[asterisk-bugs] [JIRA] (ASTERISK-25775) stasis: Race condition with lock destruction in JSON usage

Joshua Colp (JIRA) noreply at issues.asterisk.org
Mon Feb 15 11:01:32 CST 2016 

     [ https://issues.asterisk.org/jira/browse/ASTERISK-25775?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Joshua Colp updated ASTERISK-25775:
-----------------------------------

    Status: Open  (was: Triage)

> stasis: Race condition with lock destruction in JSON usage
> ----------------------------------------------------------
>
>                 Key: ASTERISK-25775
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-25775
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Core/Stasis
>    Affects Versions: 13.7.2
>         Environment: [root at vm-asterisk04t asterisk]# git branch -v
> * master a394865 Merge "Resources/res_phoneprov: fix memory leak and heap-use-after-free"
>            Reporter: Badalian Vyacheslav
>
> {code}
> WARNING: ThreadSanitizer: data race (pid=3847)
>   Write of size 1 at 0x7d24002f2fb8 by thread T23:
>     #0 pthread_mutex_destroy <null> (libtsan.so.0+0x00000002878d)
>     #1 __ast_pthread_mutex_destroy /root/asterisk/main/lock.c:205 (asterisk+0x000000503ca8)
>     #2 json_mem_free /root/asterisk/main/json.c:68 (asterisk+0x0000004f5d63)
>     #3 ast_json_unref /root/asterisk/main/json.c:235 (asterisk+0x0000004f63df)
>     #4 json_payload_destructor /root/asterisk/main/json.c:801 (asterisk+0x0000004f8612)
>     #5 __ao2_ref /root/asterisk/main/astobj2.c:528 (asterisk+0x0000002d87e0)
>     #6 __ao2_cleanup_debug /root/asterisk/main/astobj2.c:573 (asterisk+0x0000002d8a23)
>     #7 stasis_message_dtor /root/asterisk/main/stasis_message.c:107 (asterisk+0x00000065fd53)
>     #8 __ao2_ref /root/asterisk/main/astobj2.c:528 (asterisk+0x0000002d87e0)
>     #9 __ao2_cleanup_debug /root/asterisk/main/astobj2.c:573 (asterisk+0x0000002d8a23)
>     #10 dispatch_exec_async /root/asterisk/main/stasis.c:703 (asterisk+0x000000637c07)
>     #11 ast_taskprocessor_execute /root/asterisk/main/taskprocessor.c:848 (asterisk+0x00000067f13f)
>     #12 default_tps_processing_function /root/asterisk/main/taskprocessor.c:183 (asterisk+0x00000067b1c4)
>     #13 dummy_start /root/asterisk/main/utils.c:1232 (asterisk+0x0000006b6674)
>     #14 <null> <null> (libtsan.so.0+0x000000023659)
>   Previous atomic read of size 1 at 0x7d24002f2fb8 by main thread:
>     #0 pthread_mutex_lock <null> (libtsan.so.0+0x000000037816)
>     #1 __ast_pthread_mutex_lock /root/asterisk/main/lock.c:313 (asterisk+0x000000503d01)
>     #2 json_mem_lock /root/asterisk/main/json.c:112 (asterisk+0x0000004f5e3f)
>     #3 ast_json_unref /root/asterisk/main/json.c:222 (asterisk+0x0000004f6387)
>     #4 _dtor_json_object.34136 <null> (asterisk+0x0000002c21b7)
>     #5 publish_fully_booted /root/asterisk/main/asterisk.c:1022 (asterisk+0x0000002c2251)
>     #6 asterisk_daemon /root/asterisk/main/asterisk.c:4692 (asterisk+0x0000002d7009)
>     #7 main /root/asterisk/main/asterisk.c:4230 (asterisk+0x0000002d5cfd)
>   Location is heap block of size 144 at 0x7d24002f2fb0 allocated by main thread:
>     #0 malloc <null> (libtsan.so.0+0x000000025a33)
>     #1 _ast_malloc /root/asterisk/include/asterisk/utils.h:547 (asterisk+0x0000004f4cbb)
>     #2 ast_json_malloc /root/asterisk/main/json.c:140 (asterisk+0x0000004f5ef3)
>     #3 json_object <null> (libjansson.so.4+0x00000000720a)
>     #4 ast_json_pack /root/asterisk/main/json.c:693 (asterisk+0x0000004f7f5e)
>     #5 publish_fully_booted /root/asterisk/main/asterisk.c:1024 (asterisk+0x0000002c2207)
>     #6 asterisk_daemon /root/asterisk/main/asterisk.c:4692 (asterisk+0x0000002d7009)
>     #7 main /root/asterisk/main/asterisk.c:4230 (asterisk+0x0000002d5cfd)
>   Thread T23 (tid=4351, running) created by main thread at:
>     #0 pthread_create <null> (libtsan.so.0+0x000000027b07)
>     #1 ast_pthread_create_stack /root/asterisk/main/utils.c:1285 (asterisk+0x0000006b6abd)
>     #2 default_listener_start /root/asterisk/main/taskprocessor.c:200 (asterisk+0x00000067b33a)
>     #3 __allocate_taskprocessor /root/asterisk/main/taskprocessor.c:682 (asterisk+0x00000067e298)
>     #4 ast_taskprocessor_get /root/asterisk/main/taskprocessor.c:728 (asterisk+0x00000067e4c1)
>     #5 internal_stasis_subscribe /root/asterisk/main/stasis.c:487 (asterisk+0x0000006362be)
>     #6 stasis_subscribe /root/asterisk/main/stasis.c:517 (asterisk+0x000000636608)
>     #7 stasis_message_router_create_internal /root/asterisk/main/stasis_message_router.c:230 (asterisk+0x000000661dd0)
>     #8 stasis_message_router_create /root/asterisk/main/stasis_message_router.c:243 (asterisk+0x000000661ee5)
>     #9 manager_subscriptions_init /root/asterisk/main/manager.c:8563 (asterisk+0x000000543341)
>     #10 subscribe_all /root/asterisk/main/manager.c:8582 (asterisk+0x00000054340f)
>     #11 __init_manager /root/asterisk/main/manager.c:8839 (asterisk+0x000000544f26)
>     #12 init_manager /root/asterisk/main/manager.c:9142 (asterisk+0x000000547616)
>     #13 asterisk_daemon /root/asterisk/main/asterisk.c:4639 (asterisk+0x0000002d6da8)
>     #14 main /root/asterisk/main/asterisk.c:4230 (asterisk+0x0000002d5cfd)
> SUMMARY: ThreadSanitizer: data race ??:0 pthread_mutex_destroy
> ==================
> {code}



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list