ASTERISK-15088: [patch] Segfault with limit data L(x:y) and verbosity >= 3

[Home]

Summary: ASTERISK-15088: [patch] Segfault with limit data L(x:y) and verbosity >= 3

Reporter: Bruce McAlister (asgaroth) Labels:

Date Opened: 2009-11-06 04:10:16.000-0600 Date Closed: 2009-11-25 15:46:05.000-0600

Priority: Critical Regression? No

Status: Closed/Complete Components: Applications/app_dial

Versions: Frequency of
Occurrence

Related
Issues:

Environment: Attachments: ( 0) asterisk-1.4-r228338M_gdb_bt_full.txt
( 1) asterisk-1.4-r228338M_gdb_bt.txt
( 2) asterisk-1.4-r228338M_gdb_thread_apply_all_bt.txt
( 3) bug_16193_1.4.21.2_vers.diff
( 4) bug_16193_dial.diff
( 5) gdb_bt_full.txt
( 6) gdb_bt.txt
( 7) gdb_thread_apply_all_bt.txt

Description: I am experiencing core dumps when I set a call time limit on for a
call. If I dont use the call time limit option then the dial
application works as expected.

For example, if I have the following dial command:

Dial(SIP/${EXTEN},,L(10800000:60000))

Then I see the following on the console when the dial is executed:

-- Limit Data for this call:
> timelimit = 10800000
> play_warning = 60000
> play_to_caller = yes
> play_to_callee = no
> warning_freq = 0
Segmentation Fault - core dumped

If I remove the time limitation (,L(10800000:60000)) then the dial
works as expected.

If I start asterisk with the
following command:

asterisk -vvvdddgcp

then when on the console I do the following:

"core set verbose 0"
The dial with limitation works properly

"core ser verbose 1"
The dial with limitation works properly

"core set verbose 2"
The dial with limitation works properly

"core set verbose 3"
The dial with limitation crashes with a segfault

Could this be something to do with writing verbose information to the console?

Comments: By: Bruce McAlister (asgaroth) 2009-11-06 04:12:24.000-0600

I have uploaded the backtraces as described in docs/backtrace.txt.
By: Leif Madsen (lmadsen) 2009-11-06 09:06:09.000-0600

Have you also tried this on the latest 1.4 branch from SVN? 1.4.26.2 is getting kind of old now, and want to make sure the issue hasn't already been resolved. Thanks!
By: Bruce McAlister (asgaroth) 2009-11-06 09:22:00.000-0600

No, I've not tried the latest SVN branch. Where can I find the steps to pull down the SVN branch of asterisk.
By: Leif Madsen (lmadsen) 2009-11-06 09:34:05.000-0600

svn co http://svn.asterisk.org/svn/asterisk/branches/1.4 asterisk-1.4-vanilla

More information here: http://www.asterisk.org/developers/get-source
By: Atis Lezdins (atis) 2009-11-06 10:10:50.000-0600

Using L(36000000:36000000:15000) on Asterisk 1.6.1.6 and previously with Asterisk 1.4.19 verbosity 3 and debug 0/1 didn't crashed anything.
By: Atis Lezdins (atis) 2009-11-06 10:14:15.000-0600

What is LIMIT_CONNECT_FILE set to? Can You check by using this before Dial?

Verbose(${LIMIT_CONNECT_FILE});
By: Bruce McAlister (asgaroth) 2009-11-06 10:22:04.000-0600

My dialplan looks like this:

exten => _NX.,1,Verbose(${LIMIT_CONNECT_FILE})
exten => _NX.,n,Dial(SIP/003531${EXTEN}@magratheagw,,${CallTimeLimit})

When that executes, I get the following on the console:

-- Executing [8262900@magratheaout:1] Verbose("SIP/bruce.mcalister0-08764130", "") in new stack

-- Executing [8262900@magratheaout:2] Dial("SIP/bruce.mcalister0-08764130", "SIP/0035318262900@magratheagw||L(10800000:60000)") in new stack
By: Bruce McAlister (asgaroth) 2009-11-06 10:46:12.000-0600

I tried the above with the latest SVN branch and I still expereince a core dump with the dial when a limit is set.

Here is the asterisk version information:

*CLI> core show version
Asterisk SVN-branch-1.4-r228338M built by user @ soldev on a i86pc running SunOS on 2009-11-06 16:26:20 UTC

Here is the output from the console:

-- Executing [8262900@magratheaout:1] Verbose("SIP/bruce.mcalister0-00000000", "") in new stack

-- Executing [8262900@magratheaout:2] Dial("SIP/bruce.mcalister0-00000000", "SIP/0035318262900@magratheagw||L(10800000:60000)") in new stack
-- Limit Data for this call:
> timelimit = 10800000
> play_warning = 60000
> play_to_caller = yes
> play_to_callee = no
> warning_freq = 0
Segmentation Fault - core dumped
---
By: Bruce McAlister (asgaroth) 2009-11-06 10:52:41.000-0600

I've attached the backtraces for the crash using the latest SVN revision of asterisk.
By: Bruce McAlister (asgaroth) 2009-11-06 12:33:24.000-0600

FYI, this fails (core dumps) on asterisk versions 1.4.24 and 1.4.21 as well.

By: Bruce McAlister (asgaroth) 2009-11-06 13:40:40.000-0600

I tried to set the LIMIT_CONNECT_FILE and LIMIT_WARNING_FILE variables before the dial and the dial command still core dumps when the verbosity is >= 3.

Here is what I tried in the dialplan:

exten => _NX.,1,Set(LIMIT_CONNECT_FILE=tt-monkeys.gsm,LIMIT_WARNING_FILE=tt-monkeys.gsm)
exten => _NX.,n,Verbose(${LIMIT_CONNECT_FILE})
exten => _NX.,n,Dial(SIP/003531${EXTEN}@magratheagw,,${CallTimeLimit})

When attempting the dial, here is what is on the console:

-- Executing [8262900@magratheaout:1] Set("SIP/bruce.mcalister0-0840e0b8", "LIMIT_CONNECT_FILE=tt-monkeys.gsm|LIMIT_WARNING_FILE=tt-monkeys.gsm") in new stack
[Nov 6 19:31:19] WARNING[13463]: pbx.c:5936 pbx_builtin_setvar: Setting multiple variables at once within Set is deprecated. Please separate each name/value pair into its own line.
-- Executing [8262900@magratheaout:2] Verbose("SIP/bruce.mcalister0-0840e0b8", "tt-monkeys.gsm") in new stack
tt-monkeys.gsm
-- Executing [8262900@magratheaout:3] Dial("SIP/bruce.mcalister0-0840e0b8", "SIP/0035318262900@magratheagw||L(10800000:60000)") in new stack
-- Limit Data for this call:
> timelimit = 10800000
> play_warning = 60000
> play_to_caller = yes
> play_to_callee = no
> warning_freq = 0
Segmentation Fault - core dumped
By: David Ruggles (thedavidfactor) 2009-11-09 12:48:37.000-0600

unable to duplicate with 1.4 SVN 229006 (latest)
Verbose 3 displayed:
-- Executing [1234@default:1] Dial("SIP/node1-00000001", "SIP/1234||L(10800000:60000)") in new stack
-- Limit Data for this call:
> timelimit = 10800000
> play_warning = 60000
> play_to_caller = yes
> play_to_callee = no
> warning_freq = 0
> start_sound = (null)
> warning_sound = timeleft
> end_sound = (null)
By: Bruce McAlister (asgaroth) 2009-11-11 14:22:55.000-0600

I have tried with the following SVN revision of asterisk and I still get a core dump when a call is made setting the time limits.

*CLI> core show version
Asterisk SVN-branch-1.4-r229498M built by user @ soldev on a i86pc running SunOS on 2009-11-12 02:02:33 UTC

The crash output looks identical to the notes mentioned previously.

Were you trying to recreate the issue on Solaris?

I wonder if the fix for bug 10734 would apply here?

By: Bruce McAlister (asgaroth) 2009-11-16 04:49:17.000-0600

Has anyone been able to duplicate this issue?
By: Leif Madsen (lmadsen) 2009-11-16 10:15:04.000-0600

I'm going to try and reproduce this today, but it seems 2 other people have been unable to reproduce this.
By: Leif Madsen (lmadsen) 2009-11-16 10:31:34.000-0600

I just realized this is OpenSolaris, and is not going to be something I can test. It likely is an issue, but because you're on OpenSolaris which is not heavily developed on, it may be some time before this issue becomes resolved.
By: snuffy (snuffy) 2009-11-20 06:27:36.000-0600

This is most likely another place where we are strlen() on a null string.
One of these was fixed not too long ago using 'S_OR()' for a printf.

Technically i think opensolaris now has null checks on strlen/printfs in later rev past 111b.
By: snuffy (snuffy) 2009-11-20 06:31:47.000-0600

Looking @ app_dial.c in 1.4..
Line 1043 etc.. we shouldn't set to NULL for S_OR rather empty string.
By: snuffy (snuffy) 2009-11-20 06:44:42.000-0600

Try the attached patch for 1.4

By: Bruce McAlister (asgaroth) 2009-11-20 06:49:32.000-0600

Just an FYI, I am not using OpenSolaris, I am using Solaris 10U5.

Snuffy, I will try your patch shortly and get back to you.
By: Bruce McAlister (asgaroth) 2009-11-20 07:19:10.000-0600

I applied this patch to asterisk 1.4.27 and the verbose output is now working correctly, I dont get a segfault anymore:

-- Limit Data for this call:
> timelimit = 10800000
> play_warning = 60000
> play_to_caller = yes
> play_to_callee = no
> warning_freq = 0
> start_sound =
> warning_sound = timeleft
> end_sound =
By: Bruce McAlister (asgaroth) 2009-11-20 07:23:53.000-0600

Snuffy, would you mind amending this patch so that it applies to Asterisk v1.4.21.2? When I try to apply the patch to 1.4.21.2 I get the following error:

patching file apps/app_dial.c
Hunk #1 FAILED at 1044.
1 out of 1 hunk FAILED -- saving rejects to file apps/app_dial.c.rej

I need outbound proxy support which is only working in asterisk versions up to 1.4.21.2. Lmadsen closed my bugid I logged for outbound proxy support (16199) mentioning that it is not supported in versions 1.4, therefor I cannot use the current version of asterisk 1.4. I would test 1.6.0.18, but I cannot compile it due to bugid 16251. Sorry to be pain :/.

By: snuffy (snuffy) 2009-11-20 15:07:40.000-0600

Added a 1.4.21 version just for u ;)
By: Bruce McAlister (asgaroth) 2009-11-21 18:20:43.000-0600

Excellent, thanks snuffy, the patch for v1.4.21.2 works correctly as well.
By: Digium Subversion (svnbot) 2009-11-25 15:45:37.000-0600

Repository: asterisk
Revision: 231235

U branches/1.4/apps/app_dial.c

------------------------------------------------------------------------
r231235 | dvossel | 2009-11-25 15:45:36 -0600 (Wed, 25 Nov 2009) | 9 lines

fixes solaris segfault on dial with verbosity >= 3

(closes issue ASTERISK-15088)
Reported by: asgaroth
Patches:
bug_16193_1.4.21.2_vers.diff uploaded by snuffy (license 35)
Tested by: asgaroth, snuffy

------------------------------------------------------------------------

http://svn.digium.com/view/asterisk?view=rev&revision=231235
By: Digium Subversion (svnbot) 2009-11-25 15:46:04.000-0600

Repository: asterisk
Revision: 231236

_U trunk/

------------------------------------------------------------------------
r231236 | dvossel | 2009-11-25 15:46:04 -0600 (Wed, 25 Nov 2009) | 14 lines

Blocked revisions 231235 via svnmerge

........
r231235 | dvossel | 2009-11-25 15:38:32 -0600 (Wed, 25 Nov 2009) | 9 lines

fixes solaris segfault on dial with verbosity >= 3

(closes issue ASTERISK-15088)
Reported by: asgaroth
Patches:
bug_16193_1.4.21.2_vers.diff uploaded by snuffy (license 35)
Tested by: asgaroth, snuffy
........

------------------------------------------------------------------------

http://svn.digium.com/view/asterisk?view=rev&revision=231236