6

No symbol table info available.

3 0x00007f1e639b7329 in _int_free () from /lib64/libc.so.6

No symbol table info available.

4 0x00007f1e6702d02b in free_header (header=0x7f1e601d6cc8) at src/switch_event.c:949

    __PRETTY_FUNCTION__ = "free_header"
    __func__ = "free_header"

5 0x00007f1e6702e01e in switch_event_destroy (event=0x7f1e601d6d30) at src/switch_event.c:1298

    ep = 0x7f1a780fcd90
    hp = 0x7f1a781645a0
    this = 0x7f1a781646c0

6 0x00007f1e6702bb1f in switch_event_deliver (event=0x7f1e601d6d30) at src/switch_event.c:422

    e = SWITCH_EVENT_ALL
    node = 0x0

7 0x00007f1e6702b875 in switch_event_dispatch_thread (thread=0x7f1e60324140, obj=0xb6fdb8) at src/switch_event.c:340

    pop = 0x7f1a780fcd90
    event = 0x7f1a780fcd90
    queue = 0xb6fdb8
    my_id = 0
    __func__ = "switch_event_dispatch_thread"

8 0x00007f1e67331690 in dummy_worker (opaque=0x7f1e60324140) at threadproc/unix/thread.c:151

    thread = 0x7f1e60324140

9 0x00007f1e643e0ea5 in start_thread () from /lib64/libpthread.so.0

No symbol table info available.

10 0x00007f1e63a34b0d in clone () from /lib64/libc.so.6

No symbol table info available.

The other crash info:

0 0x00007fb7776a25e6 in propagatemark () from /lib64/liblua.so

No symbol table info available.

1 0x00007fb7776a2d36 in singlestep () from /lib64/liblua.so

No symbol table info available.

2 0x00007fb7776a3500 in luaC_fullgc () from /lib64/liblua.so

No symbol table info available.

3 0x00007fb77769d04f in lua_gc () from /lib64/liblua.so

No symbol table info available.

4 0x00007fb7778d1730 in lua_uninit (L=0x7fb47c0a7720) at mod_lua.cpp:483

No locals.

5 lua_function (session=0x7fb3a932f368, data=) at mod_lua.cpp:483

    L = 0x7fb47c0a7720
    mycmd = 0x7fb47c15e0b0 "directcall1.lua"
    __func__ = "lua_function"
    __PRETTY_FUNCTION__ = "void lua_function(switch_core_session_t*, const char*)"

6 0x00007fb7ceffc94e in switch_core_session_exec (session=0x7fb3a932f368, application_interface=0xd13be0,

arg=0x7fb7b78c4fe0 "directcall1.lua") at src/switch_core_session.c:2965
    log = 0x7fb7b78c50b0
    lp = 0x7fb7b78c5058
    event = 0x0
    var = 0x0
    channel = 0x7fb7b7cecee0
    expanded = 0x7fb7b78c4fe0 "directcall1.lua"
    app = 0x7fb7778f0a77 "lua"
    app_uuid_var = 0x0
    app_uuid_name = 0x0
    msg = {from = 0x7fb7cf3b15a7 "src/switch_core_session.c", message_id = SWITCH_MESSAGE_INDICATE_APPLICATION_EXEC,
      numeric_arg = 0, string_arg = 0x0, string_arg_size = 0, pointer_arg = 0x0, pointer_arg_size = 0, numeric_reply = 0,
      string_reply = 0x0, string_reply_size = 0, pointer_reply = 0x0, pointer_reply_size = 0, flags = 0, _file = 0x0,
      _func = 0x0, _line = 0, string_array_arg = {0x7fb7778f0a77 "lua", 0x7fb7b78c4fe0 "directcall1.lua", 0x0, 0x0, 0x0, 0x0,
        0x0, 0x0, 0x0, 0x0}, delivery_time = 0}
    delim = 44 ','
    scope = 0
    uuid_str = "885e58a6-37e9-49d2-add7-a3dedb2dc358\000\177\000\000\340@;Ϸ\177\000\000H7;Ϸ\177\000\000C\001\000\000\003\000\000\000\061gX\000\000\000\000\000\030\b\000\000\000\000\000\000\000\367#y\264\177\000\000\214\347\241˷\177\000\000\060\000\000\000\000\000\000\000\240\370\062\264\267\177\000\000\240\350#y\264\177\000\000\275\344\bϷ\177\000\000\000\367#y\264\177\000\000\215J\373η\177\000\000\b\351#y\264\177\000\000\260\026\026|\264\177\000\000\260\026\026|\264\177\000\000\247\245\bϷ\177\000\000\314\026\026|\264\177", '\000' <repeats 15 times>, "/\\\000\307\350#y\264\177"...
    app_uuid = 0x7fb47923e800 "885e58a6-37e9-49d2-add7-a3dedb2dc358"

---Type to continue, or q to quit--- expand_variables = SWITCH_TRUE PRETTY_FUNCTION__ = "switch_core_session_exec" func__ = "switch_core_session_exec"

7 0x00007fb7ceffbf76 in switch_core_session_execute_application_get_flags (session=0x7fb3a932f368, app=0x7fb7b78c4fd8 "lua",

arg=0x7fb7b78c4fe0 "directcall1.lua", flags=0x0) at src/switch_core_session.c:2825
    application_interface = 0xd13be0
    status = SWITCH_STATUS_SUCCESS
    __func__ = "switch_core_session_execute_application_get_flags"

8 0x00007fb7ceffea71 in switch_core_standard_on_execute (session=0x7fb3a932f368) at src/switch_core_state_machine.c:350

    current_application = 0x7fb7b78c4fb8
    extension = 0x7fb7b78c4ed8
    uuid = 0x7fb7cefc3793 <switch_channel_get_state_handler+143> "H\213E\370\311\303UH\211\345H\201\354\020\001"
    __func__ = "switch_core_standard_on_execute"

9 0x00007fb7cf0006bf in switch_core_session_run (session=0x7fb3a932f368) at src/switch_core_state_machine.c:647

    global_proceed = 1
    index = 1
    proceed = 1
    do_extra_handlers = 1
    ptr = 0x0
    rstatus = SWITCH_STATUS_SUCCESS
    state = CS_EXECUTE
    midstate = CS_EXECUTE
    endstate = CS_EXECUTE
    endpoint_interface = 0x7fb7c59f5648
    driver_state_handler = 0x7fb7c5d7e0e0 <sofia_event_handlers>
    application_state_handler = 0x0
    silly = 0
    new_loops = 500
    __PRETTY_FUNCTION__ = "switch_core_session_run"
    __func__ = "switch_core_session_run"

10 0x00007fb7ceff80d4 in switch_core_session_thread (thread=0x7fb480053250, obj=0x7fb3a932f368) at src/switch_core_session.c:1727

    session = 0x7fb3a932f368
    event = 0x0
    event_str = 0x0
    val = 0x7fb47923ed00 "P\355#y\264\177"
    __func__ = "switch_core_session_thread"
    __PRETTY_FUNCTION__ = "switch_core_session_thread"

11 0x00007fb7ceff84f9 in switch_core_session_thread_pool_worker (thread=0x7fb480053250, obj=0x7fb4800530e0)

at src/switch_core_session.c:1791

---Type to continue, or q to quit--- td = 0x7fb7b432f900 pop = 0x7fb7b432f900 check_status = SWITCH_STATUS_SUCCESS node = 0x7fb4800530e0 pool = 0x7fb480052ff8 func = "switch_core_session_thread_pool_worker"

12 0x00007fb7cf394690 in dummy_worker (opaque=0x7fb480053250) at threadproc/unix/thread.c:151

    thread = 0x7fb480053250

13 0x00007fb7cc443ea5 in start_thread () from /lib64/libpthread.so.0

No symbol table info available.

14 0x00007fb7cba97b0d in clone () from /lib64/libc.so.6

No symbol table info available.

The lua scripts: local caller = session:getVariable('caller_id_number'); local callee = session:getVariable('destination_number');

local token="HNNcpRwDoUhic*****"

session:execute("export","proxy_media=true"); session:execute("bridge","{sip_copy_custom_headers=false,sip_h_Task-Token="..token..",absolute_codec_string='PCMA,PCMU',origination_caller_id_number="..caller.."}sofia/external/sip:"..callee.."@..1.:16060")