Summary:	ASTERISK-22890: pjsip inbound registration nominal test: Crash during memcpy in pjsip_print_msg
Reporter:	Matt Jordan (mjordan)	Labels:
Date Opened:	2013-11-22 08:54:08.000-0600	Date Closed:	2013-12-19 14:06:33.000-0600
Priority:	Major	Regression?
Status:	Closed/Complete	Components:	Resources/res_pjsip_registrar Tests/testsuite
Versions:	12.0.0-beta1	Frequency of Occurrence
Related Issues:
Environment:		Attachments:	( 0) backtrace_14452.txt ( 1) full.txt
Description:	A crash occurred down in pjsip during a memcpy: {noformat} Core was generated by `/usr/sbin/asterisk -f -g -q -m -n -C /tmp/asterisk-testsuite/cda50392748533a56d'. Program terminated with signal 11, Segmentation fault. #0  0x0000003b74a8983e in memcpy () from /lib64/libc.so.6 #0  0x0000003b74a8983e in memcpy () from /lib64/libc.so.6 No symbol table info available. #1  0x0000003688612683 in pjsip_msg_print () from /usr/lib64/libpjsip.so.2 No symbol table info available. #2  0x000000368862115a in pjsip_tx_data_encode () from /usr/lib64/libpjsip.so.2 No symbol table info available. #3  0x0000003688619ac7 in endpt_on_tx_msg () from /usr/lib64/libpjsip.so.2 No symbol table info available. #4  0x000000368862164e in pjsip_transport_send () from /usr/lib64/libpjsip.so.2 No symbol table info available. #5  0x000000368861af98 in pjsip_endpt_send_response () from /usr/lib64/libpjsip.so.2 No symbol table info available. #6  0x00007f34daa40f9c in rx_task (data=0x7f35200025a8) at res_pjsip_registrar.c:462        task_data = 0x7f35200025a8        contacts = 0x7f352000c850        added = 2        updated = <value optimized out>        deleted = 44759904        contact_hdr = <value optimized out>        details = {pool = 0x7f3520004990, uri = 0x7f3520004280}        tdata = 0x7f352000d828        addr = {transport = 0x15a9dd8, addr = {addr = {sa_family = 10}, ipv4 = {sin_family = 10, sin_port = 50451, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, ipv6 = {sin6_family = 10, sin6_port = 50451, sin6_flowinfo = 0, sin6_addr = {s6_addr = '\000' <repeats 15 times>, "\001", u6_addr32 = {0, 0, 0, 16777216}}, sin6_scope_id = 0}}, addr_len = 28, dst_host = {flag = 4, type = PJSIP_TRANSPORT_UDP6, addr = {host = {ptr = 0x7f352000e750 "::1", slen = 3}, port = 5061}}}        aor_name = 0xf3f1b0 "charlie"        __PRETTY_FUNCTION__ = "rx_task" #7  0x00000000006f392b in ast_taskprocessor_execute (tps=0x7f3520002108) at taskprocessor.c:766        local = {local_data = 0x1017d60, data = 0x81bd1a}        t = 0x7f35200045b0        size = 0        __PRETTY_FUNCTION__ = "ast_taskprocessor_execute" #8  0x000000000070451e in execute_tasks (data=0x7f3520002108) at threadpool.c:1152        tps = 0x7f3520002108 #9  0x00000000006f392b in ast_taskprocessor_execute (tps=0x1017db8) at taskprocessor.c:766        local = {local_data = 0x7f3502aafcb0, data = 0x704145}        t = 0x7f3520004670        size = 0        __PRETTY_FUNCTION__ = "ast_taskprocessor_execute" #10 0x0000000000701a99 in threadpool_execute (pool=0x12614d8) at threadpool.c:351        __PRETTY_FUNCTION__ = "threadpool_execute" #11 0x0000000000703ff5 in worker_active (worker=0x7f351c002318) at threadpool.c:1072        alive = 1 #12 0x0000000000703c40 in worker_start (arg=0x7f351c002318) at threadpool.c:992        worker = 0x7f351c002318        __PRETTY_FUNCTION__ = "worker_start" #13 0x0000000000716776 in dummy_start (data=0x7f351c002560) at utils.c:1169        __cancel_buf = {__cancel_jmp_buf = {{__cancel_jmp_buf = {0, -3789618721776692669, 139866752264800, 139865654757824, 0, 3, -3789618721801858493, 3819778638307299907}, __mask_was_saved = 0}}, __pad = {0x7f3502aafe50, 0x0, 0x0, 0x0}}        __cancel_routine = 0x46116f <ast_unregister_thread>        __cancel_arg = 0x7f3502ab0700        not_first_call = 0        ret = 0x0        a = {start_routine = 0x703b50 <worker_start>, data = 0x7f351c002318, name = 0x7f351c002620 "worker_start         started at [ 1046] threadpool.c worker_thread_start()"}        __PRETTY_FUNCTION__ = "dummy_start" #14 0x0000003b74e07851 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #15 0x0000003b74ae890d in clone () from /lib64/libc.so.6 No symbol table info available. {noformat} Full backtrace and logs attached.
Comments:	By: Kevin Harwell (kharwell) 2013-12-19 14:07:59.156-0600 Unable to reproduce and this error hasn't been seen since it first occurred a few weeks ago.  Can reopen if it happens again.