[asterisk-bugs] [JIRA] (ASTERISK-23650) Segfault in string functions
Roel van Meer (JIRA)
noreply at issues.asterisk.org
Wed Apr 23 03:33:18 CDT 2014
[ https://issues.asterisk.org/jira/browse/ASTERISK-23650?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Roel van Meer updated ASTERISK-23650:
-------------------------------------
Description:
When an incoming SIP call is received, asterisk crashes. This happens intermittently, sometimes often, sometimes only seldom. The crash seems to happen at or just after a specific entry in my dialplan, which is:
{noformat}
exten => call-queue1,n,Log(NOTICE,${CALLID}: ---${REPLACE(REPLACE(QUEUE_MEMBER_LIST(${INCOMING_ACTION}),"Local/@phoneSIP"),",", )}---)
{noformat}
If the crash occurs, there is no result of the Log() in the asterisk log.
I have been able to distill this to the following reproduction case:
{noformat}
exten => test,1,Set(TEST=Local/220 at phone,1)
exten => test,n,Log(NOTICE,---${REPLACE(REPLACE(TEST,"Local/@phoneSIP"),",", )}---)
{noformat}
Note that the original string from the queue memberships was longer: Local/220 at phone,SIP/714,Local/210 at phone,SIP/195.
Shortening the string makes the crash go away at some point.
The two dialplan lines shown above are a constant reproducer for me.
was:
When an incoming SIP call is received, asterisk crashes. This happens intermittently, sometimes often, sometimes only seldom. The crash seems to happen at or just after a specific entry in my dialplan, which is
{noformat}
exten => call-queue1,n,Log(NOTICE,${CALLID}: ---${REPLACE(REPLACE(QUEUE_MEMBER_LIST(${INCOMING_ACTION}),"Local/@phoneSIP"),",", )}---)
{noformat}
If the crash occurs, there is no result of the Log() in the asterisk log.
The INCOMING_ACTION variable translates to CG_318800XXXXX_Q_1. The queue with that name is shown below.
{noformat}
CG_318800XXXXX_Q_1 has 0 calls (max 20) in 'ringall' strategy (0s holdtime, 0s talktime), W:1, C:0, A:0, SL:0.0% within 0s
Members:
Local/220 at phone (dynamic) (Not in use) has taken no calls yet
SIP/714 (dynamic) (Not in use) has taken no calls yet
Local/210 at phone (dynamic) (Not in use) has taken no calls yet
SIP/195 (dynamic) (Not in use) has taken no calls yet
{noformat}
It doesn't happen in all situations, but when it happens, it happens constantly, e.g. on every call hitting that dialplan line.
I haven't been able to find a reproducing scenario that always works, but I'll see if I can add some more details in the next few days.
> Segfault in string functions
> ----------------------------
>
> Key: ASTERISK-23650
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-23650
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Functions/func_strings
> Affects Versions: 1.8.26.1
> Environment: Slackware linux 13.1, 64-bit, kernel 3.10.24, kernel 3.10.34
> Reporter: Roel van Meer
> Severity: Minor
> Attachments: backtrace.txt, extensions.conf, valgrind.txt
>
>
> When an incoming SIP call is received, asterisk crashes. This happens intermittently, sometimes often, sometimes only seldom. The crash seems to happen at or just after a specific entry in my dialplan, which is:
> {noformat}
> exten => call-queue1,n,Log(NOTICE,${CALLID}: ---${REPLACE(REPLACE(QUEUE_MEMBER_LIST(${INCOMING_ACTION}),"Local/@phoneSIP"),",", )}---)
> {noformat}
> If the crash occurs, there is no result of the Log() in the asterisk log.
> I have been able to distill this to the following reproduction case:
> {noformat}
> exten => test,1,Set(TEST=Local/220 at phone,1)
> exten => test,n,Log(NOTICE,---${REPLACE(REPLACE(TEST,"Local/@phoneSIP"),",", )}---)
> {noformat}
> Note that the original string from the queue memberships was longer: Local/220 at phone,SIP/714,Local/210 at phone,SIP/195.
> Shortening the string makes the crash go away at some point.
> The two dialplan lines shown above are a constant reproducer for me.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list