chan_pjsip: Race between channel answer and bridge setup when using direct media
authorKevin Harwell <kharwell@digium.com>
Fri, 12 Dec 2014 15:31:38 +0000 (15:31 +0000)
committerKevin Harwell <kharwell@digium.com>
Fri, 12 Dec 2014 15:31:38 +0000 (15:31 +0000)
When direct media is enabled and a pjsip channel is answered a race would occur
between the handling of the answer and bridge setup. Sometimes the media
negotiation would take place after the native bridge was setup. This resulted
in a NULL media address, which in turn resulted in Asterisk using its address
as the remote media address when sending a reinvite.  This patch makes the
chan_pjsip answer handler synchronous thus alleviating the race condition (the
bridge won't start setting things up until after it returns).

ASTERISK-24563 #close
Reported by: Steve Pitts
Review: https://reviewboard.asterisk.org/r/4257/
........

Merged revisions 429477 from http://svn.asterisk.org/svn/asterisk/branches/13

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@429478 65c4cc65-6c06-0410-ace0-fbb531ad65f3

channels/chan_pjsip.c

index b6bfeb5..cad0a7c 100644 (file)
@@ -490,7 +490,6 @@ static int answer(void *data)
        struct ast_sip_session *session = data;
 
        if (session->inv_session->state == PJSIP_INV_STATE_DISCONNECTED) {
-               ao2_ref(session, -1);
                return 0;
        }
 
@@ -507,8 +506,6 @@ static int answer(void *data)
                ast_sip_session_send_response(session, packet);
        }
 
-       ao2_ref(session, -1);
-
        return (status == PJ_SUCCESS) ? 0 : -1;
 }
 
@@ -516,19 +513,27 @@ static int answer(void *data)
 static int chan_pjsip_answer(struct ast_channel *ast)
 {
        struct ast_sip_channel_pvt *channel = ast_channel_tech_pvt(ast);
+       struct ast_sip_session *session;
 
        if (ast_channel_state(ast) == AST_STATE_UP) {
                return 0;
        }
 
        ast_setstate(ast, AST_STATE_UP);
+       session = ao2_bump(channel->session);
 
-       ao2_ref(channel->session, +1);
-       if (ast_sip_push_task(channel->session->serializer, answer, channel->session)) {
+       /* the answer task needs to be pushed synchronously otherwise a race condition
+          can occur between this thread and bridging (specifically when native bridging
+          attempts to do direct media) */
+       ast_channel_unlock(ast);
+       if (ast_sip_push_task_synchronous(session->serializer, answer, session)) {
                ast_log(LOG_WARNING, "Unable to push answer task to the threadpool. Cannot answer call\n");
-               ao2_cleanup(channel->session);
+               ao2_ref(session, -1);
+               ast_channel_lock(ast);
                return -1;
        }
+       ao2_ref(session, -1);
+       ast_channel_lock(ast);
 
        return 0;
 }