| Summary: | ASTERISK-06369: [patch] MOH continues to run monmp3thread after freeing class | ||
| Reporter: | Andrew Moise (chops) | Labels: | |
| Date Opened: | 2006-02-19 14:13:28.000-0600 | Date Closed: | 2006-04-17 12:14:33 |
| Priority: | Minor | Regression? | No |
| Status: | Closed/Complete | Components: | Resources/res_musiconhold |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ( 0) 20060411__bug6544.diff.txt | |
| Description: | valgrind complains about MOH accessing freed data when I exit asterisk. Here's the output: Executing last minute cleanups == Destroying musiconhold processes ==14569== Thread 4: ==14569== Invalid read of size 4 ==14569== at 0x4028316: ??? (res_musiconhold.c:494) ==14569== Address 0x4216BF4 is 66,180 bytes inside a block of size 66,188 free'd ==14569== at 0x401D048: free (vg_replace_malloc.c:235) ==14569== by 0x4028C6A: ??? (res_musiconhold.c:171) ==14569== ==14569== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- Feb 19 15:54:35 NOTICE[14573]: res_musiconhold.c:508 monmp3thread: Request to schedule in the past?!?! ==14569== ==14569== Invalid read of size 4 ==14569== at 0x402800A: ??? (res_musiconhold.c:513) ==14569== Address 0x4216BEC is 66,172 bytes inside a block of size 66,188 free'd ==14569== at 0x401D048: free (vg_replace_malloc.c:235) ==14569== by 0x4028C6A: ??? (res_musiconhold.c:171) ==14569== ==14569== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- ==14569== ==14569== Invalid read of size 4 ==14569== at 0x4027FC8: ??? (res_musiconhold.c:487) ==14569== Address 0x4216BF0 is 66,176 bytes inside a block of size 66,188 free'd ==14569== at 0x401D048: free (vg_replace_malloc.c:235) ==14569== by 0x4028C6A: ??? (res_musiconhold.c:171) ==14569== ==14569== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- ==14569== ==14569== Invalid read of size 1 ==14569== at 0x4133220: strcasecmp (in /lib/tls/i686/cmov/libc-2.3.6.so) ==14569== by 0x40280D6: ??? (res_musiconhold.c:332) ==14569== Address 0x4206984 is 20 bytes inside a block of size 66,188 free'd ==14569== at 0x401D048: free (vg_replace_malloc.c:235) ==14569== by 0x4028C6A: ??? (res_musiconhold.c:171) ==14569== ==14569== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- ==14569== ==14569== Invalid read of size 1 ==14569== at 0x4150F17: opendir (in /lib/tls/i686/cmov/libc-2.3.6.so) ==14569== by 0x40285DE: ??? (res_musiconhold.c:335) ==14569== Address 0x4206984 is 20 bytes inside a block of size 66,188 free'd ==14569== at 0x401D048: free (vg_replace_malloc.c:235) ==14569== by 0x4028C6A: ??? (res_musiconhold.c:171) ==14569== ==14569== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- ==14569== ==14569== Syscall param open(filename) points to unaddressable byte(s) ==14569== at 0x40007A2: (within /lib/ld-2.3.6.so) ==14569== by 0x40285DE: ??? (res_musiconhold.c:335) ==14569== Address 0x4206984 is 20 bytes inside a block of size 66,188 free'd ==14569== at 0x401D048: free (vg_replace_malloc.c:235) ==14569== by 0x4028C6A: ??? (res_musiconhold.c:171) ==14569== ==14569== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- ==14569== ==14569== Invalid read of size 4 ==14569== at 0x40280F5: ??? (res_musiconhold.c:342) ==14569== Address 0x4216BD4 is 66,148 bytes inside a block of size 66,188 free'd ==14569== at 0x401D048: free (vg_replace_malloc.c:235) ==14569== by 0x4028C6A: ??? (res_musiconhold.c:171) ==14569== ==14569== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- ==14569== ==14569== Invalid read of size 1 ==14569== at 0x401EB7D: strncpy (mac_replace_strmem.c:290) ==14569== by 0x40281A9: ??? (res_musiconhold.c:363) ==14569== Address 0x4206A84 is 276 bytes inside a block of size 66,188 free'd ==14569== at 0x401D048: free (vg_replace_malloc.c:235) ==14569== by 0x4028C6A: ??? (res_musiconhold.c:171) ==14569== ==14569== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- ==14569== ==14569== Invalid read of size 1 ==14569== at 0x41326B2: strstr (in /lib/tls/i686/cmov/libc-2.3.6.so) ==14569== by 0x40281D5: ??? (res_musiconhold.c:388) ==14569== Address 0x4206984 is 20 bytes inside a block of size 66,188 free'd ==14569== at 0x401D048: free (vg_replace_malloc.c:235) ==14569== by 0x4028C6A: ??? (res_musiconhold.c:171) ==14569== ==14569== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- ==14569== ==14569== Invalid read of size 1 ==14569== at 0x41326DC: strstr (in /lib/tls/i686/cmov/libc-2.3.6.so) ==14569== by 0x40281D5: ??? (res_musiconhold.c:388) ==14569== Address 0x420698B is 27 bytes inside a block of size 66,188 free'd ==14569== at 0x401D048: free (vg_replace_malloc.c:235) ==14569== by 0x4028C6A: ??? (res_musiconhold.c:171) ==14569== ==14569== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- ==14569== ==14569== Invalid read of size 1 ==14569== at 0x41326FD: strstr (in /lib/tls/i686/cmov/libc-2.3.6.so) ==14569== by 0x40281D5: ??? (res_musiconhold.c:388) ==14569== Address 0x420698C is 28 bytes inside a block of size 66,188 free'd ==14569== at 0x401D048: free (vg_replace_malloc.c:235) ==14569== by 0x4028C6A: ??? (res_musiconhold.c:171) ==14569== ==14569== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- ==14569== ==14569== Invalid read of size 1 ==14569== at 0x4132713: strstr (in /lib/tls/i686/cmov/libc-2.3.6.so) ==14569== by 0x40281D5: ??? (res_musiconhold.c:388) ==14569== Address 0x420698D is 29 bytes inside a block of size 66,188 free'd ==14569== at 0x401D048: free (vg_replace_malloc.c:235) ==14569== by 0x4028C6A: ??? (res_musiconhold.c:171) ==14569== ==14569== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- ==14569== ==14569== Invalid read of size 1 ==14569== at 0x41326E8: strstr (in /lib/tls/i686/cmov/libc-2.3.6.so) ==14569== by 0x40281D5: ??? (res_musiconhold.c:388) ==14569== Address 0x420699B is 43 bytes inside a block of size 66,188 free'd ==14569== at 0x401D048: free (vg_replace_malloc.c:235) ==14569== by 0x4028C6A: ??? (res_musiconhold.c:171) ==14569== ==14569== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- ==14569== ==14569== Invalid read of size 1 ==14569== at 0x41326B2: strstr (in /lib/tls/i686/cmov/libc-2.3.6.so) ==14569== by 0x40286BD: ??? (res_musiconhold.c:388) ==14569== Address 0x4206984 is 20 bytes inside a block of size 66,188 free'd ==14569== at 0x401D048: free (vg_replace_malloc.c:235) ==14569== by 0x4028C6A: ??? (res_musiconhold.c:171) ==14569== ==14569== ---- Attach to debugger ? --- [Return/N/n/Y/y/C/c] ---- I really don't have much to add, since I didn't do any investigation :-/. | ||
| Comments: | By: Andrew Moise (chops) 2006-02-19 14:28:08.000-0600 I should add that I wasn't doing anything at all with MOH; I was working on something unrelated and this cropped up. So far as I know, it was just loaded and then ignored until it was unloaded again for the program exit some minutes later. By: Ronald Chan (loloski) 2006-02-20 02:44:12.000-0600 Hi!, i think this is the same problem hitting my server a couple of days now, CPU usage was very high, and i haven't touch anything with it's config. i'm using asterisk-1.2.4 with RHEL 4, running on Dual Xeon 3.6 and 4GB of RAM. If this scenario occurs, i can still receive SIP calls to and from the server. but of course you will notice the difference from normal heavy load to unusual. i will try to use SVN first and i'll be back and report if this problem still occurs. Thanks By: Tilghman Lesher (tilghman) 2006-04-11 18:57:40 Please try this patch and see if it fixes your issue. By: Ronald Chan (loloski) 2006-04-15 09:31:21 Thank you!, Corydon76 i will try this patch. rest assured i'll be back to report if this problem still occurs. By: Tilghman Lesher (tilghman) 2006-04-15 09:47:28 Please come back to report, even if it DOESN'T. That's the problem with a lot of reported issues -- we never get the requisite feedback to commit prospective patches. By: Ronald Chan (loloski) 2006-04-17 07:38:55 Corydon76: your patch seems to fix the issues at least for me. Before when i set MeetMe with 'i' option after a few hours, CPU usage was really high right now so far so good. Thanks, please advice me if you need anything. Ronald By: Tilghman Lesher (tilghman) 2006-04-17 12:14:33 Committed to 1.2, merged to trunk. | ||