[asterisk-bugs] [Asterisk 0015195]: double free or corruption (!prev) in moh_files_generator
Asterisk Bug Tracker
noreply at bugs.digium.com
Thu Aug 20 10:18:49 CDT 2009
A NOTE has been added to this issue.
======================================================================
https://issues.asterisk.org/view.php?id=15195
======================================================================
Reported By: amorsen
Assigned To:
======================================================================
Project: Asterisk
Issue ID: 15195
Category: Resources/res_musiconhold
Reproducibility: have not tried
Severity: block
Priority: normal
Status: acknowledged
Target Version: 1.4.27
Asterisk Version: 1.6.0.9
Regression: No
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!):
Request Review:
======================================================================
Date Submitted: 2009-05-26 08:46 CDT
Last Modified: 2009-08-20 10:18 CDT
======================================================================
Summary: double free or corruption (!prev) in
moh_files_generator
Description:
https://issues.asterisk.org/view.php?id=0 0x00007f049bf54f05 in raise
(sig=<value optimized out>) at
../nptl/sysdeps/unix/sysv/linux/raise.c:64
https://issues.asterisk.org/view.php?id=1 0x00007f049bf56a73 in abort () at
abort.c:88
https://issues.asterisk.org/view.php?id=2 0x00007f049bf94438 in __libc_message
(do_abort=2, fmt=0x7f049c05e428
"*** glibc detected *** %s: %s: 0x%s ***\n") at
../sysdeps/unix/sysv/linux/libc_fatal.c:170
https://issues.asterisk.org/view.php?id=3 0x00007f049bf99ec8 in malloc_printerr
(action=2, str=0x7f049c05e530
"double free or corruption (!prev)", ptr=<value optimized out>) at
malloc.c:5994
https://issues.asterisk.org/view.php?id=4 0x00007f049bf9c486 in __libc_free
(mem=0x7f049c054880) at
malloc.c:3625
https://issues.asterisk.org/view.php?id=5 0x00007f049bf89f21 in _IO_new_fclose
(fp=0x8dce60) at iofclose.c:88
https://issues.asterisk.org/view.php?id=6 0x000000000046aa9d in
filestream_destructor (arg=0x8c6d18) at
file.c:321
https://issues.asterisk.org/view.php?id=7 0x000000000042f9aa in ao2_ref
(user_data=0x8c6d18, delta=5926) at
astobj2.c:227
https://issues.asterisk.org/view.php?id=8 0x0000000000470e05 in ast_frame_free
(fr=0x1239, cache=1) at
frame.c:349
https://issues.asterisk.org/view.php?id=9 0x00007f0498a458ab in
moh_files_generator (chan=0x97a7f0, data=<value
optimized out>, len=<value optimized out>, samples=<value optimized out>)
at res_musiconhold.c:302
https://issues.asterisk.org/view.php?id=10 0x000000000043de6e in
ast_read_generator_actions (chan=0x97a7f0,
f=0x8b9ca0) at channel.c:2448
https://issues.asterisk.org/view.php?id=11 0x0000000000441fe8 in __ast_read
(chan=0x97a7f0, dropaudio=0) at
channel.c:2900
https://issues.asterisk.org/view.php?id=12 0x00000000004446f0 in
ast_generic_bridge () at channel.c:4482
https://issues.asterisk.org/view.php?id=13 ast_channel_bridge (c0=0x97a7f0,
c1=0x8be2a0, config=0x7f0482ae3dd0,
fo=0x7f0482ae31b0, rc=0x7f0482ae31a8) at channel.c:4850
https://issues.asterisk.org/view.php?id=14 0x0000000000466894 in ast_bridge_call
(chan=0x97a7f0, peer=0x8be2a0,
config=0x7f0482ae3dd0) at features.c:2278
https://issues.asterisk.org/view.php?id=15 0x00007f04857065a4 in dial_exec_full
(chan=0x97a7f0, data=<value
optimized out>, peerflags=0x7f0482ae4860, continue_exec=0x0) at
app_dial.c:1911
https://issues.asterisk.org/view.php?id=16 0x00007f0485708986 in dial_exec
(chan=0x1239, data=0x1726) at
app_dial.c:1967
https://issues.asterisk.org/view.php?id=17 0x000000000049255f in pbx_exec
(c=0x97a7f0, app=0x7f04940ce7e0,
data=0x7f0482ae6d60) at pbx.c:942
https://issues.asterisk.org/view.php?id=18 0x0000000000496876 in
pbx_extension_helper (c=0x97a7f0, con=<value
optimized out>, context=0x97aa48 "DialLine", exten=0x97aa98
"792-0013d18009f0-5", priority=19, label=0x0,
callerid=0x7f04740b2fc0 "20126438", action=E_SPAWN,
found=0x7f0482ae8ecc, combined_find_spawn=1) at pbx.c:3111
https://issues.asterisk.org/view.php?id=19 0x0000000000496d30 in
ast_spawn_extension (c=0x1239, context=<value
optimized out>, exten=<value optimized out>, priority=<value optimized
out>, callerid=<value optimized out>,
found=<value optimized out>, combined_find_spawn=1) at pbx.c:3614
https://issues.asterisk.org/view.php?id=20 0x000000000049771f in __ast_pbx_run
(c=0x97a7f0, args=0x0) at
pbx.c:3701
https://issues.asterisk.org/view.php?id=21 0x00000000004987db in pbx_thread
(data=0x1239) at pbx.c:3974
https://issues.asterisk.org/view.php?id=22 0x00000000004ce37e in dummy_start
(data=<value optimized out>) at
utils.c:861
https://issues.asterisk.org/view.php?id=23 0x00007f049b9053da in start_thread
(arg=<value optimized out>) at
pthread_create.c:297
https://issues.asterisk.org/view.php?id=24 0x00007f049c0082bd in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:112
======================================================================
Relationships ID Summary
----------------------------------------------------------------------
duplicate of 0015123 out of bounds crash and core dump
duplicate of 0015109 Abort by memory allocator, possibly in ...
======================================================================
----------------------------------------------------------------------
(0109340) aragon (reporter) - 2009-08-20 10:18
https://issues.asterisk.org/view.php?id=15195#c109340
----------------------------------------------------------------------
amorsen
Your Asterisk install is still compiled without DONT_OPTIMIZE enabled so
your bt values are optimized out. There is a minimal performance hit
enabling DONT_OPTIMIZE so that you won't notice any degradation.
Secondly this is a memory abort and the only way the developers can see
what is really going on is with a valgrind trace or you can try compiling
and using Tilghman's malloc_hold checkout
https://reviewboard.asterisk.org/r/309/
I captured a crash in Valgrind yesterday related to this issue and it is
posted to ticket 15109 Here is a link to the valgrind trace.
https://issues.asterisk.org/file_download.php?file_id=23566&type=bug
Issue History
Date Modified Username Field Change
======================================================================
2009-08-20 10:18 aragon Note Added: 0109340
======================================================================
More information about the asterisk-bugs
mailing list