[Asterisk-video] Asterisk crash when using amr (app_h324m.so)

Sergio Garcia Murillo sergio.garcia at fontventa.com
Sat Jun 30 15:37:29 CDT 2007 

Hi everyone,

I'm currently out on vacations, I'll be back in 15 days, sorry
for not being able to solve this issue sooner.

Best regards
Sergio

----- Original Message ----- 
From: "Thomas Frieling" <thomas.frieling at viif.de>
To: "Development discussion of video media support in Asterisk"
<asterisk-video at lists.digium.com>
Sent: Friday, June 29, 2007 6:46 PM
Subject: Re: [Asterisk-video] Asterisk crash when using amr (app_h324m.so)


I did some debugging today:

When I comment out the TIFFReverseBits call, asterisk just crashes with
another backtrace:
#0  0xb7c99a15 in memcpy () from /lib/i686/cmov/libc.so.6
#1  0xb78c5bdc in Frame (this=0x817e0c0, t=e_Audio, c=e_AMR, d=0xb573d882
"|¥cK`\2249:S3|ø&l¬\030", l=4294967295) at Media.cpp:33
#2  0xb78c531d in FrameCreate () from /usr/local/lib/libh324m.so
#3  0xb7a97a7b in app_h324m_gw (chan=0x8207618, data=0xb595ff28) at
app_h324m.c:303
[...]

After that I created a new video using the realnetworks helix mobile
producer. This video works fine and actually does not crash asterisk.
The videos that crash asterisk were generated by ffmpeg or recorded by
mp4save.

So my guess is that whenever a video frame do not have the expected format
something bad happens.
Speaking in java terms, TIFFReverseBits for example could throw an
ArrayOutOfBoundsException.

In my opinion it is absolutely essential to check every frame's format
before performing unchecked and dangerous operations on it. Although I am
not able to apply those changes myself, I plan on helping the project by
testing the code and maybe donating some time in the future.

So far,
Thomas


-----Ursprüngliche Nachricht-----
Von: asterisk-video-bounces at lists.digium.com im Auftrag von Thomas Frieling
Gesendet: Do 28.06.2007 18:03
An: Development discussion of video media support in Asterisk
Betreff: AW: [Asterisk-video] Asterisk crash when using amr (app_h324m.so)

Hi!

Sorry for flooding the mailing list today, but I really have to get this
working.
I now have a different backtrace. It reminds me of the changes I had to
apply to h324m.cpp to get mISDN working. Could this be the problem? If there
is a chance I'd go right now and buy a different card. Which should I take
for BRI-ISDN?

Here is the new bt:

(gdb) bt full
#0  0xb78b317b in TIFFReverseBits () from /usr/local/lib/libh324m.so
No symbol table info available.
#1  0xb7a855c2 in create_h324m_frame (pak=0xb5b8fe20, f=<value optimized
out>) at app_h324m.c:284
mode = 12 '\f'
i = <value optimized out>
#2  0xb7a86052 in app_h324m_gw (chan=0x82063e0, data=0xb5b93f28) at
app_h324m.c:536
f = (struct ast_frame *) 0xb591cd80
send = <value optimized out>
u = (struct ast_module_user *) 0x8204d60
pak = {framedata = 0xb591ce00 "ddç¥ÆÒ\006)\234\\ÊÌ>\037d65\030", offset =
0xb591ce02 "ç¥ÆÒ\006)\234\\ÊÌ>\037d65\030", framelength = 31, num = 1, max =
1}
vtr = {tr = 0 '\0', samples = 0}
frame = (void *) 0x1
input = <value optimized out>
reason = 0
ms = -1
channels = {0x82063e0, 0x8209850}
pseudo = (struct ast_channel *) 0x8209850
where = (struct ast_channel *) 0x1
id = (void *) 0x820ae40
__PRETTY_FUNCTION__ = "app_h324m_gw"
#3  0x080c7413 in pbx_extension_helper (c=0x82063e0, con=0x0,
context=0x8206560 "test", exten=0x82065b0 "play", priority=1, label=0x0,
callerid=0x8204c80 "001736490184", action=E_SPAWN) at pbx.c:532
e = (struct ast_exten *) 0x81ab3e0
app = (struct ast_app *) 0x8191698
res = <value optimized out>
q = {incstack = {0x0 <repeats 128 times>}, stacklen = 0, status = 5, swo =
0x0, data = 0x0, foundcontext = 0x8206560 "test"}
passdata = "play at video", '\0' <repeats 8181 times>
matching_action = 0
__PRETTY_FUNCTION__ = "pbx_extension_helper"
#4  0x080c90f6 in __ast_pbx_run (c=0x82063e0) at pbx.c:2288 [...]
#5  0x080ca08e in pbx_thread (data=0x82063e0) at pbx.c:2601 [...]
#6  0x080f5c0b in dummy_start (data=0x817aab0) at utils.c:545 [...]
#7  0xb7ed231b in start_thread () from /lib/i686/cmov/libpthread.so.0 [...]
#8  0xb7ce88ee in clone () from /lib/i686/cmov/libc.so.6 [...]





-----Ursprüngliche Nachricht-----
Von: asterisk-video-bounces at lists.digium.com im Auftrag von Patrick
Gesendet: Do 28.06.2007 13:06
An: Development discussion of video media support in Asterisk
Betreff: Re: [Asterisk-video] Asterisk crash when using amr (app_h324m.so)

Hi Thomas,

On Thu, 2007-06-28 at 11:49 +0200, Thomas Frieling wrote:
> Hi Sergio!
>
> I tried to recompile libh324m with those flags by adding ${CFLAGS} to
> the Makefile. I am not sure though if this is the way to do it...
> Anyway gdb doesn't say anything else than it did before. Maybe I am
> not using gdb correctly?
>
> -------- Makefile now looks like this: -------------
> CFLAGS=-g -O0

Perhaps try:
CFLAGS=-g3 -pg -O0

I'm saw these settings in the Makefile of another app so I'm just
guessing here. During compilation you should see these settings in the
output so keep an eye on that. And you probably don't want to strip the
binaries (if you were even doing that at all).

Regards,
Patrick


_______________________________________________
--Bandwidth and Colocation Provided by http://www.api-digital.com--

asterisk-video mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/asterisk-video





----------------------------------------------------------------------------
----


> _______________________________________________
> --Bandwidth and Colocation Provided by http://www.api-digital.com--
>
> asterisk-video mailing list
> To UNSUBSCRIBE or update options visit:
>    http://lists.digium.com/mailman/listinfo/asterisk-video

More information about the asterisk-video mailing list