[asterisk-bugs] [Asterisk 0011094]: Segfault in strlen from ast_dynamic_str_thread_build_va __iax2_poke_noanswer
noreply at bugs.digium.com
noreply at bugs.digium.com
Fri Oct 26 13:18:50 CDT 2007
The following issue has been ASSIGNED.
======================================================================
http://bugs.digium.com/view.php?id=11094
======================================================================
Reported By: ljackson
Assigned To: russell
======================================================================
Project: Asterisk
Issue ID: 11094
Category: Channels/chan_iax2
Reproducibility: always
Severity: crash
Priority: normal
Status: assigned
Asterisk Version: 1.4.13
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!):
Disclaimer on File?: N/A
Request Review:
======================================================================
Date Submitted: 10-26-2007 10:06 CDT
Last Modified: 10-26-2007 13:18 CDT
======================================================================
Summary: Segfault in strlen from
ast_dynamic_str_thread_build_va __iax2_poke_noanswer
Description:
AFter disconnecting a registerd IAX client's ethernet cable local to the
asterisk server about a 1/10 chance that asterisk will crash with the
following bt from the core:
Core was generated by `/usr/sbin/asterisk -f -vvvg -c'.
Program terminated with signal 11, Segmentation fault.
http://bugs.digium.com/view.php?id=0 0x002c130b in strlen () from
/lib/libc.so.6
(gdb) where
http://bugs.digium.com/view.php?id=0 0x002c130b in strlen () from
/lib/libc.so.6
http://bugs.digium.com/view.php?id=1 0x00293f82 in vfprintf () from
/lib/libc.so.6
http://bugs.digium.com/view.php?id=2 0x002b24b4 in vsnprintf () from
/lib/libc.so.6
http://bugs.digium.com/view.php?id=3 0x080facad in
ast_dynamic_str_thread_build_va (buf=0xb7b4b1f0,
max_len=8192, ts=0x8157444,
append=0, fmt=0x1007744 "Peer '%s' is now UNREACHABLE! Time: %d\n",
ap=0xb7b4b244 "9")
at utils.c:1246
http://bugs.digium.com/view.php?id=4 0x080ae31f in ast_log (level=2,
file=0x1003cd3 "chan_iax2.c",
line=8467,
function=0x100772c "__iax2_poke_noanswer",
fmt=0x1007744 "Peer '%s' is now UNREACHABLE! Time: %d\n") at
logger.c:799
http://bugs.digium.com/view.php?id=5 0x00ff3c61 in __iax2_poke_noanswer
(data=0xa1b37f8) at
chan_iax2.c:8467
http://bugs.digium.com/view.php?id=6 0x00ff2e92 in iax2_process_thread
(data=0xa170778) at
chan_iax2.c:8259
http://bugs.digium.com/view.php?id=7 0x080f9e58 in dummy_start (data=0xa16c5f0)
at utils.c:806
http://bugs.digium.com/view.php?id=8 0x003c82db in start_thread () from
/lib/libpthread.so.0
http://bugs.digium.com/view.php?id=9 0x0032212e in clone () from /lib/libc.so.6
(gdb) frame 3
http://bugs.digium.com/view.php?id=3 0x080facad in
ast_dynamic_str_thread_build_va (buf=0xb7b4b1f0,
max_len=8192, ts=0x8157444,
append=0, fmt=0x1007744 "Peer '%s' is now UNREACHABLE! Time: %d\n",
ap=0xb7b4b244 "9")
at utils.c:1246
1246 res = vsnprintf((*buf)->str + offset, (*buf)->len -
offset, fmt, ap);
(gdb) p buf
$1 = (struct ast_dynamic_str **) 0xb7b4b1f0
(gdb) p buf->str
$2 = 0xa1b565c "Peer '6 10:44:54] NOTICE[14110] chan_iax2.c: "
(gdb) p fmt
$3 = 0x1007744 "Peer '%s' is now UNREACHABLE! Time: %d\n"
(gdb) p ap
$4 = 0xb7b4b244 "9"
looking at chan_iax2.c:8467
if (peer->lastms > -1) {
ast_log(LOG_NOTICE, "Peer '%s' is now UNREACHABLE! Time:
%d\n", peer->name, peer->lastms);
manager_event(EVENT_FLAG_SYSTEM, "PeerStatus", "Peer:
IAX2/%s\r\nPeerStatus: Unreachable\r\nTime: %d\r\n", peer->name,
peer->lastms);
ast_device_state_changed("IAX2/%s", peer->name); /*
Activate notification */
}
seems peer->name is a invalid address any way to avoid this or check for
it?
Thanks,
Leif
======================================================================
Issue History
Date Modified Username Field Change
======================================================================
10-26-07 13:18 russell Status new => assigned
10-26-07 13:18 russell Assigned To => russell
======================================================================
More information about the asterisk-bugs
mailing list