[asterisk-bugs] [Asterisk 0010780]: Segfaults on dial_exec_full()

noreply at bugs.digium.com noreply at bugs.digium.com
Fri Sep 28 01:17:35 CDT 2007 

A NOTE has been added to this issue. 
====================================================================== 
http://bugs.digium.com/view.php?id=10780 
====================================================================== 
Reported By:                paravoid
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   10780
Category:                   Core/PBX
Reproducibility:            always
Severity:                   crash
Priority:                   normal
Status:                     new
Asterisk Version:           1.4.11  
SVN Branch (only for SVN checkouts, not tarball releases): N/A  
SVN Revision (number only!):  
Disclaimer on File?:        N/A 
Request Review:              
====================================================================== 
Date Submitted:             09-20-2007 23:29 CDT
Last Modified:              09-28-2007 01:17 CDT
====================================================================== 
Summary:                    Segfaults on dial_exec_full()
Description: 
A user reported on the Debian bug tracking system
(http://bugs.debian.org/438702) a segfault when he unsuccessfully tried to
call from his SIP softphone to a Zap channel.

We've managed to get a core dump and get a proper backtrace from it.
====================================================================== 

---------------------------------------------------------------------- 
 dimas - 09-28-07 01:17  
---------------------------------------------------------------------- 
To me, crash in malloc/free related calls is usually a sign of some memory
corruption. Memory could be corrupt by completely different thread so
stacktrace of crashed thread won't help. If you can reproduce the problem,
I would suggest running asterisk under valgrind - it will quickly catch
problems with memory manipulation.

Btw, have you turned DONT_OPTIMIZE on? And do you run unmodified version
of app_dial.c ? I can not see in the code a place where dial_exec_full
directly calls ast_frame_free or ast_frfree as it is in your stacktrace... 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
09-28-07 01:17  dimas          Note Added: 0071168                          
======================================================================

More information about the asterisk-bugs mailing list