[asterisk-bugs] [Asterisk 0014086]: Address out of bounds in queue_log using transfer
Asterisk Bug Tracker
noreply at bugs.digium.com
Wed Jan 14 13:05:21 CST 2009
A NOTE has been added to this issue.
======================================================================
http://bugs.digium.com/view.php?id=14086
======================================================================
Reported By: ZX81
Assigned To: putnopvut
======================================================================
Project: Asterisk
Issue ID: 14086
Category: Applications/app_queue
Reproducibility: random
Severity: crash
Priority: normal
Status: ready for testing
Target Version: 1.4.23
Asterisk Version: SVN
Regression: No
SVN Branch (only for SVN checkouts, not tarball releases): 1.4
SVN Revision (number only!): 131480
Disclaimer on File?: N/A
Request Review:
======================================================================
Date Submitted: 2008-12-15 20:31 CST
Last Modified: 2009-01-14 13:05 CST
======================================================================
Summary: Address out of bounds in queue_log using transfer
Description:
This system has been up without problems for around 100 days until this
week at which stage it has crashed twice:
http://bugs.digium.com/view.php?id=0 0xb7dcd463 in strlen () from
/lib/tls/i686/cmov/libc.so.6
http://bugs.digium.com/view.php?id=1 0xb7da1164 in vfprintf () from
/lib/tls/i686/cmov/libc.so.6
http://bugs.digium.com/view.php?id=2 0xb7da62e2 in fprintf () from
/lib/tls/i686/cmov/libc.so.6
http://bugs.digium.com/view.php?id=3 0x080aff57 in ast_queue_log
(queuename=0x18 <Address 0x18 out of
bounds>, callid=0xb7e8 <Address 0xb7e8 out of bounds>,
agent=0x8cfd518 "SIP/8780", event=0xb749ffee "TRANSFER",
fmt=0xb749ffe0 "%s|%s|%ld|%ld") at logger.c:359
http://bugs.digium.com/view.php?id=4 0xb7491933 in queue_transfer_fixup
(data=0x8c9bf90,
old_chan=0xb5fbb868, new_chan=0xb5f9fef0) at app_queue.c:2582
http://bugs.digium.com/view.php?id=5 0x0808428d in ast_do_masquerade
(original=0xb5f9fef0) at
channel.c:3537
http://bugs.digium.com/view.php?id=6 0x080867d9 in __ast_read (chan=0xb5f9fef0,
dropaudio=0) at
channel.c:1971
http://bugs.digium.com/view.php?id=7 0x08089822 in ast_channel_bridge
(c0=0xb5f9fef0, c1=0xb5f9fef0,
config=0xb6af8e7c, fo=0xb6af7f88, rc=0xb6af7f84)
at channel.c:2366
http://bugs.digium.com/view.php?id=8 0xb7c5659d in ast_bridge_call
(chan=0xb5f9fef0, peer=0x8d830c0,
config=0xb6af8e7c) at res_features.c:1486
http://bugs.digium.com/view.php?id=9 0xb7b4d37d in dial_exec_full
(chan=0xb5f9fef0, data=<value optimized
out>, peerflags=0xb6af8f44, continue_exec=0x0)
at app_dial.c:1775
http://bugs.digium.com/view.php?id=10 0xb7b4d7e2 in dial_exec (chan=0xb5f9fef0,
data=0xb6afafb8) at
app_dial.c:1829
http://bugs.digium.com/view.php?id=11 0x080cd947 in pbx_extension_helper
(c=0xb5f9fef0, con=0x0,
context=0xb5fa0070 "internal", exten=0xb5fa00c0 "10800226440",
priority=1, label=0x0, callerid=0xb678e7d0 "8721", action=E_SPAWN) at
pbx.c:537
http://bugs.digium.com/view.php?id=12 0x080cf931 in __ast_pbx_run (c=0xb5f9fef0)
at pbx.c:2317
http://bugs.digium.com/view.php?id=13 0x080d098e in pbx_thread (data=0xb5f9fef0)
at pbx.c:2621
http://bugs.digium.com/view.php?id=14 0x080ff5d0 in dummy_start
(data=0xb64b1070) at utils.c:912
http://bugs.digium.com/view.php?id=15 0xb7f12240 in start_thread () from
/lib/tls/i686/cmov/libpthread.so.0
http://bugs.digium.com/view.php?id=16 0xb7e2d49e in clone () from
/lib/tls/i686/cmov/libc.so.6
and
http://bugs.digium.com/view.php?id=0 0xb7ddb43b in strlen () from
/lib/tls/i686/cmov/libc.so.6
http://bugs.digium.com/view.php?id=1 0xb7daf164 in vfprintf () from
/lib/tls/i686/cmov/libc.so.6
http://bugs.digium.com/view.php?id=2 0xb7db42e2 in fprintf () from
/lib/tls/i686/cmov/libc.so.6
http://bugs.digium.com/view.php?id=3 0x080aff57 in ast_queue_log
(queuename=0x20c62e <Address 0x20c62e out
of bounds>,
callid=0x493ece85 <Address 0x493ece85 out of bounds>, agent=0xcd87eb0
"SIP/8846", event=0xb74e9fee "TRANSFER",
fmt=0xb74e9fe0 "%s|%s|%ld|%ld") at logger.c:359
http://bugs.digium.com/view.php?id=4 0xb74db933 in queue_transfer_fixup
(data=0xd2b21b0,
old_chan=0xdc9d218, new_chan=0xdc73aa8) at app_queue.c:2582
http://bugs.digium.com/view.php?id=5 0x0808428d in ast_do_masquerade
(original=0xdc73aa8) at
channel.c:3537
http://bugs.digium.com/view.php?id=6 0x080867d9 in __ast_read (chan=0xdc73aa8,
dropaudio=0) at
channel.c:1971
http://bugs.digium.com/view.php?id=7 0x08089822 in ast_channel_bridge
(c0=0xdc73aa8, c1=0xdc73aa8,
config=0xb4efae7c, fo=0xb4ef9fa8, rc=0xb4ef9fa4)
at channel.c:2366
http://bugs.digium.com/view.php?id=8 0xb7c6459d in ast_bridge_call
(chan=0xdc73aa8, peer=0xdc79a50,
config=0xb4efae7c) at res_features.c:1486
http://bugs.digium.com/view.php?id=9 0xb7b9737d in dial_exec_full
(chan=0xdc73aa8, data=<value optimized
out>, peerflags=0xb4efaf44, continue_exec=0x0)
at app_dial.c:1775
http://bugs.digium.com/view.php?id=10 0xb7b977e2 in dial_exec (chan=0xdc73aa8,
data=0xb4efcfb8) at
app_dial.c:1829
http://bugs.digium.com/view.php?id=11 0x080cd947 in pbx_extension_helper
(c=0xdc73aa8, con=0x0,
context=0xdc73c28 "internal", exten=0xdc73c78 "5765", priority=1,
label=0x0, callerid=0xdc00e90 "8897", action=E_SPAWN) at pbx.c:537
http://bugs.digium.com/view.php?id=12 0x080cf931 in __ast_pbx_run (c=0xdc73aa8)
at pbx.c:2317
http://bugs.digium.com/view.php?id=13 0x080d098e in pbx_thread (data=0xdc73aa8)
at pbx.c:2621
http://bugs.digium.com/view.php?id=14 0x080ff5d0 in dummy_start (data=0x91d8e50)
at utils.c:912
http://bugs.digium.com/view.php?id=15 0xb7f20240 in start_thread () from
/lib/tls/i686/cmov/libpthread.so.0
http://bugs.digium.com/view.php?id=16 0xb7e3b49e in clone () from
/lib/tls/i686/cmov/libc.so.6
======================================================================
Relationships ID Summary
----------------------------------------------------------------------
related to 0014060 [patch] Astrerisk crashes using the app...
======================================================================
----------------------------------------------------------------------
(0097766) nivek (reporter) - 2009-01-14 13:05
http://bugs.digium.com/view.php?id=14086#c97766
----------------------------------------------------------------------
1231958718 - New session
1231959226 - New session
WARNING: Freeing unused memory at 0x4de0f00, in ast_channel_datastore_free
of channel.c, line 1334
WARNING: Freeing unused memory at 0x41e1ca8, in ast_channel_datastore_free
of channel.c, line 1334
1231959483 - New session
This is from /var/log/asterisk/mmlog
Issue History
Date Modified Username Field Change
======================================================================
2009-01-14 13:05 nivek Note Added: 0097766
======================================================================
More information about the asterisk-bugs
mailing list