search

wdoekes / asterisk-chan-dongle

chan_dongle channel driver for Huawei UMTS cards, works with Asterisk 14+
Other
298 stars 104 forks source link

Crash in chan_dongle.c is_dial_possible2() #118

Open titusece opened 3 years ago

titusece commented 3 years ago

Hi, I am debugging crash issue in chan_dongle code. Looks like code trying to access cpvt structure which is already freed. (0xdeaddead) Can you please tell me what could be the issue ? I have enabled more logs to understand the flow & crash details. Looks like channel name in log 'C-00000005' but channel_name in ast_channel_name is different (0100000003) and channel instance is 4. Is it expected and no issues if we get like this ?

ast_log (LOG_NOTICE, "channel found !! channel name:%s, channel_instance:%d\n",ast_channel_name(channel), pvt->channel_instance);

Log:

[Sep 24 16:05:21] NOTICE[7588][**C-00000005**] channel.c: channel found !! channel name:**CF-GSM/span0-0100000003**, channel_instance:**4**
[Sep 24 16:05:21] WARNING[7588][C-00000005] pbx_variables.c: pbx_builtin_setvar_helper entry
[Sep 24 16:05:21] WARNING[7588][C-00000005] pbx_variables.c: pbx_builtin_setvar_helper.. chan
[Sep 24 16:05:21] WARNING[7588][C-00000005] channel.c: ast_channel_has_manager_vars entry
[Sep 24 16:05:21] WARNING[7588][C-00000005] stasis_cache.c: stasis_cache_get..
[Sep 24 16:05:21] WARNING[7588][C-00000005] channel.c: ast_party_id_presentation entry id : 746bd334
[Sep 24 16:05:21] WARNING[7588][C-00000005] channel.c: ast_party_id_presentation !id->name.valid entry
[Sep 24 16:05:21] WARNING[7588][C-00000005] channel.c: ast_channel_get_manager_vars entry chan : 746bd128
[Sep 24 16:05:21] WARNING[7588][C-00000005] channel.c: ast_list_empty return NULL from ast_channel_get_manager_vars
[Sep 24 16:05:21] WARNING[7588][C-00000005] channel.c: channel call pvt cpvt reference....
[Sep 24 16:05:21] WARNING[7588][C-00000005] channel.c: channel call pvt cpvt reference....span0/04035616024
[Sep 24 16:05:21] WARNING[7588][C-00000005] channel.c: channel call before ready4voicecall check....
[Sep 24 16:05:21] NOTICE[7588][C-00000005] chan_dongle.c: in pvt_enabled : [span0] pvt->current_state : 3 pvt->desired_state : 3 pvt->restart_time : 0
[Sep 24 16:05:21] NOTICE[7588][C-00000005] chan_dongle.c: IN redy4voice call [span0] 
[Sep 24 16:05:21] NOTICE[7588][C-00000005] chan_dongle.c: [span0] in is_dial_possible2 pvt->ring : 0 pvt->cwaiting : 0 pvt->dialing : 0
[Sep 24 16:05:21] NOTICE[7588][C-00000005] channel.c: [span0] Calling span0/04035616024 on CF-GSM/span0-0100000003
[Sep 24 16:05:21] WARNING[7588][C-00000005] channel.c: channel call before ATD send function call....
[Sep 24 16:05:21] WARNING[7588][C-00000005] channel.c: channel call before unlock....
[Sep 24 16:05:21] WARNING[7588][C-00000005] stasis_cache.c: stasis_cache_get..
[Sep 24 16:05:21] WARNING[7588][C-00000005] stasis_cache.c: stasis_cache_get..
[Sep 24 16:05:21] VERBOSE[7588][C-00000005] app_dial.c: Called CF-GSM/span0/04035616024
[Sep 24 16:05:21] NOTICE[7551] at_queue.c: [span0] write command 'ATD' expected response 'OK' length 16_

Here is the backtrace data:

Thread 1 (Thread 0x73dd3420 (LWP 7497)):
#0  0x71882af8 in is_dial_possible2 (pvt=0x1b00468, opts=0, ignore_cpvt=0x0) at chan_dongle.c:1484
        cpvt = 0xdeaddead
        hold = 0
        active = 0
        use_call_waiting = 0
        __PRETTY_FUNCTION__ = "is_dial_possible2"
#1  0x71882d64 in is_dial_possible (pvt=0x1b00468, opts=0) at chan_dongle.c:1527
        __PRETTY_FUNCTION__ = "is_dial_possible"
#2  0x7188babc in channel_devicestate (data=0x73dd2c2f "span0") at channel.c:1284
        device = 0x73dd2be0 "span0"
        pvt = 0x1b00468
        res = 4
        __PRETTY_FUNCTION__ = "channel_devicestate"_