Richard Kenner
2017-Apr-06 13:57 UTC
[asterisk-users] Issues with Siren14 codec in Asterisk 14.3.0
I'm seeing Asterisk crashes with the following frame at func_speex.c:188:
(gdb) p *frame
$6 = {frametype = AST_FRAME_VOICE, subclass = {integer = 0,
format = 0xe2f9e20, frame_ending = 0}, datalen = 0, samples = 640,
mallocd = 1, mallocd_hdr_len = 232, offset = 64,
src = 0x2ac07413e7f8 "siren14tolin32", data = {ptr = 0x3cab9378,
uint32 = 1017877368, pad = "x\223\253<\000\000\000"}, delivery
= {
tv_sec = 1491485582, tv_usec = 407272}, frame_list = {next = 0x0},
flags = 0, ts = 0, len = 0, seqno = 0}
frame->data.ptr is an out-of-range address.
Does this ring a bell to anybody? Without sources of the Siren14 codec,
how would you recommend we debug this?
Joshua Colp
2017-Apr-06 14:06 UTC
[asterisk-users] Issues with Siren14 codec in Asterisk 14.3.0
On Thu, Apr 6, 2017, at 10:57 AM, Richard Kenner wrote:> I'm seeing Asterisk crashes with the following frame at func_speex.c:188: > > (gdb) p *frame > $6 = {frametype = AST_FRAME_VOICE, subclass = {integer = 0, > format = 0xe2f9e20, frame_ending = 0}, datalen = 0, samples = 640, > mallocd = 1, mallocd_hdr_len = 232, offset = 64, > src = 0x2ac07413e7f8 "siren14tolin32", data = {ptr = 0x3cab9378, > uint32 = 1017877368, pad = "x\223\253<\000\000\000"}, delivery = { > tv_sec = 1491485582, tv_usec = 407272}, frame_list = {next = 0x0}, > flags = 0, ts = 0, len = 0, seqno = 0} > > frame->data.ptr is an out-of-range address. > > Does this ring a bell to anybody? Without sources of the Siren14 codec, > how would you recommend we debug this?I would say this is a bug in func_speex and not in codec_siren14. This is because the datalen is zero. There is no data on the frame (which is why frame->data.ptr is garbage, although it could be improved to be NULL) but there are samples, so it's an interpolated frame. The func_speex module should be changed to handle this. I'd suggest filing an issue on the issue tracker for it[1]. [1] https://issues.asterisk.org/jira -- Joshua Colp Digium, Inc. | Senior Software Developer 445 Jan Davis Drive NW - Huntsville, AL 35806 - US Check us out at: www.digium.com & www.asterisk.org
Richard Kenner
2017-Apr-06 15:17 UTC
[asterisk-users] Issues with Siren14 codec in Asterisk 14.3.0
> I would say this is a bug in func_speex and not in codec_siren14. This > is because the datalen is zero.Ah! So, like? *** func_speex.c.orig 2017-02-13 15:00:19.000000000 -0500 --- func_speex.c 2017-04-06 11:16:03.000000000 -0400 *************** *** 185,189 **** } ! speex_preprocess(sdi->state, frame->data.ptr, NULL); snprintf(source, sizeof(source), "%s/speex", frame->src); if (frame->mallocd & AST_MALLOCD_SRC) { --- 185,190 ---- } ! if (frame->data.ptr && frame->datalen) ! speex_preprocess(sdi->state, frame->data.ptr, NULL); snprintf(source, sizeof(source), "%s/speex", frame->src); if (frame->mallocd & AST_MALLOCD_SRC) {