Summary:ASTERISK-20433: Asterisk exceeds allowed stack during RTCP read on openwrt with uclibc / eglibc during feature code blind transfer and LOW_MEMORY option
Reporter:sun bing (hoowa)Labels:
Date Opened:2012-09-16 07:08:07Date Closed:2018-01-02 08:30:32.000-0600
Status:Closed/CompleteComponents:Resources/res_features Resources/res_rtp_asterisk
Versions: Frequency of
Environment:test1: openwrt r33444, ramips, kernel 3.3.8, uclibc, asterisk- test2: openwrt r33444, x86(virtualbox), kernel 3.3.8, eglibc 2.1.5, asterisk- test3: openwrt r33444, ramips, kernel 3.3.8, uclibc, asterisk- test4: openwrt r33444, ramips, kernel 2.6.35, uclibc, asterisk- test5: openwrt 10.3.1, brcm63xx, kernel, uclibc, asterisk-1.6.2Attachments:( 0) backtrace_fromdesc.txt
( 1) backtrace.txt


exten => _8X.,1,dial(SIP/${EXTEN},40,Tt)

test follow:
make call from 8001 to 8002, after answer, press # to blind transfer, system will segementation fault after playback.

test result:
test1 segementation fault
test2 segementation fault
test3 segementation fault
test4 segementation fault
test5 works fine!!! not segfault!!!

background information: in uclibc has an NTPL implement

i test with gdb in test2(x86):
Unknown RTP codec 126 received from ''
Unknown RTP codec 126 received from ''
Unknown RTP codec 126 received from ''
DTMF begin '#' received on SIP/8002-00000001
DTMF begin passthrough '#' on SIP/8002-00000001
DTMF end '#' received on SIP/8002-00000001, duration 120 ms
DTMF end accepted with begin '#' on SIP/8002-00000001
DTMF end passthrough '#' on SIP/8002-00000001
   -- Started music on hold, class 'default', on SIP/8001-00000000
   -- Stopped music on hold on SIP/8002-00000001
   -- <SIP/8002-00000001> Playing 'pbx-transfer.alaw' (language 'en')
[New LWP 14314]

Comments:By: sun bing (hoowa) 2012-09-16 07:16:36.302-0500

IAX client with features blind transfer works fine on any test, because  iax2 does not use res_rtp_asterisk?????

By: Richard Mudgett (rmudgett) 2012-09-17 12:12:27.620-0500

Thank you for your bug report. In order to move your issue forward, we require a backtrace[1] from the core file produced after the crash. Also, be sure you have DONT_OPTIMIZE enabled in menuselect within the Compiler Flags section, then:

make install

After enabling, reproduce the crash, and then execute the backtrace[1] instructions. When complete, attach that file to this issue report.

[1] https://wiki.asterisk.org/wiki/display/AST/Getting+a+Backtrace

The backtrace that you have pasted to the issue is showing an optimized build with no symbols.  Please recreate the crash with a non-optimized build.

By: Rusty Newton (rnewton) 2012-09-17 13:48:47.465-0500

Additionally to rmudgett's comment, please remember to attach the backtrace as a file , per the [issue guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines]

By: sun bing (hoowa) 2012-09-18 10:00:08.563-0500

hi guys, to enable backtrace i am working all days, very hard to get it, but i was done :-)

i run this command to get this file:
root@OpenWrt:/tmp# gdb -se "/usr/sbin/asterisk" -ex "bt full" -ex "thread apply all bt" --batch -c asterisk.1533.11.1347979943.core > backtrace.txt
95      /ssd/agliepbx/wrtt17-2/build_dir/target-i386_uClibc- No such file or directory.
Cannot access memory at address 0xb69adb3c

test box enviroments:
building host :  centos 6.2 i386
system: openwrt trunk r33444
target: x86 i486
runenv: virtualbox
gcc: 4.6-linaro
libc: uclibc- with uclibc native thread

eyebeam 1.5

8001-->8002 and press # to blind transfer

By: sun bing (hoowa) 2012-09-18 10:01:34.419-0500

i was attached backtrace.txt

By: Rusty Newton (rnewton) 2012-09-19 19:52:44.385-0500

removed segfault spill from desc and added as an attachment

By: sun bing (hoowa) 2012-11-24 05:35:31.011-0600

hello guys.

i am try to complie asterisk without "LOW_MEMORY" and asterisk works fine!!!!!!!!!!!

By: sun bing (hoowa) 2013-01-31 23:51:36.269-0600

i found way to fix the bug

By: sun bing (hoowa) 2013-01-31 23:55:07.552-0600

[edit] - inline patch removed by mjordan (see comment below)

By: Matt Jordan (mjordan) 2013-02-01 03:58:50.883-0600

Patches cannot be accepted inline in comments.

Please attach your patch in unified diff format to this issue after signing a license contributor agreement. Thanks!

By: sun bing (hoowa) 2013-02-01 06:47:43.274-0600

please tell me where i can know "unified diff format"?
and "signing a license contributor agreement"?

thank you

By: Matt Jordan (mjordan) 2013-02-01 10:41:34.955-0600

* [Unified diff format|http://en.wikipedia.org/wiki/Diff#Unified_format]
* The license contributor agreement can be signed by clicking the "Sign a License Agreement" button in Jira.

By: Joshua C. Colp (jcolp) 2017-12-19 07:57:41.483-0600

Did you do as Matt asked in regards to submitting a change?

By: Asterisk Team (asteriskteam) 2018-01-02 08:30:33.019-0600

Suspended due to lack of activity. This issue will be automatically re-opened if the reporter posts a comment. If you are not the reporter and would like this re-opened please create a new issue instead. If the new issue is related to this one a link will be created during the triage process. Further information on issue tracker usage can be found in the Asterisk Issue Guidlines [1].
[1] https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines