| Summary: | ASTERISK-25775: stasis: Race condition with lock destruction in JSON usage | ||
| Reporter: | Badalian Vyacheslav (slavon) | Labels: | |
| Date Opened: | 2016-02-11 22:53:22.000-0600 | Date Closed: | 2016-10-30 13:54:12 |
| Priority: | Major | Regression? | |
| Status: | Closed/Complete | Components: | Core/Stasis |
| Versions: | 13.7.2 | Frequency of Occurrence | |
| Related Issues: | |||
| Environment: | [root@vm-asterisk04t asterisk]# git branch -v * master a394865 Merge "Resources/res_phoneprov: fix memory leak and heap-use-after-free" | Attachments: | |
| Description: | {code}
WARNING: ThreadSanitizer: data race (pid=3847) Write of size 1 at 0x7d24002f2fb8 by thread T23: #0 pthread_mutex_destroy <null> (libtsan.so.0+0x00000002878d) #1 __ast_pthread_mutex_destroy /root/asterisk/main/lock.c:205 (asterisk+0x000000503ca8) #2 json_mem_free /root/asterisk/main/json.c:68 (asterisk+0x0000004f5d63) #3 ast_json_unref /root/asterisk/main/json.c:235 (asterisk+0x0000004f63df) #4 json_payload_destructor /root/asterisk/main/json.c:801 (asterisk+0x0000004f8612) #5 __ao2_ref /root/asterisk/main/astobj2.c:528 (asterisk+0x0000002d87e0) #6 __ao2_cleanup_debug /root/asterisk/main/astobj2.c:573 (asterisk+0x0000002d8a23) #7 stasis_message_dtor /root/asterisk/main/stasis_message.c:107 (asterisk+0x00000065fd53) #8 __ao2_ref /root/asterisk/main/astobj2.c:528 (asterisk+0x0000002d87e0) #9 __ao2_cleanup_debug /root/asterisk/main/astobj2.c:573 (asterisk+0x0000002d8a23) #10 dispatch_exec_async /root/asterisk/main/stasis.c:703 (asterisk+0x000000637c07) #11 ast_taskprocessor_execute /root/asterisk/main/taskprocessor.c:848 (asterisk+0x00000067f13f) #12 default_tps_processing_function /root/asterisk/main/taskprocessor.c:183 (asterisk+0x00000067b1c4) #13 dummy_start /root/asterisk/main/utils.c:1232 (asterisk+0x0000006b6674) #14 <null> <null> (libtsan.so.0+0x000000023659) Previous atomic read of size 1 at 0x7d24002f2fb8 by main thread: #0 pthread_mutex_lock <null> (libtsan.so.0+0x000000037816) #1 __ast_pthread_mutex_lock /root/asterisk/main/lock.c:313 (asterisk+0x000000503d01) #2 json_mem_lock /root/asterisk/main/json.c:112 (asterisk+0x0000004f5e3f) #3 ast_json_unref /root/asterisk/main/json.c:222 (asterisk+0x0000004f6387) #4 _dtor_json_object.34136 <null> (asterisk+0x0000002c21b7) #5 publish_fully_booted /root/asterisk/main/asterisk.c:1022 (asterisk+0x0000002c2251) #6 asterisk_daemon /root/asterisk/main/asterisk.c:4692 (asterisk+0x0000002d7009) #7 main /root/asterisk/main/asterisk.c:4230 (asterisk+0x0000002d5cfd) Location is heap block of size 144 at 0x7d24002f2fb0 allocated by main thread: #0 malloc <null> (libtsan.so.0+0x000000025a33) #1 _ast_malloc /root/asterisk/include/asterisk/utils.h:547 (asterisk+0x0000004f4cbb) #2 ast_json_malloc /root/asterisk/main/json.c:140 (asterisk+0x0000004f5ef3) #3 json_object <null> (libjansson.so.4+0x00000000720a) #4 ast_json_pack /root/asterisk/main/json.c:693 (asterisk+0x0000004f7f5e) #5 publish_fully_booted /root/asterisk/main/asterisk.c:1024 (asterisk+0x0000002c2207) #6 asterisk_daemon /root/asterisk/main/asterisk.c:4692 (asterisk+0x0000002d7009) #7 main /root/asterisk/main/asterisk.c:4230 (asterisk+0x0000002d5cfd) Thread T23 (tid=4351, running) created by main thread at: #0 pthread_create <null> (libtsan.so.0+0x000000027b07) #1 ast_pthread_create_stack /root/asterisk/main/utils.c:1285 (asterisk+0x0000006b6abd) #2 default_listener_start /root/asterisk/main/taskprocessor.c:200 (asterisk+0x00000067b33a) #3 __allocate_taskprocessor /root/asterisk/main/taskprocessor.c:682 (asterisk+0x00000067e298) #4 ast_taskprocessor_get /root/asterisk/main/taskprocessor.c:728 (asterisk+0x00000067e4c1) #5 internal_stasis_subscribe /root/asterisk/main/stasis.c:487 (asterisk+0x0000006362be) #6 stasis_subscribe /root/asterisk/main/stasis.c:517 (asterisk+0x000000636608) #7 stasis_message_router_create_internal /root/asterisk/main/stasis_message_router.c:230 (asterisk+0x000000661dd0) #8 stasis_message_router_create /root/asterisk/main/stasis_message_router.c:243 (asterisk+0x000000661ee5) #9 manager_subscriptions_init /root/asterisk/main/manager.c:8563 (asterisk+0x000000543341) #10 subscribe_all /root/asterisk/main/manager.c:8582 (asterisk+0x00000054340f) #11 __init_manager /root/asterisk/main/manager.c:8839 (asterisk+0x000000544f26) #12 init_manager /root/asterisk/main/manager.c:9142 (asterisk+0x000000547616) #13 asterisk_daemon /root/asterisk/main/asterisk.c:4639 (asterisk+0x0000002d6da8) #14 main /root/asterisk/main/asterisk.c:4230 (asterisk+0x0000002d5cfd) SUMMARY: ThreadSanitizer: data race ??:0 pthread_mutex_destroy ================== {code} | ||
| Comments: | By: Asterisk Team (asteriskteam) 2016-02-11 22:53:24.497-0600 Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution. A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report. Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process]. | ||