| Summary: | ASTERISK-08201: 1.4.0b3 crashed during call transfer | ||
| Reporter: | slimey (slimey) | Labels: | |
| Date Opened: | 2006-11-28 07:39:20.000-0600 | Date Closed: | 2007-01-13 00:02:04.000-0600 |
| Priority: | Critical | Regression? | No |
| Status: | Closed/Complete | Components: | Core/General |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ( 0) crash_20061128.txt | |
| Description: | Incoming call was received by asterisk over IAX2. It was answered by a SIP phone (Cisco 7960). Call was then transferred using attended transfer to another extension (again SIP Cisco 7960). When the original call was passed over, asterisk crashed. Attached is a backtrace and some debug info from gdb. | ||
| Comments: | By: Anthony LaMantia (alamantia) 2006-11-28 16:32:12.000-0600 well the direct problem is sip_write() with an invalid pointer being passed as the parameter frame, lets see if we can locate why that is happening so we can resolve this issue. By: Olle Johansson (oej) 2006-11-30 08:38:01.000-0600 Was this a SIP attended transfer or a PBX attended transfer (using codes in features.conf) ? By: slimey (slimey) 2006-11-30 09:32:16.000-0600 SIP attended transfer (Cisco 7960 to Cisco 7960) By: Olle Johansson (oej) 2006-11-30 10:49:45.000-0600 If it's SIP, then you need to capture a SIP debug of everything that happens before the crash. Include debugging and verbose output. THank you. By: Olle Johansson (oej) 2006-11-30 10:51:40.000-0600 Alamantia: Where you able to repeat this? Otherwise, why did you mark this as "confirmed" ? By: Anthony LaMantia (alamantia) 2006-12-15 20:11:34.000-0600 slimey, are you able to reproduce this issue or do you expreiance it on a regular basis? i would like to upload a patch for you to test. By: Joshua C. Colp (jcolp) 2006-12-18 20:15:16.000-0600 slimey: Any response to alamanti's query? alamantia: Why don't you just upload the patch? I can take a look at it too. By: Jason Parker (jparker) 2006-12-22 14:26:30.000-0600 This appears to be related to whisper paging. You'll note that chan->flags is 1032, which is 1024 (whisper) + 8 (zombie). I think the following line causes f to become null. Note the if (f == NULL) about 55 lines up. /* and now put it through the regular translator */ f = (chan->writetrans) ? ast_translate(chan->writetrans, f, 0) : f; By: Anthony LaMantia (alamantia) 2007-01-05 13:20:31.000-0600 qwell/file, do you think it would be logical to just check to see if ast_translate is failing in this case? by checking to make sure f != NULL before calling chan->tech->write()? after looking at the ast_translate code. out = p->t->frameout(p); would be returning null for ast_translate to be returning null. as im not sure what codecs are in sure here.. i can't really follow the the calls from there to see the cases which would cause frameout(p) to return null. slimey, what codecs are you using for these calls? By: Joshua C. Colp (jcolp) 2007-01-13 00:02:03.000-0600 Fixed in 1.4 as of revision 50727 and trunk as of revision 50728. Boom! | ||