[asterisk-bugs] [JIRA] (ASTERISK-25718) ASAN heap-use-after-free

Badalian Vyacheslav (JIRA) noreply at issues.asterisk.org
Sat Jan 23 01:44:33 CST 2016


    [ https://issues.asterisk.org/jira/browse/ASTERISK-25718?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=229138#comment-229138 ] 

Badalian Vyacheslav commented on ASTERISK-25718:
------------------------------------------------

Looks to thread race 

> ASAN heap-use-after-free
> ------------------------
>
>                 Key: ASTERISK-25718
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-25718
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Core/General
>    Affects Versions: 13.7.0
>            Reporter: Badalian Vyacheslav
>            Severity: Minor
>
> On Ctrl+C exit with active calls
> {code}
> ==28264==ERROR: AddressSanitizer: heap-use-after-free on address 0x60d00016b350 at pc 0x00000065c33d bp 0x7feb7cd23c30 sp 0x7feb7cd23c20
> WRITE of size 4 at 0x60d00016b350 thread T131
>     #0 0x65c33c in ast_atomic_fetchadd_int /root/asterisk-13.7.0/include/asterisk/lock.h:685
>     #1 0x665265 in __ast_module_unref /root/asterisk-13.7.0/main/loader.c:1564
>     #2 0x61b355 in filestream_destructor /root/asterisk-13.7.0/main/file.c:428
>     #3 0x492fdb in internal_ao2_ref /root/asterisk-13.7.0/main/astobj2.c:445
>     #4 0x4932fa in __ao2_ref /root/asterisk-13.7.0/main/astobj2.c:516
>     #5 0x61de42 in ast_closestream /root/asterisk-13.7.0/main/file.c:1054
>     #6 0x61918e in ast_stopstream /root/asterisk-13.7.0/main/file.c:194
>     #7 0x61ffe6 in waitstream_core /root/asterisk-13.7.0/main/file.c:1418
>     #8 0x621042 in ast_waitstream /root/asterisk-13.7.0/main/file.c:1601
>     #9 0x7feb9b745f58 in playback_exec /root/asterisk-13.7.0/apps/app_playback.c:489
>     #10 0x6c5a4d in pbx_exec /root/asterisk-13.7.0/main/pbx.c:1722
>     #11 0x6dc083 in pbx_extension_helper /root/asterisk-13.7.0/main/pbx.c:4994
>     #12 0x6e20cf in ast_spawn_extension /root/asterisk-13.7.0/main/pbx.c:6216
>     #13 0x6e483c in __ast_pbx_run /root/asterisk-13.7.0/main/pbx.c:6633
>     #14 0x6e6e70 in pbx_thread /root/asterisk-13.7.0/main/pbx.c:6953
>     #15 0x7d981c in dummy_start /root/asterisk-13.7.0/main/utils.c:1237
>     #16 0x7febb03cedc4 in start_thread (/lib64/libpthread.so.0+0x7dc4)
>     #17 0x7febaf6ae21c in clone (/lib64/libc.so.6+0xf621c)
> ASAN:SIGSEGV
> ==28264==AddressSanitizer: while reporting a bug found another one. Ignoring.
> {code}



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list