I'm not terribly familiar with the openssl universe, but have an
integration that uses DTLS with the Asterisk project.
Seeing a frequent crash that appears to originate from within
dtls1_do_write.
Not sure if there's not another implementation issue here, but I've
attached a backtrace of the crash.
Any ideas on the openssl side for how to track this one down?
Core was generated by `/usr/sbin/asterisk -f -vvvg -c'.
Program terminated with signal 6, Aborted.
#0 0x00007ffb29dd5925 in raise () from /lib64/libc.so.6
#0 0x00007ffb29dd5925 in raise () from /lib64/libc.so.6
No symbol table info available.
#1 0x00007ffb29dd7105 in abort () from /lib64/libc.so.6
No symbol table info available.
#2 0x00007ffb28cee6fb in OpenSSLDie (file=0x7ffb291114e0 "d1_both.c",
line=278, assertion=0x7ffb29111508 "s->init_num ==
(int)s->d1->w_msg_hdr.msg_len + DTLS1_HM_HEADER_LENGTH") at cryptlib.c:919
No locals.
#3 0x00007ffb290f4eda in dtls1_do_write (s=0x2dbab10, type=22) at d1_both.c:277
ret = -256031463
curr_mtu = -1281199041
len = 32192640
frag_off = 0
mac_size = 1541193986
blocksize = 0
#4 0x00007ffb290ec68c in dtls1_send_server_hello (s=0x2dbab10) at
d1_srvr.c:1006
buf = 0x1fdb868 "Nd\341S"
p = 0x7ffb11309cc0 " \235\060\021\373\177"
d = 0x7ffb290f1886 "H\203\304\030[\311\303UH\211\345H\203\354
H\211}\350H\211u\340H\213E\350H\213\200\210"
i = 288398528
sl = 32763
l = 47950608
#5 0x00007ffb290eb64c in dtls1_accept (s=0x2dbab10) at d1_srvr.c:386
buf = 0x7ffb11309d30
Time = 1407280205
cb = 0
alg_k = 47287360
ret = -1
new_state = 4841412
state = 8497
skip = 0
listen = 0
#6 0x00007ffb290fde3f in SSL_do_handshake (s=0x2dbab10) at ssl_lib.c:2568
ret = 1
#7 0x00007ffadc1c762b in dtls_perform_handshake (instance=0x2e3e2e8,
dtls=0x2ce2fa8, rtcp=0) at res_rtp_asterisk.c:1230
rtp = 0x2ce0320
#8 0x00007ffadc1c7690 in ast_rtp_on_ice_complete (ice=0x2d18bd8, status=0) at
res_rtp_asterisk.c:1242
instance = 0x2e3e2e8
rtp = 0x2ce0320
#9 0x00007ffadc1d96a5 in on_timer () from
/usr/lib/asterisk/modules/res_rtp_asterisk.so
No symbol table info available.
#10 0x00007ffadc208466 in pj_timer_heap_poll () from
/usr/lib/asterisk/modules/res_rtp_asterisk.so
No symbol table info available.
#11 0x00007ffadc1c7c4e in ice_worker_thread (data=0x0) at
res_rtp_asterisk.c:1409
delay = {sec = 0, msec = 10}
#12 0x00007ffadc1f9993 in thread_main () from
/usr/lib/asterisk/modules/res_rtp_asterisk.so
No symbol table info available.
#13 0x00007ffb2886f9d1 in start_thread () from /lib64/libpthread.so.0
No symbol table info available.
#14 0x00007ffb29e8bb6d in clone () from /lib64/libc.so.6
No symbol table info available.
Thread 75 (Thread 0x7ffb07a91700 (LWP 11401)):
#0 0x00007ffb288735bc in pthread_cond_wait@@GLIBC_2.3.2 () from
/lib64/libpthread.so.0
#1 0x0000000000502c40 in __ast_cond_wait (filename=0x677c74 "sched.c",
lineno=120, func=0x678155 "sched_run", cond_name=0x677c87
"&con->sched_thread->cond", mutex_name=0x677c7c "&con->lock", cond=0x157fbf8,
t=0x1585bd0) at lock.c:565
#2 0x000000000057727b in sched_run (data=0x1585bd0) at sched.c:120
#3 0x0000000000595656 in dummy_start (data=0x14a36a0) at utils.c:1169
#4 0x00007ffb2886f9d1 in start_thread () from /lib64/libpthread.so.0
#5 0x00007ffb29e8bb6d in clone () from /lib64/libc.so.6
Thread 74 (Thread 0x7ffb07b0d700 (LWP 11400)):
#0 0x00007ffb288735bc in pthread_cond_wait@@GLIBC_2.3.2 () from
/lib64/libpthread.so.0
#1 0x0000000000502c40 in __ast_cond_wait (filename=0x67ab04 "taskprocessor.c",
lineno=313, func=0x67b220 "tps_processing_function", cond_name=0x67ae71
"&i->poll_cond", mutex_name=0x67ae5a "&i->taskprocessor_lock", cond=0x14aa000,
t=0x14aa038) at lock.c:565
#2 0x0000000000583591 in tps_processing_function (data=0x14a9ff8) at
taskprocessor.c:313
#3 0x0000000000595656 in dummy_start (data=0x1546f00) at utils.c:1169
#4 0x00007ffb2886f9d1 in start_thread () from /lib64/libpthread.so.0
#5 0x00007ffb29e8bb6d in clone () from /lib64/libc.so.6
Thread 73 (Thread 0x7ffb07df5700 (LWP 11394)):
#0 0x00007ffb29e82343 in poll () from /lib64/libc.so.6
#1 0x00000000005959ab in ast_wait_for_input (fd=11, ms=5000) at utils.c:1258
#2 0x00000000005859cc in ast_tcptls_server_root (data=0x8ee2c0) at tcptls.c:699
#3 0x0000000000595656 in dummy_start (data=0x146c340) at utils.c:1169
#4 0x00007ffb2886f9d1 in start_thread () from /lib64/libpthread.so.0
#5 0x00007ffb29e8bb6d in clone () from /lib64/libc.so.6
Thread 72 (Thread 0x7ffb07b89700 (LWP 11399)):
#0 0x00007ffb29e82343 in poll () from /lib64/libc.so.6
#1 0x00000000004d8985 in do_parking_thread (ignore=0x0) at features.c:5339
#2 0x0000000000595656 in dummy_start (data=0x1587f40) at utils.c:1169
#3 0x00007ffb2886f9d1 in start_thread () from /lib64/libpthread.so.0
#4 0x00007ffb29e8bb6d in clone () from /lib64/libc.so.6
Thread 71 (Thread 0x7ffb28126700 (LWP 11390)):
#0 0x00007ffb288735bc in pthread_cond_wait@@GLIBC_2.3.2 () from
/lib64/libpthread.so.0
#1 0x0000000000502c40 in __ast_cond_wait (filename=0x67ab04 "taskprocessor.c",
lineno=313, func=0x67b220 "tps_processing_function", cond_name=0x67ae71
"&i->poll_cond", mutex_name=0x67ae5a "&i->taskprocessor_lock", cond=0x1277ef0,
t=0x1277f28) at lock.c:565
#2 0x0000000000583591 in tps_processing_function (data=0x1277ee8) at
taskprocessor.c:313
#3 0x0000000000595656 in dummy_start (data=0x1277450) at utils.c:1169
#4 0x00007ffb2886f9d1 in start_thread () from /lib64/libpthread.so.0
#5 0x00007ffb29e8bb6d in clone () from /lib64/libc.so.6
Thread 70 (Thread 0x7ffb281a2700 (LWP 11389)):
#0 0x00007ffb29e4fcdd in nanosleep () from /lib64/libc.so.6
#1 0x00007ffb29e4fb50 in sleep () from /lib64/libc.so.6
#2 0x00000000004b58cb in db_sync_thread (data=0x0) at db.c:979
#3 0x0000000000595656 in dummy_start (data=0x1275ea0) at utils.c:1169
#4 0x00007ffb2886f9d1 in start_thread () from /lib64/libpthread.so.0
#5 0x00007ffb29e8bb6d in clone () from /lib64/libc.so.6
Thread 69 (Thread 0x7ffb2821e700 (LWP 11388)):
#0 0x00007ffb288735bc in pthread_cond_wait@@GLIBC_2.3.2 () from
/lib64/libpthread.so.0
#1 0x0000000000502c40 in __ast_cond_wait (filename=0x662c14 "logger.c",
lineno=1180, func=0x663d72 "logger_thread", cond_name=0x663735 "&logcond",
mutex_name=0x663727 "&logmsgs.lock", cond=0x908020, t=0x8ed710) at lock.c:565
#2 0x0000000000506248 in logger_thread (data=0x0) at logger.c:1180
#3 0x0000000000595656 in dummy_start (data=0xd23ba0) at utils.c:1169
#4 0x00007ffb2886f9d1 in start_thread () from /lib64/libpthread.so.0
#5 0x00007ffb29e8bb6d in clone () from /lib64/libc.so.6
Thread 68 (Thread 0x7ffac46da700 (LWP 30729)):
#0 0x00007ffb29e82343 in poll () from /lib64/libc.so.6
#1 0x000000000047ae93 in ast_waitfor_nandfds (c=0x7ffac46d3400, n=2, fds=0x0,
nfds=0, exception=0x0, outfd=0x0, ms=0x7ffac46d33fc) at channel.c:3268
#2 0x000000000047b2aa in ast_waitfor_n (c=0x7ffac46d3400, n=2,
ms=0x7ffac46d33fc) at channel.c:3549
#3 0x0000000000488db4 in ast_generic_bridge (c0=0x7ffb00cd0468, c1=0x1f5b748,
config=0x7ffac46d4d20, fo=0x7ffac46d3b08, rc=0x7ffac46d3b00) at channel.c:7612
#4 0x000000000048b801 in ast_channel_bridge (c0=0x7ffb00cd0468, c1=0x1f5b748,
config=0x7ffac46d4d20, fo=0x7ffac46d3b08, rc=0x7ffac46d3b00) at channel.c:8102
#5 0x00000000004d5684 in ast_bridge_call (chan=0x7ffb00cd0468, peer=0x1f5b748,
config=0x7ffac46d4d20) at features.c:4498
#6 0x00007ffad0d99f91 in dial_exec_full (chan=0x7ffb00cd0468,
data=0x7ffac46d7550
"SIP/303xxxxxxx@PROXY,180,U(set-did-hint^720xxxxxxx,INUSE)T",
peerflags=0x7ffac46d5310, continue_exec=0x0) at app_dial.c:3047
#7 0x00007ffad0d9a619 in dial_exec (chan=0x7ffb00cd0468, data=0x7ffac46d7550
"SIP/303xxxxxxx@PROXY,180,U(set-did-hint^720xxxxxxx,INUSE)T") at app_dial.c:3130
#8 0x00000000005298c5 in pbx_exec (c=0x7ffb00cd0468, app=0x16076f0,
data=0x7ffac46d7550
"SIP/303xxxxxxx@PROXY,180,U(set-did-hint^720xxxxxxx,INUSE)T") at pbx.c:1622
#9 0x00000000005342e2 in pbx_extension_helper (c=0x7ffb00cd0468, con=0x0,
context=0x7ffb00cd12b8 "dial-smart-outbound", exten=0x7ffb00cd1308
"303xxxxxxx", priority=7, label=0x0, callerid=0x7ffb00b27f90 "720xxxxxxx",
action=E_SPAWN, found=0x7ffac46d9c30, combined_find_spawn=1) at pbx.c:4915
#10 0x000000000053757f in ast_spawn_extension (c=0x7ffb00cd0468,
context=0x7ffb00cd12b8 "dial-smart-outbound", exten=0x7ffb00cd1308
"303xxxxxxx", priority=7, callerid=0x7ffb00b27f90 "720xxxxxxx",
found=0x7ffac46d9c30, combined_find_spawn=1) at pbx.c:6037
#11 0x0000000000538d1c in __ast_pbx_run (c=0x7ffb00cd0468, args=0x0) at
pbx.c:6512
#12 0x000000000053a7f9 in pbx_thread (data=0x7ffb00cd0468) at pbx.c:6842
#13 0x0000000000595656 in dummy_start (data=0x7ffb0020a450) at utils.c:1169
#14 0x00007ffb2886f9d1 in start_thread () from /lib64/libpthread.so.0
#15 0x00007ffb29e8bb6d in clone () from /lib64/libc.so.6
Thread 67 (Thread 0x7ffac2b38700 (LWP 30730)):
#0 0x00007ffb2887398e in pthread_cond_timedwait@@GLIBC_2.3.2 () from
/lib64/libpthread.so.0
#1 0x0000000000502c7e in __ast_cond_timedwait (filename=0x63efb4
"audiohook.c", lineno=939, func=0x63f2d0 "ast_audiohook_trigger_wait",
cond_name=0x63efd1 "&audiohook->trigger", mutex_name=0x63efc0
"&audiohook->lock", cond=0x247d768, t=0x247d730, abstime=0x7ffac2b37bb0) at
lock.c:646
#2 0x0000000000452bf7 in ast_audiohook_trigger_wait (audiohook=0x247d730) at
audiohook.c:939
#3 0x00007ffae571e46b in mixmonitor_thread (obj=0x247d730) at
app_mixmonitor.c:638
#4 0x0000000000595656 in dummy_start (data=0x29b39e0) at utils.c:1169
#5 0x00007ffb2886f9d1 in start_thread () from /lib64/libpthread.so.0
#6 0x00007ffb29e8bb6d in clone () from /lib64/libc.so.6
Thread 66 (Thread 0x7ffac33f0700 (LWP 30723)):
#0 0x00007ffb29e82343 in poll () from /lib64/libc.so.6
#1 0x000000000047ae93 in ast_waitfor_nandfds (c=0x7ffac33e9420, n=2, fds=0x0,
nfds=0, exception=0x0, outfd=0x0, ms=0x7ffac33e941c) at channel.c:3268
#2 0x000000000047b2aa in ast_waitfor_n (c=0x7ffac33e9420, n=2,
ms=0x7ffac33e941c) at channel.c:3549
#3 0x0000000000488db4 in ast_generic_bridge (c0=0x7ffb00d720a8, c1=0x2195378,
config=0x7ffac33ead20, fo=0x7ffac33e9b28, rc=0x7ffac33e9b20) at channel.c:7612
#4 0x000000000048b801 in ast_channel_bridge (c0=0x7ffb00d720a8, c1=0x2195378,
config=0x7ffac33ead20, fo=0x7ffac33e9b28, rc=0x7ffac33e9b20) at channel.c:8102
#5 0x00000000004d5684 in ast_bridge_call (chan=0x7ffb00d720a8, peer=0x2195378,
config=0x7ffac33ead20) at features.c:4498
#6 0x00007ffad0d99f91 in dial_exec_full (chan=0x7ffb00d720a8,
data=0x7ffac33ed550 "SIP/7605227351@FC-ORD-PROXY,180,T",
peerflags=0x7ffac33eb310, continue_exec=0x0) at app_dial.c:3047
#7 0x00007ffad0d9a619 in dial_exec (chan=0x7ffb00d720a8, data=0x7ffac33ed550
"SIP/760xxxxxxxxxx@PROXY,180,T") at app_dial.c:3130
#8 0x00000000005298c5 in pbx_exec (c=0x7ffb00d720a8, app=0x16076f0,
data=0x7ffac33ed550 "SIP/760xxxxxxxxxx@PROXY,180,T") at pbx.c:1622
#9 0x00000000005342e2 in pbx_extension_helper (c=0x7ffb00d720a8, con=0x0,
context=0x7ffb00d72ef8 "outbound-call", exten=0x7ffb00d72f48 "s", priority=60,
label=0x0, callerid=0x2319f80 "760xxxxxxx", action=E_SPAWN,
found=0x7ffac33efc30, combined_find_spawn=1) at pbx.c:4915
#10 0x000000000053757f in ast_spawn_extension (c=0x7ffb00d720a8,
context=0x7ffb00d72ef8 "outbound-call", exten=0x7ffb00d72f48 "s", priority=60,
callerid=0x2319f80 "760xxxxxxx", found=0x7ffac33efc30, combined_find_spawn=1)
at pbx.c:6037
#11 0x0000000000538d1c in __ast_pbx_run (c=0x7ffb00d720a8, args=0x0) at
pbx.c:6512
#12 0x000000000053a7f9 in pbx_thread (data=0x7ffb00d720a8) at pbx.c:6842
#13 0x0000000000595656 in dummy_start (data=0x7ffb00a906e0) at utils.c:1169
#14 0x00007ffb2886f9d1 in start_thread () from /lib64/libpthread.so.0
#15 0x00007ffb29e8bb6d in clone () from /lib64/libc.so.6
