[asterisk-dev] Enquiry around a Segfault
Steve Davies
davies147 at gmail.com
Tue May 13 06:49:18 CDT 2014
Hi,
I captured a segfault (sadly without a core) on a customer site as follows:
asterisk[16862]: segfault at 770 ip 08098fa0 sp b483bdc0 error 4 in
asterisk[8048000+18f000]
# addr2line -e asterisk 08098fa0
/usr/src/asterisk-1.8.26.0/main/cdr.c:741
740: for (; cdr; cdr = cdr->next) {
741: if (ast_test_flag(cdr, AST_CDR_FLAG_ANSLOCKED))
742: continue;
The only way I can see that line causing a segv is if another thread were
destroying or detaching the channel's CDR at the same time as the
cdr_answer was occurring. There are a few places where CDR operations like
'ast_cdr_answer(chan->cdr)' are called without the channel being locked.
Having looked up all references to ast_cdr_answer(), ast_cdr_discard() and
ast_cdr_detach(), my favourite combination for causing this is simultaneous
execution of:
channel.c: ast_hangup(chan)
and
channel.c: ast_raw_answer(chan) called on a channel that is already
AST_STATE_UP.
I will attempt to reproduce this and grab a backtrace, but any clues or
suggestions will be welcome.
Regards,
Steve
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20140513/0169c18e/attachment.html>
More information about the asterisk-dev
mailing list