[asterisk-dev] [Code Review] Don't run the atexit functions more than once

Terry Wilson reviewboard at asterisk.org
Sun Jan 8 11:34:19 CST 2012 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/1658/
-----------------------------------------------------------

(Updated Jan. 8, 2012, 11:34 a.m.)


Review request for Asterisk Developers, wdoekes and Matt Jordan.


Changes
-------

Yep, I still get the crash after applying wdoekes' patch in 1659 (which is a good patch, it just doesn't fix the underlying problem). We need to make sure that 1) quit_handler cannot run multiple times in parallel and 2) Once we run the atexit functions once, we cannot cancel a shutdown in progress.

A simple way to reproduce the issue is to open two terminals and do:

while asterisk -vvvgc;do echo pass;done

and in another:

while true;do (asterisk -rx "core stop gracefully" &);

Eventually you get a crash.

This patch seems to fix the problem for me. I haven't really stared at it very long, but I have other things I have to do today so I figured I'd at least post it up for discussion. It is annoying calling into a channel.c function, but that seems to be what the other code is doing, so oh well. Running the above loops, I did find another crash related to dlclose() calls.


Summary
-------

Asterisk can get multiple calls to the quit_handler from different threads. This can result in the atexit functions running multiple times. In one case, this causes multiple calls to the xmlCleanupParser() function which causes a double free and crash. I initially tried to handle things in quit_handler, but only succeeded in making some consoles never exit. :-)


This addresses bug ASTERISK-18883.
    https://issues.asterisk.org/jira/browse/ASTERISK-18883


Diffs (updated)
-----

  /trunk/include/asterisk/channel.h 350018 
  /trunk/main/asterisk.c 350018 
  /trunk/main/channel.c 350018 

Diff: https://reviewboard.asterisk.org/r/1658/diff


Testing
-------

Threw tons of asterisk -rx "core stop gracefully" calls in a loop at a bunch of 'asterisk -vvvgc' instances that were also starting in loops until it crashed. After the patch, it stopped crashing.


Thanks,

Terry

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20120108/70863eb3/attachment-0001.htm>

More information about the asterisk-dev mailing list