| Summary: | ASTERISK-13889: Chan_sip core dump on program execution | ||
| Reporter: | fordattenborough (fordattenborough) | Labels: | |
| Date Opened: | 2009-04-03 02:20:35 | Date Closed: | 2009-04-03 16:27:53 |
| Priority: | Critical | Regression? | No |
| Status: | Closed/Complete | Components: | Channels/chan_sip/General |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ||
| Description: | After building 1.6.0.8 on centos 5.2 and having a few sip endpoints successfully register, asterisk coredumped with the following error. Subsequent asterisk restarts immediately produce the following error. Removing and rebuilding asterisk always produces this error now. ****** ADDITIONAL INFORMATION ****** [Apr 3 00:15:00] ERROR[11132]: chan_sip.c:2922 __sip_reliable_xmit: Serious Network Trouble; __sip_xmit returns error for pkt data *** glibc detected *** asterisk: double free or corruption (out): 0xb7df9268 *** ======= Backtrace: ========= /lib/libc.so.6[0x6e70f1] /lib/libc.so.6(cfree+0x90)[0x6eabc0] /usr/lib/asterisk/modules/chan_sip.so[0x9b3a24] /usr/lib/asterisk/modules/chan_sip.so[0x9c75a0] /usr/lib/asterisk/modules/chan_sip.so[0x9c7aed] /usr/lib/asterisk/modules/chan_sip.so[0x9f92e4] /usr/lib/asterisk/modules/chan_sip.so[0x9dd877] /usr/lib/asterisk/modules/chan_sip.so[0x9f4255] /usr/lib/asterisk/modules/chan_sip.so[0x9f85d7] asterisk[0x80ce1d1] asterisk(load_modules+0x2d7)[0x80cedb7] asterisk(main+0x1c89)[0x80762e9] /lib/libc.so.6(__libc_start_main+0xdc)[0x693e8c] asterisk[0x805b121] ======= Memory map: ======== 00101000-0012e000 r-xp 00000000 fd:00 15799970 /usr/lib/libgssapi_krb5.so.2.2 0012e000-0012f000 rwxp 0002d000 fd:00 15799970 /usr/lib/libgssapi_krb5.so.2.2 0012f000-00130000 r-xp 00000000 fd:00 16649757 /usr/lib/asterisk/modules/func_blacklist.so 00130000-00131000 rwxp 00000000 fd:00 16649757 /usr/lib/asterisk/modules/func_blacklist.so 00131000-00174000 r-xp 00000000 fd:00 7110708 /lib/libssl.so.0.9.8e 00174000-00178000 rwxp 00042000 fd:00 7110708 /lib/libssl.so.0.9.8e 00178000-0017d000 r-xp 00000000 fd:00 16649783 /usr/lib/asterisk/modules/func_strings.so 0017d000-0017e000 rwxp 00004000 fd:00 16649783 /usr/lib/asterisk/modules/func_strings.so 0017e000-001e8000 r-xp 00000000 fd:00 15805058 /usr/lib/libodbc.so.1.0.0 001e8000-001ec000 rwxp 00069000 fd:00 15805058 /usr/lib/libodbc.so.1.0.0 001ec000-001ed000 rwxp 001ec000 00:00 0 001ed000-001f5000 r-xp 00000000 fd:00 16649806 /usr/lib/asterisk/modules/res_smdi.so 001f5000-001f6000 rwxp 00008000 fd:00 16649806 /usr/lib/asterisk/modules/res_smdi.so 001f6000-001fe000 r-xp 00000000 fd:00 16649795 /usr/lib/asterisk/modules/res_config_ldap.so 001fe000-001ff000 rwxp 00008000 fd:00 16649795 /usr/lib/asterisk/modules/res_config_ldap.so 001ff000-00203000 r-xp 00000000 fd:00 16649799 /usr/lib/asterisk/modules/res_indications.so 00203000-00204000 rwxp 00003000 fd:00 16649799 /usr/lib/asterisk/modules/res_indications.so 00204000-00213000 r-xp 00000000 fd:00 16649792 /usr/lib/asterisk/modules/res_agi.so 00213000-00218000 rwxp 0000e000 fd:00 16649792 /usr/lib/asterisk/modules/res_agi.so 00218000-0021e000 r-xp 00000000 fd:00 16649801 /usr/lib/asterisk/modules/res_monitor.so 0021e000-0021f000 rwxp 00005000 fd:00 16649801 /usr/lib/asterisk/modules/res_monitor.so 0021f000-00222000 r-xp 00000000 fd:00 16649701 /usr/lib/asterisk/modules/app_readexten.so 00222000-00223000 rwxp 00002000 fd:00 16649701 /usr/lib/asterisk/modules/app_readexten.so 00223000-00225000 r-xp 00000000 fd:00 16649651 /usr/lib/asterisk/modules/pbx_ael.so 00225000-00226000 rwxp 00001000 fd:00 16649651 /usr/lib/asterisk/modules/pbx_ael.so 00226000-00228000 r-xp 00000000 fd:00 16649680 /usr/lib/asterisk/modules/app_flash.so 00228000-00229000 rwxp 00001000 fd:00 16649680 /usr/lib/asterisk/modules/app_flash.so 00229000-0022b000 r-xp 00000000 fd:00 16649677 /usr/lib/asterisk/modules/app_exec.so 0022b000-0022c000 rwxp 00001000 fd:00 16649677 /usr/lib/asterisk/modules/app_exec.so 0022c000-0022e000 r-xp 00000000 fd:00 16649665 /usr/lib/asterisk/modules/app_controlplayback.so 0022e000-0022f000 rwxp 00001000 fd:00 16649665 /usr/lib/asterisk/modules/app_controlplayback.so 0022f000-00235000 r-xp 00000000 fd:00 16649664 /usr/lib/asterisk/modules/app_chanspy.so 00235000-00236000 rwxp 00005000 fd:00 16649664 /usr/lib/asterisk/modules/app_chanspy.so 00236000-00239000 r-xp 00000000 fd:00 16649660 /usr/lib/asterisk/modules/app_authenticate.so 00239000-0023a000 rwxp 00002000 fd:00 16649660 /usr/lib/asterisk/modules/app_authenticate.so 0023a000-0026a000 r-xp 00000000 fd:00 15798753 /usr/lib/libidn.so.11.5.19 0026a000-0026b000 rwxp 0002f000 fd:00 15798753 /usr/lib/libidn.so.11.5.19 0026b000-0026d000 r-xp 00000000 fd:00 16649800 /usr/lib/asterisk/modules/res_limit.so 0026d000-0026e000 rwxp 00001000 fd:00 16649800 /usr/lib/asterisk/modules/res_limit.so 0026e000-00270000 r-xp 00000000 fd:00 16649693 /usr/lib/asterisk/modules/app_nbscat.so 00270000-00271000 rwxp 00001000 fd:00 16649693 /usr/lib/asterisk/modules/app_nbscat.so 00271000-00273000 r-xp 00000000 fd:00 16649769 /usr/lib/asterisk/modules/func_extstate.so 00273000-00274000 rwxp 00001000 fd:00 16649769 /usr/lib/asterisk/modules/func_extstate.so 00274000-00278000 r-xp 00000000 fd:00 16649643 /usr/lib/asterisk/modules/chan_local.so 00278000-00279000 rwxp 00003000 fd:00 16649643 /usr/lib/asterisk/modules/chan_local.so 00279000-0027d000 r-xp 00000000 fd:00 16649656 /usr/lib/asterisk/modules/pbx_spool.so 0027d000-0027e000 rwxp 00003000 fd:00 16649656 /usr/lib/asterisk/modules/pbx_spool.so 0027e000-00280000 r-xp 00000000 fd:00 16649718 /usr/lib/asterisk/modules/app_verbose.so 00280000-00281000 rwxp 00001000 fd:00 16649718 /usr/lib/asterisk/modules/app_verbose.so 00281000-00286000 r-xp 00000000 fd:00 16649686 /usr/lib/asterisk/modules/app_macro.so 00286000-00287000 rwxp 00005000 fd:00 16649686 /usr/lib/asterisk/modules/app_macro.so 00287000-00289000 r-xp 00000000 fd:00 16649751 /usr/lib/asterisk/modules/cdr_custom.so 00289000-0028a000 rwxp 00001000 fd:00 16649751 /usr/lib/asterisk/modules/cdr_custom.so 0028a000-0028b000 rwxp 0028a000 00:00 0 0028b000-00292000 r-xp 00000000 fd:00 16649681 /usr/lib/asterisk/modules/app_followme.so 00292000-00299000 rwxp 00007000 fd:00 16649681 /usr/lib/asterisk/modules/app_followme.so 00299000-0029b000 r-xp 00000000 fd:00 16649793 /usr/lib/asterisk/modules/res_clioriginate.so 0029b000-0029c000 rwxp 00001000 fd:00 16649793 /usr/lib/asterisk/modules/res_clioriginate.so 0029c000-0029e000 r-xp 00000000 fd:00 16649655 /usr/lib/asterisk/modules/pbx_realtime.so 0029e000-0029f000 rwxp 00001000 fd:00 16649655 /usr/lib/asterisk/modules/pbx_realtime.so 0029f000-002a3000 r-xp 00000000 fd:00 16649658 /usr/lib/asterisk/modules/app_alarmreceiver.so 002a3000-002a4000 rwxp 00003000 fd:00 16649658 /usr/lib/asterisk/modules/app_alarmreceiver.so 002a4000-002a8000 r-xp 00000000 fd:00 16649697 /usr/lib/asterisk/modules/app_playback.so 002a8000-002a9000 rwxp 00003000 fd:00 16649697 /usr/lib/asterisk/modules/app_playback.so 002a9000-002aa000 r-xp 00000000 fd:00 16649766 /usr/lib/asterisk/modules/func_dialplan.so 002aa000-002ab000 rwxp 00001000 fd:00 16649766 /usr/lib/asterisk/modules/func_dialplan.so 002ab000-002ac000 r-xp 00000000 fd:00 16649707 /usr/lib/asterisk/modules/app_setcallerid.so 002ac000-002ad000 rwxp 00001000 fd:00 16649707 /usr/lib/asterisk/modules/app_setcallerid.so 002ad000-002b3000 r-xp 00000000 fd:00 16649749 /usr/lib/asterisk/modules/cdr_adaptive_odbc.so 002b3000-002b4000 rwxp 00005000 fd:00 16649749 /usr/lib/asterisk/modules/cdr_adaptive_odbc.so 002b4000-002b6000 r-xp 00000000 fd:00 16649772 /usr/lib/asterisk/modules/func_iconv.so 002b6000-002b7000 rwxp 00001000 fd:00 16649772 /usr/lib/asterisk/modules/func_iconv.so 002b7000-002b9000 r-xp 00000000 fd:00 16649666 /usr/lib/asterisk/modules/app_dahdibarge.so 002b9000-002ba000 rwxp 00002000 fd:00 16649666 /usr/lib/asterisk/modules/app_dahdibarge.so 002ba000-002bb000 r-xp 00000000 fd:00 16649704 /usr/lib/asterisk/modules/app_sayunixtime.so 002bb000-002bc000 rwxp 00001000 fd:00 16649704 /usr/lib/asterisk/modules/app_sayunixtime.so 002bc000-002c0000 r-xp 00000000 fd:00 16649673 /usr/lib/asterisk/modules/app_directory.so 002c0000-002c1000 rwxp 00004000 fd:00 16649673 /usr/lib/asterisk/modules/app_directory.so 002c1000-002e7000 r-xp 00000000 fd:00 16649719 /usr/lib/asterisk/modules/app_voicemail.so 002e7000-002e8000 rwxp 00026000 fd:00 16649719 /usr/lib/asterisk/modules/app_voicemail.so 002e8000-002ea000 rwxp 002e8000 00:00 0 002ea000-002ec000 r-xp 00000000 fd:00 16649667 /usr/lib/asterisk/modules/app_dahdiras.so 002ec000-002ed000 rwxp 00002000 fd:00 16649667 /usr/lib/asterisk/modules/app_dahdiras.so 002ed000-002f2000 r-xp 00000000 fd:00 16649710 /usr/lib/asterisk/modules/app_speech_utils.so 002f2000-002f3000 rwxp 00005000 fd:00 16649710 /usr/lib/asterisk/modules/app_speech_utils.so 002f3000-002f5000 r-xp 00000000 fd:00 16649743 /usr/lib/asterisk/modules/format_pcm.so 002f5000-002f6000 rwxp 00002000 fd:00 16649743 /usr/lib/asterisk/modules/format_pcm.so 002f6000-002f8000 r-xp 00000000 fd:00 16649789 /usr/lib/asterisk/modules/func_volume.so 002f8000-002f9000 rwxp 00001000 fd:00 16649789 /usr/lib/asterisk/modules/func_volume.so 002f9000-002fb000 r-xp 00000000 fd:00 16649745 /usr/lib/asterisk/modules/format_sln.so 002fb000-002fc000 rwxp 00001000 fd:00 16649745 /usr/lib/asterisk/modules/format_sln.so 002fc000-00308000 r-xp 00000000 fd:00 16649657 /usr/lib/asterisk/modules/app_adsiprog.so 00308000-00309000 rwxp 0000b000 fd:00 16649657 /usr/lib/asterisk/modules/app_adsiprog.so 00309000-0030c000 r-xp 00000000 fd:00 16649747 /usr/lib/asterisk/modules/format_wav.so 0030c000-0030d000 rwxp 00002000 fd:00 16649747 /usr/lib/asterisk/modules/format_wav.so 0030d000-0030f000 r-xp 00000000 fd:00 16649784 /usr/lib/asterisk/modules/func_sysinfo.so 0030f000-00310000 rwxp 00001000 fd:00 16649784 /usr/lib/asterisk/modules/func_sysinfo.so 00310000-0036d000 r-xp 00000000 fd:00 15804419 /usr/lib/libsqlite3.so.0.8.6 0036d000-0036f000 rwxp 0005c000 fd:00 15804419 /usr/lib/libsqlite3.so.0.8.6 0036f000-00371000 r-xp 00000000 fd:00 16649675 /usr/lib/asterisk/modules/app_dumpchan.so 00371000-00372000 rwxp 00001000 fd:00 16649675 /usr/lib/asterisk/modules/app_dumpchan.so 00372000-00374000 r-xp 00000000 fd:00 16649671 /usr/lib/asterisk/modules/app_dictate.so 00374000-00375000 rwxp 00002000 fd:00 16649671 /usr/lib/asterisk/modules/app_dictate.so 00375000-00376000 r-xp 00000000 fd:00 16649685 /usr/lib/asterisk/modules/app_image.so 0037600Aborted (core dumped) Valgrind: [root@voip01 valgrind-3.4.1]# valgrind --tool=memcheck asterisk ==10863== Memcheck, a memory error detector. ==10863== Copyright (C) 2002-2008, and GNU GPL'd, by Julian Seward et al. ==10863== Using LibVEX rev 1884, a library for dynamic binary translation. ==10863== Copyright (C) 2004-2008, and GNU GPL'd, by OpenWorks LLP. ==10863== Using valgrind-3.4.1, a dynamic binary instrumentation framework. ==10863== Copyright (C) 2000-2008, and GNU GPL'd, by Julian Seward et al. ==10863== For more details, rerun with: -v ==10863== ==10863== ==10863== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 29 from 1) ==10863== malloc/free: in use at exit: 3,576 bytes in 128 blocks. ==10863== malloc/free: 182 allocs, 54 frees, 12,961 bytes allocated. ==10863== For counts of detected errors, rerun with: -v ==10863== searching for pointers to 128 not-freed blocks. ==10863== checked 476,360 bytes. ==10863== ==10863== LEAK SUMMARY: ==10863== definitely lost: 0 bytes in 0 blocks. ==10863== possibly lost: 0 bytes in 0 blocks. ==10863== still reachable: 3,576 bytes in 128 blocks. ==10863== suppressed: 0 bytes in 0 blocks. ==10863== Rerun with --leak-check=full to see details of leaked memory. [root@voip01 valgrind-3.4.1]# ==10864== Invalid read of size 1 ==10864== at 0x66E45D: _dl_close (in /lib/ld-2.5.so) ==10864== by 0x7C4CE3: dlclose_doit (in /lib/libdl-2.5.so) ==10864== by 0x668E45: _dl_catch_error (in /lib/ld-2.5.so) ==10864== by 0x7C52CB: _dlerror_run (in /lib/libdl-2.5.so) ==10864== by 0x7C4D19: dlclose (in /lib/libdl-2.5.so) ==10864== by 0x80CE833: load_resource (loader.c:397) ==10864== by 0x80CECF8: load_modules (loader.c:873) ==10864== by 0x8076221: main (asterisk.c:3381) ==10864== Address 0x402b00c is 516 bytes inside a block of size 650 free'd ==10864== at 0x400562C: free (vg_replace_malloc.c:323) ==10864== by 0x66E002: _dl_close_worker (in /lib/ld-2.5.so) ==10864== by 0x66E486: _dl_close (in /lib/ld-2.5.so) ==10864== by 0x7C4CE3: dlclose_doit (in /lib/libdl-2.5.so) ==10864== by 0x668E45: _dl_catch_error (in /lib/ld-2.5.so) ==10864== by 0x7C52CB: _dlerror_run (in /lib/libdl-2.5.so) ==10864== by 0x7C4D19: dlclose (in /lib/libdl-2.5.so) ==10864== by 0x80CE833: load_resource (loader.c:397) ==10864== by 0x80CECF8: load_modules (loader.c:873) ==10864== by 0x8076221: main (asterisk.c:3381) ==10864== ==10864== Invalid read of size 4 ==10864== at 0x66E466: _dl_close (in /lib/ld-2.5.so) ==10864== by 0x7C4CE3: dlclose_doit (in /lib/libdl-2.5.so) ==10864== by 0x668E45: _dl_catch_error (in /lib/ld-2.5.so) ==10864== by 0x7C52CB: _dlerror_run (in /lib/libdl-2.5.so) ==10864== by 0x7C4D19: dlclose (in /lib/libdl-2.5.so) ==10864== by 0x80CE833: load_resource (loader.c:397) ==10864== by 0x80CECF8: load_modules (loader.c:873) ==10864== by 0x8076221: main (asterisk.c:3381) ==10864== Address 0x402af90 is 392 bytes inside a block of size 650 free'd ==10864== at 0x400562C: free (vg_replace_malloc.c:323) ==10864== by 0x66E002: _dl_close_worker (in /lib/ld-2.5.so) ==10864== by 0x66E486: _dl_close (in /lib/ld-2.5.so) ==10864== by 0x7C4CE3: dlclose_doit (in /lib/libdl-2.5.so) ==10864== by 0x668E45: _dl_catch_error (in /lib/ld-2.5.so) ==10864== by 0x7C52CB: _dlerror_run (in /lib/libdl-2.5.so) ==10864== by 0x7C4D19: dlclose (in /lib/libdl-2.5.so) ==10864== by 0x80CE833: load_resource (loader.c:397) ==10864== by 0x80CECF8: load_modules (loader.c:873) ==10864== by 0x8076221: main (asterisk.c:3381) ==10864== ==10864== Invalid read of size 4 ==10864== at 0x66E49D: _dl_close (in /lib/ld-2.5.so) ==10864== by 0x7C4CE3: dlclose_doit (in /lib/libdl-2.5.so) ==10864== by 0x668E45: _dl_catch_error (in /lib/ld-2.5.so) ==10864== by 0x7C52CB: _dlerror_run (in /lib/libdl-2.5.so) ==10864== by 0x7C4D19: dlclose (in /lib/libdl-2.5.so) ==10864== by 0x80CE833: load_resource (loader.c:397) ==10864== by 0x80CECF8: load_modules (loader.c:873) ==10864== by 0x8076221: main (asterisk.c:3381) ==10864== Address 0x402ae0c is 4 bytes inside a block of size 650 free'd ==10864== at 0x400562C: free (vg_replace_malloc.c:323) ==10864== by 0x66E002: _dl_close_worker (in /lib/ld-2.5.so) ==10864== by 0x66E486: _dl_close (in /lib/ld-2.5.so) ==10864== by 0x7C4CE3: dlclose_doit (in /lib/libdl-2.5.so) ==10864== by 0x668E45: _dl_catch_error (in /lib/ld-2.5.so) ==10864== by 0x7C52CB: _dlerror_run (in /lib/libdl-2.5.so) ==10864== by 0x7C4D19: dlclose (in /lib/libdl-2.5.so) ==10864== by 0x80CE833: load_resource (loader.c:397) ==10864== by 0x80CECF8: load_modules (loader.c:873) ==10864== by 0x8076221: main (asterisk.c:3381) ==10864== ==10864== Invalid read of size 1 ==10864== at 0x40069B8: strlen (mc_replace_strmem.c:243) ==10864== by 0x668F41: _dl_signal_error (in /lib/ld-2.5.so) ==10864== by 0x66E4B2: _dl_close (in /lib/ld-2.5.so) ==10864== by 0x7C4CE3: dlclose_doit (in /lib/libdl-2.5.so) ==10864== by 0x668E45: _dl_catch_error (in /lib/ld-2.5.so) ==10864== by 0x7C52CB: _dlerror_run (in /lib/libdl-2.5.so) ==10864== by 0x7C4D19: dlclose (in /lib/libdl-2.5.so) ==10864== by 0x80CE833: load_resource (loader.c:397) ==10864== by 0x80CECF8: load_modules (loader.c:873) ==10864== by 0x8076221: main (asterisk.c:3381) ==10864== Address 0x402ada8 is 0 bytes inside a block of size 42 free'd ==10864== at 0x400562C: free (vg_replace_malloc.c:323) ==10864== by 0x66DF80: _dl_close_worker (in /lib/ld-2.5.so) ==10864== by 0x66E486: _dl_close (in /lib/ld-2.5.so) ==10864== by 0x7C4CE3: dlclose_doit (in /lib/libdl-2.5.so) ==10864== by 0x668E45: _dl_catch_error (in /lib/ld-2.5.so) ==10864== by 0x7C52CB: _dlerror_run (in /lib/libdl-2.5.so) ==10864== by 0x7C4D19: dlclose (in /lib/libdl-2.5.so) ==10864== by 0x80CE833: load_resource (loader.c:397) ==10864== by 0x80CECF8: load_modules (loader.c:873) ==10864== by 0x8076221: main (asterisk.c:3381) ==10864== ==10864== Invalid read of size 1 ==10864== at 0x40069C3: strlen (mc_replace_strmem.c:243) ==10864== by 0x668F41: _dl_signal_error (in /lib/ld-2.5.so) ==10864== by 0x66E4B2: _dl_close (in /lib/ld-2.5.so) ==10864== by 0x7C4CE3: dlclose_doit (in /lib/libdl-2.5.so) ==10864== by 0x668E45: _dl_catch_error (in /lib/ld-2.5.so) ==10864== by 0x7C52CB: _dlerror_run (in /lib/libdl-2.5.so) ==10864== by 0x7C4D19: dlclose (in /lib/libdl-2.5.so) ==10864== by 0x80CE833: load_resource (loader.c:397) ==10864== by 0x80CECF8: load_modules (loader.c:873) ==10864== by 0x8076221: main (asterisk.c:3381) ==10864== Address 0x402ada9 is 1 bytes inside a block of size 42 free'd ==10864== at 0x400562C: free (vg_replace_malloc.c:323) ==10864== by 0x66DF80: _dl_close_worker (in /lib/ld-2.5.so) ==10864== by 0x66E486: _dl_close (in /lib/ld-2.5.so) ==10864== by 0x7C4CE3: dlclose_doit (in /lib/libdl-2.5.so) ==10864== by 0x668E45: _dl_catch_error (in /lib/ld-2.5.so) ==10864== by 0x7C52CB: _dlerror_run (in /lib/libdl-2.5.so) ==10864== by 0x7C4D19: dlclose (in /lib/libdl-2.5.so) ==10864== by 0x80CE833: load_resource (loader.c:397) ==10864== by 0x80CECF8: load_modules (loader.c:873) ==10864== by 0x8076221: main (asterisk.c:3381) ==10864== ==10864== Invalid read of size 2 ==10864== at 0x670D7A: memcpy (in /lib/ld-2.5.so) ==10864== by 0x66E4B2: _dl_close (in /lib/ld-2.5.so) ==10864== by 0x7C4CE3: dlclose_doit (in /lib/libdl-2.5.so) ==10864== by 0x668E45: _dl_catch_error (in /lib/ld-2.5.so) ==10864== by 0x7C52CB: _dlerror_run (in /lib/libdl-2.5.so) ==10864== by 0x7C4D19: dlclose (in /lib/libdl-2.5.so) ==10864== by 0x80CE833: load_resource (loader.c:397) ==10864== by 0x80CECF8: load_modules (loader.c:873) ==10864== by 0x8076221: main (asterisk.c:3381) ==10864== Address 0x402ada8 is 0 bytes inside a block of size 42 free'd ==10864== at 0x400562C: free (vg_replace_malloc.c:323) ==10864== by 0x66DF80: _dl_close_worker (in /lib/ld-2.5.so) ==10864== by 0x66E486: _dl_close (in /lib/ld-2.5.so) ==10864== by 0x7C4CE3: dlclose_doit (in /lib/libdl-2.5.so) ==10864== by 0x668E45: _dl_catch_error (in /lib/ld-2.5.so) ==10864== by 0x7C52CB: _dlerror_run (in /lib/libdl-2.5.so) ==10864== by 0x7C4D19: dlclose (in /lib/libdl-2.5.so) ==10864== by 0x80CE833: load_resource (loader.c:397) ==10864== by 0x80CECF8: load_modules (loader.c:873) ==10864== by 0x8076221: main (asterisk.c:3381) ==10864== ==10864== Invalid read of size 4 ==10864== at 0x670D7C: memcpy (in /lib/ld-2.5.so) ==10864== by 0x66E4B2: _dl_close (in /lib/ld-2.5.so) ==10864== by 0x7C4CE3: dlclose_doit (in /lib/libdl-2.5.so) ==10864== by 0x668E45: _dl_catch_error (in /lib/ld-2.5.so) ==10864== by 0x7C52CB: _dlerror_run (in /lib/libdl-2.5.so) ==10864== by 0x7C4D19: dlclose (in /lib/libdl-2.5.so) ==10864== by 0x80CE833: load_resource (loader.c:397) ==10864== by 0x80CECF8: load_modules (loader.c:873) ==10864== by 0x8076221: main (asterisk.c:3381) ==10864== Address 0x402adaa is 2 bytes inside a block of size 42 free'd ==10864== at 0x400562C: free (vg_replace_malloc.c:323) ==10864== by 0x66DF80: _dl_close_worker (in /lib/ld-2.5.so) ==10864== by 0x66E486: _dl_close (in /lib/ld-2.5.so) ==10864== by 0x7C4CE3: dlclose_doit (in /lib/libdl-2.5.so) ==10864== by 0x668E45: _dl_catch_error (in /lib/ld-2.5.so) ==10864== by 0x7C52CB: _dlerror_run (in /lib/libdl-2.5.so) ==10864== by 0x7C4D19: dlclose (in /lib/libdl-2.5.so) ==10864== by 0x80CE833: load_resource (loader.c:397) ==10864== by 0x80CECF8: load_modules (loader.c:873) ==10864== by 0x8076221: main (asterisk.c:3381) ==10864== ==10864== Invalid read of size 1 ==10864== at 0x670D75: memcpy (in /lib/ld-2.5.so) ==10864== by 0x66E4B2: _dl_close (in /lib/ld-2.5.so) ==10864== by 0x7C4CE3: dlclose_doit (in /lib/libdl-2.5.so) ==10864== by 0x668E45: _dl_catch_error (in /lib/ld-2.5.so) ==10864== by 0x7C52CB: _dlerror_run (in /lib/libdl-2.5.so) ==10864== by 0x7C4D19: dlclose (in /lib/libdl-2.5.so) ==10864== by 0x80CE833: load_resource (loader.c:397) ==10864== by 0x80CECF8: load_modules (loader.c:873) ==10864== by 0x80762E8: main (asterisk.c:3446) ==10864== Address 0x403c9e0 is 0 bytes inside a block of size 45 free'd ==10864== at 0x400562C: free (vg_replace_malloc.c:323) ==10864== by 0x66DF80: _dl_close_worker (in /lib/ld-2.5.so) ==10864== by 0x66E486: _dl_close (in /lib/ld-2.5.so) ==10864== by 0x7C4CE3: dlclose_doit (in /lib/libdl-2.5.so) ==10864== by 0x668E45: _dl_catch_error (in /lib/ld-2.5.so) ==10864== by 0x7C52CB: _dlerror_run (in /lib/libdl-2.5.so) ==10864== by 0x7C4D19: dlclose (in /lib/libdl-2.5.so) ==10864== by 0x80CE833: load_resource (loader.c:397) ==10864== by 0x80CECF8: load_modules (loader.c:873) ==10864== by 0x80762E8: main (asterisk.c:3446) ==10864== ==10864== Invalid free() / delete / delete[] ==10864== at 0x400562C: free (vg_replace_malloc.c:323) ==10864== by 0x4D7EA23: __sip_reliable_xmit (chan_sip.c:2925) ==10864== by 0x4D9259F: send_request (chan_sip.c:3196) ==10864== by 0x4D92AEC: transmit_notify_with_mwi (chan_sip.c:9380) ==10864== by 0x4DC42E3: sip_send_mwi_to_peer (chan_sip.c:19300) ==10864== by 0x4DA8876: build_peer (chan_sip.c:21173) ==10864== by 0x4DBF254: reload_config (chan_sip.c:21864) ==10864== by 0x4DC35D6: load_module (chan_sip.c:22503) ==10864== by 0x80CE1D0: load_resource (loader.c:690) ==10864== by 0x80CEDB6: load_modules (loader.c:893) ==10864== by 0x80762E8: main (asterisk.c:3446) ==10864== Address 0x43c7990 is 40 bytes inside a block of size 617 alloc'd ==10864== at 0x4004BAE: calloc (vg_replace_malloc.c:397) ==10864== by 0x4D7E6B2: __sip_reliable_xmit (utils.h:457) ==10864== by 0x4D9259F: send_request (chan_sip.c:3196) ==10864== by 0x4D92AEC: transmit_notify_with_mwi (chan_sip.c:9380) ==10864== by 0x4DC42E3: sip_send_mwi_to_peer (chan_sip.c:19300) ==10864== by 0x4DA8876: build_peer (chan_sip.c:21173) ==10864== by 0x4DBF254: reload_config (chan_sip.c:21864) ==10864== by 0x4DC35D6: load_module (chan_sip.c:22503) ==10864== by 0x80CE1D0: load_resource (loader.c:690) ==10864== by 0x80CEDB6: load_modules (loader.c:893) ==10864== by 0x80762E8: main (asterisk.c:3446) ==10864== ERROR SUMMARY: 8723 errors from 9 contexts (suppressed: 741 from 1) ==10864== malloc/free: in use at exit: 2,167,521 bytes in 15,340 blocks. ==10864== malloc/free: 37,113 allocs, 21,825 frees, 9,126,036 bytes allocated. ==10864== For counts of detected errors, rerun with: -v ==10864== searching for pointers to 15,340 not-freed blocks. ==10864== checked 14,086,320 bytes. ==10864== ==10864== LEAK SUMMARY: ==10864== definitely lost: 28 bytes in 1 blocks. ==10864== possibly lost: 544,228 bytes in 41 blocks. ==10864== still reachable: 1,623,265 bytes in 15,298 blocks. ==10864== suppressed: 0 bytes in 0 blocks. ==10864== Rerun with --leak-check=full to see details of leaked memory. | ||
| Comments: | By: fordattenborough (fordattenborough) 2009-04-03 02:50:58 I've just built 1.6.1.0-rc3 which executes succesfully and does not coredump, fwiw. By: snuffy (snuffy) 2009-04-03 06:44:31 So your happy for this issue to be closed? By: Digium Subversion (svnbot) 2009-04-03 16:27:53 Repository: asterisk Revision: 186517 U branches/1.6.0/channels/chan_sip.c ------------------------------------------------------------------------ r186517 | mmichelson | 2009-04-03 16:27:52 -0500 (Fri, 03 Apr 2009) | 11 lines Remove an invalid call to free memory. A bad merge from trunk to 1.6.0 meant freeing memory that should not be freed. In trunk, pkt->data is an ast_str, but in 1.6.0, it is allocated in the same chunk of memory as the sip_pkt. This only affects 1.6.0. (closes issue ASTERISK-13889) Reported by: cwolff09 ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=186517 | ||