[asterisk-bugs] [JIRA] (ASTERISK-24444) PBX: Crash when generating extension for pattern matching hint

Matt Jordan (JIRA) noreply at issues.asterisk.org
Fri Oct 31 09:51:29 CDT 2014 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-24444?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=223170#comment-223170 ] 

Matt Jordan edited comment on ASTERISK-24444 at 10/31/14 9:51 AM:
------------------------------------------------------------------

I am not really sure to have made the required steps. I run on asterisk 11 server:

{noformat}
gdb -se "asterisk"  -c core
{noformat}

and then:

{noformat}
(gdb) frame 6
#6  0x000000000052f82a in create_match_char_tree (con=0x100000000) at pbx.c:2431
2431            while ((e1 = ast_hashtab_next(t1))) {
(gdb) print *m2
No symbol "m2" in current context.
(gdb) print *e1
$1 = {exten = 0x7f1a52750560 "100-autolabcoldwater  ", matchcid = 0, cidmatch = 0x0, priority = 0, label = 0x0, parent = 0x0, app = 0x0, cached_app = 0x0, data = 0x0, datad = 0, peer = 0x0, peer_table = 0x0,   peer_label_table = 0x0, registrar = 0x0, next = 0x0, stuff = 0x7f1a52750960 "`\005uR\032\177"}
(gdb) print *m2->exten
No symbol "m2" in current context.
(gdb) print *m2->exten->exten
No symbol "m2" in current context.
{noformat}

On asterisk 12:

{noformat}
(gdb)  frame 6
#6  0x00000000005643c2 in add_exten_to_pattern_tree (con=0x2768fd0, e1=0x7fedf428f5d0, findonly=0) at pbx.c:2402
2402                                            ast_log(LOG_WARNING, "Found duplicate exten. Had %s found %s\n",
(gdb) print *m2
$1 = {is_pattern = 0, deleted = 0, specificity = 1, alt_char = 0x0, next_char = 0x0, exten = 0x7fedf416c680, x = "6"}
(gdb) print *e1
$2 = {exten = 0x7fedf428f648 "(613)235-0056", matchcid = 0, cidmatch = 0x7fedf428f656 "", priority = -1, label = 0x0, parent = 0x2768fd0, app = 0x7fedf428f657 "Custom:(613) 235-0056", cached_app = 0x0, 
  data = 0x7fedf4419670, datad = 0x42f2b0 <free at plt>, peer = 0x0, peer_table = 0x0, peer_label_table = 0x0, registrar = 0x7fee50fbf820 "pbx_config", next = 0x0, stuff = 0x7fedf428f5d0 "H\366(\364\355\177"}
(gdb) print *m2->exten
$3 = {exten = 0x1 <Address 0x1 out of bounds>, matchcid = 4571731, cidmatch = 0xe8 <Address 0xe8 out of bounds>, priority = 2, label = 0x690b20 "\370\331E", parent = 0x0, 
  app = 0x515f8d "UH\211\345H\203\354 at H\211}\330H\211uЉU\314H\213E\320H\211E\350H\213E\330H\211E\360H\213U\360H\213E\350H\211\326H\211\307\350\335\304\377\377\211E\374\203}", <incomplete sequence \374>, 
  cached_app = 0x0, data = 0x0, datad = 0x515fe0 <hash_cb>, peer = 0xb, peer_table = 0x0, peer_label_table = 0x0, registrar = 0x0, next = 0x0, stuff = 0x7fedf416c680 "\001"}
(gdb) print *m2->exten->exten
Cannot access memory at address 0x1
{noformat}

Unfortunately I had to put a dirty patch on the server because it was a production server. I instructed my client to fix its phone by removing the spaces in the BLF monitoring extension and I commented out the ast_log(LOG_WARNING, "Found duplicate exten. Had %s found %s\n" instructions in the code. Since then, I had no other core dumps.


was (Author: ldardini):
I am not really sure to have made the required steps. I run on asterisk 11 server:

gdb -se "asterisk"  -c core

and then:

(gdb) frame 6
#6  0x000000000052f82a in create_match_char_tree (con=0x100000000) at pbx.c:2431
2431            while ((e1 = ast_hashtab_next(t1))) {
(gdb) print *m2
No symbol "m2" in current context.
(gdb) print *e1
$1 = {exten = 0x7f1a52750560 "100-autolabcoldwater  ", matchcid = 0, cidmatch = 0x0, priority = 0, label = 0x0, parent = 0x0, app = 0x0, cached_app = 0x0, data = 0x0, datad = 0, peer = 0x0, peer_table = 0x0,   peer_label_table = 0x0, registrar = 0x0, next = 0x0, stuff = 0x7f1a52750960 "`\005uR\032\177"}
(gdb) print *m2->exten
No symbol "m2" in current context.
(gdb) print *m2->exten->exten
No symbol "m2" in current context.

On asterisk 12:

(gdb)  frame 6
#6  0x00000000005643c2 in add_exten_to_pattern_tree (con=0x2768fd0, e1=0x7fedf428f5d0, findonly=0) at pbx.c:2402
2402                                            ast_log(LOG_WARNING, "Found duplicate exten. Had %s found %s\n",
(gdb) print *m2
$1 = {is_pattern = 0, deleted = 0, specificity = 1, alt_char = 0x0, next_char = 0x0, exten = 0x7fedf416c680, x = "6"}
(gdb) print *e1
$2 = {exten = 0x7fedf428f648 "(613)235-0056", matchcid = 0, cidmatch = 0x7fedf428f656 "", priority = -1, label = 0x0, parent = 0x2768fd0, app = 0x7fedf428f657 "Custom:(613) 235-0056", cached_app = 0x0, 
  data = 0x7fedf4419670, datad = 0x42f2b0 <free at plt>, peer = 0x0, peer_table = 0x0, peer_label_table = 0x0, registrar = 0x7fee50fbf820 "pbx_config", next = 0x0, stuff = 0x7fedf428f5d0 "H\366(\364\355\177"}
(gdb) print *m2->exten
$3 = {exten = 0x1 <Address 0x1 out of bounds>, matchcid = 4571731, cidmatch = 0xe8 <Address 0xe8 out of bounds>, priority = 2, label = 0x690b20 "\370\331E", parent = 0x0, 
  app = 0x515f8d "UH\211\345H\203\354 at H\211}\330H\211uЉU\314H\213E\320H\211E\350H\213E\330H\211E\360H\213U\360H\213E\350H\211\326H\211\307\350\335\304\377\377\211E\374\203}", <incomplete sequence \374>, 
  cached_app = 0x0, data = 0x0, datad = 0x515fe0 <hash_cb>, peer = 0xb, peer_table = 0x0, peer_label_table = 0x0, registrar = 0x0, next = 0x0, stuff = 0x7fedf416c680 "\001"}
(gdb) print *m2->exten->exten
Cannot access memory at address 0x1

Unfortunately I had to put a dirty patch on the server because it was a production server. I instructed my client to fix its phone by removing the spaces in the BLF monitoring extension and I commented out the ast_log(LOG_WARNING, "Found duplicate exten. Had %s found %s\n" instructions in the code. Since then, I had no other core dumps.

> PBX: Crash when generating extension for pattern matching hint
> --------------------------------------------------------------
>
>                 Key: ASTERISK-24444
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-24444
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Core/PBX
>    Affects Versions: 11.13.1, 12.6.1
>         Environment: Linux CentOS 6.5 Kernel 2.6.32-431.11.2.el6.x86_64
>            Reporter: Leandro Dardini
>            Assignee: Leandro Dardini
>         Attachments: backtrace11.txt, backtrace.txt
>
>
> Asterisk crashes in the middle of the normal daily calls from clients. The crash has been noticed on both 12.6.1 and 11.13.1



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list