| Summary: | ASTERISK-20149: Crash when faxing SIP to SIP with strictrtp set to yes | ||
| Reporter: | Aleksandr Gordeev (axonaro) | Labels: | |
| Date Opened: | 2012-07-19 02:44:57 | Date Closed: | 2014-03-05 20:07:58.000-0600 |
| Priority: | Critical | Regression? | |
| Status: | Closed/Complete | Components: | Resources/res_fax Resources/res_fax_spandsp |
| Versions: | 10.6.0 11.5.0 | Frequency of Occurrence | Frequent |
| Related Issues: | |||
| Environment: | Attachments: | ( 0) backtrace_20120719.txt ( 1) backtrace_20120720.txt ( 2) backtrace_20121205.txt ( 3) backtrace_20130814_2.txt ( 4) backtrace_20130814.txt ( 5) backtrace.1346914431.1467.11 ( 6) full_20120719.txt ( 7) full_20120720.txt ( 8) spandsp_g711decode.diff ( 9) t38_gw_crash_dec_20.backtrace (10) t38_gw_crash_dec_20.pcap.gz (11) traffic_20120719.dump (12) traffic_20120720.dump | |
| Description: | Crash Asterisk (2) when faxing. Schema : Other PBX - > pri - > Asterisk 10.6.0 (1) - > sip,g729,t38 - > Asterisk 10.6.0 (2) - > sip,g711,t30- > Other PBX | ||
| Comments: | By: Rusty Newton (rnewton) 2012-07-19 17:03:30.434-0500 Thanks for the report! Matt Jordan indicates that it appears Asterisk is getting some malformed packet and its crashing the underlying spandsp library. To work this further we need: 1. a PCAP(packet capture) showing the inbound/outbound traffic just before the crash. 2. DEBUG logs detailing what was happening within Asterisk just before the crash https://wiki.asterisk.org/wiki/display/AST/Collecting+Debug+Information Be sure the asterisk logs contain DEBUG messages of level 5 at least. By: Aleksandr Gordeev (axonaro) 2012-07-20 01:07:07.581-0500 Traffic was collected on the asterisk(1) By: Rusty Newton (rnewton) 2012-07-20 09:04:37.272-0500 Thanks for the capture. Additionally we'll need: {quote} 2. DEBUG logs detailing what was happening within Asterisk just before the crash https://wiki.asterisk.org/wiki/display/AST/Collecting+Debug+Information Be sure the asterisk logs contain DEBUG messages of level 5 at least. {quote} By: Aleksandr Gordeev (axonaro) 2012-07-23 01:57:17.341-0500 Added logs on the asterisk(2). By: Matt Jordan (mjordan) 2012-07-26 14:50:51.428-0500 Alexandr: Do you mind attaching the relevant portions of your dialplan as well? Matt By: Aleksandr Gordeev (axonaro) 2012-07-27 00:07:14.821-0500 On asterisk(2) : extensions.conf [globals] ASTBOX=SIP/office [from-gagarina-to-pesochnaya] exten => _X.,1,Noop(Call from "${CALLERID(all)}" to "${EXTEN}") exten => _X.,n,Set(route=${FILTER(0123456789,${EXTEN})}) exten => _X.,n,Dial(${ASTBOX}/${route}) exten => _X.,n,Hangup sip.conf [office-gag] host= deny= permit= canreinvite=no type=friend secret= context=from-gagarina-to-pesochnaya qualify=1000 disallow=all allow=g729 t38pt_udptl=yes setvar=FAXOPT(gateway)=yes [office] host= deny= permit= canreinvite=no type=friend secret= context=from-pesochnaya qualify=1000 disallow=all allow=alaw t38pt_udptl=no setvar=FAXOPT(gateway)=yes By: Aleksandr Gordeev (axonaro) 2012-09-06 02:25:56.368-0500 new backtrace By: Matt Jordan (mjordan) 2012-09-06 08:42:15.908-0500 As a temporary workaround, what happens if you set strictrtp=no in rtp.conf? By: Aleksandr Gordeev (axonaro) 2012-09-12 00:05:34.259-0500 Okay, I'll check. By: Aleksandr Gordeev (axonaro) 2012-10-11 03:24:00.693-0500 at the moment the problem does not occur By: Aleksandr Gordeev (axonaro) 2012-11-11 23:58:42.413-0600 at the moment the problem does not occur By: Aleksandr Gordeev (axonaro) 2012-12-04 23:30:31.465-0600 The problem is not solved, added new backtrace 'backtrace_20121205.txt'. By: Aleksandr Gordeev (axonaro) 2013-08-14 03:10:49.337-0500 A new file (backtrace_20130814.txt) with the same problem on Asterisk 11.5.0 By: Aleksandr Gordeev (axonaro) 2013-08-14 07:44:27.622-0500 New trouble at same day and a file 'backtrace_20130814_2.txt' ((((. Need help. By: Walter Doekes (wdoekes) 2013-08-14 08:31:44.684-0500 It helps if you: (a) Take the most recent spandsp. (b) Compile it, ensure that it has -O0 and -g flags. (c) Run ldconfig. (d) Ensure that res_fax_spandsp.so is linked against the new locally compiled spandsp. (ldd .../res_fax_spandsp.so | grep spandsp) Then, when it crashes, we get debug output from the part where the actual crash occurs. And we'll know that it's not a problem that has already been fixed in a most recent spandsp. By: Johann Steinwendtner (steinwej) 2014-01-28 08:26:56.416-0600 I 'm running 11.5.0 with some minor changes on it. I've attached pcap file and the associated backtrace. Don't know if this is of any help. By: Michal Rybarik (pixall) 2014-01-31 22:28:08.941-0600 Function fsk_rx() in libspandsp is segfaulting probably because it can process only slinear frames, but currently also alaw/ulaw frames are passed to it. Alaw/ulaw frame is usually 160 bytes long, but fsk_rx() is trying to read 320bytes, so segfault may happen. I'm attaching patch for Asterisk 11 module res_fax_spandsp, it should resolve this issue. After applying patch, alaw/ulaw frames are transcoded to slinear before they are passed to libspandsp, and other frame formats are ignored. (Other frames will probably never reach this place, but rather check it). If you still have problem after applying this patch, set debug level to 5, make call, and attach asterisk log then... By: Michal Rybarik (pixall) 2014-02-11 16:45:46.735-0600 I am running patched code for 11 days... Previously, I had segfault every 1-2 days, now still running.... Around 24000 calls processed already... It is not related only to SIP to SIP, this can also happen in SIP to DAHDI calls, and probably ANY to ANY protocol too. Segfault happens because res_fax_spandsp sometimes pass alaw/ulaw frames to libspandsp, which expects only slinear. This patch is adding conversion from alaw/ulaw to slinear before frame is passed to libspandsp. https://issues.asterisk.org/jira/secure/attachment/49214/spandsp_g711decode.diff So, if your Asterisk sometimes crashes with T38gateway enabled, during fax tone detection, please try this patch, and write comment here if it helps you too.... By: Johann Steinwendtner (steinwej) 2014-03-18 05:10:09.989-0500 This patch should consider the installed spandsp version, to free the g711 context correctly. Index: res/res_fax_spandsp.c =================================================================== --- res/res_fax_spandsp.c (Revision 410826) +++ res/res_fax_spandsp.c (Arbeitskopie) @@ -676,7 +676,11 @@ g711_decode(decoder, slndata, f->data.ptr, f->samples); ast_debug(5, "spandsp transcoding frame from %s to slinear for v21 detection\n", (f->subclass.format.id == AST_FORMAT_ALAW ? "G711_ALAW" : "G711_ULAW")); modem_connect_tones_rx(p->tone_state, slndata, f->samples); +#if SPANDSP_RELEASE_DATE >= 20090211 + g711_free(decoder); +#else g711_release(decoder); +#endif ast_free(slndata); /* frame in other formats cannot be passed to spandsp, it could cause segfault */ By: Sean Bright (seanbright) 2014-03-18 08:20:36.974-0500 Sorry! I didn't see this patch before I committed a fix earlier. Either way, the fix is in. | ||