[asterisk-bugs] [JIRA] (ASTERISK-21297) Segmentation fault on hangup

Rusty Newton (JIRA) noreply at issues.asterisk.org
Thu Mar 21 15:59:01 CDT 2013 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-21297?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=204469#comment-204469 ] 

Rusty Newton edited comment on ASTERISK-21297 at 3/21/13 3:58 PM:
------------------------------------------------------------------

Can you follow the steps under https://wiki.asterisk.org/wiki/display/AST/Getting+a+Backtrace#GettingaBacktrace-GettingInformationAfterACrash for your core dump and attach the two resulting backtraces as separate files. Please use "More Actions > Attach Files" and do not attach the output inline.  Hit "Send Back" when you are done. Thanks!
 

                
      was (Author: rnewton):
    Can you follow the steps under https://wiki.asterisk.org/wiki/display/AST/Getting+a+Backtrace#GettingaBacktrace-GettingInformationAfterACrash for your core dump and attach the two resulting backtraces as separate files. Please use "More Actions > Attach Files" and do not attach the output inline.


                  
> Segmentation fault on hangup
> ----------------------------
>
>                 Key: ASTERISK-21297
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-21297
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Core/Bridging
>    Affects Versions: 11.0.1
>         Environment: Ubuntu 10.04.2 
> Kernel 2.6.38
>            Reporter: German Becker
>            Assignee: German Becker
>
> Function ast_bridged_channel in main/channel.c generates segmentation fault. It happens seldom, I couldn't reproduce, but I think it happens when releasing call at both channels at the same time, timing issue.
> Here is the function:
> {code}
> struct ast_channel *ast_bridged_channel(struct ast_channel *chan)
> {
>         struct ast_channel *bridged;
>         bridged = ast_channel_internal_bridged_channel(chan);
>         if (bridged && ast_channel_tech(bridged)->bridged_channel)
>                 bridged = ast_channel_tech(bridged)->bridged_channel(chan, bridged);
>         return bridged;
> }
> {code}
> The segfault rises because bridged is not NULL, but ast_channel_tech(bridged) is NULL so the dereference produces a segfault. I'm not sure why it is null, but I think it is related to timing as said before. 
> A possible fix would be to check that ast_channel_tech(bridged) is not null.
> i.e:
> {code}
> struct ast_channel *ast_bridged_channel(struct ast_channel *chan)
> {
>         struct ast_channel *bridged;
>         bridged = ast_channel_internal_bridged_channel(chan);
>         if (bridged && ast_channel_tech(bridged) && 
>            ast_channel_tech(bridged)->bridged_channel)
>                 bridged = ast_channel_tech(bridged)->bridged_channel(chan, bridged);
>         return bridged;
> }
> {code}

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.asterisk.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the asterisk-bugs mailing list