[Asterisk-Dev] Segfault in chan_iax

Mark Spencer markster at digium.com
Sun Jan 4 16:59:08 MST 2004 

Stay away from chan_iax, time to move on to iax2, please!!

Mark

On Sun, 4 Jan 2004, Tilghman Lesher wrote:

> Yep, iaxs[fr.callno]->owner is NULL at 3790, for whatever reason.  Looks
> like it would have to be a race condition of some kind.  Version running on
> this machine is CVS-11/23/03-00:42:48.
>
> -Tilghman
>
>
> #0  0x4030675c in socket_read (id=0x80dfea8, fd=12, events=1, cbdata=0x0) at chan_iax.c:3790
> 3790                                                    orignative = iaxs[fr.callno]->owner->nativeformats;
> (gdb) bt full
> #0  0x4030675c in socket_read (id=0x80dfea8, fd=12, events=1, cbdata=0x0) at chan_iax.c:3790
>         orignative = 1076965568
>         sin = {sin_family = 2, sin_port = 44051, sin_addr = {s_addr = 1264603457}, sin_zero = "\000\000\000\000\000\000\000"}
>         res = 172
>         new = 0
>         buf = "¶ÿÿÿ\000\000\000\t\000\001\002\004«£».!)î¸]<ا ¹0$-èË<4Ñ£\236·1(4â\\%\026\026?\234\230\227\225\232\236¤¶Í<.*#!\037\037!$(*.6CeÕŽ·¯­¬«ªª¬®°µº¿ÆÐàkVLFA><;9999:;<=?DHMU]mñÞÖÎÌÉÇÅÄÅÄÄÅÆÈÊÌÏÓØÞçñyld^ZXVTSSSTTVWYZ]_dhlsyüõïíêéèææåççè", '\000' <repeats 736 times>, "Îl\002@", '\000' <repeats 12 times>, "\214I\036@"...
>         src = "IAX/65.81.96.75/21\00075/21", '\000' <repeats 55 times>
>         len = 16
>         dcallno = 65535
>         fh = (struct ast_iax_full_hdr *) 0x403130c0
>         fr = {f = 0xbeffe9ac, callno = 22, data = 0x0, datalen = 0, retries = 0, ts = 9, retrytime = 0, outoforder = 0, sentyet = 0,
>   seqno = 1, transfer = 0, final = 0, direction = 0, retrans = 0, next = 0x0, prev = 0x0}
>         cur = (struct ast_iax_frame *) 0x0
>         f = {frametype = 2, subclass = 4, datalen = 160, samples = 160, mallocd = 0, offset = 0, src = 0xbeffea1c "IAX/65.81.96.75/21",
>   data = 0xbeffea78, prev = 0x0, next = 0x0}
>         c = (struct ast_channel *) 0x0
>         dp = (struct iax_dpcache *) 0x16
>         format = 2
>         exists = -1
>         mm = 0
>         rel0 = '\000' <repeats 255 times>
>         rel1 = "formats=2;", '\000' <repeats 244 times>
>         empty = '\000' <repeats 31 times>
> #1  0x0805151e in ast_io_wait (ioc=0x80dd970, howlong=1000) at io.c:267
>         ioc = (struct io_context *) 0x80dd970
>         res = 1
>         x = 0
>         origcnt = 1
> #2  0x4030a689 in network_thread (ignore=0x0) at chan_iax.c:4521
>         res = 4
>         f = (struct ast_iax_frame *) 0x80dd990
>         freeme = (struct ast_iax_frame *) 0x80dd970
> #3  0x400280ce in pthread_start_thread (arg=0xbefffc00) at manager.c:291
>         self = 0xbefffc00
>         request = {req_thread = 0x0, req_kind = REQ_CREATE, req_args = {create = {attr = 0x0, fn = 0, arg = 0x0, mask = {__val = {
>           0 <repeats 32 times>}}}, free = {thread_id = 0}, exit = {code = 0}, post = 0x0, for_each = {fn = 0, arg = 0x0}}}
>         outcome = (void *) 0x0
> (gdb) print *iaxs[22]
> $1 = {quelch = 0, voiceformat = 4, svoiceformat = 0, capability = 2, last = 0, lastsent = 3, pingtime = 1000, maxtime = 0, addr = {
>     sin_family = 2, sin_port = 44051, sin_addr = {s_addr = 1264603457}, sin_zero = "\000\000\000\000\000\000\000"}, callno = 22,
>   peercallno = 14079, peerformat = 4, peercapability = 2147483518, offset = {tv_sec = 1073243751, tv_usec = 364149}, rxcore = {
>     tv_sec = 1073243751, tv_usec = 364422}, history = {0 <repeats 99 times>, -1}, jitterbuffer = 0, jitter = 1, historicjitter = 1,
>   lag = 0, error = 0, owner = 0x0, state = 1, expirey = 60, oseqno = 2, iseqno = 2, peer = '\000' <repeats 79 times>,
>   context = "internal", '\000' <repeats 71 times>, callerid = '\000' <repeats 79 times>, ani = '\000' <repeats 79 times>, sendani = 0,
>   dnid = '\000' <repeats 79 times>, exten = "673", '\000' <repeats 76 times>, username = "vcch", '\000' <repeats 75 times>,
>   secret = '\000' <repeats 79 times>, methods = "md5,plaintext", '\000' <repeats 66 times>,
>   challenge = "\000\000\000\000\000\000\000\000\000", inkeys = '\000' <repeats 79 times>, outkey = '\000' <repeats 79 times>,
>   language = "en", '\000' <repeats 77 times>, reg = 0x0, peerpoke = 0x0, transferring = 0, alreadygone = 1, transfer = {sin_family = 0,
>     sin_port = 0, sin_addr = {s_addr = 0}, sin_zero = "\000\000\000\000\000\000\000"}, transfercallno = -1, peeradsicpe = 2,
>   bridgecallno = -1, pingid = -1, lagid = -1, autoid = -1, initid = -1, dproot = '\000' <repeats 79 times>,
>   accountcode = '\000' <repeats 19 times>, amaflags = 0, dpentries = 0x0}
>
> _______________________________________________
> Asterisk-Dev mailing list
> Asterisk-Dev at lists.digium.com
> http://lists.digium.com/mailman/listinfo/asterisk-dev
>

More information about the asterisk-dev mailing list