| Summary: | ASTERISK-11366: segfault in codec_zap line 150 | ||
| Reporter: | snuffy (snuffy) | Labels: | |
| Date Opened: | 2008-02-03 23:53:45.000-0600 | Date Closed: | 2011-06-07 14:08:11 |
| Priority: | Minor | Regression? | No |
| Status: | Closed/Complete | Components: | Codecs/codec_dahdi |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ( 0) bt-11913.txt | |
| Description: | This could also involve the tc400b card, since it is doing the transcoding for g729. Program terminated with signal 11, Segmentation fault. #0 0x08273174 in zap_framein (pvt=0xb616a090, f=0x9e9cdd8) at codec_zap.c:160 160 memcpy(hdr->srcdata + hdr->srcoffset + hdr->srclen, f->data, f->datalen); (gdb) bt #0 0x08273174 in zap_framein (pvt=0xb616a090, f=0x9e9cdd8) at codec_zap.c:160 #1 0x080f9bb9 in framein (pvt=0xb616a090, f=0x9e9cdd8) at translate.c:189 #2 0x080fa221 in ast_translate (path=0xb616a090, f=0x9e9cdd8, consume=0) at translate.c:334 #3 0x080888ed in ast_write (chan=0xb6579e40, fr=0x9e9cdd8) at channel.c:2887 #4 0x0808c4b4 in ast_generic_bridge (c0=0xb6579e40, c1=0x9e08778, config=0xb6477a80, fo=0xb6477734, rc=0xb6477730, bridge_end={tv_sec = 0, tv_usec = 0}) at channel.c:4105 ASTERISK-1 0x0808d557 in ast_channel_bridge (c0=0xb6579e40, c1=0x9e08778, config=0xb6477a80, fo=0xb6477734, rc=0xb6477730) at channel.c:4356 ASTERISK-2 0x082df10c in ast_bridge_call (chan=0xb6579e40, peer=0x9e08778, config=0xb6477a80) at res_features.c:1404 ASTERISK-3 0x0813acf5 in dial_exec_full (chan=0xb6579e40, data=0xb647a808, peerflags=0xb6478674, continue_exec=0x0) at app_dial.c:1656 ASTERISK-4 0x0813af75 in dial_exec (chan=0xb6579e40, data=0xb647a808) at app_dial.c:1710 ASTERISK-5 0x080bf348 in pbx_exec (c=0xb6579e40, app=0x9c97930, data=0xb647a808) at pbx.c:532 ASTERISK-6 0x080c283f in pbx_extension_helper (c=0xb6579e40, con=0x0, context=0xb6579fc0 "macro-outgoing", exten=0xb657a010 "s", priority=36, label=0x0, callerid=0x9deef68 "61386143814", action=E_SPAWN) at pbx.c:1838 ASTERISK-7 0x080c390e in ast_spawn_extension (c=0xb6579e40, context=0xb6579fc0 "macro-outgoing", exten=0xb657a010 "s", priority=36, callerid=0x9deef68 "61386143814") at pbx.c:2293 ASTERISK-8 0x0814a454 in _macro_exec (chan=0xb6579e40, data=0xb647f958, exclusive=0) at app_macro.c:308 ASTERISK-9 0x0814b0d5 in macro_exec (chan=0xb6579e40, data=0xb647f958) at app_macro.c:486 ASTERISK-10 0x080bf348 in pbx_exec (c=0xb6579e40, app=0x9c9d578, data=0xb647f958) at pbx.c:532 ASTERISK-11 0x080c283f in pbx_extension_helper (c=0xb6579e40, con=0x0, context=0xb6579fc0 "macro-outgoing", exten=0xb657a010 "s", priority=50, label=0x0, callerid=0xb68ad650 "", action=E_SPAWN) at pbx.c:1838 ASTERISK-12 0x080c390e in ast_spawn_extension (c=0xb6579e40, context=0xb6579fc0 "macro-outgoing", exten=0xb657a010 "s", priority=50, callerid=0xb68ad650 "") at pbx.c:2293 ASTERISK-13 0x0814a454 in _macro_exec (chan=0xb6579e40, data=0xb64829fc, exclusive=0) at app_macro.c:308 ASTERISK-14 0x0814b0d5 in macro_exec (chan=0xb6579e40, data=0xb64829fc) at app_macro.c:486 ASTERISK-15 0x080bf348 in pbx_exec (c=0xb6579e40, app=0x9c9d578, data=0xb64829fc) at pbx.c:532 ASTERISK-16 0x082cc6cc in realtime_exec (chan=0xb6579e40, context=0xb6579fc0 "macro-outgoing", exten=0xb657a010 "s", priority=2, callerid=0xb68ad650 "", data=0x9c5ec01 "") at pbx_realtime.c:216 ASTERISK-17 0x080c2922 in pbx_extension_helper (c=0xb6579e40, con=0x0, context=0xb6579fc0 "macro-outgoing", exten=0xb657a010 "s", priority=2, label=0x0, callerid=0xb68ad650 "", action=E_SPAWN) at pbx.c:1849 ASTERISK-18 0x080c390e in ast_spawn_extension (c=0xb6579e40, context=0xb6579fc0 "macro-outgoing", exten=0xb657a010 "s", priority=2, callerid=0xb68ad650 "") at pbx.c:2293 ASTERISK-19 0x080c3dde in __ast_pbx_run (c=0xb6579e40) at pbx.c:2393 ASTERISK-20 0x080c4b7a in pbx_thread (data=0xb6579e40) at pbx.c:2608 ASTERISK-21 0x08100898 in dummy_start (data=0xb68770f8) at utils.c:843 ASTERISK-22 0x00d292db in start_thread () from /lib/libpthread.so.0 ASTERISK-23 0x00cac12e in clone () from /lib/libc.so.6 (gdb) frame #0 0x08273174 in zap_framein (pvt=0xb616a090, f=0x9e9cdd8) at codec_zap.c:160 160 memcpy(hdr->srcdata + hdr->srcoffset + hdr->srclen, f->data, f->datalen); (gdb) print hdr->srcdata Cannot access memory at address 0xb67c0100 (gdb) info fram Stack level 0, frame at 0xb64770a0: eip = 0x8273174 in zap_framein (codec_zap.c:160); saved eip 0x80f9bb9 called by frame at 0xb64770f0 source language c. Arglist at 0xb6477098, args: pvt=0xb616a090, f=0x9e9cdd8 Locals at 0xb6477098, Previous frame's sp is 0xb64770a0 Saved registers: ebx at 0xb647708c, ebp at 0xb6477098, esi at 0xb6477090, edi at 0xb6477094, eip at 0xb647709c (gdb) print f->data $1 = (void *) 0xb67460c0 (gdb) print f->datalen $2 = 40 (gdb) print hdr->srclen Cannot access memory at address 0xb67c0008 (gdb) print hdr $3 = (struct zt_transcode_header *) 0xb67c0000 (gdb) | ||
| Comments: | By: Jason Parker (jparker) 2008-02-04 12:57:49.000-0600 Could you attach a backtrace compiled without optimizations? Also, testing the latest version of zaptel/asterisk might help (not much has changed, so I doubt it). By: snuffy (snuffy) 2008-02-04 13:10:15.000-0600 I can attach the 'bt full' this is compiled without optimisations. I cannot upgrade to later asterisk/zap because of another issue to do with TC400B and zaptel causing hard kernel panic, later asterisk version i use the more likely my server does kern panic cant afford that downtime. By: Jason Parker (jparker) 2008-03-19 15:00:03 Any change here? By: Russell Bryant (russell) 2008-03-19 15:24:16 Since this is a problem with a Digium product, it should be handled through Digium technical support. They will ensure that the problem is reported internally and that the correct people are notified. Thanks for understanding. | ||