[asterisk-bugs] [JIRA] (ASTERISK-29984) Crash in stasis_message_dtor on ast_json_free

Kevin Harwell (JIRA) noreply at issues.asterisk.org
Thu Mar 24 12:01:07 CDT 2022


    [ https://issues.asterisk.org/jira/browse/ASTERISK-29984?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=258471#comment-258471 ] 

Kevin Harwell commented on ASTERISK-29984:
------------------------------------------

Looks a bit similar to the crashes also in ASTERISK-25382 and ASTERISK-26590

> Crash in stasis_message_dtor on ast_json_free
> ---------------------------------------------
>
>                 Key: ASTERISK-29984
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-29984
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Core/Stasis
>    Affects Versions: GIT
>            Reporter: Kevin Harwell
>         Attachments: archive.zip
>
>
> Jenkins caught a crash:
> {noformat}
> Running tests/channels/pjsip/basic_calls/two_parties/nominal/two_servers ... [Mar 24 15:55:06] WARNING[11463]: asterisk.asterisk:246 errReceived: Asterisk 127.0.0.1 received error: WARNING: Memory corrupted after free of 0x2aee140 allocated at stasis.c publish_msg() line 1453 Core dumps detected; test was already failed
> {noformat}
> Thread 1:
> {noformat}
> Thread 1 (Thread 0x7f079d1f98c0 (LWP 11474)):
> #0  0x00007f0799db9337 in raise () at /lib64/libc.so.6
> #1  0x00007f0799dbaa28 in abort () at /lib64/libc.so.6
> #2  0x00000000005ebbf3 in ast_do_crash () at utils.c:2703
> #3  0x0000000000463cb5 in my_do_crash () at astmm.c:230
> #4  0x000000000046402d in region_data_check (reg=0x2aee0b0) at astmm.c:320
> #5  0x00000000004641cd in region_free (freed=0xa4c460 <whales>, reg=0x2ae0160) at astmm.c:374
> #6  0x00000000004645b7 in __ast_free (ptr=0x2ae01f0, file=0x742c84 "json.c", lineno=54, func=0x743070 <__PRETTY_FUNCTION__.13663> "ast_json_free") at astmm.c:478
> #7  0x000000000051769a in ast_json_free (p=0x2ae01f0) at json.c:54
> #8  0x0000000000665b33 in jsonp_free (ptr=0x2ae01f0) at memory.c:34
> #9  0x0000000000663066 in hashtable_close (hashtable=0x2ba5af0) at hashtable.c:195
> #10 0x0000000000669120 in json_delete_object (object=0x2ba5ae0) at value.c:85
> #11 0x000000000066b1b0 in json_delete (json=0x2ba5ae0) at value.c:1000
> #12 0x0000000000517648 in json_decref (json=0x2ba5ae0) at /srv/jenkins/workspace/Asterisk_Gates_master/third-party/jansson/dest/include/jansson.h:133
> #13 0x000000000051770c in ast_json_unref (json=0x2ba5ae0) at json.c:75
> #14 0x0000000000518c56 in json_payload_destructor (obj=0x2b413e0) at json.c:732
> #15 0x00000000004682ca in __ao2_ref (user_data=0x2b413e0, delta=-1, tag=0x0, file=0x763fb0 "stasis_message.c", line=137, func=0x764030 <__PRETTY_FUNCTION__.9550> "stasis_message_dtor") at astobj2.c:615
> #16 0x00000000004685d4 in __ao2_cleanup_debug (obj=0x2b413e0, tag=0x0, file=0x763fb0 "stasis_message.c", line=137, function=0x764030 <__PRETTY_FUNCTION__.9550> "stasis_message_dtor") at astobj2.c:673
> #17 0x00000000005bba86 in stasis_message_dtor (obj=0x2b414a8) at stasis_message.c:137
> #18 0x00000000004682ca in __ao2_ref (user_data=0x2b414a8, delta=-1, tag=0x0, file=0x73f878 "file.c", line=95, func=0x7401f3 <__PRETTY_FUNCTION__.17039> "_dtor_msg") at astobj2.c:615
> #19 0x00000000004685d4 in __ao2_cleanup_debug (obj=0x2b414a8, tag=0x0, file=0x73f878 "file.c", line=95, function=0x7401f3 <__PRETTY_FUNCTION__.17039> "_dtor_msg") at astobj2.c:673
> #20 0x00000000004fdac7 in _dtor_msg (v=0x7fffa3d128c8) at file.c:95
> #21 0x00000000004fdbd6 in publish_format_update (f=0x7f0724297238 <f_def+344>, type=0x1c102f8) at file.c:95
> #22 0x00000000004fde6d in __ast_format_def_register (f=0x7f0724297238 <f_def+344>, mod=0x1396a40) at file.c:157
> #23 0x00007f0724095571 in load_module () at format_g726.c:275
> #24 0x000000000051d930 in start_resource (mod=0x1396a40) at loader.c:1713
> #25 0x000000000051e304 in start_resource_attempt (mod=0x1396a40, count=0x7fffa3d12ccc) at loader.c:1889
> #26 0x000000000051ecaa in start_resource_list (resources=0x7fffa3d12cd0, mod_count=0x7fffa3d12ccc) at loader.c:1986
> #27 0x000000000051fa35 in load_resource_list (load_order=0x7fffa3d12e90, mod_count=0x7fffa3d12e8c) at loader.c:2168
> #28 0x00000000005203f9 in load_modules () at loader.c:2391
> #29 0x00000000004635bf in asterisk_daemon (isroot=1, runuser=0x0, rungroup=0x0) at asterisk.c:4193
> #30 0x0000000000462b80 in main (argc=8, argv=0x7fffa3d153d8) at asterisk.c:3960
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list