Bug#956119: asterisk: segfault in libspandsp.so.2.0.0 when using Set(FAXOPT(gateway)=yes, 30) between SIP and iax
Bernhard Schmidt
berni at debian.org
Tue Apr 14 16:37:19 BST 2020
Control: found -1 1:16.2.1~dfsg-1
Control: forwarded -1 https://issues.asterisk.org/jira/browse/ASTERISK-27981
Hi,
> I tried to extract from the submitter's dmesg line the
> source location of the crash.
>
> I assume it happened here [1], with
> variable s containing an invalid pointer:
>
> 0x00007ffff7f5bb90 in update_rx_timing at t38_gateway.c:2244
>
> 2242 static void update_rx_timing(t38_gateway_state_t *s, int len)
> 2243 {
> 2244 if (s->core.samples_to_timeout > 0)
> 2245 {
>
> https://sources.debian.org/src/spandsp/0.0.6+dfsg-2/src/t38_gateway.c/#L2244
>
>
> Maybe it is of some help.
> But a proper backtrace like described in following link would probably
> be way better: https://wiki.debian.org/HowToGetABacktrace
Thanks a lot. This looks very much like the backtrace in
https://issues.asterisk.org/jira/browse/ASTERISK-28450
---
Core was generated by `/usr/sbin/asterisk -f -U asterisk -G asterisk
-vvvg -c'.
Program terminated with signal 11, Segmentation fault.
#0 update_rx_timing (s=0x29b28, len=160) at t38_gateway.c:2189
2189 if (s->core.samples_to_timeout > 0)
---
The bug itself is marked as duplicate of
https://issues.asterisk.org/jira/browse/ASTERISK-27981, which refers to
https://gerrit.asterisk.org/c/asterisk/+/11434
@Benoit: Can you test with that patch applied?
Bernhard
More information about the Pkg-voip-maintainers
mailing list