[asterisk-bugs] [Asterisk 0014086]: Address out of bounds in queue_log using transfer
Asterisk Bug Tracker
noreply at bugs.digium.com
Wed Jan 14 12:04:19 CST 2009
A NOTE has been added to this issue.
======================================================================
http://bugs.digium.com/view.php?id=14086
======================================================================
Reported By: ZX81
Assigned To: putnopvut
======================================================================
Project: Asterisk
Issue ID: 14086
Category: Applications/app_queue
Reproducibility: random
Severity: crash
Priority: normal
Status: ready for testing
Target Version: 1.4.23
Asterisk Version: SVN
Regression: No
SVN Branch (only for SVN checkouts, not tarball releases): 1.4
SVN Revision (number only!): 131480
Disclaimer on File?: N/A
Request Review:
======================================================================
Date Submitted: 2008-12-15 20:31 CST
Last Modified: 2009-01-14 12:04 CST
======================================================================
Summary: Address out of bounds in queue_log using transfer
Description:
This system has been up without problems for around 100 days until this
week at which stage it has crashed twice:
http://bugs.digium.com/view.php?id=0 0xb7dcd463 in strlen () from
/lib/tls/i686/cmov/libc.so.6
http://bugs.digium.com/view.php?id=1 0xb7da1164 in vfprintf () from
/lib/tls/i686/cmov/libc.so.6
http://bugs.digium.com/view.php?id=2 0xb7da62e2 in fprintf () from
/lib/tls/i686/cmov/libc.so.6
http://bugs.digium.com/view.php?id=3 0x080aff57 in ast_queue_log
(queuename=0x18 <Address 0x18 out of
bounds>, callid=0xb7e8 <Address 0xb7e8 out of bounds>,
agent=0x8cfd518 "SIP/8780", event=0xb749ffee "TRANSFER",
fmt=0xb749ffe0 "%s|%s|%ld|%ld") at logger.c:359
http://bugs.digium.com/view.php?id=4 0xb7491933 in queue_transfer_fixup
(data=0x8c9bf90,
old_chan=0xb5fbb868, new_chan=0xb5f9fef0) at app_queue.c:2582
http://bugs.digium.com/view.php?id=5 0x0808428d in ast_do_masquerade
(original=0xb5f9fef0) at
channel.c:3537
http://bugs.digium.com/view.php?id=6 0x080867d9 in __ast_read (chan=0xb5f9fef0,
dropaudio=0) at
channel.c:1971
http://bugs.digium.com/view.php?id=7 0x08089822 in ast_channel_bridge
(c0=0xb5f9fef0, c1=0xb5f9fef0,
config=0xb6af8e7c, fo=0xb6af7f88, rc=0xb6af7f84)
at channel.c:2366
http://bugs.digium.com/view.php?id=8 0xb7c5659d in ast_bridge_call
(chan=0xb5f9fef0, peer=0x8d830c0,
config=0xb6af8e7c) at res_features.c:1486
http://bugs.digium.com/view.php?id=9 0xb7b4d37d in dial_exec_full
(chan=0xb5f9fef0, data=<value optimized
out>, peerflags=0xb6af8f44, continue_exec=0x0)
at app_dial.c:1775
http://bugs.digium.com/view.php?id=10 0xb7b4d7e2 in dial_exec (chan=0xb5f9fef0,
data=0xb6afafb8) at
app_dial.c:1829
http://bugs.digium.com/view.php?id=11 0x080cd947 in pbx_extension_helper
(c=0xb5f9fef0, con=0x0,
context=0xb5fa0070 "internal", exten=0xb5fa00c0 "10800226440",
priority=1, label=0x0, callerid=0xb678e7d0 "8721", action=E_SPAWN) at
pbx.c:537
http://bugs.digium.com/view.php?id=12 0x080cf931 in __ast_pbx_run (c=0xb5f9fef0)
at pbx.c:2317
http://bugs.digium.com/view.php?id=13 0x080d098e in pbx_thread (data=0xb5f9fef0)
at pbx.c:2621
http://bugs.digium.com/view.php?id=14 0x080ff5d0 in dummy_start
(data=0xb64b1070) at utils.c:912
http://bugs.digium.com/view.php?id=15 0xb7f12240 in start_thread () from
/lib/tls/i686/cmov/libpthread.so.0
http://bugs.digium.com/view.php?id=16 0xb7e2d49e in clone () from
/lib/tls/i686/cmov/libc.so.6
and
http://bugs.digium.com/view.php?id=0 0xb7ddb43b in strlen () from
/lib/tls/i686/cmov/libc.so.6
http://bugs.digium.com/view.php?id=1 0xb7daf164 in vfprintf () from
/lib/tls/i686/cmov/libc.so.6
http://bugs.digium.com/view.php?id=2 0xb7db42e2 in fprintf () from
/lib/tls/i686/cmov/libc.so.6
http://bugs.digium.com/view.php?id=3 0x080aff57 in ast_queue_log
(queuename=0x20c62e <Address 0x20c62e out
of bounds>,
callid=0x493ece85 <Address 0x493ece85 out of bounds>, agent=0xcd87eb0
"SIP/8846", event=0xb74e9fee "TRANSFER",
fmt=0xb74e9fe0 "%s|%s|%ld|%ld") at logger.c:359
http://bugs.digium.com/view.php?id=4 0xb74db933 in queue_transfer_fixup
(data=0xd2b21b0,
old_chan=0xdc9d218, new_chan=0xdc73aa8) at app_queue.c:2582
http://bugs.digium.com/view.php?id=5 0x0808428d in ast_do_masquerade
(original=0xdc73aa8) at
channel.c:3537
http://bugs.digium.com/view.php?id=6 0x080867d9 in __ast_read (chan=0xdc73aa8,
dropaudio=0) at
channel.c:1971
http://bugs.digium.com/view.php?id=7 0x08089822 in ast_channel_bridge
(c0=0xdc73aa8, c1=0xdc73aa8,
config=0xb4efae7c, fo=0xb4ef9fa8, rc=0xb4ef9fa4)
at channel.c:2366
http://bugs.digium.com/view.php?id=8 0xb7c6459d in ast_bridge_call
(chan=0xdc73aa8, peer=0xdc79a50,
config=0xb4efae7c) at res_features.c:1486
http://bugs.digium.com/view.php?id=9 0xb7b9737d in dial_exec_full
(chan=0xdc73aa8, data=<value optimized
out>, peerflags=0xb4efaf44, continue_exec=0x0)
at app_dial.c:1775
http://bugs.digium.com/view.php?id=10 0xb7b977e2 in dial_exec (chan=0xdc73aa8,
data=0xb4efcfb8) at
app_dial.c:1829
http://bugs.digium.com/view.php?id=11 0x080cd947 in pbx_extension_helper
(c=0xdc73aa8, con=0x0,
context=0xdc73c28 "internal", exten=0xdc73c78 "5765", priority=1,
label=0x0, callerid=0xdc00e90 "8897", action=E_SPAWN) at pbx.c:537
http://bugs.digium.com/view.php?id=12 0x080cf931 in __ast_pbx_run (c=0xdc73aa8)
at pbx.c:2317
http://bugs.digium.com/view.php?id=13 0x080d098e in pbx_thread (data=0xdc73aa8)
at pbx.c:2621
http://bugs.digium.com/view.php?id=14 0x080ff5d0 in dummy_start (data=0x91d8e50)
at utils.c:912
http://bugs.digium.com/view.php?id=15 0xb7f20240 in start_thread () from
/lib/tls/i686/cmov/libpthread.so.0
http://bugs.digium.com/view.php?id=16 0xb7e3b49e in clone () from
/lib/tls/i686/cmov/libc.so.6
======================================================================
Relationships ID Summary
----------------------------------------------------------------------
related to 0014060 [patch] Astrerisk crashes using the app...
======================================================================
----------------------------------------------------------------------
(0097747) putnopvut (administrator) - 2009-01-14 12:04
http://bugs.digium.com/view.php?id=14086#c97747
----------------------------------------------------------------------
Let's clear up a few things here:
First off, to ZX81 and festr, I know when we talked on IRC yesterday, both
of you discussed running valgrind. Were you running valgrind when you were
not having your crashes? It may be that valgrind was preventing the crashes
from occurring but they would have occurred when not running it. I would
like to see the output from those valgrind runs if you were running it.
nivek: if ZX81 and festr do not have valgrind output from their test runs
from yesterday, could you please run Asterisk under valgrind? Instructions
for how to do so are in doc/valgrind.txt in the Asterisk source directory.
Thanks.
Issue History
Date Modified Username Field Change
======================================================================
2009-01-14 12:04 putnopvut Note Added: 0097747
======================================================================
More information about the asterisk-bugs
mailing list