| Summary: | ASTERISK-23135: Crash - segfault in ast_channel_hangupcause_set - probably introduced in 11.7.0 | ||||
| Reporter: | OK (oleke) | Labels: | |||
| Date Opened: | 2014-01-12 03:11:12.000-0600 | Date Closed: | 2014-02-28 12:02:06.000-0600 | ||
| Priority: | Critical | Regression? | Yes | ||
| Status: | Closed/Complete | Components: | Channels/chan_sip/General Channels/General | ||
| Versions: | 11.7.0 | Frequency of Occurrence | |||
| Related Issues: |
| ||||
| Environment: | Ubuntu 12.04.3 | Attachments: | ( 0) backtrace2.txt ( 1) dump.txt | ||
| Description: | Asterisk goes down with segfault message
{noformat} [1710042.449224] asterisk[26863]: segfault at 9f0 ip 00000000004984ff sp 00007ff1788ed810 error 6 in asterisk[400000+233000] {noformat} {noformat} Program terminated with signal 11, Segmentation fault. #0 0x00000000004984ff in ast_channel_hangupcause_set (chan=0x0, value=58) at channel_internal_api.c:580 580 chan->hangupcause = value; (gdb) bt #0 0x00000000004984ff in ast_channel_hangupcause_set (chan=0x0, value=58) at channel_internal_api.c:580 #1 0x00007ff17ca7417b in handle_response_invite (p=0x7ff0b81d2f98, resp=200, rest=0x7ff1380b89d4 "OK", req=0x7ff1788ee2a0, seqno=102) at chan_sip.c:22821 #2 0x00007ff17ca79a2a in handle_response (p=0x7ff0b81d2f98, resp=200, rest=0x7ff1380b89d4 "OK", req=0x7ff1788ee2a0, seqno=102) at chan_sip.c:23820 #3 0x00007ff17ca8d538 in handle_incoming (p=0x7ff0b81d2f98, req=0x7ff1788ee2a0, addr=0x7ff1788eed10, recount=0x7ff1788ee250, nounlock=0x7ff1788ee254) at chan_sip.c:28137 #4 0x00007ff17ca8ebe9 in handle_request_do (req=0x7ff1788ee2a0, addr=0x7ff1788eed10) at chan_sip.c:28447 #5 0x00007ff17ca8e7d2 in sipsock_read (id=0x7ff138000f70, fd=10, events=1, ignore=0x0) at chan_sip.c:28378 #6 0x0000000000501f9a in ast_io_wait (ioc=0x1552f30, howlong=576) at io.c:292 #7 0x00007ff17ca90808 in do_monitor (data=0x0) at chan_sip.c:28976 #8 0x000000000059f064 in dummy_start (data=0x15848d0) at utils.c:1162 #9 0x00007ff1c53a6e9a in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0 #10 0x00007ff1c64ec3fd in clone () from /lib/x86_64-linux-gnu/libc.so.6 #11 0x0000000000000000 in ?? () {noformat} Full Backtrace attached Also in all cases the last messages in log file are: {noformat} [Jan 12 08:56:55] WARNING[26863][C-000001f4] chan_sip.c: Ignoring audio media offer because port number is zero [Jan 12 08:56:55] WARNING[26863][C-000001f4] chan_sip.c: Failing due to no acceptable offer found {noformat} [Jan 12 13:01:02] Asterisk 11.7.0 built by root @ mcall-aster on a x86_64 running Linux on 2014-01-11 13:59:57 UTC | ||||
| Comments: | By: OK (oleke) 2014-01-13 05:46:34.505-0600 SIP debug By: OK (oleke) 2014-01-13 05:47:01.135-0600 Attached dump.txt -- last 5 sec for sip debug/verbose output for full log. By: OK (oleke) 2014-01-13 12:10:12.668-0600 Asterisk forum discussion http://forums.asterisk.org/viewtopic.php?f=1&t=89014&start=0#p195572 By: David Woolley (davidw) 2014-01-13 16:05:05.452-0600 It looks like the SIP device is responding inappropriately to a CANCEL by sending 200 OK, rather than request cancelled, with the old style hold state (0 as the RTP port number), on the INVITE transaction. Whilst that could happen as a collision, it seems unlikely. I don't know if it is just the 200 response, or the combination with the hold. By: OK (oleke) 2014-01-14 01:39:08.944-0600 Thanks for your reply. Which workaround would you recommend? In most cases our Asterisk works as autodialing solution (via call files) and 3cx phone agents recieve incoming call when autodial succeeded. By: OK (oleke) 2014-01-15 06:31:26.119-0600 rolling back to 11.5.0 fixed the issue -- no segfaults anymore so some changes between .5 and .7 could be the reason By: Corey Farrell (coreyfarrell) 2014-01-15 07:54:53.709-0600 Instead of 11.5.0 I would recommend 11.6.1, since it has security fixes. The call to ast_channel_hangupcause_set was added in r400971, released in 11.7.0. | ||||