| Summary: | ASTERISK-22670: Asterisk crashes when processing ISDN AoC Events | ||||||
| Reporter: | klaus3000 (klaus3000) | Labels: | |||||
| Date Opened: | 2013-10-08 14:06:20 | Date Closed: | 2015-02-19 12:27:10.000-0600 | ||||
| Priority: | Major | Regression? | |||||
| Status: | Closed/Complete | Components: | Core/ManagerInterface | ||||
| Versions: | 12.0.0-alpha1 | Frequency of Occurrence | Constant | ||||
| Related Issues: |
| ||||||
| Environment: | Astersik 12 SVN rev 400692 DAHDI 2.7.0.1 libpri 1.4.14 | Attachments: | ( 0) aoce-manager-handling-patch.diff | ||||
| Description: | Asterisk receives AoC on hangup. It seems that Asterisk crashes when generating the AMI event.
The ISDN message with AoC: {noformat} -- Channel DAHDI/i1/0125397831-1 left 'simple_bridge' basic-bridge <baee7f13-5d81-4af8-a213-4ab1a117e6d8> == Spawn extension (from_at43-filtered, 0125397831, 6) exited non-zero on 'SIP/at43-00000000' PRI Span: 1 q931.c:7135 q931_hangup: Hangup other cref:32769 PRI Span: 1 q931.c:6892 __q931_hangup: ourstate Active, peerstate Active, hold-state Idle PRI Span: 1 q931.c:6081 q931_disconnect: Call 32769 enters state 11 (Disconnect Request). Hold state: Idle PRI Span: 1 PRI Span: 1 > DL-DATA request PRI Span: 1 > Protocol Discriminator: Q.931 (8) len=9 PRI Span: 1 > TEI=0 Call Ref: len= 2 (reference 1/0x1) (Sent from originator) PRI Span: 1 > Message Type: DISCONNECT (69) PRI Span: 1 TEI=0 Transmitting N(S)=5, window is open V(A)=5 K=7 PRI Span: 1 PRI Span: 1 > Protocol Discriminator: Q.931 (8) len=9 PRI Span: 1 > TEI=0 Call Ref: len= 2 (reference 1/0x1) (Sent from originator) PRI Span: 1 > Message Type: DISCONNECT (69) PRI Span: 1 > [08 02 81 90] PRI Span: 1 > Cause (len= 4) [ Ext: 1 Coding: CCITT (ITU) standard (0) Spare: 0 Location: Private network serving the local user (1) PRI Span: 1 > Ext: 1 Cause: Normal Clearing (16), class = Normal Event (1) ] -- Hungup 'DAHDI/i1/0125397831-1' PRI Span: 1 PRI Span: 1 < Protocol Discriminator: Q.931 (8) len=36 PRI Span: 1 < TEI=0 Call Ref: len= 2 (reference 1/0x1) (Sent to originator) PRI Span: 1 < Message Type: RELEASE (77) PRI Span: 1 < [1c 14 91 a1 11 02 01 14 02 01 24 30 09 30 07 a1 05 30 03 02 01 01] PRI Span: 1 < Facility (len=22, codeset=0) [ 0x91, 0xA1, 0x11, 0x02, 0x01, 0x14, 0x02, 0x01, '$0', 0x09, '0', 0x07, 0xA1, 0x05, '0', 0x03, 0x02, 0x01, 0x01 ] PRI Span: 1 < [28 07 31 20 55 4e 49 54 53] PRI Span: 1 < Display (len= 7) [ 1 UNITS ] PRI Span: 1 Received message for call 0xb32aecd0 on link 0xb67ada54 TEI/SAPI 0/0 PRI Span: 1 -- Processing IE 28 (cs0, Facility) PRI Span: 1 -- Processing IE 40 (cs0, Display) PRI Span: 1 -- Delayed processing IE 28 (cs0, Facility) PRI Span: 1 ASN.1 dump PRI Span: 1 Context Specific/C [1 0x01] <A1> Len:17 <11> PRI Span: 1 Integer(2 0x02) <02> Len:1 <01> PRI Span: 1 <14> - "~" PRI Span: 1 Integer(2 0x02) <02> Len:1 <01> PRI Span: 1 <24> - "$" PRI Span: 1 Sequence/C(48 0x30) <30> Len:9 <09> PRI Span: 1 Sequence/C(48 0x30) <30> Len:7 <07> PRI Span: 1 Context Specific/C [1 0x01] <A1> Len:5 <05> PRI Span: 1 Sequence/C(48 0x30) <30> Len:3 <03> PRI Span: 1 Integer(2 0x02) <02> Len:1 <01> PRI Span: 1 <01> - "~" PRI Span: 1 ASN.1 end PRI Span: 1 INVOKE Component Context Specific/C [1 0x01] PRI Span: 1 invokeId Integer(2 0x02) = 20 0x0014 PRI Span: 1 operationValue Integer(2 0x02) = 36 0x0024 PRI Span: 1 operationValue = ROSE_ETSI_AOCEChargingUnit PRI Span: 1 chargingUnitInfo AOCEChargingUnitInfo Sequence/C(48 0x30) PRI Span: 1 specificChargingUnits Sequence/C(48 0x30) PRI Span: 1 recordedUnitsList RecordedUnitsList Context Specific/C [1 0x01] PRI Span: 1 listEntry RecordedUnits Sequence/C(48 0x30) PRI Span: 1 recordedNumberOfUnits Integer(2 0x02) = 1 0x0001 PRI Span: 1 q931.c:8997 post_handle_q931_message: Call 32769 enters state 0 (Null). Hold state: Idle Span 1: Processing event PRI_EVENT_HANGUP(6) Segmentation fault (core dumped) {noformat} The backtrace: {noformat} Program terminated with signal 11, Segmentation fault. #0 0x08170202 in ast_manager_build_channel_state_string_prefix (snapshot=0x0, prefix=0x823a3bb "") at manager_channels.c:386 386 if (snapshot->tech_properties & AST_CHAN_TP_INTERNAL) { (gdb) bt #0 0x08170202 in ast_manager_build_channel_state_string_prefix (snapshot=0x0, prefix=0x823a3bb "") at manager_channels.c:386 #1 0x081704bb in ast_manager_build_channel_state_string (snapshot=0x0) at manager_channels.c:437 #2 0x0807cb20 in aoc_to_ami (message=0xb3659814, event_name=0x820ac41 "AOC-E") at aoc.c:1803 #3 0x0807cc37 in aoc_e_to_ami (message=0xb3659814) at aoc.c:1828 #4 0x081d5c0e in stasis_message_to_ami (msg=0xb3659814) at stasis_message.c:161 #5 0x0815904a in manager_default_msg_cb (data=0x0, sub=0x898bfac, message=0xb3659814) at manager.c:1435 #6 0x081d602e in router_dispatch (data=0x898bf4c, sub=0x898bfac, message=0xb3659814) at stasis_message_router.c:193 #7 0x081ca9d4 in subscription_invoke (sub=0x898bfac, message=0xb3659814) at stasis.c:262 #8 0x081cb3e8 in dispatch_exec (local=0xb6de3280) at stasis.c:502 #9 0x081df40e in ast_taskprocessor_execute (tps=0x898c684) at taskprocessor.c:767 #10 0x081ddcc6 in default_tps_processing_function (data=0x898c63c) at taskprocessor.c:184 #11 0x081f0690 in dummy_start (data=0x898c6f0) at utils.c:1169 #12 0xb7253955 in start_thread (arg=0xb6de3b70) at pthread_create.c:300 #13 0xb76d71de in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:130 {noformat} | ||||||
| Comments: | By: bramar (bramar) 2014-01-31 03:55:17.133-0600 I have the same problem here. Always get Segmentation Fault when receiving AoC-E events. By: Marcel Manz (simmcomm) 2015-01-14 17:57:03.403-0600 Same problem here. See ASTERISK-24689. Looking for resolution of this problem. Can't use Asterisk for any outgoing calls at the moment due to this bug. Kindly fix with high priority. By: Matt Jordan (mjordan) 2015-01-14 18:18:01.354-0600 Asterisk is an open source project. Patches welcome. By: Marcel Manz (simmcomm) 2015-01-16 07:34:35.888-0600 I do welcome that Asterisk is an open source project, but in our case we just bought 2 x 1TE133F from Digium for $1600 Dollars and the cards are basically unusable, because your driver is crashing when receiving AoC-E events. We would be happy if you could escalate this case, as otherwise we'll have to request RMA and return those cards to Digium and purchase them from another vendor. In case we have to contact someone else, kindly provide guidance on how to resolve this issue. We already placed a support case (00458886) through Digium, but just received the following response: "JIRA is an Engineering ticket which is not handled by Technical Support so all we can do on this ticket is tag the JIRA case to it and then close it out and just update you as we get more information." "I have tagged the JIRA ticket to the case. Closing this ticket out now since there's nothing we can do as it is out of our hands." By: Panos Gkikakis (roeften) 2015-01-31 15:31:30.305-0600 Patch for the issue. An AOC-E manager event is still generated however it lacks any channel related information. This is not the same as in ASTERISK-24740. Both should be applied. By: Richard Mudgett (rmudgett) 2015-02-17 11:55:23.211-0600 I have created a new patch on reviewboard: https://reviewboard.asterisk.org/r/4430/ | ||||||