[asterisk-dev] [Code Review]: Don't run the atexit functions more than once
wdoekes
reviewboard at asterisk.org
Sun Jan 8 06:51:27 CST 2012
> On Jan. 8, 2012, 6:49 a.m., wdoekes wrote:
> > I think this is the fix to a symptom instead of a problem.
> >
> > Bear with me for a minute.
> >
> > (1) The bug we're referring to (A18883) talks about problems with 10 vs. 1.8. This bug you're fixing is present in 1.8 as well.
> >
> > (2) While you're fixing a potential crash, you're instead making the graceful stop less graceful when called twice.
> >
> > (3) I found a problem with db_sync in main/db.c which causes problems with and without this patch.
> >
> > --1--
> >
> > Logically, you wouldn't expect a fix for a bug that *is* present in 1.8 to fix a different bug that is *only* present in 10.
> >
> > --2--
> >
> > Now, I do agree that there is a bug if you can get asterisk to crash like you're doing with your tests.
> >
> > However: what you're doing here is this:
> >
> > THREAD 1: calls quit_handler
> > THREAD 1: calls atexits
> > THREAD 1: hangs for whatever reason
> > THREAD 2: calls quit_handler
> > THREAD 2: skips atexists
> > THREAD 2: kills asterisk
> >
> > When the hanging is due to a problem (as I think is seen in (3)), the problem should be fixed, not the symptom.
> >
> > When the hanging is not a hang, but simply a slow operation, a second quit_handler call will suddently skip the clean shutdown mechanisms and kill asterisk.
> >
> > This could be simply an impatient user calling TERM on asterisk twice. This second TERM should IMHO be *ignored*, *not* *sped* *up* by skipping cleanups.
> >
> > I haven't looked at all the ways that quit_handler can be called, but I'm thinking *that* function could use an early return instead of the run_atexists function.
> >
> > --3--
> >
> > I've tracked a problem down with doexit handling in main/db.c. This is code in 10 that doesn't exist in 1.8.
> > Review is here: https://reviewboard.asterisk.org/r/1659
> >
> > --Conclusion--
> >
> > I can't give this the ship-it because of my concerns about (2). But there is indeed a bug because the atexits should be called twice. However, the quit_handler shouldn't be called twice either.
s/should/shouldn't/
- wdoekes
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/1658/#review5127
-----------------------------------------------------------
On Jan. 7, 2012, 3:42 p.m., Terry Wilson wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/1658/
> -----------------------------------------------------------
>
> (Updated Jan. 7, 2012, 3:42 p.m.)
>
>
> Review request for Asterisk Developers, wdoekes and Matt Jordan.
>
>
> Summary
> -------
>
> Asterisk can get multiple calls to the quit_handler from different threads. This can result in the atexit functions running multiple times. In one case, this causes multiple calls to the xmlCleanupParser() function which causes a double free and crash. I initially tried to handle things in quit_handler, but only succeeded in making some consoles never exit. :-)
>
>
> This addresses bug ASTERISK-18883.
> https://issues.asterisk.org/jira/browse/ASTERISK-18883
>
>
> Diffs
> -----
>
> /branches/1.8/main/asterisk.c 349967
>
> Diff: https://reviewboard.asterisk.org/r/1658/diff
>
>
> Testing
> -------
>
> Threw tons of asterisk -rx "core stop gracefully" calls in a loop at a bunch of 'asterisk -vvvgc' instances that were also starting in loops until it crashed. After the patch, it stopped crashing.
>
>
> Thanks,
>
> Terry
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20120108/a0846c28/attachment-0001.htm>
More information about the asterisk-dev
mailing list