| Summary: | ASTERISK-10988: Core dump <tzafrir> Astrisk passed a bad pointer to libc | ||
| Reporter: | Adam Goryachev (adamg) | Labels: | |
| Date Opened: | 2007-12-06 19:29:09.000-0600 | Date Closed: | 2007-12-06 20:40:31.000-0600 |
| Priority: | Critical | Regression? | No |
| Status: | Closed/Complete | Components: | Core/General |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ||
| Description: | I updated to 1.4SVN and asterisk has crashed a couple of times within 24 hours, (crashes when calls come in or are active, it didn't crash all night while it was in-active). ****** ADDITIONAL INFORMATION ****** Core dump: Core was generated by `asterisk -vvvg -c'. Program terminated with signal 11, Segmentation fault. #0 0xb7d87ad3 in strlen () from /lib/libc.so.6 (gdb) bt #0 0xb7d87ad3 in strlen () from /lib/libc.so.6 #1 0xb7d5d3c4 in vfprintf () from /lib/libc.so.6 #2 0xb7d7ac91 in vsnprintf () from /lib/libc.so.6 #3 0x080fa4b0 in ast_dynamic_str_thread_build_va (buf=0xb6a206a8, max_len=8192, ts=0x8151fac, append=0, fmt=0xb6bbda84 "Skipping dialing interface '%s' since it has already been dialed\n", ap=0xb6a206d4 "\004") at utils.c:1289 #4 0x080ad861 in ast_log (level=0, file=0xb6bbba46 "app_queue.c", line=2609, function=0xb6bc0207 "try_calling", fmt=0xb6bbda84 "Skipping dialing interface '%s' since it has already been dialed\n") at logger.c:807 ASTERISK-1 0xb6bb6204 in try_calling (qe=0xb6a22864, options=<value optimized out>, announceoverride=0x0, url=0x0, tries=0xb6a22a00, noption=0xb6a229fc, agi=0x0) at app_queue.c:2609 ASTERISK-2 0xb6bbaabc in queue_exec (chan=0x827f3f8, data=0xb6a24a88) at app_queue.c:3696 ASTERISK-3 0x080c8e1a in pbx_extension_helper (c=0x827f3f8, con=0x0, context=0x827f578 "remote", exten=0x827f5c8 "s", priority=15, label=0x0, callerid=0x821de68 "90296715902", action=E_SPAWN) at pbx.c:532 ASTERISK-4 0x080cb3da in __ast_pbx_run (c=0x827f3f8) at pbx.c:2304 ASTERISK-5 0x080cc49e in pbx_thread (data=0x827f3f8) at pbx.c:2621 ASTERISK-6 0x080f9810 in dummy_start (data=0x8268348) at utils.c:847 ASTERISK-7 0xb7eb7c51 in pthread_start_thread () from /lib/libpthread.so.0 ASTERISK-8 0xb7dd941a in clone () from /lib/libc.so.6 | ||
| Comments: | By: Adam Goryachev (adamg) 2007-12-06 19:52:13.000-0600 Seems to be reproducible every time an inbound call is received: -- Executing [s@remote:12] NoOp("Zap/2-1", "QUEUE_PRIO=1") in new stack -- Executing [s@remote:13] Set("Zap/2-1", "QUEUE_PRIO=2") in new stack -- Executing [s@remote:14] NoOp("Zap/2-1", "QUEUE_PRIO=2") in new stack -- Executing [s@remote:15] Queue("Zap/2-1", "webman-a|nrwW") in new stack asterisk*CLI> Asterisk ended with exit status 0 Asterisk shutdown normally. Disconnected from Asterisk server Executing last minute cleanups Core was generated by `asterisk -vvvg -c'. Program terminated with signal 11, Segmentation fault. #0 0xb7e3fad3 in strlen () from /lib/libc.so.6 (gdb) bt #0 0xb7e3fad3 in strlen () from /lib/libc.so.6 #1 0xb7e153c4 in vfprintf () from /lib/libc.so.6 #2 0xb7e32c91 in vsnprintf () from /lib/libc.so.6 #3 0x080fa4b0 in ast_dynamic_str_thread_build_va (buf=0xb695e6a8, max_len=8192, ts=0x8151fac, append=0, fmt=0xb6b75a84 "Skipping dialing interface '%s' since it has already been dialed\n", ap=0xb695e6d4 "\004") at utils.c:1289 #4 0x080ad861 in ast_log (level=0, file=0xb6b73a46 "app_queue.c", line=2609, function=0xb6b78207 "try_calling", fmt=0xb6b75a84 "Skipping dialing interface '%s' since it has already been dialed\n") at logger.c:807 ASTERISK-1 0xb6b6e204 in try_calling (qe=0xb6960864, options=<value optimized out>, announceoverride=0x0, url=0x0, tries=0xb6960a00, noption=0xb69609fc, agi=0x0) at app_queue.c:2609 ASTERISK-2 0xb6b72abc in queue_exec (chan=0x81db530, data=0xb6962a88) at app_queue.c:3696 ASTERISK-3 0x080c8e1a in pbx_extension_helper (c=0x81db530, con=0x0, context=0x81db6b0 "remote", exten=0x81db700 "s", priority=15, label=0x0, callerid=0x81db928 "90402078431", action=E_SPAWN) at pbx.c:532 ASTERISK-4 0x080cb3da in __ast_pbx_run (c=0x81db530) at pbx.c:2304 ASTERISK-5 0x080cc49e in pbx_thread (data=0x81db530) at pbx.c:2621 ASTERISK-6 0x080f9810 in dummy_start (data=0x81dad00) at utils.c:847 ASTERISK-7 0xb7f6fc51 in pthread_start_thread () from /lib/libpthread.so.0 ASTERISK-8 0xb7e9141a in clone () from /lib/libc.so.6 and again: Core was generated by `asterisk -vvvg -c'. Program terminated with signal 11, Segmentation fault. #0 0xb7dbfad3 in strlen () from /lib/libc.so.6 (gdb) bt #0 0xb7dbfad3 in strlen () from /lib/libc.so.6 #1 0xb7d953c4 in vfprintf () from /lib/libc.so.6 #2 0xb7db2c91 in vsnprintf () from /lib/libc.so.6 #3 0x080fa4b0 in ast_dynamic_str_thread_build_va (buf=0xb6a196a8, max_len=8192, ts=0x8151fac, append=0, fmt=0xb6bf3a84 "Skipping dialing interface '%s' since it has already been dialed\n", ap=0xb6a196d4 "\004") at utils.c:1289 #4 0x080ad861 in ast_log (level=0, file=0xb6bf1a46 "app_queue.c", line=2609, function=0xb6bf6207 "try_calling", fmt=0xb6bf3a84 "Skipping dialing interface '%s' since it has already been dialed\n") at logger.c:807 ASTERISK-1 0xb6bec204 in try_calling (qe=0xb6a1b864, options=<value optimized out>, announceoverride=0x0, url=0x0, tries=0xb6a1ba00, noption=0xb6a1b9fc, agi=0x0) at app_queue.c:2609 ASTERISK-2 0xb6bf0abc in queue_exec (chan=0x821e848, data=0xb6a1da88) at app_queue.c:3696 ASTERISK-3 0x080c8e1a in pbx_extension_helper (c=0x821e848, con=0x0, context=0x821e9c8 "remote", exten=0x821ea18 "s", priority=15, label=0x0, callerid=0x82275e0 "90402078431", action=E_SPAWN) at pbx.c:532 ASTERISK-4 0x080cb3da in __ast_pbx_run (c=0x821e848) at pbx.c:2304 ASTERISK-5 0x080cc49e in pbx_thread (data=0x821e848) at pbx.c:2621 ASTERISK-6 0x080f9810 in dummy_start (data=0x821d4a8) at utils.c:847 ASTERISK-7 0xb7eefc51 in pthread_start_thread () from /lib/libpthread.so.0 ASTERISK-8 0xb7e1141a in clone () from /lib/libc.so.6 By: Adam Goryachev (adamg) 2007-12-06 20:04:41.000-0600 info requested by russellb: Core was generated by `asterisk -vvvg -c'. Program terminated with signal 11, Segmentation fault. #0 0xb7dbfad3 in strlen () from /lib/libc.so.6 (gdb) frame 5 ASTERISK-1 0xb6bec204 in try_calling (qe=0xb6a1b864, options=<value optimized out>, announceoverride=0x0, url=0x0, tries=0xb6a1ba00, noption=0xb6a1b9fc, agi=0x0) at app_queue.c:2609 2609 ast_log(LOG_DEBUG, "Skipping dialing interface '%s' since it has already been dialed\n", di->interface); (gdb) p di $1 = <value optimized out> By: Adam Goryachev (adamg) 2007-12-06 20:11:35.000-0600 new core dump from dont_optimize: Core was generated by `asterisk -vvvg -c'. Program terminated with signal 11, Segmentation fault. #0 0xb7e56ad3 in strlen () from /lib/libc.so.6 (gdb) bt #0 0xb7e56ad3 in strlen () from /lib/libc.so.6 #1 0xb7e2c3c4 in vfprintf () from /lib/libc.so.6 #2 0xb7e49c91 in vsnprintf () from /lib/libc.so.6 #3 0x080fb7ae in ast_dynamic_str_thread_build_va (buf=0xb6978b30, max_len=8192, ts=0x8157a44, append=0, fmt=0xb6b8eb04 "Skipping dialing interface '%s' since it has already been dialed\n", ap=0xb6978b84 "\004") at utils.c:1289 #4 0x080ae952 in ast_log (level=0, file=0xb6b8c3eb "app_queue.c", line=2609, function=0xb6b8eac8 "try_calling", fmt=0xb6b8eb04 "Skipping dialing interface '%s' since it has already been dialed\n") at logger.c:807 ASTERISK-1 0xb6b84246 in try_calling (qe=0xb697a7a8, options=0xb697a74d "", announceoverride=0x0, url=0x0, tries=0xb697a944, noption=0xb697a940, agi=0x0) at app_queue.c:2609 ASTERISK-2 0xb6b8888f in queue_exec (chan=0x8229970, data=0xb697cac8) at app_queue.c:3696 ASTERISK-3 0x080b99d4 in pbx_exec (c=0x8229970, app=0x824ed60, data=0xb697cac8) at pbx.c:532 ASTERISK-4 0x080bcdc7 in pbx_extension_helper (c=0x8229970, con=0x0, context=0x8229af0 "remote", exten=0x8229b40 "s", priority=15, label=0x0, callerid=0xb7b02088 "90402078431", action=E_SPAWN) at pbx.c:1847 ASTERISK-5 0x080bdead in ast_spawn_extension (c=0x8229970, context=0x8229af0 "remote", exten=0x8229b40 "s", priority=15, callerid=0xb7b02088 "90402078431") at pbx.c:2304 ASTERISK-6 0x080be399 in __ast_pbx_run (c=0x8229970) at pbx.c:2406 ASTERISK-7 0x080bf136 in pbx_thread (data=0x8229970) at pbx.c:2621 ASTERISK-8 0x080fa977 in dummy_start (data=0x8224d88) at utils.c:847 ASTERISK-9 0xb7f86c51 in pthread_start_thread () from /lib/libpthread.so.0 ASTERISK-10 0xb7ea841a in clone () from /lib/libc.so.6 (gdb) frame 5 ASTERISK-1 0xb6b84246 in try_calling (qe=0xb697a7a8, options=0xb697a74d "", announceoverride=0x0, url=0x0, tries=0xb697a944, noption=0xb697a940, agi=0x0) at app_queue.c:2609 2609 ast_log(LOG_DEBUG, "Skipping dialing interface '%s' since it has already been dialed\n", di->interface); (gdb) p di $1 = (struct ast_dialed_interface *) 0x0 By: Digium Subversion (svnbot) 2007-12-06 20:17:44.000-0600 Repository: asterisk Revision: 91675 U branches/1.4/apps/app_queue.c ------------------------------------------------------------------------ r91675 | russell | 2007-12-06 20:17:44 -0600 (Thu, 06 Dec 2007) | 7 lines Fix in an issue in the call forwarding handling code that was causing crashes on every call into a queue. I'm not entirely sure about the logic in this part of the code, so I want to look at it some more tomorrow. However, this makes it safe and keeps it from crashing. (closes issue ASTERISK-10988, reported by adamg, patched by me) ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=91675 By: Digium Subversion (svnbot) 2007-12-06 20:18:18.000-0600 Repository: asterisk Revision: 91676 _U trunk/ U trunk/apps/app_queue.c ------------------------------------------------------------------------ r91676 | russell | 2007-12-06 20:18:17 -0600 (Thu, 06 Dec 2007) | 15 lines Merged revisions 91675 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r91675 | russell | 2007-12-06 20:19:45 -0600 (Thu, 06 Dec 2007) | 7 lines Fix in an issue in the call forwarding handling code that was causing crashes on every call into a queue. I'm not entirely sure about the logic in this part of the code, so I want to look at it some more tomorrow. However, this makes it safe and keeps it from crashing. (closes issue ASTERISK-10988, reported by adamg, patched by me) ........ ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=91676 By: Digium Subversion (svnbot) 2007-12-06 20:35:51.000-0600 Repository: asterisk Revision: 91677 U branches/1.4/apps/app_dial.c U branches/1.4/apps/app_queue.c ------------------------------------------------------------------------ r91677 | russell | 2007-12-06 20:35:51 -0600 (Thu, 06 Dec 2007) | 4 lines Allow dialing local channels from Queue() and Dial() again. There was a slight flaw in the code to prevent call forwards from looping that caused this problem. (related to issue ASTERISK-10988) ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=91677 By: Digium Subversion (svnbot) 2007-12-06 20:40:31.000-0600 Repository: asterisk Revision: 91678 _U trunk/ U trunk/apps/app_dial.c U trunk/apps/app_queue.c ------------------------------------------------------------------------ r91678 | russell | 2007-12-06 20:40:31 -0600 (Thu, 06 Dec 2007) | 12 lines Merged revisions 91677 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r91677 | russell | 2007-12-06 20:38:40 -0600 (Thu, 06 Dec 2007) | 4 lines Allow dialing local channels from Queue() and Dial() again. There was a slight flaw in the code to prevent call forwards from looping that caused this problem. (related to issue ASTERISK-10988) ........ ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=91678 | ||