[asterisk-dev] [Code Review] Pickup segfault when multiple pickups of multiple localchan calls
rmudgett
reviewboard at asterisk.org
Thu Aug 25 16:28:04 CDT 2011
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/1353/#review4136
-----------------------------------------------------------
I don't think this approach is going to work either.
trunk/channels/chan_local.c
<https://reviewboard.asterisk.org/r/1353/#comment8114>
This will need to be done for all channel drivers.
trunk/include/asterisk/channel.h
<https://reviewboard.asterisk.org/r/1353/#comment8115>
Adding this to ast_channel breaks ABI compatibility.
trunk/main/features.c
<https://reviewboard.asterisk.org/r/1353/#comment8116>
Walking this list is dangerous since the list is hopping through ast_channel structs that you don't have the locks on.
The call to ast_channel_datastore_find() must be called with that channel locked.
trunk/main/features.c
<https://reviewboard.asterisk.org/r/1353/#comment8117>
Walking this list is dangerous. You don't have the locks for each channel.
Calling ast_channel_datastore_add() requires the affected channel to be locked.
trunk/main/features.c
<https://reviewboard.asterisk.org/r/1353/#comment8118>
Parent must be locked before calling ast_channel_datastore_remove().
trunk/main/features.c
<https://reviewboard.asterisk.org/r/1353/#comment8119>
Parent must be locked before calling ast_channel_datastore_remove().
- rmudgett
On Aug. 25, 2011, 7:19 a.m., Alec Davis wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/1353/
> -----------------------------------------------------------
>
> (Updated Aug. 25, 2011, 7:19 a.m.)
>
>
> Review request for Asterisk Developers and rmudgett.
>
>
> Summary
> -------
>
> If ast_can_pickup() can pickup the target channel, it also needs to check that the originating parent channel isn't being picked up from one of the other spawned the calls.
>
> Example dialplan below causes a segfault as ast-hangup removes the same channel as is being picked up.
>
> How to crash it!
> dial 801 from 1 phone.
> from 2 phones simultaneously dial 800.
> segfault!
>
> exten => 801,1,NoOp(Local pickup debug: Ring Phones)
> exten => 801,n,Dial(Local/823 at en-phone&Local/824 at en-phone)
>
> exten => 800,1,NoOp(Local pickup: Pickup through Localchan call)
> exten => 800,n,Dial(Local/824 at en-pickup&Local/823 at en-pickup)
>
> [en-pickup]
> exten => _[0-9*#]!, 1, PickupChan(Local/${EXTEN}@en-phone)
>
> [en-phone]
> exten => _[0-9*#]!, 1, Dial(SIP/gxp-${EXTEN},20,rwt)
>
>
> This addresses bugs ASTERISK-18222 and ASTERISK-18273.
> https://issues.asterisk.org/jira/browse/ASTERISK-18222
> https://issues.asterisk.org/jira/browse/ASTERISK-18273
>
>
> Diffs
> -----
>
> trunk/channels/chan_local.c 333199
> trunk/channels/chan_sip.c 333199
> trunk/include/asterisk/channel.h 333199
> trunk/main/features.c 333199
>
> Diff: https://reviewboard.asterisk.org/r/1353/diff
>
>
> Testing
> -------
>
> Party A ring in which triggers off 2 internal localchan calls, as per 801 in the example dialplan.
> Party B and Party C, attempt to pickup the same calls, using 800 in the example dialplan.
>
> There is another senario thats not right, before even applying this patch.
> Party A ring in, which again triggers 2 internal localchan calls as per 801 in dialplan.
> Party B and Party C, use *8 to pickup. We then have a NULL OBJ message on screen, and an orpaned channel.
>
>
> Thanks,
>
> Alec
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20110825/502bc3e0/attachment-0001.htm>
More information about the asterisk-dev
mailing list