[asterisk-bugs] [Asterisk 0009520]: realtime prune (and others) may segfault asterisk (timing issue)
noreply at bugs.digium.com
noreply at bugs.digium.com
Wed Feb 6 14:17:44 CST 2008
A NOTE has been added to this issue.
======================================================================
http://bugs.digium.com/view.php?id=9520
======================================================================
Reported By: kryptolus
Assigned To: oej
======================================================================
Project: Asterisk
Issue ID: 9520
Category: Channels/chan_sip/Registration
Reproducibility: always
Severity: crash
Priority: normal
Status: assigned
Asterisk Version: SVN
SVN Branch (only for SVN checkouts, not tarball releases): 1.2
SVN Revision (number only!): 61305
Disclaimer on File?: Yes
Request Review:
======================================================================
Date Submitted: 04-11-2007 07:31 CDT
Last Modified: 02-06-2008 14:17 CST
======================================================================
Summary: realtime prune (and others) may segfault asterisk
(timing issue)
Description:
The function expire_register doesn't do any locking before mucking with the
peer.
If it gets pre-empted, there's a chance that the peer might be destroyed
before the control returns to expire_register.
If you execute a "prune realtime peer" at the right time, asterisk will
segfault. It is not limited to just this however, as I have experienced
several segfaults with this signature without any intervention. However,
looking at the code I can only see a problem with the pruning code, I don't
see any possible issues with any other place in sip.
My patch queues up peers to be destroyed and they are ultimately destroyed
from the monitor thread which should guarantee that expire_register cannot
be running at the same time. The other alternative is to add a check to
expire_register to check if peer is still inside the peer list. However,
that has potential to impact performance because that check would block a
lot of things on every expire.
======================================================================
----------------------------------------------------------------------
rayjay - 02-06-08 14:17
----------------------------------------------------------------------
We rely heavily on realtime for provisioning our peers and users, and rely
on the prune method to refresh the * cache when a user resets their
password. This has started to become quite a problem for us now and we
need to get the prune method working reliably fairly soon. Will the
attached patch here work for 1.4? I realise we may need to change some
variable/object names for 1.4 code, but will the logic in the patch
actually fix the problem temporarily until Steve gets the proper fix
backported to 1.4? Perhaps Kyryptolus can comment? Did we get any
feedback on the initial patch?
Issue History
Date Modified Username Field Change
======================================================================
02-06-08 14:17 rayjay Note Added: 0081814
======================================================================
More information about the asterisk-bugs
mailing list