[asterisk-bugs] [JIRA] (ASTERISK-24707) Double free corruprion in PJSIP
Matt Jordan (JIRA)
noreply at issues.asterisk.org
Tue Feb 17 11:03:34 CST 2015
[ https://issues.asterisk.org/jira/browse/ASTERISK-24707?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=224972#comment-224972 ]
Matt Jordan commented on ASTERISK-24707:
----------------------------------------
[~slavon]: Even if I went and used your patch, that still doesn't mean I can reproduce your specific memory corruption.
If you'd like to use GCC ASAN to find the root cause of the corruption, that's fine. However, you'll need to provide that information, or else provide specific, step by step instructions, that allow someone other than you to analyze the problem.
> Double free corruprion in PJSIP
> -------------------------------
>
> Key: ASTERISK-24707
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-24707
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Affects Versions: 11.15.0
> Reporter: Badalian Vyacheslav
> Assignee: Badalian Vyacheslav
> Attachments: gdb_ast_abort.log
>
>
> {code}
> Thread 187 (Thread 0x7fff98986700 (LWP 48837)):
> #0 0x00000037c9e32625 in raise (sig=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
> #1 0x00000037c9e33e05 in abort () at abort.c:92
> #2 0x00000037c9e70537 in __libc_message (do_abort=2, fmt=0x37c9f58900 "*** glibc detected *** %s: %s: 0x%s ***\n") at ../sysdeps/unix/sysv/linux/libc_fatal.c:198
> #3 0x00000037c9e75e66 in malloc_printerr (action=3, str=0x37c9f58c70 "double free or corruption (out)", ptr=<value optimized out>) at malloc.c:6336
> #4 0x00000037c9e789b3 in _int_free (av=0x37ca18fe80, p=0x7ffeda472650, have_lock=0) at malloc.c:4832
> #5 0x00007fff9ac3d774 in default_block_free () from /usr/lib/asterisk/modules/res_rtp_asterisk.so
> #6 0x00007fff9ac444b1 in pj_pool_destroy_int () from /usr/lib/asterisk/modules/res_rtp_asterisk.so
> #7 0x00007fff9ac44cbb in cpool_release_pool () from /usr/lib/asterisk/modules/res_rtp_asterisk.so
> #8 0x00007fff9ac43ea1 in pj_pool_release () from /usr/lib/asterisk/modules/res_rtp_asterisk.so
> #9 0x00007fff9ac22b86 in destroy_tdata () from /usr/lib/asterisk/modules/res_rtp_asterisk.so
> #10 0x00007fff9ac22ba9 in pj_stun_msg_destroy_tdata () from /usr/lib/asterisk/modules/res_rtp_asterisk.so
> #11 0x00007fff9ac22c22 in on_cache_timeout () from /usr/lib/asterisk/modules/res_rtp_asterisk.so
> #12 0x00007fff9ac49c22 in pj_timer_heap_poll () from /usr/lib/asterisk/modules/res_rtp_asterisk.so
> #13 0x00007fff9ac081b9 in timer_worker_thread (data=0x0) at res_rtp_asterisk.c:1744
> #14 0x00007fff9ac3b14f in thread_main () from /usr/lib/asterisk/modules/res_rtp_asterisk.so
> #15 0x00000037ca2079d1 in start_thread (arg=0x7fff98986700) at pthread_create.c:301
> #16 0x00000037c9ee89dd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115
> {code}
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list