[asterisk-bugs] [JIRA] (ASTERISK-25269) SIGSEGV at ast_format_get_name() when stasis bridge switches to softmix

Florian Loyau (JIRA) noreply at issues.asterisk.org
Tue Jul 21 07:07:33 CDT 2015 

Florian Loyau created ASTERISK-25269:
----------------------------------------

             Summary: SIGSEGV at ast_format_get_name() when stasis bridge switches to softmix
                 Key: ASTERISK-25269
                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-25269
             Project: Asterisk
          Issue Type: Bug
      Security Level: None
          Components: Core/Bridging, Formats/General
    Affects Versions: 13.4.0, 13.0.1
         Environment: Debian 7/8 generic VMs
            Reporter: Florian Loyau
            Severity: Critical


I have a simple ARI App that (right now) adds Users to ARI Bridges for conferencing. During my testing (which might not happen often in a real case due to hold, see below), Asterisk consistently segfaults upon switching from simple_bridge to softmix (aka. as soon as it goes from passthrough to mixing, when there are more than two users). 

I've tested it as consistent on 13.4.0, but have had the exact same problem previously with 13.0.1 and a different ARI Application prototype. This is likely due to softmixing as it doesn't occur in an holding bridge, and due to the user amount trigger.

This sounds like a blocker to me since it prevents any use of bridges with more than two parties. However this could simply be due to my testing conditions: i simply fire a bunch of calls from the same Linphone instance for testing, meaning all but one call are on hold at any given time. I'll attempt to test this in more meaningful conditions.

Asterisk Config details:
 - Simple SIP config with dumb friends & secret auth
 - Speex Codec Exclusively with most options and pp enabled (i'll test without)
 - Single extension setting talk detect (crashes without too) and putting the call in stasis for the application

ARI Application behavior: 
 - Upon StasisStart, setup a bunch of callbacks, and issue a join of the channel to a common mixing bridge
 - Upon third channel entering bridge, bridge switches to softmix and promptly crashes

Issue Replication:
 - Configure an extension to forward to a StasisApp
 - Setup a StasisApp causing a channel to join a mixing bridge
 - Use Linphone to call three times in a row the extension

Expected Result: Nothing out of the ordinary happens
Actual Result: Asterisk Segfaults

As you can see in backtrace, ast_format_get_name() receives a null format. This is due to fr->subclass being filled of zeroes in the above frame. I couldn't get to dig deeper as to why this happens yet...



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list