ASTERISK-01247: asterisk coredump when doing multiple simultaneous ilbc/SIP -> gsm/IAX2 transcodings (latest cvs)

[Home]

Summary: ASTERISK-01247: asterisk coredump when doing multiple simultaneous ilbc/SIP -> gsm/IAX2 transcodings (latest cvs)

Reporter: zoa (zoa) Labels:

Date Opened: 2004-03-19 11:09:17.000-0600 Date Closed: 2004-09-25 02:53:45

Priority: Critical Regression? No

Status: Closed/Complete Components: Core/General

Versions: Frequency of
Occurrence

Related
Issues:

Environment: Attachments: ( 0) debug.txt

Description: Reading symbols from /usr/lib/asterisk/modules/app_random.so...done.
Loaded symbols for /usr/lib/asterisk/modules/app_random.so
Reading symbols from /usr/lib/asterisk/modules/app_ices.so...done.
Loaded symbols for /usr/lib/asterisk/modules/app_ices.so
Reading symbols from /usr/lib/asterisk/modules/app_zapscan.so...done.
Loaded symbols for /usr/lib/asterisk/modules/app_zapscan.so
#0 0x0823f6c0 in ?? ()
(gdb)
(gdb) bt
#0 0x0823f6c0 in ?? ()
#1 0x0805950b in ast_set_read_format (chan=0x84159e0, fmts=1024)
at channel.c:1519
#2 0x4056f67b in socket_read (id=0x8107d18, fd=25, events=1, cbdata=0x0)
at chan_iax2.c:4361
#3 0x08051870 in ast_io_wait (ioc=0x8105260, howlong=3) at io.c:267
#4 0x40573ddb in network_thread (ignore=0x0) at chan_iax2.c:5191
ASTERISK-1 0x400210ba in pthread_start_thread () from /lib/libpthread.so.0

seen it twice in 5 minutes now, with 10 simultaneous calls.

Comments: By: zoa (zoa) 2004-03-19 11:11:44.000-0600

3rd coredump in < 5 minutes:

Reading symbols from /usr/lib/asterisk/modules/app_random.so...done.
Loaded symbols for /usr/lib/asterisk/modules/app_random.so
Reading symbols from /usr/lib/asterisk/modules/app_ices.so...done.
Loaded symbols for /usr/lib/asterisk/modules/app_ices.so
Reading symbols from /usr/lib/asterisk/modules/app_zapscan.so...done.
Loaded symbols for /usr/lib/asterisk/modules/app_zapscan.so
#0 ast_translator_free_path (p=0x4077e020) at translate.c:76
76 p = p->next;
(gdb)
(gdb) bt
#0 ast_translator_free_path (p=0x4077e020) at translate.c:76
#1 0x0805950b in ast_set_read_format (chan=0x8403da8, fmts=1024)
at channel.c:1519
#2 0x4036b67b in socket_read (id=0x80f6980, fd=23, events=1, cbdata=0x0)
at chan_iax2.c:4361
#3 0x08051870 in ast_io_wait (ioc=0x80ea9e8, howlong=830) at io.c:267
#4 0x4036fddb in network_thread (ignore=0x0) at chan_iax2.c:5191
ASTERISK-1 0x400210ba in pthread_start_thread () from /lib/libpthread.so.0

(its sending out calls to 2 servers, one with latest cvs and one with cvs of 9 march)
By: zoa (zoa) 2004-03-19 11:29:16.000-0600

stable branch, i forgot
By: zoa (zoa) 2004-03-19 11:34:58.000-0600

the used codec = gsm (but the people are calling with iLBC xlite, so the box that crashes had to do transcoding)
By: zoa (zoa) 2004-03-19 11:50:40.000-0600

Caller ID seems a bit fucked

Reading symbols from /usr/lib/asterisk/modules/app_ices.so...done.
Loaded symbols for /usr/lib/asterisk/modules/app_ices.so
Reading symbols from /usr/lib/asterisk/modules/app_zapscan.so...done.
Loaded symbols for /usr/lib/asterisk/modules/app_zapscan.so
#0 0x00000039 in ?? ()
(gdb)
(gdb) bt full
#0 0x00000039 in ?? ()
No symbol table info available.
#1 0x0805950b in ast_set_read_format (chan=0x82a3138, fmts=1024)
at channel.c:1519
chan = (struct ast_channel *) 0x4050fe88
fmts = 16
fmt = 1024
native = 2
res = 57
#2 0x0805a23d in ast_channel_make_compatible (chan=0x8230098, peer=0x82a3138)
at channel.c:1915
chan = (struct ast_channel *) 0x8230098
peer = (struct ast_channel *) 0x82a3138
peerf = 2
chanf = 1024
res = 57
#3 0x404b602a in dial_exec (chan=0x8230098, data=0xbd1ff7b4) at app_dial.c:682
data = (void *) 0x82a3138
res = 0
u = (struct localuser *) 0x8103b48
info = "IAX2\0xxx@xxx/003282645380\090", '\0' <repeats 217 times>
peers = 0x82a3138 "IAX2[xxx]/16384"
---Type <return> to continue, or q <return> to quit---
timeout = 0xbd1ff4b8 "90"
number = 0x8230098 "SIP/agent109-3894"
rest = 0x0
cur = 0x0
privdb = '\0' <repeats 255 times>
s = 0x8230098 "SIP/agent109-3894"
announcemsg = '\0' <repeats 255 times>
ann = 0x82a3138 "IAX2[iax-test]/16384"
outgoing = (struct localuser *) 0x0
tmp = (struct localuser *) 0x8143000
peer = (struct ast_channel *) 0x82a3138
to = 89850
allowredir_in = 0
allowredir_out = 0
allowdisconnect = 0
privacy = 0
announce = 0
resetcdr = 0
numsubst = "xxx@xxx/003282645380", '\0' <repeats 49 times>, "½"
restofit = '\0' <repeats 44 times>, "\224ó\037½", '\0' <repeats 16 times>, "\224õ\037½+8\006\b\0\0\0\0\0\0\0"
transfer = 0x0
---Type <return> to continue, or q <return> to quit---
newnum = 0x82a3138 "IAX2[xxx]/16384"
callerid = "\224ó\037½\0\0\0\0\232ò\037½)\t\v\b\0\0\0\0\0\0\0\0=\0\0\0\224ô\037½4ò\037½d3\006\b\224ô\037½ä\002#\bÿ\0\0\0=£\020@\005\0\0\0\0\0\0\0\224ó\037½", '\0' <repeats 12 times>, "tñ\037½Ð±\020@¤ñ\037½\004ó\037½l\030#\b\0\0\0\0Hn\e@¤ñ\037½\204ò\037½Êh\020@¤ñ\037½+à\n\bÐò\037½=£\020@Hn\e@Ç6\016\fý\0\0\0\004ó\037½Hn\e@è\024\"\bÄñ\037½Ð±\020@ôñ\037½È6\016\bÇ6\016\f\0\0\0\0Hn\e@È6\016\b\224ò\037½Ã \020@ôñ"...
l = 0xbd1ff514 ""
n = 0x0
url = 0x0
current = (struct ast_var_t *) 0x8230098
newvar = (struct ast_var_t *) 0x80c2a01
go_on = 0
#4 0x08061e30 in pbx_exec (c=0x8230098, app=0x40503688, data=0xbd1ff7b4,
newstack=1) at pbx.c:396
res = 0
stack = -1
execute = (int (*)()) 0x404b4f20 <dial_exec>
ASTERISK-1 0x08063eb3 in pbx_extension_helper (c=0x8230098, context=0x82301f0 "sip",
exten=0x82302e4 "3282645380", priority=7, callerid=0x80f1330 "''",
action=1) at pbx.c:1173
callerid = 0x40503688 "Dial"
action = -1121978444
---Type <return> to continue, or q <return> to quit---
e = (struct ast_exten *) 0x40511318
app = (struct ast_app *) 0x40503688
sw = (struct ast_switch *) 0x0
data = 0x0
newstack = 1
res = 57
status = 4
incstack = {0x0 <repeats 20 times>, 0x2 <Address 0x2 out of bounds>,
0x8071002 "\203Ä\020\205Àu\a\212\0043\210\0047GC\200<3", 0x80b3450 "( )-.",
0x39 <Address 0x39 out of bounds>, 0x8106da8 "\020",
0x4010d1d6 "[\201Ãr\234\n", 0x8106db0 "''", 0xbd1ffc00 "", 0xbd1ffc00 "",
0x40025c3e "[\201Ã¢\216", 0x4 <Address 0x4 out of bounds>,
0x8107070 "1079714034.108", 0xbd1ff9c4 "ä\002#\b\a",
0x80734d3 "1À\215e\210[^_\211ì]Ã\220U\211å\203ìlWVS\213}\b X;\v\b\203Äü\213·<\027", 0x8107070 "1079714034.108", 0x8231844 "1079714034.108",
0x1f <Address 0x1f out of bounds>, 0x40022195 "[\201ÃKÉ",
0x4002eae0 "ì9\001", 0xbd1ffb60 "", 0xbd1ffc00 "",
0x400222d3 "1Àë\005¸\026", 0x401b4ac0 "", 0x401b46a0 "", 0xbd1ff9a4 "",
0x4010d1a8 "ë\020\215¶", 0xbd1ff975 "agent109", 0xbd1ff980 "109",
0x65676100 <Address 0x65676100 out of bounds>,
0x3031746e <Address 0x3031746e out of bounds>,
0x200039 <Address 0x200039 out of bounds>,
0x393031 <Address 0x393031 out of bounds>, 0x0, 0x0, 0x0, 0x0, 0x0,
---Type <return> to continue, or q <return> to quit---
0x8073bcf "\215eè[^\211ì]ÃU\211å\203ì\024S\213]\b\205Û\017\204\225",
0x8107030 "ò [@ªï\016", 0x0, 0x0, 0x0, 0x82301f0 "sip",
0x82302e4 "3282645380"}
passdata = "IAX2/xxx@xxx/003282645380|90", '\0' <repeats 217 times>
stacklen = 0
tmp = "\e[1;36;40mDial\e[0;37;40m\0m\0;40m", '\0' <repeats 48 times>
tmp2 = "\e[1;35;40mSIP/agent109-3894\e[0;37;40m", '\0' <repeats 42 times>
tmp3 = "\e[1;35;40mIAX2/xxx@xxx/003282645380|90\e[0;37;40m\07;40m", '\0' <repeats 191 times>
ASTERISK-2 0x08064bed in ast_pbx_run (c=0x8230098) at pbx.c:1657
digit = 0 '\0'
exten = '\0' <repeats 255 times>
pos = 0
waittime = -1121977596
res = 0
ASTERISK-3 0x0806b19e in pbx_thread (data=0x8230098) at pbx.c:1882
data = (void *) 0x39
ASTERISK-4 0x400210ba in pthread_start_thread () from /lib/libpthread.so.0
No symbol table info available.
By: zoa (zoa) 2004-03-19 11:52:05.000-0600

Reading symbols from /usr/lib/asterisk/modules/app_zapscan.so...done.
Loaded symbols for /usr/lib/asterisk/modules/app_zapscan.so
#0 0x08225bc0 in ?? ()
(gdb)
(gdb) bt full
#0 0x08225bc0 in ?? ()
No symbol table info available.
#1 0x0805950b in ast_set_read_format (chan=0x811bd50, fmts=1024)
at channel.c:1519
chan = (struct ast_channel *) 0x80eaa88
fmts = 136507944
fmt = 1024
native = 2
res = 136469432
#2 0x4046b67b in socket_read (id=0x8209678, fd=21, events=1, cbdata=0x0)
at chan_iax2.c:4361
orignative = 2
sin = {sin_family = 2, sin_port = 55569, sin_addr = {
s_addr = 2103572949}, sin_zero = "\0\0\0\0\0\0\0"}
res = 45
updatehistory = 1
new = 0
buf = "À\0@\0\0\0\0T\003\002\002\002Ô0ýj\233P0ÈÝg³\"X¨!ÙË%´\222çÆx~\215mð&ªm6\017\025", '\0' <repeats 2187 times>, "ìI\002@Hn\e@", '\0' <repeats 20 times>, "Èô\177¾Hn\e@àê\002@Øö\177¾\210õ\177¾", '\0' <repeats 16 times>, "\004\0\0\0\200>\002@\0\0\0\024¸\206\f@\0\0@", '\0' <repeats 125 times>, "\200>\002@\0\0\0\024¸\206\f@\0\0@", '\0' <repeats 157 times>, "\210õ\177¾\003A\002@\027\0\0\0üô\177¾Àõ\177¾U@\002@Hn\e@\0\0@\0Pö\177¾", '\0' <repeats 16 times>...
---Type <return> to continue, or q <return> to quit---
ptr = 0x0
len = 16
dcallno = 16384
mh = (struct ast_iax2_mini_hdr *) 0x4047738b
mte = (struct ast_iax2_meta_trunk_entry *) 0x401b46b8
dblbuf = '\0' <repeats 4095 times>
fr = {callno = 16384, dcallno = 0, data = 0x0, datalen = 0,
retries = 0, ts = 84, retrytime = 0, outoforder = 0, sentyet = 0,
oseqno = 3, iseqno = 2, transfer = 0, final = 0, direction = 0, retrans = 0,
next = 0x0, prev = 0x0, af = {frametype = 4, subclass = 4, datalen = 0,
samples = 0, mallocd = 0, offset = 64, src = 0x404758c7 "IAX2",
data = 0xbe7fda94, prev = 0x0, next = 0x0},
unused = '\0' <repeats 63 times>, afdata = 0xbe7fda94 ""}
cur = (struct iax_frame *) 0x0
f = {frametype = 2, subclass = 2, datalen = 33, samples = 0,
mallocd = 0, offset = 0, src = 0x404758c7 "IAX2", data = 0xbe7feaa0,
prev = 0x0, next = 0x0}
c = (struct ast_channel *) 0x8225bb8
dp = (struct iax2_dpcache *) 0x4047738b
peer = (struct iax2_peer *) 0x0
ies = {called_number = 0x0, calling_number = 0x0, calling_ani = 0x0,
calling_name = 0x0, called_context = 0x0, username = 0x0, password = 0x0,
capability = 0, format = 0, language = 0x0, version = 0, adsicpe = 0,
---Type <return> to continue, or q <return> to quit---
dnid = 0x0, rdnis = 0x0, authmethods = 0, challenge = 0x0, md5_result = 0x0,
rsa_result = 0x0, apparent_addr = 0x0, refresh = 0, dpstatus = 0,
callno = 0, cause = 0x0, iax_unknown = 0 '\0', msgcount = 0, autoanswer = 0,
musiconhold = 0, transferid = 0, datetime = 0}
ied0 = {buf = '\0' <repeats 1023 times>, pos = 0}
ied1 = {buf = '\0' <repeats 1023 times>, pos = 0}
format = 0
exists = 0
minivid = 0
empty = '\0' <repeats 31 times>
#3 0x08051870 in ast_io_wait (ioc=0x80ee760, howlong=1000) at io.c:267
ioc = (struct io_context *) 0x80ee760
howlong = 136469432
res = 1
x = 0
origcnt = 2
#4 0x4046fddb in network_thread (ignore=0x0) at chan_iax2.c:5191
res = 1075529400
f = (struct iax_frame *) 0x0
freeme = (struct iax_frame *) 0x0
ASTERISK-1 0x400210ba in pthread_start_thread () from /lib/libpthread.so.0
No symbol table info available.
By: zoa (zoa) 2004-03-19 11:52:50.000-0600

Reading symbols from /usr/lib/asterisk/modules/app_zapscan.so...done.
Loaded symbols for /usr/lib/asterisk/modules/app_zapscan.so
#0 ast_translator_free_path (p=0x4077e020) at translate.c:76
76 p = p->next;
(gdb) bt full
#0 ast_translator_free_path (p=0x4077e020) at translate.c:76
p = (struct ast_trans_pvt *) 0x10
pl = (struct ast_trans_pvt *) 0x10
#1 0x0805950b in ast_set_read_format (chan=0x8403da8, fmts=1024)
at channel.c:1519
chan = (struct ast_channel *) 0x8403da8
fmts = 1024
fmt = 1024
native = 2
res = 0
#2 0x4036b67b in socket_read (id=0x80f6980, fd=23, events=1, cbdata=0x0)
at chan_iax2.c:4361
orignative = 2
sin = {sin_family = 2, sin_port = 55569, sin_addr = {
s_addr = 116392916}, sin_zero = "\0\0\0\0\0\0\0"}
res = 45
updatehistory = 1
new = 0
buf = "À\0@\017\0\0\0N\003\002\002\002Ô0ýj\233P0ÈÝg³\"X¨!ÙË%´\222çÆx~\215mð&ªm6\017\025@\004\0!Ø ¢áZP\0I$\222I$P\0I$\222I$P\0I$\222I$P\0I$\222I$@\t\0!Ø ¢áZP\0I$\222I$P\0I$\222I$P\0I$\222I$P\0I$\222I$c\232\210DùM9måh9\021Juj\231¨<\023Æt«Péà\224\226Ê\214$\222I$Ø ¢áZP\0I$\222I$P\0I$\222I$P\0I$\222I$P\0I$\222I$$\222I$Ø ¢áZP\0I$\222I"...
---Type <return> to continue, or q <return> to quit---
ptr = 0xbe7feb0b "c\232\210DùM9måh9\021Juj\231¨<\023Æt«Péà\224\226Ê\214$\222I$Ø ¢áZP"
len = 16
dcallno = 16399
mh = (struct ast_iax2_mini_hdr *) 0x4037738b
mte = (struct ast_iax2_meta_trunk_entry *) 0x1
dblbuf = "\0 ¢áZP\0I$\222I$P\0I$\222I$P\0I$\222I$P\0I$\222I$Ö U¶\213\223\fj¸\230A\035\221ËV\035\224\2366ÙNµpnG#\223O\235C\225ÉZ", '\0' <repeats 1686 times>, "ìI\002@Hn\e@\0\0\0\0\0\0\0\0ìI\002@Hn\e@\0\0\0\0èâ\177¾Hn\e@àê\002@øä\177¾¨ã\177¾ìI\002@Hn\e@\bå\177¾\0\0\0\0\004\0\0\0\200>\002@\0\0\0\024¸\206\f@\0\0@\0\0\0\0\0(å\177¾Øã\177¾\0\0@", '\0' <repeats 13 times>, "\004\0\0\0\200>\002@\0\0\0\024¸\206\f"...
fr = {callno = 16399, dcallno = 0, data = 0x0, datalen = 0,
retries = 0, ts = 78, retrytime = 0, outoforder = 0, sentyet = 0,
oseqno = 3, iseqno = 2, transfer = 0, final = 0, direction = 0, retrans = 0,
next = 0x0, prev = 0x0, af = {frametype = 4, subclass = 4, datalen = 0,
samples = 0, mallocd = 0, offset = 64, src = 0x403758c7 "IAX2",
data = 0xbe7fda94, prev = 0x0, next = 0x0},
unused = '\0' <repeats 63 times>, afdata = 0xbe7fda94 ""}
cur = (struct iax_frame *) 0x0
f = {frametype = 2, subclass = 2, datalen = 33, samples = 0,
mallocd = 0, offset = 0, src = 0x403758c7 "IAX2", data = 0xbe7feaa0,
prev = 0x0, next = 0x0}
---Type <return> to continue, or q <return> to quit---
c = (struct ast_channel *) 0x0
dp = (struct iax2_dpcache *) 0x4037738b
peer = (struct iax2_peer *) 0x80f6050
ies = {called_number = 0x0, calling_number = 0x0, calling_ani = 0x0,
calling_name = 0x0, called_context = 0x0, username = 0x0, password = 0x0,
capability = 0, format = 0, language = 0x0, version = 0, adsicpe = 0,
dnid = 0x0, rdnis = 0x0, authmethods = 0, challenge = 0x0, md5_result = 0x0,
rsa_result = 0x0, apparent_addr = 0x0, refresh = 0, dpstatus = 0,
callno = 0, cause = 0x0, iax_unknown = 0 '\0', msgcount = 0, autoanswer = 0,
musiconhold = 0, transferid = 0, datetime = 0}
ied0 = {buf = '\0' <repeats 1023 times>, pos = 0}
ied1 = {buf = '\0' <repeats 1023 times>, pos = 0}
format = 0
exists = 0
minivid = 0
empty = '\0' <repeats 31 times>
#3 0x08051870 in ast_io_wait (ioc=0x80ea9e8, howlong=830) at io.c:267
ioc = (struct io_context *) 0x80ea9e8
howlong = 0
res = 1
x = 0
origcnt = 2
#4 0x4036fddb in network_thread (ignore=0x0) at chan_iax2.c:5191
---Type <return> to continue, or q <return> to quit---
res = 1
f = (struct iax_frame *) 0x0
freeme = (struct iax_frame *) 0x0
ASTERISK-1 0x400210ba in pthread_start_thread () from /lib/libpthread.so.0
No symbol table info available.
By: zoa (zoa) 2004-03-19 12:00:15.000-0600

Reading symbols from /usr/lib/asterisk/modules/app_zapscan.so...done.
Loaded symbols for /usr/lib/asterisk/modules/app_zapscan.so
#0 ast_translator_free_path (p=0x4077e020) at translate.c:76
76 p = p->next;
(gdb) bt full
#0 ast_translator_free_path (p=0x4077e020) at translate.c:76
p = (struct ast_trans_pvt *) 0x10
pl = (struct ast_trans_pvt *) 0x10
#1 0x0805950b in ast_set_read_format (chan=0x8403da8, fmts=1024)
at channel.c:1519
chan = (struct ast_channel *) 0x8403da8
fmts = 1024
fmt = 1024
native = 2
res = 0
#2 0x4036b67b in socket_read (id=0x80f6980, fd=23, events=1, cbdata=0x0)
at chan_iax2.c:4361
orignative = 2
sin = {sin_family = 2, sin_port = 55569, sin_addr = {
s_addr = 116392916}, sin_zero = "\0\0\0\0\0\0\0"}
res = 45
updatehistory = 1
new = 0
buf = "À\0@\017\0\0\0N\003\002\002\002Ô0ýj\233P0ÈÝg³\"X¨!ÙË%´\222çÆx~\215mð&ªm6\017\025@\004\0!Ø ¢áZP\0I$\222I$P\0I$\222I$P\0I$\222I$P\0I$\222I$@\t\0!Ø ¢áZP\0I$\222I$P\0I$\222I$P\0I$\222I$P\0I$\222I$c\232\210DùM9måh9\021Juj\231¨<\023Æt«Péà\224\226Ê\214$\222I$Ø ¢áZP\0I$\222I$P\0I$\222I$P\0I$\222I$P\0I$\222I$$\222I$Ø ¢áZP\0I$\222I"...
---Type <return> to continue, or q <return> to quit---
ptr = 0xbe7feb0b "c\232\210DùM9måh9\021Juj\231¨<\023Æt«Péà\224\226Ê\214$\222I$Ø ¢áZP"
len = 16
dcallno = 16399
mh = (struct ast_iax2_mini_hdr *) 0x4037738b
mte = (struct ast_iax2_meta_trunk_entry *) 0x1
dblbuf = "\0 ¢áZP\0I$\222I$P\0I$\222I$P\0I$\222I$P\0I$\222I$Ö U¶\213\223\fj¸\230A\035\221ËV\035\224\2366ÙNµpnG#\223O\235C\225ÉZ", '\0' <repeats 1686 times>, "ìI\002@Hn\e@\0\0\0\0\0\0\0\0ìI\002@Hn\e@\0\0\0\0èâ\177¾Hn\e@àê\002@øä\177¾¨ã\177¾ìI\002@Hn\e@\bå\177¾\0\0\0\0\004\0\0\0\200>\002@\0\0\0\024¸\206\f@\0\0@\0\0\0\0\0(å\177¾Øã\177¾\0\0@", '\0' <repeats 13 times>, "\004\0\0\0\200>\002@\0\0\0\024¸\206\f"...
fr = {callno = 16399, dcallno = 0, data = 0x0, datalen = 0,
retries = 0, ts = 78, retrytime = 0, outoforder = 0, sentyet = 0,
oseqno = 3, iseqno = 2, transfer = 0, final = 0, direction = 0, retrans = 0,
next = 0x0, prev = 0x0, af = {frametype = 4, subclass = 4, datalen = 0,
samples = 0, mallocd = 0, offset = 64, src = 0x403758c7 "IAX2",
data = 0xbe7fda94, prev = 0x0, next = 0x0},
unused = '\0' <repeats 63 times>, afdata = 0xbe7fda94 ""}
cur = (struct iax_frame *) 0x0
f = {frametype = 2, subclass = 2, datalen = 33, samples = 0,
mallocd = 0, offset = 0, src = 0x403758c7 "IAX2", data = 0xbe7feaa0,
prev = 0x0, next = 0x0}
---Type <return> to continue, or q <return> to quit---
c = (struct ast_channel *) 0x0
dp = (struct iax2_dpcache *) 0x4037738b
peer = (struct iax2_peer *) 0x80f6050
ies = {called_number = 0x0, calling_number = 0x0, calling_ani = 0x0,
calling_name = 0x0, called_context = 0x0, username = 0x0, password = 0x0,
capability = 0, format = 0, language = 0x0, version = 0, adsicpe = 0,
dnid = 0x0, rdnis = 0x0, authmethods = 0, challenge = 0x0, md5_result = 0x0,
rsa_result = 0x0, apparent_addr = 0x0, refresh = 0, dpstatus = 0,
callno = 0, cause = 0x0, iax_unknown = 0 '\0', msgcount = 0, autoanswer = 0,
musiconhold = 0, transferid = 0, datetime = 0}
ied0 = {buf = '\0' <repeats 1023 times>, pos = 0}
ied1 = {buf = '\0' <repeats 1023 times>, pos = 0}
format = 0
exists = 0
minivid = 0
empty = '\0' <repeats 31 times>
#3 0x08051870 in ast_io_wait (ioc=0x80ea9e8, howlong=830) at io.c:267
ioc = (struct io_context *) 0x80ea9e8
howlong = 0
res = 1
x = 0
origcnt = 2
#4 0x4036fddb in network_thread (ignore=0x0) at chan_iax2.c:5191
---Type <return> to continue, or q <return> to quit---
res = 1
f = (struct iax_frame *) 0x0
freeme = (struct iax_frame *) 0x0
ASTERISK-1 0x400210ba in pthread_start_thread () from /lib/libpthread.so.0
No symbol table info available.
By: zoa (zoa) 2004-03-19 12:01:36.000-0600

Reading symbols from /usr/lib/asterisk/modules/app_zapscan.so...done.
Loaded symbols for /usr/lib/asterisk/modules/app_zapscan.so
#0 0x0823f6c0 in ?? ()
(gdb) bt full
#0 0x0823f6c0 in ?? ()
No symbol table info available.
#1 0x0805950b in ast_set_read_format (chan=0x84159e0, fmts=1024)
at channel.c:1519
chan = (struct ast_channel *) 0x8271e28
fmts = 136443056
fmt = 1024
native = 2
res = 136574649
#2 0x4056f67b in socket_read (id=0x8107d18, fd=25, events=1, cbdata=0x0)
at chan_iax2.c:4361
orignative = 2
sin = {sin_family = 2, sin_port = 55569, sin_addr = {
s_addr = 116392916}, sin_zero = "\0\0\0\0\0\0\0"}
res = 45
updatehistory = 1
new = 0
buf = "À\016@\023\0\0\0J\003\002\002\002Ô0ýj\233P0ÈÝg³\"X¨!ÙË%´\222çÆx~\215mð&ªm6\017\025@\002\0!Ø ¢áZP\0I$\222I$P\0I$\222I$P\0I$\222I$P\0I$\222I$@\006\0!Öé´.\234Sâå\036Á\210µR¢\234ÚìÛW å%#íº\225ÊÂµr\234\207Í@\n\0!×¦¢\025ëÖ\06Ûm¶Û\202`7&N7[m@G\"RÚ£e@¸Ü\216(^Z²\0I$\222I$P\0I$\222I$P\0I$\216I$f\0I$\222I$$P\0I$\222I$@\r\0!Ðj¢"...
ptr = 0xbe7feb30 "Z²"
---Type <return> to continue, or q <return> to quit---
len = 16
dcallno = 16403
mh = (struct ast_iax2_mini_hdr *) 0x4057b38b
mte = (struct ast_iax2_meta_trunk_entry *) 0x821f4a8
dblbuf = "\0¦¢\025ëÖ\06Ûm¶Û\202`7&N7[m@G\"RÚ£e@¸Ü\216(^Ð\233\232áZP\0I$\222I$P\0I$\222I$P\0I$\222I$P\0I$\222I$Ð\233\232áZT\0I$\222I$P\0I$\222I$P\0I$\222I$P\0I$\222I$", '\0' <repeats 1653 times>, "ìI\002@Hn\e@\0\0\0\0\0\0\0\0ìI\002@Hn\e@\0\0\0\0èâ\177¾Hn\e@àê\002@øä\177¾¨ã\177¾ìI\002@Hn\e@\bå\177¾\0\0\0\0\004\0\0\0\200>\002@\0\0\0\024\030ã\177¾Hn\e@àê\002@(å\177"...
fr = {callno = 16403, dcallno = 0, data = 0x0, datalen = 0,
retries = 0, ts = 74, retrytime = 0, outoforder = 0, sentyet = 0,
oseqno = 3, iseqno = 2, transfer = 0, final = 0, direction = 0, retrans = 0,
next = 0x0, prev = 0x0, af = {frametype = 4, subclass = 4, datalen = 0,
samples = 0, mallocd = 0, offset = 64, src = 0x405798c7 "IAX2",
data = 0xbe7fda94, prev = 0x0, next = 0x0},
unused = '\0' <repeats 63 times>, afdata = 0xbe7fda94 ""}
cur = (struct iax_frame *) 0x0
f = {frametype = 2, subclass = 2, datalen = 33, samples = 0,
mallocd = 0, offset = 0, src = 0x405798c7 "IAX2", data = 0xbe7feaa0,
prev = 0x0, next = 0x0}
c = (struct ast_channel *) 0x823f6b9
dp = (struct iax2_dpcache *) 0x4057b38b
peer = (struct iax2_peer *) 0x81073c8
---Type <return> to continue, or q <return> to quit---
ies = {called_number = 0x0, calling_number = 0x0, calling_ani = 0x0,
calling_name = 0x0, called_context = 0x0, username = 0x0, password = 0x0,
capability = 0, format = 0, language = 0x0, version = 0, adsicpe = 0,
dnid = 0x0, rdnis = 0x0, authmethods = 0, challenge = 0x0, md5_result = 0x0,
rsa_result = 0x0, apparent_addr = 0x0, refresh = 0, dpstatus = 0,
callno = 0, cause = 0x0, iax_unknown = 0 '\0', msgcount = 0, autoanswer = 0,
musiconhold = 0, transferid = 0, datetime = 0}
ied0 = {buf = '\0' <repeats 1023 times>, pos = 0}
ied1 = {buf = '\0' <repeats 1023 times>, pos = 0}
format = 0
exists = 0
minivid = 0
empty = '\0' <repeats 31 times>
#3 0x08051870 in ast_io_wait (ioc=0x8105260, howlong=3) at io.c:267
ioc = (struct io_context *) 0x8105260
howlong = 136574649
res = 1
x = 0
origcnt = 2
#4 0x40573ddb in network_thread (ignore=0x0) at chan_iax2.c:5191
res = 136443048
f = (struct iax_frame *) 0x0
freeme = (struct iax_frame *) 0x0
---Type <return> to continue, or q <return> to quit---
ASTERISK-1 0x400210ba in pthread_start_thread () from /lib/libpthread.so.0
No symbol table info available.
By: zoa (zoa) 2004-03-19 12:02:49.000-0600

Reading symbols from /usr/lib/asterisk/modules/app_zapscan.so...done.
Loaded symbols for /usr/lib/asterisk/modules/app_zapscan.so
#0 0x2e300054 in ?? ()
(gdb) bt full
#0 0x2e300054 in ?? ()
No symbol table info available.
#1 0x0805950b in ast_set_read_format (chan=0x409cdad8, fmts=1024)
at channel.c:1519
chan = (struct ast_channel *) 0x82307c8
fmts = 16
fmt = 1024
native = 2
res = 774897748
#2 0x4046b67b in socket_read (id=0x820a758, fd=21, events=1, cbdata=0x0)
at chan_iax2.c:4361
orignative = 2
sin = {sin_family = 2, sin_port = 55569, sin_addr = {
s_addr = 116392916}, sin_zero = "\0\0\0\0\0\0\0"}
res = 45
updatehistory = 1
new = 0
buf = "À\006@\002\0\0\0G\003\002\002\002Ô0ýj\233P0ÈÝg³\"X¨!ÙË%´\222çÆx~\215mð&ªm6\017\025Ø ¢áZP\0I$\222I$P\0I$\222I$P\0I$\222I$P\0I$\222I$@\003\0BØ ¢áZP\0I$\222I$P\0I$\222I$P\0I$\222I$P\0I$\222I$Ø ¢áZP\0I$\222I$P\0I$\222I$P\0I$\222I$P\0I$\222I$@\004\0BØ ¢áZP\0I$\222I$P\0I$\222I$P\0I$\222I$P\0I$\222I$Ø ¢áZP\0I$\222I$P\0I"...
ptr = 0xbe7febb4 "$\222I$Ð\233\232áZP"
---Type <return> to continue, or q <return> to quit---
len = 16
dcallno = 16386
mh = (struct ast_iax2_mini_hdr *) 0x4047738b
mte = (struct ast_iax2_meta_trunk_entry *) 0x8224ac8
dblbuf = "\0´£\235ÛÅ«Ç\035\026I\el\001\"åºEÊÄ!$Ûj6¹Ò!rÒN6ÚÔ\026iX\222l $Ûm¸Û¾ 6Ü\211É\eÚ@I*\222I$l\0I#\222E\034", '\0' <repeats 1686 times>, "ìI\002@Hn\e@\0\0\0\0\0\0\0\0ìI\002@Hn\e@\0\0\0\0èâ\177¾Hn\e@àê\002@øä\177¾¨ã\177¾ìI\002@Hn\e@\bå\177¾\0\0\0\0\004\0\0\0\200>\002@\0\0\0\024\030ã\177¾Hn\e@àê\002@(å\177¾Øã\177¾\0\0@", '\0' <repeats 13 times>, "\004\0\0\0\200>\002@\0\0\0\024¸\206\f"...
fr = {callno = 16386, dcallno = 0, data = 0x0, datalen = 0,
retries = 0, ts = 71, retrytime = 0, outoforder = 0, sentyet = 0,
oseqno = 3, iseqno = 2, transfer = 0, final = 0, direction = 0, retrans = 0,
next = 0x0, prev = 0x0, af = {frametype = 4, subclass = 4, datalen = 0,
samples = 0, mallocd = 0, offset = 64, src = 0x404758c7 "IAX2",
data = 0xbe7fda94, prev = 0x0, next = 0x0},
unused = '\0' <repeats 63 times>, afdata = 0xbe7fda94 ""}
cur = (struct iax_frame *) 0x0
f = {frametype = 2, subclass = 2, datalen = 33, samples = 0,
mallocd = 0, offset = 0, src = 0x404758c7 "IAX2", data = 0xbe7feaa0,
prev = 0x0, next = 0x0}
c = (struct ast_channel *) 0x2e300054
dp = (struct iax2_dpcache *) 0x4047738b
---Type <return> to continue, or q <return> to quit---
peer = (struct iax2_peer *) 0x82081e0
ies = {called_number = 0x0, calling_number = 0x0, calling_ani = 0x0,
calling_name = 0x0, called_context = 0x0, username = 0x0, password = 0x0,
capability = 0, format = 0, language = 0x0, version = 0, adsicpe = 0,
dnid = 0x0, rdnis = 0x0, authmethods = 0, challenge = 0x0, md5_result = 0x0,
rsa_result = 0x0, apparent_addr = 0x0, refresh = 0, dpstatus = 0,
callno = 0, cause = 0x0, iax_unknown = 0 '\0', msgcount = 0, autoanswer = 0,
musiconhold = 0, transferid = 0, datetime = 0}
ied0 = {buf = '\0' <repeats 1023 times>, pos = 0}
ied1 = {buf = '\0' <repeats 1023 times>, pos = 0}
format = 0
exists = 0
minivid = 0
empty = '\0' <repeats 31 times>
#3 0x08051870 in ast_io_wait (ioc=0x80ee550, howlong=500) at io.c:267
ioc = (struct io_context *) 0x80ee550
howlong = 774897748
res = 1
x = 0
origcnt = 2
#4 0x4046fddb in network_thread (ignore=0x0) at chan_iax2.c:5191
res = 136465096
f = (struct iax_frame *) 0x0
---Type <return> to continue, or q <return> to quit---
freeme = (struct iax_frame *) 0x0
ASTERISK-1 0x400210ba in pthread_start_thread () from /lib/libpthread.so.0
No symbol table info available.
By: Brian West (bkw918) 2004-03-19 18:11:06.000-0600

noload zap_scan and see if it goes away
By: zoa (zoa) 2004-03-20 04:27:00.000-0600

i noloaded zaptel, same result (cored with 4 simultaneous calls)

Loaded symbols for /usr/lib/asterisk/modules/app_setcdruserfield.so
Reading symbols from /usr/lib/asterisk/modules/app_random.so...done.
Loaded symbols for /usr/lib/asterisk/modules/app_random.so
Reading symbols from /usr/lib/asterisk/modules/app_ices.so...done.
Loaded symbols for /usr/lib/asterisk/modules/app_ices.so
#0 0x407000a1 in ?? ()
(gdb)
(gdb) bt
#0 0x407000a1 in ?? ()
#1 0x0805950b in ast_set_read_format (chan=0x8111b50, fmts=1024)
at channel.c:1519
#2 0x4036b67b in socket_read (id=0x80dcb50, fd=21, events=1, cbdata=0x0)
at chan_iax2.c:4361
#3 0x08051870 in ast_io_wait (ioc=0x813ba70, howlong=538) at io.c:267
#4 0x4036fddb in network_thread (ignore=0x0) at chan_iax2.c:5191
ASTERISK-1 0x400210ba in pthread_start_thread () from /lib/libpthread.so.0
(gdb) bt full
#0 0x407000a1 in ?? ()
No symbol table info available.
#1 0x0805950b in ast_set_read_format (chan=0x8111b50, fmts=1024)
at channel.c:1519
chan = (struct ast_channel *) 0x4071f328
fmts = 1081244440
fmt = 1024
native = 2
res = 130
#2 0x4036b67b in socket_read (id=0x80dcb50, fd=21, events=1, cbdata=0x0)
at chan_iax2.c:4361
orignative = 2
sin = {sin_family = 2, sin_port = 55569, sin_addr = {
s_addr = 116392916}, sin_zero = "\0\0\0\0\0\0\0"}
res = 45
updatehistory = 1
new = 0
buf = "À\r@\r\0\0\0F\003\002\002\002Ô0ýj\233P0ÈÝg³\"X¨!ÙË%´\222çÆx~\215mð&ªm6\017\025@\006\0!Ø[#çÌÉG\035d\216º\004\207fúÞK£,Ë\006fû>\023sÏgá\034\206É+@\a\0!Ø ¢áZP\0I$\222I$P\0I$\222I$P\0I$\222I$P\0I$\222I$@\n\0!Ødv\234ã´ÃGb\n¨ìða¥ËNÆÝÜ\001\030ÓnD\235Ú@µ#fd§@\f\0!Ø ¢áZP\0I$\222I$P\0I$\222I$P\0I$\222I$P\0I$\222I$@\f\0!Ø ¢"...
ptr = 0xbe7feb55 "@\f"
---Type <return> to continue, or q <return> to quit---
len = 16
dcallno = 16397
mh = (struct ast_iax2_mini_hdr *) 0x40377389
mte = (struct ast_iax2_meta_trunk_entry *) 0x40700028
dblbuf = "\0 ¢áZP\0I$\222I$P\0I$\222I$P\0I$\222I$P\0I$\222I$", '\0' <repeats 1719 times>, "ìI\002@Hn\e@\0\0\0\0\0\0\0\0ìI\002@Hn\e@\0\0\0\0èâ\177¾Hn\e@àê\002@øä\177¾¨ã\177¾ìI\002@Hn\e@\bå\177¾\0\0\0\0\004\0\0\0\200>\002@\0\0\0\024\030ã\177¾Hn\e@àê\002@(å\177¾Øã\177¾\0\0@", '\0' <repeats 13 times>, "\004\0\0\0\200>\002@\0\0\0\024¸\206\f@\0\0@", '\0' <repeats 77 times>, "\200>\002@\0\0\0\024¸\206\f@\0\0@", '\0' <repeats 33 times>...
fr = {callno = 16397, dcallno = 0, data = 0x0, datalen = 0,
retries = 0, ts = 70, retrytime = 0, outoforder = 0, sentyet = 0,
oseqno = 3, iseqno = 2, transfer = 0, final = 0, direction = 0, retrans = 0,
next = 0x0, prev = 0x0, af = {frametype = 4, subclass = 4, datalen = 0,
samples = 0, mallocd = 0, offset = 64, src = 0x403758c7 "IAX2",
data = 0xbe7fda94, prev = 0x0, next = 0x0},
unused = '\0' <repeats 63 times>, afdata = 0xbe7fda94 ""}
cur = (struct iax_frame *) 0x0
f = {frametype = 2, subclass = 2, datalen = 33, samples = 0,
mallocd = 0, offset = 0, src = 0x403758c7 "IAX2", data = 0xbe7feaa0,
prev = 0x0, next = 0x0}
c = (struct ast_channel *) 0x82
dp = (struct iax2_dpcache *) 0x40377389
---Type <return> to continue, or q <return> to quit---
peer = (struct iax2_peer *) 0x813dbd8
ies = {called_number = 0x0, calling_number = 0x0, calling_ani = 0x0,
calling_name = 0x0, called_context = 0x0, username = 0x0, password = 0x0,
capability = 0, format = 0, language = 0x0, version = 0, adsicpe = 0,
dnid = 0x0, rdnis = 0x0, authmethods = 0, challenge = 0x0, md5_result = 0x0,
rsa_result = 0x0, apparent_addr = 0x0, refresh = 0, dpstatus = 0,
callno = 0, cause = 0x0, iax_unknown = 0 '\0', msgcount = 0, autoanswer = 0,
musiconhold = 0, transferid = 0, datetime = 0}
ied0 = {buf = '\0' <repeats 1023 times>, pos = 0}
ied1 = {buf = '\0' <repeats 1023 times>, pos = 0}
format = 0
exists = 0
minivid = 0
empty = '\0' <repeats 31 times>
#3 0x08051870 in ast_io_wait (ioc=0x813ba70, howlong=538) at io.c:267
ioc = (struct io_context *) 0x813ba70
howlong = 130
res = 1
x = 0
origcnt = 2
#4 0x4036fddb in network_thread (ignore=0x0) at chan_iax2.c:5191
res = 1081081896
f = (struct iax_frame *) 0x0
---Type <return> to continue, or q <return> to quit---
freeme = (struct iax_frame *) 0x0
ASTERISK-1 0x400210ba in pthread_start_thread () from /lib/libpthread.so.0
No symbol table info available.
By: zoa (zoa) 2004-03-20 04:28:10.000-0600

oké, didnt noload zaptel of course, just app_zapscan.so
By: zoa (zoa) 2004-03-20 04:29:34.000-0600

and another one, is it just me or is the caller_id looking very weird ?

Loaded symbols for /usr/lib/asterisk/modules/app_ices.so
#0 0x40732361 in ?? ()
(gdb) bt full
#0 0x40732361 in ?? ()
No symbol table info available.
#1 0x0805950b in ast_set_read_format (chan=0x84053e0, fmts=1024)
at channel.c:1519
chan = (struct ast_channel *) 0x407e6838
fmts = 16
fmt = 1024
native = 2
res = 0
#2 0x0805a23d in ast_channel_make_compatible (chan=0x83dc260, peer=0x84053e0)
at channel.c:1915
chan = (struct ast_channel *) 0x83dc260
peer = (struct ast_channel *) 0x84053e0
peerf = 2
chanf = 1024
res = 0
#3 0x404b602a in dial_exec (chan=0x83dc260, data=0xbd5ff7b4) at app_dial.c:682
data = (void *) 0x84053e0
res = 0
u = (struct localuser *) 0x83de300
info = "IAX2\0iax-test@iax-test/003269444559\090", '\0' <repeats 217 times>
peers = 0x84053e0 "IAX2[iax-test]/16384"
---Type <return> to continue, or q <return> to quit---
timeout = 0xbd5ff4b8 "90"
number = 0x83dc260 "SIP/agent530-1135"
rest = 0x0
cur = 0x0
privdb = '\0' <repeats 255 times>
s = 0x83dc260 "SIP/agent530-1135"
announcemsg = '\0' <repeats 255 times>
ann = 0x84053e0 "IAX2[iax-test]/16384"
outgoing = (struct localuser *) 0x0
tmp = (struct localuser *) 0x82f9b18
peer = (struct ast_channel *) 0x84053e0
to = 89850
allowredir_in = 0
allowredir_out = 0
allowdisconnect = 0
privacy = 0
announce = 0
resetcdr = 0
numsubst = "iax-test@iax-test/003269444559", '\0' <repeats 49 times>, "½"
restofit = '\0' <repeats 44 times>, "\224ó_½", '\0' <repeats 16 times>, "\224õ_½+8\006\b\0\0\0\0\0\0\0"
transfer = 0x0
---Type <return> to continue, or q <return> to quit---
newnum = 0x84053e0 "IAX2[iax-test]/16384"
callerid = "\224ó_½\0\0\0\0\232ò_½)\t\v\b\0\0\0\0\0\0\0\0=\0\0\0\224ô_½4ò_½d3\006\b\224ô_½¬Ä=\bÿ\0\0\0=£\020@\005\0\0\0\0\0\0\0\224ó_½", '\0' <repeats 12 times>, "tñ_½Ð±\020@¤ñ_½\004ó_½4Ú=\b\0\0\0\0Hn\e@¤ñ_½\204ò_½Êh\020@¤ñ_½+à\n\bÐò_½=£\020@Hn\e@\207¤\016\fý\0\0\0\004ó_½Hn\e@0ó=\bÄñ_½Ð±\020@ôñ_½\210¤\016\b\207¤\016\f\0\0\0\0Hn\e@\210¤\016\b\224ò_½Ã \020@ôñ"...
l = 0xbd5ff514 ""
n = 0x0
url = 0x0
current = (struct ast_var_t *) 0x83dc260
newvar = (struct ast_var_t *) 0x80c2a01
go_on = 0
#4 0x08061e30 in pbx_exec (c=0x83dc260, app=0x8115a38, data=0xbd5ff7b4,
newstack=1) at pbx.c:396
res = 0
stack = -1
execute = (int (*)()) 0x404b4f20 <dial_exec>
ASTERISK-1 0x08063eb3 in pbx_extension_helper (c=0x83dc260, context=0x83dc3b8 "sip",
exten=0x83dc4ac "3269444559", priority=7, callerid=0x80fcdf0 "''",
action=1) at pbx.c:1173
callerid = 0x8115a38 "Dial"
action = -1117784140
e = (struct ast_exten *) 0x8101000
---Type <return> to continue, or q <return> to quit---
app = (struct ast_app *) 0x8115a38
sw = (struct ast_switch *) 0x0
data = 0x0
newstack = 1
res = 0
status = 4
incstack = {0x0 <repeats 20 times>, 0x2 <Address 0x2 out of bounds>,
0x8071002 "\203Ä\020\205Àu\a\212\0043\210\0047GC\200<3", 0x80b3450 "( )-.",
0x30 <Address 0x30 out of bounds>, 0x83dda90 "", 0x4010d1d6 "[\201Ãr\234\n",
0x83dda98 "''", 0xbd5ffc00 "", 0xbd5ffc00 "", 0x40025c3e "[\201Ã¢\216",
0x4 <Address 0x4 out of bounds>, 0x83ddd58 "1079774168.34",
0xbd5ff9c4 "¬Ä=\b\a",
0x80734d3 "1À\215e\210[^_\211ì]Ã\220U\211å\203ìlWVS\213}\b X;\v\b\203Äü\213·<\027", 0x83ddd58 "1079774168.34", 0x83dda0c "1079774168.34",
0x1f <Address 0x1f out of bounds>, 0x40022195 "[\201ÃKÉ",
0x4002eae0 "ì9\001", 0xbd5ffb60 "", 0xbd5ffc00 "",
0x400222d3 "1Àë\005¸\026", 0x401b4ac0 "", 0x401b46a0 "", 0xbd5ff9a4 "",
0x4010d1a8 "ë\020\215¶", 0xbd5ff975 "agent530", 0xbd5ff980 "530",
0x65676100 <Address 0x65676100 out of bounds>,
0x3335746e <Address 0x3335746e out of bounds>,
0x200030 <Address 0x200030 out of bounds>,
0x303335 <Address 0x303335 out of bounds>, 0x0, 0x0, 0x0, 0x0, 0x0,
0x8073bcf "\215eè[^\211ì]ÃU\211å\203ì\024S\213]\b\205Û\017\204\225",
---Type <return> to continue, or q <return> to quit---
0x83ddd18 "Ø\v\\@\024\"\n", 0x0, 0x0, 0x0, 0x83dc3b8 "sip",
0x83dc4ac "3269444559"}
passdata = "IAX2/iax-test@iax-test/003269444559|90", '\0' <repeats 217 times>
stacklen = 0
tmp = "\e[1;36;40mDial\e[0;37;40m\0m\0;40m", '\0' <repeats 48 times>
tmp2 = "\e[1;35;40mSIP/agent530-1135\e[0;37;40m", '\0' <repeats 42 times>
tmp3 = "\e[1;35;40mIAX2/iax-test@iax-test/003269444559|90\e[0;37;40m\07;40m", '\0' <repeats 191 times>
ASTERISK-2 0x08064bed in ast_pbx_run (c=0x83dc260) at pbx.c:1657
digit = 0 '\0'
exten = '\0' <repeats 255 times>
pos = 0
waittime = -1117783292
res = 0
ASTERISK-3 0x0806b19e in pbx_thread (data=0x83dc260) at pbx.c:1882
data = (void *) 0x0
ASTERISK-4 0x400210ba in pthread_start_thread () from /lib/libpthread.so.0
No symbol table info available.
By: zoa (zoa) 2004-03-20 04:40:47.000-0600

This happens when i do simultaneous calls with xlite ilbc/sip -> * -> gsm/iax2

if i do xlite ilbc/sip -> ilbc/iax2, i have no coredumps whatsoever.
By: zoa (zoa) 2004-03-20 06:07:01.000-0600

fixed in cvs
By: zoa (zoa) 2004-03-20 12:29:23.000-0600

I thought this was fixed, but after a (bigger) while it coredumped again, with this error:

Loaded symbols for /usr/lib/asterisk/modules/app_ices.so
#0 0x4010db00 in free () from /lib/libc.so.6
(gdb) bt full
#0 0x4010db00 in free () from /lib/libc.so.6
No symbol table info available.
#1 0x4010daa3 in free () from /lib/libc.so.6
No symbol table info available.
#2 0x405a73e6 in ilbc_destroy_stuff (pvt=0x84ca128) at codec_ilbc.c:221
pvt = (struct ast_translator_pvt *) 0x83ae720
#3 0x0805d080 in ast_translator_free_path (p=0x82f8c90) at translate.c:80
pl = (struct ast_trans_pvt *) 0x82f8c90
pn = (struct ast_trans_pvt *) 0x0
#4 0x0805950b in ast_set_read_format (chan=0x8378f28, fmts=1024)
at channel.c:1519
chan = (struct ast_channel *) 0x8378f28
fmts = 1024
fmt = 1024
native = 2
res = 138077984
ASTERISK-1 0x0805a23d in ast_channel_make_compatible (chan=0x407222e0, peer=0x8378f28)
at channel.c:1915
chan = (struct ast_channel *) 0x407222e0
peer = (struct ast_channel *) 0x8378f28
peerf = 2
chanf = 1024
res = 138077984
---Type <return> to continue, or q <return> to quit---
ASTERISK-2 0x404b602a in dial_exec (chan=0x407222e0, data=0xbd7ff7b4)
at app_dial.c:682
data = (void *) 0x8378f28
res = 0
u = (struct localuser *) 0x83e20a8
info = "IAX2\0iax-test@iax-test/003292530291\090", '\0' <repeats 217 times>
peers = 0x8378f28 "IAX2[iax-test]/16384"
timeout = 0xbd7ff4b8 "90"
number = 0x407222e0 "SIP/agent362-2da2"
rest = 0x0
cur = 0x0
privdb = '\0' <repeats 255 times>
s = 0x407222e0 "SIP/agent362-2da2"
announcemsg = '\0' <repeats 255 times>
ann = 0x8378f28 "IAX2[iax-test]/16384"
outgoing = (struct localuser *) 0x0
tmp = (struct localuser *) 0x84b4800
peer = (struct ast_channel *) 0x8378f28
to = 89860
allowredir_in = 0
allowredir_out = 0
allowdisconnect = 0
---Type <return> to continue, or q <return> to quit---
privacy = 0
announce = 0
resetcdr = 0
numsubst = "iax-test@iax-test/003292530291", '\0' <repeats 49 times>, "½"
restofit = '\0' <repeats 44 times>, "\224ó\177½", '\0' <repeats 16 times>, "\224õ\177½+8\006\b\0\0\0\0\0\0\0"
transfer = 0x0
newnum = 0x8378f28 "IAX2[iax-test]/16384"
callerid = "\224ó\177½\0\0\0\0\232ò\177½)\t\v\b\0\0\0\0\0\0\0\0=\0\0\0\224ô\177½4ò\177½d3\006\b\224ô\177½,%r@ÿ\0\0\0=£\020@\005\0\0\0\0\0\0\0\224ó\177½", '\0' <repeats 12 times>, "tñ\177½Ð±\020@¤ñ\177½\004ó\177½´:r@\0\0\0\0Hn\e@¤ñ\177½\204ò\177½Êh\020@¤ñ\177½+à\n\bÐò\177½=£\020@Hn\e@O\027\024\fý\0\0\0\004ó\177½Hn\e@ð\022B\bÄñ\177½Ð±\020@ôñ\177½P\027\024\bO\027\024\f\0\0\0\0Hn\e@P\027\024\b\224ò\177½Ã \020@ôñ"...
l = 0xbd7ff514 ""
n = 0x0
url = 0x0
current = (struct ast_var_t *) 0x407222e0
newvar = (struct ast_var_t *) 0x401b4a01
go_on = 0
ASTERISK-3 0x08061e30 in pbx_exec (c=0x407222e0, app=0x8103518, data=0xbd7ff7b4,
newstack=1) at pbx.c:396
---Type <return> to continue, or q <return> to quit---
res = 0
stack = -1
execute = (int (*)()) 0x404b4f20 <dial_exec>
ASTERISK-4 0x08063eb3 in pbx_extension_helper (c=0x407222e0,
context=0x40722438 "sip", exten=0x4072252c "3292530291", priority=7,
callerid=0x84ca450 "''", action=1) at pbx.c:1173
callerid = 0x8103518 "Dial"
action = -1115686988
e = (struct ast_exten *) 0x812e0a0
app = (struct ast_app *) 0x8103518
sw = (struct ast_switch *) 0x0
data = 0x0
newstack = 1
res = 138077984
status = 4
incstack = {0x0 <repeats 20 times>, 0x2 <Address 0x2 out of bounds>,
0x8071002 "\203Ä\020\205Àu\a\212\0043\210\0047GC\200<3", 0x80b3470 "( )-.",
0x32 <Address 0x32 out of bounds>, 0x8407848 "\230\017",
0x4010d1d6 "[\201Ãr\234\n", 0x8407850 "''", 0xbd7ffc00 "", 0xbd7ffc00 "",
0x40025c3e "[\201Ã¢\216", 0x4 <Address 0x4 out of bounds>,
0x8407b10 "1079795635.1398", 0xbd7ff9c4 ",%r@\a",
0x80734d3 "1À\215e\210[^_\211ì]Ã\220U\211å\203ìlWVS\213}\b x;\v\b\203Äü\213·<\027", 0x8407b10 "1079795635.1398", 0x40723a8c "1079795635.1398",
---Type <return> to continue, or q <return> to quit---
0x1f <Address 0x1f out of bounds>, 0x40022195 "[\201ÃKÉ",
0x4002eae0 "ì9\001", 0xbd7ffb60 "", 0xbd7ffc00 "",
0x400222d3 "1Àë\005¸\026", 0x401b4ac0 "\001", 0x401b46a0 "", 0xbd7ff9a4 "",
0x4010d1a8 "ë\020\215¶", 0xbd7ff975 "agent362", 0xbd7ff980 "362",
0x65676100 <Address 0x65676100 out of bounds>,
0x3633746e <Address 0x3633746e out of bounds>,
0x200032 <Address 0x200032 out of bounds>,
0x323633 <Address 0x323633 out of bounds>, 0x0, 0x0, 0x0, 0x0, 0x0,
0x8073bcf "\215eè[^\211ì]ÃU\211å\203ì\024S\213]\b\205Û\017\204\225",
0x8407ad0 "³_\\@B{\001", 0x0, 0x0, 0x0, 0x40722438 "sip",
0x4072252c "3292530291"}
passdata = "IAX2/iax-test@iax-test/003292530291|90", '\0' <repeats 217 times>
stacklen = 0
tmp = "\e[1;36;40mDial\e[0;37;40m\0m\0;40m", '\0' <repeats 48 times>
tmp2 = "\e[1;35;40mSIP/agent362-2da2\e[0;37;40m", '\0' <repeats 42 times>
tmp3 = "\e[1;35;40mIAX2/iax-test@iax-test/003292530291|90\e[0;37;40m\07;40m", '\0' <repeats 191 times>
ASTERISK-5 0x08064bed in ast_pbx_run (c=0x407222e0) at pbx.c:1657
digit = 0 '\0'
exten = '\0' <repeats 255 times>
pos = 0
---Type <return> to continue, or q <return> to quit---
waittime = -1115686140
res = 0
ASTERISK-6 0x0806b19e in pbx_thread (data=0x407222e0) at pbx.c:1882
data = (void *) 0x83ae720
ASTERISK-7 0x400210ba in pthread_start_thread () from /lib/libpthread.so.0
No symbol table info available.
By: Paul Cadach (pcadach) 2004-03-20 13:12:22.000-0600

CVS fix doesn't looks like as a fix - just makes argument as register variable, nothing else. Also, some compilers could make this optimization without register re-assigning.

Your coredumps mostly looks as memory overwrite somewhere, may be at destroying codec...
By: James Golovich (jamesgolovich) 2004-03-20 14:50:50.000-0600

Yeah the code is essentially identical, I was working with zoa late last night and since I wasn't able to reproduce the code I had zoa try some potential fixes. To my astonishment he said it actually fixed it. Clearly something else is going on
By: zoa (zoa) 2004-03-22 03:52:21.000-0600

I can't seem to find what exactly triggers it, meanwhile citats was also able to duplicate the problem.
By: Mark Spencer (markster) 2004-03-22 10:21:24.000-0600

I believe that the root cause of this is a race on a hangup which is received (or sent) so quickly that it's racing with the set_read_format. If you look at the iax2 debug you should see a hangup of somesort real near that crash. If you get a hold of me on IRC i'll try to work on this with you, but I'll need you to be able to duplicate the problem for me.
By: zoa (zoa) 2004-03-22 11:56:28.000-0600

i added a iax2 and sip debug file, before the backtrace you'll see suddenly the remote console gets disconnected.

(I think it dumped core, and i did a full bt on it.)

Safe_asterisk did not restart asterisk (on the other coredumps i pasted on this page it did.

For some reason the build i made after james' patch coredumps a lot less, although this might be not due to his fix, maybe the rearranged bits help a little and corrupt something else ? :)

As to duplicating this, i have no idea how to duplicate it, it just happens every now and then, once every few hours (now a lot less than before).
By: James Golovich (jamesgolovich) 2004-03-22 12:35:00.000-0600

Reproducing this one is very difficult. On saturday for a while it was happening every 10 minutes. Then it stopped happening and only happened every few hours. Now its been about 12 hours since I've hit it and I've been running about 60 calls concurrently through 3 systems without a crash.

I've got another set of systems running SIP->IAX1 just to make sure its tied to IAX2, but I haven't had any faults there yet.

On my saturday debugging I did see some other odd segfaults that did point to a hangup race in IAX2. Unfortunately I wasn't planning ahead and left all my cores and captures on /tmp which was removed when I rebooted the system. but that one segfault was at the ast_verbose(VERBOSE_PREFIX_3 "Hungup '%s'\n", c->name); line in chan_iax2.
By: Paul Cadach (pcadach) 2004-03-22 13:45:30.000-0600

Does this happening when ast_write() tries to free a frame returned by ast_translate() which is not dynamically allocated by encoder (see 'default' case in the big switch block and conditional call to ast_frfree() after switch)?

PS: IMHO possible solution is to add ast_frdup() call before processing (setting delivery time and returning) output frame at ast_translate()...

edited on: 03-22-04 12:39
By: Mark Spencer (markster) 2004-03-22 20:00:30.000-0600

Please CVS update to cvs-head and let me know if this fixes the problem.
By: James Golovich (jamesgolovich) 2004-03-24 02:19:53.000-0600

I had a segfault with the new changes today but unfortunately I wasn't running with -g so I didn't get a core. I'm trying to reproduce with -g so if I get a segfault I can see if its the same issue
By: Mark Spencer (markster) 2004-03-24 16:29:16.000-0600

okies, please keep me posted. I have a feeling there still may be a race left but this should nip the translation one in the bud.
By: James Golovich (jamesgolovich) 2004-03-24 20:38:27.000-0600

Unless I can come up with a segfault sometime tonight I'm gonna say we should close this out. If it does still happen we can reopen this, or a new bug (if its not the same issue)
By: zoa (zoa) 2004-03-25 02:21:15.000-0600

jups, i'll test it for a day, see what it gets me.
By: James Golovich (jamesgolovich) 2004-03-25 03:12:15.000-0600

Just had a segfault on my testbed:

#0 0x40110b00 in free () from /lib/libc.so.6
#1 0x40110aa3 in free () from /lib/libc.so.6
#2 0x405a0d94 in gsm_destroy () from /usr/lib/asterisk/modules/codec_gsm.so
#3 0x0805d70d in ast_translator_free_path (p=0x408f6d68) at translate.c:81
#4 0x08059b2b in ast_set_read_format (chan=0x8266f28, fmts=2)
at channel.c:1556
ASTERISK-1 0x4031c71b in socket_read (id=0x80e9c58, fd=15, events=1, cbdata=0x0)
at chan_iax2.c:4725
ASTERISK-2 0x08051980 in ast_io_wait (ioc=0x80e7ca0, howlong=96) at io.c:267
ASTERISK-3 0x403212de in network_thread (ignore=0x0) at chan_iax2.c:5584
ASTERISK-4 0x400240ba in pthread_start_thread () from /lib/libpthread.so.0
By: James Golovich (jamesgolovich) 2004-03-25 05:29:04.000-0600

Just had another one. I switched from using gsm to using ilbc to make sure it wasnt a gsm specific problem. I realize my line numbering is a lil off, but I've added lots of extra logging and thats all thats been changed.

#0 0x28a063f8 in ?? ()
#1 0x08059b2b in ast_set_read_format (chan=0x8190410, fmts=1024)
at channel.c:1556
#2 0x4031c75b in socket_read (id=0x80e1490, fd=15, events=1, cbdata=0x0)
at chan_iax2.c:4730
#3 0x08051980 in ast_io_wait (ioc=0x80e1318, howlong=786) at io.c:267
#4 0x4032131e in network_thread (ignore=0x0) at chan_iax2.c:5589
ASTERISK-1 0x400240ba in pthread_start_thread () from /lib/libpthread.so.1
By: zoa (zoa) 2004-03-25 06:11:45.000-0600

i cant do any real life test since sip -> iax2 seems to have some sound quality issues.
By: Mark Spencer (markster) 2004-03-25 16:27:48.000-0600

I'll put in another fix shortly.
By: James Golovich (jamesgolovich) 2004-03-25 16:37:08.000-0600

I had much better results reproducing this when I started my calls at random times. Last night I realized this. Before I was starting a new call every second, but when I staggered it a bit it started happening quicker.

I think I'm gonna switch from using sleep 1; in my shell stuff to generating calls to using some code to sleep for a random amount of time less than 3-4 seconds. Should make it easier to reproduce
By: Mark Spencer (markster) 2004-03-27 01:54:19.000-0600

Okay, please update to latest CVS. I've (hopefully) properly implemented the locking from the other side now, so hopefully that will help. Let me know.
By: James Golovich (jamesgolovich) 2004-03-28 02:00:57.000-0600

I've been running clean with this for a while, so I'm pretty sure its fixed. I'm gonna close this out, and if I hit it again I'll reopen.

zoa: give it a whirl

if there is a segfault I dont think it would be related to this, so a new bugnote should probably be opened unless it looks like the same bug