[asterisk-bugs] [JIRA] (ASTERISK-22890) pjsip inbound registration nominal test: Crash during memcpy in pjsip_print_msg

Matt Jordan (JIRA) noreply at issues.asterisk.org
Sun Dec 8 11:35:03 CST 2013 

     [ https://issues.asterisk.org/jira/browse/ASTERISK-22890?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Matt Jordan updated ASTERISK-22890:
-----------------------------------

    Target Release Version/s: 12.0.0
    
> pjsip inbound registration nominal test: Crash during memcpy in pjsip_print_msg
> -------------------------------------------------------------------------------
>
>                 Key: ASTERISK-22890
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-22890
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Resources/res_pjsip_registrar, Tests/testsuite
>    Affects Versions: 12.0.0-beta1
>            Reporter: Matt Jordan
>      Target Release: 12.0.0
>
>         Attachments: backtrace_14452.txt, full.txt
>
>
> A crash occurred down in pjsip during a memcpy:
> {noformat}
> Core was generated by `/usr/sbin/asterisk -f -g -q -m -n -C /tmp/asterisk-testsuite/cda50392748533a56d'.
> Program terminated with signal 11, Segmentation fault.
> #0  0x0000003b74a8983e in memcpy () from /lib64/libc.so.6
> #0  0x0000003b74a8983e in memcpy () from /lib64/libc.so.6
> No symbol table info available.
> #1  0x0000003688612683 in pjsip_msg_print () from /usr/lib64/libpjsip.so.2
> No symbol table info available.
> #2  0x000000368862115a in pjsip_tx_data_encode () from /usr/lib64/libpjsip.so.2
> No symbol table info available.
> #3  0x0000003688619ac7 in endpt_on_tx_msg () from /usr/lib64/libpjsip.so.2
> No symbol table info available.
> #4  0x000000368862164e in pjsip_transport_send () from /usr/lib64/libpjsip.so.2
> No symbol table info available.
> #5  0x000000368861af98 in pjsip_endpt_send_response () from /usr/lib64/libpjsip.so.2
> No symbol table info available.
> #6  0x00007f34daa40f9c in rx_task (data=0x7f35200025a8) at res_pjsip_registrar.c:462
>         task_data = 0x7f35200025a8
>         contacts = 0x7f352000c850
>         added = 2
>         updated = <value optimized out>
>         deleted = 44759904
>         contact_hdr = <value optimized out>
>         details = {pool = 0x7f3520004990, uri = 0x7f3520004280}
>         tdata = 0x7f352000d828
>         addr = {transport = 0x15a9dd8, addr = {addr = {sa_family = 10}, ipv4 = {sin_family = 10, sin_port = 50451, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, ipv6 = {sin6_family = 10, sin6_port = 50451, sin6_flowinfo = 0, sin6_addr = {s6_addr = '\000' <repeats 15 times>, "\001", u6_addr32 = {0, 0, 0, 16777216}}, sin6_scope_id = 0}}, addr_len = 28, dst_host = {flag = 4, type = PJSIP_TRANSPORT_UDP6, addr = {host = {ptr = 0x7f352000e750 "::1", slen = 3}, port = 5061}}}
>         aor_name = 0xf3f1b0 "charlie"
>         __PRETTY_FUNCTION__ = "rx_task"
> #7  0x00000000006f392b in ast_taskprocessor_execute (tps=0x7f3520002108) at taskprocessor.c:766
>         local = {local_data = 0x1017d60, data = 0x81bd1a}
>         t = 0x7f35200045b0
>         size = 0
>         __PRETTY_FUNCTION__ = "ast_taskprocessor_execute"
> #8  0x000000000070451e in execute_tasks (data=0x7f3520002108) at threadpool.c:1152
>         tps = 0x7f3520002108
> #9  0x00000000006f392b in ast_taskprocessor_execute (tps=0x1017db8) at taskprocessor.c:766
>         local = {local_data = 0x7f3502aafcb0, data = 0x704145}
>         t = 0x7f3520004670
>         size = 0
>         __PRETTY_FUNCTION__ = "ast_taskprocessor_execute"
> #10 0x0000000000701a99 in threadpool_execute (pool=0x12614d8) at threadpool.c:351
>         __PRETTY_FUNCTION__ = "threadpool_execute"
> #11 0x0000000000703ff5 in worker_active (worker=0x7f351c002318) at threadpool.c:1072
>         alive = 1
> #12 0x0000000000703c40 in worker_start (arg=0x7f351c002318) at threadpool.c:992
>         worker = 0x7f351c002318
>         __PRETTY_FUNCTION__ = "worker_start"
> #13 0x0000000000716776 in dummy_start (data=0x7f351c002560) at utils.c:1169
>         __cancel_buf = {__cancel_jmp_buf = {{__cancel_jmp_buf = {0, -3789618721776692669, 139866752264800, 139865654757824, 0, 3, -3789618721801858493, 3819778638307299907}, __mask_was_saved = 0}}, __pad = {0x7f3502aafe50, 0x0, 0x0, 0x0}}
>         __cancel_routine = 0x46116f <ast_unregister_thread>
>         __cancel_arg = 0x7f3502ab0700
>         not_first_call = 0
>         ret = 0x0
>         a = {start_routine = 0x703b50 <worker_start>, data = 0x7f351c002318, name = 0x7f351c002620 "worker_start         started at [ 1046] threadpool.c worker_thread_start()"}
>         __PRETTY_FUNCTION__ = "dummy_start"
> #14 0x0000003b74e07851 in start_thread () from /lib64/libpthread.so.0
> No symbol table info available.
> #15 0x0000003b74ae890d in clone () from /lib64/libc.so.6
> No symbol table info available.
> {noformat}
> Full backtrace and logs attached.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.asterisk.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the asterisk-bugs mailing list