[asterisk-dev] Locking and unlocking order in chan_local
Alex Hermann
alex at speakup.nl
Tue Jan 11 11:48:08 CST 2011
On Tuesday 11 January 2011 16:50:37 Kevin P. Fleming wrote:
> >> From: "Alex Hermann"<alex at speakup.nl>
> >> 2) Between an ao2_unlock of a *tech_pvt and a subsequent ao2_lock of
> >> that
> >> same pvt, couldn't it be the pvt has been freed? Shouldn't the pointer
> >> be tested for null?
>
> The structure pointed to by the tech_pvt pointer may have been changed
> while it was not locked by the thread in question, but if that thread
> holds a reference to the object, it will *not* have been freed. That's
> the whole point of astobj2 reference counting; it avoids the constant
> need to hold locks just to ensure that objects don't disappear
> unexpectedly.
>
> However, that code is definitely buggy, in that is making a copy of a
> pointer to an ao2 object without increasing the reference count, and
> thus it is possible for the object to disappear. The initialization of
> 'p' should be done using 'ao2_ref(ast->tech_pvt, 1)', and then
> 'ao2_ref(p, -1)' should be called when p is no longer needed (including
> all exit paths from the function).
Ah, ok, thanks.
There seem to be some other functions in that file that miss the reference
counting part. I'll first try if reverting the ao2 converion of chan_local
fixes the issue. If it does, maybe i'll have a shot at fixing the refcounting.
--
Alex Hermann
More information about the asterisk-dev
mailing list