| Summary: | ASTERISK-08897: Core Dump in pbx_retrieve_variable | ||
| Reporter: | Douglas Garstang (dgarstang) | Labels: | |
| Date Opened: | 2007-02-27 14:12:25.000-0600 | Date Closed: | 2007-03-23 18:04:41 |
| Priority: | Critical | Regression? | No |
| Status: | Closed/Complete | Components: | Core/Configuration |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ||
| Description: | Core dump. Problem reproducable. Ocurrs in latest SVN version checked out today, Feb 27. #0 pbx_retrieve_variable (c=0x6ce0b0, var=0x40296230 "ARG2", ret=0x40297278, workspace=0x40295220 "", workspacelen=4096, headp=0x6ce4f0) at pbx.c:1107 1107 { (gdb) bt #0 pbx_retrieve_variable (c=0x6ce0b0, var=0x40296230 "ARG2", ret=0x40297278, workspace=0x40295220 "", workspacelen=4096, headp=0x6ce4f0) at pbx.c:1107 #1 0x0000000000476c0b in pbx_substitute_variables_helper_full (c=0x6ce0b0, headp=0x6ce4f0, cp1=Variable "cp1" is not available. ) at pbx.c:1546 #2 0x0000000000476d9d in pbx_substitute_variables_helper_full (c=0x6ce0b0, headp=0x6ce4f0, cp1=Variable "cp1" is not available. ) at pbx.c:1601 #3 0x0000000000477864 in pbx_extension_helper (c=0x6ce0b0, con=Variable "con" is not available. ) at pbx.c:1622 #4 0x0000000000477e43 in ast_spawn_extension (c=Variable "c" is not available. ) at pbx.c:2170 ASTERISK-1 0x00002aaaad73dfa0 in _macro_exec (chan=0x6ce0b0, data=Variable "data" is not available. ) at app_macro.c:243 ASTERISK-2 0x000000000047791c in pbx_extension_helper (c=0x6ce0b0, con=Variable "con" is not available. ) at pbx.c:506 ASTERISK-3 0x0000000000477e43 in ast_spawn_extension (c=Variable "c" is not available. ) at pbx.c:2170 ASTERISK-4 0x00002aaaad73dfa0 in _macro_exec (chan=0x6ce0b0, data=Variable "data" is not available. ) at app_macro.c:243 ASTERISK-5 0x000000000047791c in pbx_extension_helper (c=0x6ce0b0, con=Variable "con" is not available. ) at pbx.c:506 ASTERISK-6 0x0000000000477e43 in ast_spawn_extension (c=Variable "c" is not available. ) at pbx.c:2170 ASTERISK-7 0x00002aaaad73dfa0 in _macro_exec (chan=0x6ce0b0, data=Variable "data" is not available. ) at app_macro.c:243 ASTERISK-8 0x000000000047791c in pbx_extension_helper (c=0x6ce0b0, con=Variable "con" is not available. ) at pbx.c:506 ASTERISK-9 0x0000000000477e43 in ast_spawn_extension (c=Variable "c" is not available. ) at pbx.c:2170 ASTERISK-10 0x00002aaaad73dfa0 in _macro_exec (chan=0x6ce0b0, data=Variable "data" is not available. ) at app_macro.c:243 ASTERISK-11 0x000000000047791c in pbx_extension_helper (c=0x6ce0b0, con=Variable "con" is not available. ) at pbx.c:506 ASTERISK-12 0x0000000000477e43 in ast_spawn_extension (c=Variable "c" is not available. ) at pbx.c:2170 ASTERISK-13 0x00002aaaad73dfa0 in _macro_exec (chan=0x6ce0b0, data=Variable "data" is not available. ) at app_macro.c:243 ASTERISK-14 0x000000000047791c in pbx_extension_helper (c=0x6ce0b0, con=Variable "con" is not available. ) at pbx.c:506 ASTERISK-15 0x0000000000477e43 in ast_spawn_extension (c=Variable "c" is not available. ) at pbx.c:2170 ASTERISK-16 0x00002aaaad73dfa0 in _macro_exec (chan=0x6ce0b0, data=Variable "data" is not available. ) at app_macro.c:243 ASTERISK-17 0x000000000047791c in pbx_extension_helper (c=0x6ce0b0, con=Variable "con" is not available. ) at pbx.c:506 ASTERISK-18 0x0000000000477e43 in ast_spawn_extension (c=Variable "c" is not available. ) at pbx.c:2170 ASTERISK-19 0x00002aaaad73dfa0 in _macro_exec (chan=0x6ce0b0, data=Variable "data" is not available. ) at app_macro.c:243 ASTERISK-20 0x000000000047791c in pbx_extension_helper (c=0x6ce0b0, con=Variable "con" is not available. ) at pbx.c:506 ASTERISK-21 0x00000000004792dd in __ast_pbx_run (c=0x6ce0b0) at pbx.c:2170 ASTERISK-22 0x0000000000479ee9 in pbx_thread (data=Variable "data" is not available. ) at pbx.c:2483 ASTERISK-23 0x000000000049fd6c in dummy_start (data=Variable "data" is not available. ) at utils.c:545 ASTERISK-24 0x0000003685406325 in start_thread () from /lib64/libpthread.so.0 ASTERISK-25 0x00000036843cbbad in clone () from /lib64/libc.so.6 ASTERISK-26 0x0000000000000000 in ?? () (gdb) The bt implies that it is some sort of recursion problem. However, I tested this theory with: [macro-funcA] exten => s,n,Macro(funcB) [macro-funcB] exten => s,n,Macro(funcA) and after iterating about 5 times it catches the recursion and stops. With the core dump, this does not happen. ****** ADDITIONAL INFORMATION ****** SVN-branch-1.4-r51360M | ||
| Comments: | By: Serge Vecher (serge-v) 2007-02-27 14:28:05.000-0600 trunk today is at rev. 56976. Delete your asterisk sources, do a clean checkout (not update), recompile with DONT OPTIMIZE flag under compiler options and try again. By: Douglas Garstang (dgarstang) 2007-02-27 15:21:42.000-0600 Oops, I do have 56976. I mistyped the version. Connected to Asterisk SVN-trunk-r56976M currently running on xxx (pid = 10015) By: Steve Murphy (murf) 2007-02-27 15:32:58.000-0600 Douglas-- Is this AEL, or extensions.conf? Can you send the involved code snippet that's blowing up, so I can reproduce this and fix the bug? Many thanks! By: Douglas Garstang (dgarstang) 2007-02-27 15:57:32.000-0600 murf, this is regular extensions.conf. Unfortunately, I would not be allowed to attach the entire dialplan. The best I can do is go and see if it's possible to build a test case to generate the crash. By: Douglas Garstang (dgarstang) 2007-02-27 16:36:49.000-0600 Good news. I was able to reproduce. The following dialplan causes the core dump. Start execution in funcA. Press 0 at the tt-monkeys prompt, execution jumps to funcC. Press 2, and execution jumps back to funcB. It's recursive, but there's DTMF and pauses in between. Had to loop it 2 times before the crash ocurred. [macro-funcC] exten => s,1,Set(Key=) exten => s,n(menu),Read(Key,main-menu,1,n,1,5) exten => s,n,GotoIf($["${Key}" != ""]?${Key},1) exten => s,n,Goto(menu) exten => 2,1,Macro(funcB,${ARG1},${ARG2},1,618) [macro-funcB] exten => s,1,Set(Key=) exten => s,n(menu),Read(Key,tt-monkeys,1,n,1,5) exten => s,n,GotoIf($["${Key}" != ""]?${Key},1) exten => 0,1,Macro(funcC) [macro-funcA] exten => s,1,macro(funcB) By: Steve Murphy (murf) 2007-02-28 10:57:56.000-0600 Douglas-- In 1.4, I'm having trouble reproducing your bug! I'll try trunk here in a little while. I've tried all sorts of variations on a theme... First, since it's easier for me, I converted your code to AEL, and found some bugs in AEL. I fixed these, and proceeded to test, but the crash did not happen. The bugs in AEL: 1. macro calls to macros defined in extensions.conf resulted in a fatal error, instead of a warning. 2. a goto to a context in extensions.conf issued an error instead of a warning. I thought I had 1 & 2 fixed! But no! 3. The goto in the macro to a label in a "catch" (another extension), could not find the label and issued an error. I fixed all 3, and I'd merrily dial 0 and 2 and get the famous: ... <snip> ... -- User entered '0' -- Executing [s@macro-funcB:3] GotoIf("Zap/51-1", "1?0|1") in new stack -- Goto (macro-funcB,0,1) -- Executing [0@macro-funcB:1] Macro("Zap/51-1", "funcC") in new stack -- Executing [s@macro-funcC:1] Set("Zap/51-1", "Key=") in new stack -- Executing [s@macro-funcC:2] Read("Zap/51-1", "Key|main-menu|1|n|1|5") in new stack -- Accepting a maximum of 1 digits. -- <Zap/51-1> Playing 'main-menu' (language 'en') [Feb 28 08:26:51] DEBUG[31930]: chan_zap.c:4790 zt_read: DTMF digit: 2 on Zap/51-1 -- User entered '2' -- Executing [s@macro-funcC:3] GotoIf("Zap/51-1", "1?2|1") in new stack -- Goto (macro-funcC,2,1) -- Executing [2@macro-funcC:1] Macro("Zap/51-1", "funcB|||1|618") in new stack [Feb 28 08:26:51] ERROR[31930]: app_macro.c:153 _macro_exec: Macro(): possible infinite loop detected. Returning early. == Auto fallthrough, channel 'Zap/51-1' status is 'UNKNOWN' [Feb 28 08:26:51] DEBUG[31930]: chan_zap.c:2443 zt_hangup: Hangup: channel: 51 index = 0, normal = 68, callwait = -1, thirdcall = -1 [Feb 28 08:26:51] DEBUG[31930]: chan_zap.c:1465 zt_disable_ec: disabled echo cancellation on channel 51 [Feb 28 08:26:51] DEBUG[31930]: chan_zap.c:2870 zt_setoption: Set option TDD MODE, value: OFF(0) on Zap/51-1 [Feb 28 08:26:51] DEBUG[31930]: chan_zap.c:1402 update_conf: Updated conferencing on 51, with 0 conference users -- Hungup 'Zap/51-1' Well, I thought, even tho the code is equivalent, maybe it's something associated with the extensions.conf route, so copied and pasted the code you gave directly into extensions.conf, and commented it out of the .ael file, and called it, and the exact same thing as above. No crash. Just the "possible infinite loop" message and the call is aborted. I'll be committing those AEL updates today to 1.4 and trunk, and backport to the AEL2-1.2 branch, and publishing a new patch. By: Steve Murphy (murf) 2007-02-28 10:59:08.000-0600 So, why am I not crashing? Did you do have some contextual stuff going on that I don't? Down a level or two in macros already when you invoke funcA? In trunk, not 1.4? By: Steve Murphy (murf) 2007-03-23 18:04:41 dgarstang-- I've let this one "simmer" long enough; I'm going to close it with a "can't reproduce". If you have any new info, revelations, etc., feel free to reopen this issue, and I'll do my best to put it to rest. | ||