[asterisk-bugs] [JIRA] (ASTERISK-28776) Non async-signal-safe syscalls used after fork before exec

Asterisk Team (JIRA) noreply at issues.asterisk.org
Tue Mar 10 08:05:25 CDT 2020


    [ https://issues.asterisk.org/jira/browse/ASTERISK-28776?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=249962#comment-249962 ] 

Asterisk Team commented on ASTERISK-28776:
------------------------------------------

Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution.

A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report.

Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process].

Please note that once your issue enters an open state it has been accepted. As Asterisk is an open source project there is no guarantee or timeframe on when your issue will be looked into. If you need expedient resolution you will need to find and pay a suitable developer. Asking for an update on your issue will not yield any progress on it and will not result in a response. All updates are posted to the issue when they occur.

> Non async-signal-safe syscalls used after fork before exec
> ----------------------------------------------------------
>
>                 Key: ASTERISK-28776
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-28776
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Applications/app_system
>    Affects Versions: 16.8.0
>         Environment: musl libc based linux
>            Reporter: nappsoft
>            Severity: Minor
>              Labels: patch
>         Attachments: fork.patch
>
>
> When using System or TrySystem in a dialplan a Channel sometimes hangs forever and a forked process can be seen on the system which can only be killed with kill -9
> While I could already observe this in the past very very very rarely it is quite easy to reproduce with musl 1.2.0 and the next-gen malloc implementation.
> When describing this behavior on the musl mailinglist the musl devs pointed out, that this is expected behavior as obviously asterisk uses some non async-signal-safe syscalls after fork() before exec().
> While there seem to be more tolerant libc implementations it doesn't change the fact that asterisk doesn't behave Posix conform:
> Rich Felker cited the following: 
> See https://pubs.opengroup.org/onlinepubs/9699919799/functions/fork.html
>     - A process shall be created with a single thread. If a
>       multi-threaded process calls fork(), the new process shall
>       contain a replica of the calling thread and its entire address
>       space, possibly including the states of mutexes and other
>       resources. Consequently, to avoid errors, the child process may
>       only execute async-signal-safe operations until such time as one
>       of the exec functions is called.
> Indeed I was able to work around the issue by slightly changing the asterisk sources. While the attached patch fixes the issue and we can happily work with it (the mentioned issues with the patch do not matter at all in our environment), it is far from being production ready. It is only meant to give you a hint for which parts of the code should be revised!
> The problems with the attached patch:
> - it is slower (the closefrom() implementation is by far faster than the dump loop I've used to replace it => with max open files set to 22000 I meassured 7ms to complete the fd closing compared to 70ns with the closefrom() implementation)
> - it is less secure (as the cap_set_proc code has been removed after fork)
> - some logging needed to be removed (as I assumed that ast_log and ast_verb involve async-signal-unsafe operations)



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list