[Asterisk-Dev] Segfault in chan_iax

Tilghman Lesher tilghman at mail.jeffandtilghman.com
Sun Jan 4 16:49:14 MST 2004


Yep, iaxs[fr.callno]->owner is NULL at 3790, for whatever reason.  Looks
like it would have to be a race condition of some kind.  Version running on
this machine is CVS-11/23/03-00:42:48.

-Tilghman


#0  0x4030675c in socket_read (id=0x80dfea8, fd=12, events=1, cbdata=0x0) at chan_iax.c:3790
3790                                                    orignative = iaxs[fr.callno]->owner->nativeformats;
(gdb) bt full
#0  0x4030675c in socket_read (id=0x80dfea8, fd=12, events=1, cbdata=0x0) at chan_iax.c:3790
        orignative = 1076965568
        sin = {sin_family = 2, sin_port = 44051, sin_addr = {s_addr = 1264603457}, sin_zero = "\000\000\000\000\000\000\000"}
        res = 172
        new = 0
        buf = "¶ÿÿÿ\000\000\000\t\000\001\002\004«£».!)î¸]<ا ¹0$-èË<4Ñ£\236·1(4â\\%\026\026?\234\230\227\225\232\236¤¶Í<.*#!\037\037!$(*.6CeÕŽ·¯­¬«ªª¬®°µº¿ÆÐàkVLFA><;9999:;<=?DHMU]mñÞÖÎÌÉÇÅÄÅÄÄÅÆÈÊÌÏÓØÞçñyld^ZXVTSSSTTVWYZ]_dhlsyüõïíêéèææåççè", '\000' <repeats 736 times>, "Îl\002@", '\000' <repeats 12 times>, "\214I\036@"...
        src = "IAX/65.81.96.75/21\00075/21", '\000' <repeats 55 times>
        len = 16
        dcallno = 65535
        fh = (struct ast_iax_full_hdr *) 0x403130c0
        fr = {f = 0xbeffe9ac, callno = 22, data = 0x0, datalen = 0, retries = 0, ts = 9, retrytime = 0, outoforder = 0, sentyet = 0,
  seqno = 1, transfer = 0, final = 0, direction = 0, retrans = 0, next = 0x0, prev = 0x0}
        cur = (struct ast_iax_frame *) 0x0
        f = {frametype = 2, subclass = 4, datalen = 160, samples = 160, mallocd = 0, offset = 0, src = 0xbeffea1c "IAX/65.81.96.75/21",
  data = 0xbeffea78, prev = 0x0, next = 0x0}
        c = (struct ast_channel *) 0x0
        dp = (struct iax_dpcache *) 0x16
        format = 2
        exists = -1
        mm = 0
        rel0 = '\000' <repeats 255 times>
        rel1 = "formats=2;", '\000' <repeats 244 times>
        empty = '\000' <repeats 31 times>
#1  0x0805151e in ast_io_wait (ioc=0x80dd970, howlong=1000) at io.c:267
        ioc = (struct io_context *) 0x80dd970
        res = 1
        x = 0
        origcnt = 1
#2  0x4030a689 in network_thread (ignore=0x0) at chan_iax.c:4521
        res = 4
        f = (struct ast_iax_frame *) 0x80dd990
        freeme = (struct ast_iax_frame *) 0x80dd970
#3  0x400280ce in pthread_start_thread (arg=0xbefffc00) at manager.c:291
        self = 0xbefffc00
        request = {req_thread = 0x0, req_kind = REQ_CREATE, req_args = {create = {attr = 0x0, fn = 0, arg = 0x0, mask = {__val = {
          0 <repeats 32 times>}}}, free = {thread_id = 0}, exit = {code = 0}, post = 0x0, for_each = {fn = 0, arg = 0x0}}}
        outcome = (void *) 0x0
(gdb) print *iaxs[22]
$1 = {quelch = 0, voiceformat = 4, svoiceformat = 0, capability = 2, last = 0, lastsent = 3, pingtime = 1000, maxtime = 0, addr = {
    sin_family = 2, sin_port = 44051, sin_addr = {s_addr = 1264603457}, sin_zero = "\000\000\000\000\000\000\000"}, callno = 22,
  peercallno = 14079, peerformat = 4, peercapability = 2147483518, offset = {tv_sec = 1073243751, tv_usec = 364149}, rxcore = {
    tv_sec = 1073243751, tv_usec = 364422}, history = {0 <repeats 99 times>, -1}, jitterbuffer = 0, jitter = 1, historicjitter = 1,
  lag = 0, error = 0, owner = 0x0, state = 1, expirey = 60, oseqno = 2, iseqno = 2, peer = '\000' <repeats 79 times>,
  context = "internal", '\000' <repeats 71 times>, callerid = '\000' <repeats 79 times>, ani = '\000' <repeats 79 times>, sendani = 0,
  dnid = '\000' <repeats 79 times>, exten = "673", '\000' <repeats 76 times>, username = "vcch", '\000' <repeats 75 times>,
  secret = '\000' <repeats 79 times>, methods = "md5,plaintext", '\000' <repeats 66 times>,
  challenge = "\000\000\000\000\000\000\000\000\000", inkeys = '\000' <repeats 79 times>, outkey = '\000' <repeats 79 times>,
  language = "en", '\000' <repeats 77 times>, reg = 0x0, peerpoke = 0x0, transferring = 0, alreadygone = 1, transfer = {sin_family = 0,
    sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, transfercallno = -1, peeradsicpe = 2,
  bridgecallno = -1, pingid = -1, lagid = -1, autoid = -1, initid = -1, dproot = '\000' <repeats 79 times>,
  accountcode = '\000' <repeats 19 times>, amaflags = 0, dpentries = 0x0}




More information about the asterisk-dev mailing list