[asterisk-bugs] [Asterisk 0016432]: racecondition leading to deadlock in chan_local

Asterisk Bug Tracker noreply at bugs.digium.com
Mon Dec 14 03:54:46 CST 2009 

A NOTE has been added to this issue. 
====================================================================== 
https://issues.asterisk.org/view.php?id=16432 
====================================================================== 
Reported By:                fnordian
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   16432
Category:                   Channels/chan_local
Reproducibility:            random
Severity:                   major
Priority:                   normal
Status:                     acknowledged
Asterisk Version:           SVN 
JIRA:                       SWP-528 
Regression:                 No 
Reviewboard Link:            
SVN Branch (only for SVN checkouts, not tarball releases): 1.6.1 
SVN Revision (number only!): 230432 
Request Review:              
====================================================================== 
Date Submitted:             2009-12-11 10:12 CST
Last Modified:              2009-12-14 03:54 CST
====================================================================== 
Summary:                    racecondition leading to deadlock in chan_local
Description: 
Hi,

there's a race in chan_local between local_hangup and queuing a dtmf
(ast_senddigit ... local_queue_frame), which can cause hanging channels and
a hanging ast_senddigit.

This is possible because local_digit_*-functions assume that they were
called on an unlocked channel, which is not always the cases, e.g.
manager_play_dtmf uses a locked channel to call ast_senddigit. With this
wrong assumption, deadlock_avoidance code is not called.
====================================================================== 

---------------------------------------------------------------------- 
 (0115186) fnordian (reporter) - 2009-12-14 03:54
 https://issues.asterisk.org/view.php?id=16432#c115186 
---------------------------------------------------------------------- 
Unfortunatly not. channel and ami hangs, that's all.

here are backtraces auf the hanging threads:

(gdb) thread 10
[Switching to thread 10 (process
27614)]https://issues.asterisk.org/view.php?id=0 0x00002aad049f1df5 in nanosleep
() from /lib/libc.so.6
(gdb) bt
https://issues.asterisk.org/view.php?id=0 0x00002aad049f1df5 in nanosleep ()
from /lib/libc.so.6
https://issues.asterisk.org/view.php?id=1 0x00002aad04a231e4 in usleep () from
/lib/libc.so.6
https://issues.asterisk.org/view.php?id=2 0x00002aaaab932e8d in
local_queue_frame (p=0x2aaab28fc070,
isoutbound=1, f=0x44f6e2a0, us=0x2aaaaffbfd90, us_locked=0) at
chan_local.c:233
https://issues.asterisk.org/view.php?id=3 0x00002aaaab934313 in local_digit_end
(ast=0x2aaaaffbfd90, digit=68
'D', duration=<value optimized out>) at chan_local.c:469
https://issues.asterisk.org/view.php?id=4 0x000000000043fb36 in
ast_senddigit_end (chan=0x2aaaaffbfd90, digit=0
'\0', duration=0) at channel.c:3297
https://issues.asterisk.org/view.php?id=5 0x00002aaaab59c165 in
manager_play_dtmf (s=0x44f6ef80, m=0x44f6e710) at
app_senddtmf.c:101
https://issues.asterisk.org/view.php?id=6 0x0000000000486bfe in process_message
(s=0x44f6ef80, m=0x44f6e710) at
manager.c:3049
https://issues.asterisk.org/view.php?id=7 0x0000000000487186 in do_message
(s=0x44f6ef80) at manager.c:3163
https://issues.asterisk.org/view.php?id=8 0x000000000048af8a in session_do
(data=<value optimized out>) at
manager.c:3221
https://issues.asterisk.org/view.php?id=9 0x00000000004cded3 in
handle_tcptls_connection (data=<value optimized
out>) at tcptls.c:223
https://issues.asterisk.org/view.php?id=10 0x00000000004d76dc in dummy_start
(data=<value optimized out>) at
utils.c:968
https://issues.asterisk.org/view.php?id=11 0x00002aad04ca5f1a in start_thread ()
from /lib/libpthread.so.0
https://issues.asterisk.org/view.php?id=12 0x00002aad04a295d2 in clone () from
/lib/libc.so.6
https://issues.asterisk.org/view.php?id=13 0x0000000000000000 in ?? ()
  (gdb) thread 53
[Switching to thread 53 (process 4427)]https://issues.asterisk.org/view.php?id=0
0x00002aad049f1df5 in nanosleep
() from /lib/libc.so.6
(gdb) bt
https://issues.asterisk.org/view.php?id=0 0x00002aad049f1df5 in nanosleep ()
from /lib/libc.so.6
https://issues.asterisk.org/view.php?id=1 0x00002aad04a231e4 in usleep () from
/lib/libc.so.6
https://issues.asterisk.org/view.php?id=2 0x00002aaaab934b22 in local_hangup
(ast=0x2aaaaffbec70) at
chan_local.c:617
https://issues.asterisk.org/view.php?id=3 0x000000000044355e in ast_hangup
(chan=0x2aaaaffbec70) at
channel.c:1717
https://issues.asterisk.org/view.php?id=4 0x00002aaaad198fdb in dial_exec_full
(chan=0x2aaab1a8b0b0, data=<value
optimized out>, peerflags=0x47c76980, continue_exec=0x0) at
app_dial.c:2091
https://issues.asterisk.org/view.php?id=5 0x00002aaaad19bc46 in dial_exec
(chan=0x47c75c30, data=0x0) at
app_dial.c:2143
https://issues.asterisk.org/view.php?id=6 0x0000000000498d6a in pbx_exec
(c=0x2aaab1a8b0b0, app=0x6bab20,
data=0x47c78a60) at pbx.c:960
https://issues.asterisk.org/view.php?id=7 0x000000000049f97a in
pbx_extension_helper (c=0x2aaab1a8b0b0,
con=<value optimized out>, context=0x2aaab1a8b500 "initialCall",
exten=0x2aaab1a8b550 "1234567", priority=11, label=0x0,
callerid=0x18316d0 "00000000", action=E_SPAWN, found=0x47c7b0ec,
combined_find_spawn=1) at pbx.c:3225
https://issues.asterisk.org/view.php?id=8 0x000000000049fe80 in
ast_spawn_extension (c=0x47c75c30, context=0x0,
exten=0xffffffffffffffff <Address 0xffffffffffffffff out of bounds>,
priority=-1299201936, callerid=<value optimized out>,
found=<value optimized out>, combined_find_spawn=1) at pbx.c:3681
https://issues.asterisk.org/view.php?id=9 0x00000000004a306a in __ast_pbx_run
(c=0x2aaab1a8b0b0, args=0x0) at
pbx.c:3770
https://issues.asterisk.org/view.php?id=10 0x00000000004a4a3b in pbx_thread
(data=0x47c75c30) at pbx.c:4057
https://issues.asterisk.org/view.php?id=11 0x00000000004d76dc in dummy_start
(data=<value optimized out>) at
utils.c:968
https://issues.asterisk.org/view.php?id=12 0x00002aad04ca5f1a in start_thread ()
from /lib/libpthread.so.0
https://issues.asterisk.org/view.php?id=13 0x00002aad04a295d2 in clone () from
/lib/libc.so.6
https://issues.asterisk.org/view.php?id=14 0x0000000000000000 in ?? ()
(gdb) 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2009-12-14 03:54 fnordian       Note Added: 0115186                          
======================================================================

More information about the asterisk-bugs mailing list