[asterisk-bugs] [JIRA] (ASTERISK-28734) Segmentation fault when calling ast_format_get_codec_id

Alexander Hömig (JIRA) noreply at issues.asterisk.org
Thu Feb 20 06:42:25 CST 2020


    [ https://issues.asterisk.org/jira/browse/ASTERISK-28734?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=249805#comment-249805 ] 

Alexander Hömig edited comment on ASTERISK-28734 at 2/20/20 6:41 AM:
---------------------------------------------------------------------

Hello Joshua,

Christian's SEFFAULT happens, because there is a bug ( matt-jordan committed on 21 Jul 2014, media formats: re-architect handling of media for performance improve…) in res_speech.c.

In the function: struct ast_speech *ast_speech_new(const char *engine_name, const struct ast_format_cap *cap)
is the variable definition:

RAII_VAR(struct ast_format *, best, NULL, ao2_cleanup);

not correct, because best will not allocated here. best only points to ast_format_slin.
If the function returns, ao2_cleanup decrements the reference from ast_format_slin and this is wrong.

Replace:
RAII_VAR(struct ast_format *, best, NULL, ao2_cleanup);
with:
struct ast_format *best=NULL;

and no crash happens (after ~45 calls of the speech-api).

Regards,

A. Hömig






was (Author: ahoemig):
Hello Joshua,

Christian's SEFFAULT happens, because there is a bug (commited 2004 from Matt J.) in res_speech.c.

In the function: struct ast_speech *ast_speech_new(const char *engine_name, const struct ast_format_cap *cap)
is the variable definition:

RAII_VAR(struct ast_format *, best, NULL, ao2_cleanup);

not correct, because best will not allocated here. best only points to ast_format_slin.
If the function returns, ao2_cleanup decrements the reference from ast_format_slin and this is wrong.

Replace:
RAII_VAR(struct ast_format *, best, NULL, ao2_cleanup);
with:
struct ast_format *best=NULL;

and no crash happens (after ~45 calls of the speech-api).

Regards,

A. Hömig





> Segmentation fault when calling ast_format_get_codec_id
> -------------------------------------------------------
>
>                 Key: ASTERISK-28734
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-28734
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Formats/General
>    Affects Versions: 13.30.0
>         Environment: embedded system (i586), Asterisk 13, pocketsphinx, astsphinx
>            Reporter: christian schuch
>         Attachments: core.5080
>
>
> I've built a voice recognition system for german digits using asterisk 13, pocketsphinx and a plugin and server (based on astsphinx) to connect asterisk with pocketsphinx. When testing the system with calls where wav files are played to the recognition engine everything works fine until about the 50th call. Asterisk then crashes with a segmentation fault and restarts. Reading the gdb backtrace I've found out that the problem occurs, when the format codec id is selected.
> This is the gdb backtrace:
> {noformat}
> [New process 21378]
> #0  0x08155419 in ast_format_get_codec_id (format=0xb6d0cae0) at format.c:319
> 319	format.c: No such file or directory.
> 	in format.c
> (gdb) bt
> #0  0x08155419 in ast_format_get_codec_id (format=0xb6d0cae0) at format.c:319
> #1  0x081592ad in ast_format_cap_get_compatible (cap1=0xb506b188, cap2=0x8b2c110, result=0x8b3a908) at format_cap.c:591
> #2  0xb6e026a8 in ast_speech_new (engine_name=0xb4ed0fa8 "Sphinx-En", cap=0x8b2c110) at res_speech.c:198
> #3  0xb61fcf2f in speech_create (chan=0x8b279c0, data=0xb4ed0fa8 "Sphinx-En") at app_speech_utils.c:551
> #4  0x081bec23 in pbx_exec (c=0x8b279c0, app=0xb59ad958, data=0xb4ed0fa8 "Sphinx-En") at pbx_app.c:494
> #5  0x081b6973 in pbx_extension_helper (c=0x8b279c0, con=0x0, context=0x8b28048 "/25", exten=0x8b28098 "3000", priority=3, label=0x0, 
>     callerid=0xb4d045c0 "25", action=E_SPAWN, found=0xb4ed3348, combined_find_spawn=1) at pbx.c:2886
> #6  0x081bba90 in __ast_pbx_run (c=0x8b279c0, args=0x0) at pbx.c:4111
> #7  0x081bd580 in pbx_thread (data=0x8b279c0) at pbx.c:4610
> #8  0x08234c1b in dummy_start (data=0x8b27480) at utils.c:1239
> #9  0xb7245e6c in ?? () from /lib/libpthread.so.0
> #10 0x08b27480 in ?? ()
> #11 0x00000000 in ?? ()
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list