Fix a deadlock caused by a race condition between removing a hint and reloading the...
authorJoshua Colp <jcolp@digium.com>
Mon, 24 Sep 2012 19:23:32 +0000 (19:23 +0000)
committerJoshua Colp <jcolp@digium.com>
Mon, 24 Sep 2012 19:23:32 +0000 (19:23 +0000)
If conditions were right it was possible for both the PBX core and chan_sip to deadlock by both having a lock that the other
wants. In the case of the PBX core it had the contexts lock and wanted a SIP dialog lock, while in the case of chan_sip it
had the SIP dialog lock and wanted the contexts lock.

This fix unlocks the SIP dialog before getting the extension state so that the other thread will not block on trying to lock
it. Once the extension state is retrieved the SIP dialog is locked again and life carries on.

As the SIP dialog is reference counted it is not possible for it to go away after unlocking.

(closes issue ASTERISK-20437)
Reported by: jhutchins
........

Merged revisions 373438 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 373440 from http://svn.asterisk.org/svn/asterisk/branches/10
........

Merged revisions 373454 from http://svn.asterisk.org/svn/asterisk/branches/11

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@373456 65c4cc65-6c06-0410-ace0-fbb531ad65f3

channels/chan_sip.c

index 65f612c..aa50e6c 100644 (file)
@@ -14183,6 +14183,11 @@ static int transmit_state_notify(struct sip_pvt *p, struct state_notify_data *da
        struct sip_request req;
        const struct cfsubscription_types *subscriptiontype;
 
+       /* If the subscription has not yet been accepted do not send a NOTIFY */
+       if (!ast_test_flag(&p->flags[1], SIP_PAGE2_DIALOG_ESTABLISHED)) {
+               return 0;
+       }
+
        memset(from, 0, sizeof(from));
        memset(to, 0, sizeof(to));
 
@@ -27224,7 +27229,12 @@ static int handle_request_subscribe(struct sip_pvt *p, struct sip_request *req,
                                        dialog_unref(p, "copying dialog ptr into extension state struct failed");
                                }
                        }
-                       if ((data.state = ast_extension_state_extended(NULL, p->context, p->exten, &device_state_info)) < 0) {
+
+                       sip_pvt_unlock(p);
+                       data.state = ast_extension_state_extended(NULL, p->context, p->exten, &device_state_info);
+                       sip_pvt_lock(p);
+
+                       if (data.state < 0) {
                                ao2_cleanup(device_state_info);
                                if (p->expiry > 0) {
                                        ast_log(LOG_NOTICE, "Got SUBSCRIBE for extension %s@%s from %s, but there is no hint for that extension.\n", p->exten, p->context, ast_sockaddr_stringify(&p->sa));