[asterisk-bugs] [JIRA] (ASTERISK-23328) Asterisk crash in ast_cdr_setapp() at cdr.c

Matt Jordan (JIRA) noreply at issues.asterisk.org
Mon Feb 24 09:48:04 CST 2014


    [ https://issues.asterisk.org/jira/browse/ASTERISK-23328?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=215586#comment-215586 ] 

Matt Jordan commented on ASTERISK-23328:
----------------------------------------

Hm. This doesn't make a lot of sense.

In your crash, the {{cdr}} parameter in {{ast_cdr_setapp}} is clearly a bad pointer.

{noformat}
#0  0x0809f696 in ast_cdr_setapp (cdr=0xc8, app=0xc47e5e "AGI", data=0xb61339d0 "GET") at cdr.c:826
826                     if (!ast_test_flag(cdr, AST_CDR_FLAG_LOCKED)) {
{noformat}

{{0xc8}} is clearly not going to be valid memory. I would expect, then, that someone had a junk CDR sitting on their structure when they passed it off to {{ast_cdr_setapp}}. However, your dumping of {{*chan->cdr}} in frame 1 shows that isn't the case. The CDR in frame 1 - which is the thing passed to {{ast_cdr_setapp}} - is perfectly fine and valid.

That does appear to be the pointer value that will be passed to {{ast_cdr_setapp}} as well - from {{res_agi}}:

{noformat}
		if (chan->cdr && !ast_check_hangup(chan) && strcasecmp(argv[0], "EXEC"))
			ast_cdr_setapp(chan->cdr, "AGI", buf);
{noformat}

The only other thing that it could be at that point is some CDR on the chain of CDRs has gone bad. However, that's not going to be the case here either - if we look at the next pointer on {{chan->cdr}}, we can see that it points to NULL, and not {{0xc8}}.

I'm not sure how your system is getting into this state, but I can't see where the bug may be here. I'm not sure how the cdr pointer decided to jump off to a random location in memory.

As a random thing to look at, are you sure that all of the modules that are loaded on your system were compiled against the same version of Asterisk?

                
> Asterisk crash in ast_cdr_setapp() at cdr.c
> -------------------------------------------
>
>                 Key: ASTERISK-23328
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-23328
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: CDR/cdr_adaptive_odbc, CDR/General
>    Affects Versions: 1.8.25.0
>         Environment: OS: Linux CentOS 5.5
> Kernel: 2.6.18-348.16.1.el5PAE
> Hardware: Dell PowerEdge R210 II
>            Reporter: David Hajek
>            Assignee: Matt Jordan
>            Severity: Critical
>         Attachments: backtrace.txt, callfile.txt
>
>
> We are experiencing random asterisk crash (segfaults) on a busy server, which is doing about 50k calls a day. We see asterisk crash every other day.
> This server is running a callcenter and in addition to regular in/out calls this server is processing callfiles (about 3 per second). Some AGI dialplan scripts are processed using FastAGI over tcp sockets.
> We see that all crashes are in ast_cdr_setapp() - we tried both 1.8.24 and 1.8.25.
> For CDR we use cdr_adaptive_odbc with MySQL backend.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.asterisk.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira



More information about the asterisk-bugs mailing list