[asterisk-bugs] [Asterisk 0010289]: Old LAGRQ frames showing up in new IAX2 calls

noreply at bugs.digium.com noreply at bugs.digium.com
Tue Jul 31 10:26:46 CDT 2007 

A NOTE has been added to this issue. 
====================================================================== 
http://bugs.digium.com/view.php?id=10289 
====================================================================== 
Reported By:                mihai
Assigned To:                russell
====================================================================== 
Project:                    Asterisk
Issue ID:                   10289
Category:                   Channels/chan_iax2
Reproducibility:            always
Severity:                   minor
Priority:                   normal
Status:                     assigned
Asterisk Version:           1.4.8  
SVN Branch (only for SVN checkouts, not tarball releases): N/A  
SVN Revision (number only!):  
Disclaimer on File?:        N/A 
Request Review:              
====================================================================== 
Date Submitted:             07-24-2007 10:52 CDT
Last Modified:              07-31-2007 10:26 CDT
====================================================================== 
Summary:                    Old LAGRQ frames showing up in new IAX2 calls
Description: 
If there are two successive IAX2 calls having the same source and
destination call id, sometimes old LAGRQ frames belonging to the first call
are transmitted as part of a VNAK retransmission during the second call.
Since the old LAGRQ have wildly out of order sequence numbers, the other
endpoint will request retransmission, which can cause a VNAK storm.
I am able to reproduce this by stress testing chan_iax2 with an automated
script that generates about 3 calls per second, up to about 200
simultaneous calls.  This will pretty much guarantee that source ids will
be recycled on the server side, which can trigger this issue. 
====================================================================== 

---------------------------------------------------------------------- 
 mihai - 07-31-07 10:26  
---------------------------------------------------------------------- 
Well, turns out that the patch is not good enough.  There is still a race
condition between the scheduler thread and the network thread. If a
scheduled event is triggered and immediately after, the network thread
clears the frame, then __attempt_transmit might not be able to extract the
correct callno which can lead to crashes 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
07-31-07 10:26  mihai          Note Added: 0068124                          
======================================================================

More information about the asterisk-bugs mailing list