| Summary: | ASTERISK-24550: res_rtp_asterisk: Crash in ast_rtp_on_ice_complete during DTLS handshake | ||||||
| Reporter: | Osaulenko Alexander (a.osaulenko) | Labels: | |||||
| Date Opened: | 2014-11-24 04:21:21.000-0600 | Date Closed: | 2015-07-07 14:56:56 | ||||
| Priority: | Major | Regression? | |||||
| Status: | Closed/Complete | Components: | Channels/chan_sip/SRTP Resources/res_crypto Resources/res_srtp | ||||
| Versions: | 11.9.0 11.14.0 | Frequency of Occurrence | Constant | ||||
| Related Issues: |
| ||||||
| Environment: | centos6.6, debian7.7.0 i686 and x64 | Attachments: | ( 0) asterisk.zip ( 1) backtrace_20141222.txt ( 2) backtrace_new.txt ( 3) backtrace.txt ( 4) backtracecrash.txt | ||||
| Description: | We run:
sipp -sn uac <remote_ip> -s 100 -i <local_ip> -nr -rp 1000 -d 10000 -l 10 When Asterisk (WebRTC) gets more then 10 calls at the same time from Sipp it lay down with this message: kernel: asterisk[1630] general protection ip:3ea04892f0 sp:7f25d372dac8 error:0 in libc-2.12.so[3ea0400000+18a000] We tested the all version from 11.9 to 11.14 with default configs on centos6.6 and debian7.7.0 i686 and x64 Asterisk was built with ssl, srtp, crypto. all settings to generate key use from official web site. All user was configured with dtls keys. | ||||||
| Comments: | By: Matt Jordan (mjordan) 2014-11-24 10:29:48.773-0600 Thank you for your bug report. In order to move your issue forward, we require a backtrace[1] from the core file produced after the crash. Also, be sure you have DONT_OPTIMIZE enabled in menuselect within the Compiler Flags section, then: make install After enabling, reproduce the crash, and then execute the backtrace[1] instructions. When complete, attach that file to this issue report. [1] https://wiki.asterisk.org/wiki/display/AST/Getting+a+Backtrace By: Osaulenko Alexander (a.osaulenko) 2014-11-25 03:03:34.207-0600 Attached backtrace.txt after Asterisk had crashed By: Matt Jordan (mjordan) 2014-11-25 09:09:43.874-0600 That's not a backtrace of the crash. Please follow the linked instructions on the wiki. By: Osaulenko Alexander (a.osaulenko) 2014-11-26 06:21:31.168-0600 Matt, new backtrace is attached By: Badalian Vyacheslav (slavon) 2014-11-28 21:24:59.922-0600 ASTERISK-24566 and ASTERISK-24538 will be fix WS mode. In WSS mode have bugs in asterisk and OpenSSL Look to https://rt.openssl.org/Ticket/Display.html?id=3592 and also to ASTERISK-24472 (closed by security reasons) By: Osaulenko Alexander (a.osaulenko) 2014-12-02 01:53:35.035-0600 Hello, Badalian Vyacheslav. Is link to openssl ticket correct? By: Badalian Vyacheslav (slavon) 2014-12-02 21:41:25.633-0600 yes... try guest / guest for access By: Rusty Newton (rnewton) 2014-12-17 09:10:54.241-0600 Your trace is incomplete for what we need. Also, there is a lot of modules failing to load. Please recompile Asterisk completely (including all modules). When doing so, make sure to [follow the linked instructions|https://wiki.asterisk.org/wiki/display/AST/Getting+a+Backtrace#GettingaBacktrace-GettingInformationAfterACrash] to use appropriate compiler flags and get a backtrace from the core after it dumps. When recompiling Asterisk, please test with the latest of the SVN 11 branch as there are a few recent fixes that may apply to your issue. By: Osaulenko Alexander (a.osaulenko) 2014-12-22 02:10:16.653-0600 Hello, Rusty Newton! I have attached new backtrace. We had made two calls and get error "Failed to get local SDP". First call was general, second was with sip debug. By: Matt Jordan (mjordan) 2014-12-22 13:14:18.268-0600 Your latest attachment contains the SIP messages, but does not provide the crash information in the backtrace. As Rusty has mentioned, please follow the instructions on the wiki to generate the information. So far, both files have contained part of the information leading up to your problem, but neither has provided the full picture requested. * https://wiki.asterisk.org/wiki/display/AST/Getting+a+Backtrace * https://wiki.asterisk.org/wiki/display/AST/Collecting+Debug+Information By: Osaulenko Alexander (a.osaulenko) 2014-12-23 01:37:46.270-0600 Sorry, backtrace was for another ticket ASTERISK-24557 By: Osaulenko Alexander (a.osaulenko) 2014-12-23 03:24:09.956-0600 Hello, Rusty Newton! I have attached new backtrace - backtrace(crash).txt By: Matt Jordan (mjordan) 2014-12-23 13:53:34.681-0600 I'm really going to try to not be rude, but... are you reading the linked wiki pages? Your latest attachment *is not* generated per the linked instructions. If you are unable to generate a proper backtrace from a core file, this issue will be closed. By: Ivan Melnik (Gemor) 2014-12-26 07:25:17.438-0600 Matt i have attached new backtrace. By: Badalian Vyacheslav (slavon) 2014-12-30 07:01:17.121-0600 Please test my patch in ASTERISK-24651. Also it need to apply patch from ASTERISK-24650 and fresh OpenSSL libs. Читайте внимательно) By: Rusty Newton (rnewton) 2015-01-15 09:05:40.030-0600 Please test with Badalian's patch as he requested. Also, please report the version of openSSL that you are using. By: Ivan Melnik (Gemor) 2015-01-26 08:57:09.840-0600 I did everything as you wrote. I recompiled openssl (ASTERISK-24651) and compile asterisk 11.15 patched (ASTERISK-24650). I got wаrning message "Failed to get local SDP" Слава, подскажи где я мог ошибиться? Может есть версия asterisk в которой есть твой патч? By: Rusty Newton (rnewton) 2015-02-10 18:07:35.292-0600 Please attach the sip.conf configurations used with your sipp scenario to reproduce the issue. Attach everything needed to reproduce the issue, along with instructional steps. Thanks! By: Ivan Melnik (Gemor) 2015-02-13 02:22:34.404-0600 this zip is /etc/asterisk folder with all config files, which needed to reproduce the problem. all you need is create queue random strategy. By: Badalian Vyacheslav (slavon) 2015-02-17 09:09:18.723-0600 \[Edit: mjordan\] Original comment written in Russian removed. Promoting sales information on the issue tracker is not cool. We don't do it; neither should you. By: Matt Jordan (mjordan) 2015-03-10 16:17:13.094-0500 [~slavon]: Please don't advertise on the issue tracker for your services. That's what the asterisk-biz list is for. I'm deleting the comment above. {quote} [russian to ivan] Ivan hello. Sorry for the long answer , was on vacation . These are two different errors . My patch treats race SSL flows when two threads are accessing the same manner, the structure of SSL and it causes a drop . A "Failed to get local SDP" this is the problem of matching SDP. Look INVITE and ACK. There headerah will be clear in principle, what is wrong with SDP. If you want to help, " seriously, " with your project - \[EDIT: redacted\] {quote} By: Rusty Newton (rnewton) 2015-05-19 15:21:28.841-0500 [~a.osaulenko] can you update the environment field with the versions of the relevant libraries being used? That is, libsrtp, libssl, etc. By: Ivan Melnik (Gemor) 2015-05-27 11:00:01.940-0500 On your recommendation, i upgraded all libraries. But asterisk 11.7.1 lay down with same error message. (asterisk[4792]: segfault at 38b2000 ip 00000039d6289963 sp 00007fb9bab8fac8 error 4 in libc-2.12.so[39d6200000+18a000]) By: Joshua C. Colp (jcolp) 2015-07-06 06:00:46.733-0500 A change is now up for review at the following addresses for a fix to this problem. While our code review process is pretty fast these days if anyone would like to test the change and provide feedback on this issue it would be welcome: 11: https://gerrit.asterisk.org/#/c/786/ 13: https://gerrit.asterisk.org/#/c/787/ master: https://gerrit.asterisk.org/#/c/788/ The patch can be downloaded by clicking the "Download" dropdown and selecting the method you wish. | ||||||