[asterisk-bugs] [Asterisk 0014189]: segmentation fault in local_queue_frame at chan_local.c:172

Asterisk Bug Tracker noreply at bugs.digium.com
Thu Jan 8 11:09:28 CST 2009 

A NOTE has been added to this issue. 
====================================================================== 
http://bugs.digium.com/view.php?id=14189 
====================================================================== 
Reported By:                sascha
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   14189
Category:                   Channels/chan_local
Reproducibility:            random
Severity:                   crash
Priority:                   normal
Status:                     ready for testing
Asterisk Version:           1.4.23-rc3 
Blocks for Version:         None 
Regression:                 No 
SVN Branch (only for SVN checkouts, not tarball releases): N/A 
SVN Revision (number only!):  
Disclaimer on File?:        N/A 
Request Review:              
====================================================================== 
Date Submitted:             2009-01-07 10:16 CST
Last Modified:              2009-01-08 11:09 CST
====================================================================== 
Summary:                    segmentation fault in local_queue_frame at
chan_local.c:172
Description: 
happened for the second time now today, but I have no idea what triggered
it:

Failed to read a valid object file image from memory.
Core was generated by `/usr/sbin/asterisk -f -U asterisk -G asterisk -vvvg
-c'.
Program terminated with signal 11, Segmentation fault.
http://bugs.digium.com/view.php?id=0  0x00002aaab2b1b5c6 in local_queue_frame
(p=0x2aaab7c09eb0,
isoutbound=1, f=0x84a418, us=0x2aaab7c011d0, us_locked=1)
    at chan_local.c:172
172             if (us && us->generator && other->generator)
(gdb) bt
http://bugs.digium.com/view.php?id=0  0x00002aaab2b1b5c6 in local_queue_frame
(p=0x2aaab7c09eb0,
isoutbound=1, f=0x84a418, us=0x2aaab7c011d0, us_locked=1)
    at chan_local.c:172
http://bugs.digium.com/view.php?id=1  0x00002aaab2b1bf87 in local_write
(ast=0x2aaab7c011d0, f=0x84a418) at
chan_local.c:324
http://bugs.digium.com/view.php?id=2  0x000000000043def8 in ast_write
(chan=0x2aaab7c011d0, fr=<value
optimized out>) at channel.c:2878
http://bugs.digium.com/view.php?id=3  0x00000000004619d9 in playtones_generator
(chan=0x2aaab7c011d0,
data=0x83ba20, len=320, samples=160) at indications.c:191
http://bugs.digium.com/view.php?id=4  0x000000000043c6e5 in generator_force
(data=<value optimized out>) at
channel.c:1623
http://bugs.digium.com/view.php?id=5  0x000000000043ff8e in __ast_read
(chan=0x2aaab7c011d0, dropaudio=0) at
channel.c:2104
http://bugs.digium.com/view.php?id=6  0x0000000000440d66 in
ast_safe_sleep_conditional (chan=0x2aaab7c011d0,
ms=20000, cond=0, data=0x0) at channel.c:2438
http://bugs.digium.com/view.php?id=7  0x00000000004779af in wait_for_hangup
(chan=0x2aaab7c011d0,
data=<value optimized out>) at pbx.c:5364
http://bugs.digium.com/view.php?id=8  0x0000000000477a5f in pbx_builtin_busy
(chan=0x2aaab7c011d0,
data=0x423766b0) at pbx.c:5403
http://bugs.digium.com/view.php?id=9  0x000000000048174b in pbx_extension_helper
(c=0x2aaab7c011d0,
con=<value optimized out>, context=0x2aaab7c01420 "macro-exten-vm",
    exten=0x2aaab7c01470 "s-BUSY", priority=4, label=<value optimized
out>, callerid=0x2aaab7b16840 "03692350524", action=E_SPAWN)
    at pbx.c:537
http://bugs.digium.com/view.php?id=10 0x0000000000481b83 in ast_spawn_extension
(c=0x2aaab7c09eb0,
context=0x2aaab7c09f88 "?\021??*",
    exten=0x1 <Address 0x1 out of bounds>, priority=1, callerid=<value
optimized out>) at pbx.c:2318
http://bugs.digium.com/view.php?id=11 0x00002aaab4a25b9a in _macro_exec
(chan=0x2aaab7c011d0, data=<value
optimized out>, exclusive=0) at app_macro.c:346
http://bugs.digium.com/view.php?id=12 0x000000000048174b in pbx_extension_helper
(c=0x2aaab7c011d0,
con=<value optimized out>, context=0x2aaab7c01420 "macro-exten-vm",
    exten=0x2aaab7c01470 "s-BUSY", priority=1, label=<value optimized
out>, callerid=0x2aaab7b16840 "03692350524", action=E_SPAWN)
    at pbx.c:537
http://bugs.digium.com/view.php?id=13 0x0000000000483938 in __ast_pbx_run
(c=0x2aaab7c011d0) at pbx.c:2318
http://bugs.digium.com/view.php?id=14 0x0000000000484639 in pbx_thread
(data=0x2aaab7c09eb0) at pbx.c:2622
http://bugs.digium.com/view.php?id=15 0x00000000004aee6c in dummy_start
(data=<value optimized out>) at
utils.c:856
http://bugs.digium.com/view.php?id=16 0x00002aad0566ef1a in start_thread () from
/lib/libpthread.so.0
http://bugs.digium.com/view.php?id=17 0x00002aad05c3b5d2 in clone () from
/lib/libc.so.6
http://bugs.digium.com/view.php?id=18 0x0000000000000000 in ?? ()


in case it matters: it's on a debian linux, amd64, 2.6.24+13~etchnhalf.1
kernel. connected to the PSTN via mISDN 1.1.8  using a B410P.
====================================================================== 

---------------------------------------------------------------------- 
 (0097209) putnopvut (administrator) - 2009-01-08 11:09
 http://bugs.digium.com/view.php?id=14189#c97209 
---------------------------------------------------------------------- 
sascha, you're correct that the lines in the patch are identical, but the
key is that they are moved to a point where we know that p->chan will be
non-NULL, which was not guaranteed where the lines were before. 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2009-01-08 11:09 putnopvut      Note Added: 0097209                          
======================================================================

More information about the asterisk-bugs mailing list