[h323plus] H323Connection concurrent access issue

Iurii Gordiienko hordi at ukr.net
Fri Jan 22 08:08:30 EST 2016


Hi all, 
I found an issue with concurrent access during work with H323Connection. Take a look on H46018Transport::HandleH46018SignallingChannelPDU(PThread * thread) 
Simplest schema of this function running: 
thread1: H46018Transport::HandleH46018SignallingChannelPDU(PThread * thread) 
{ ... H323Connection * connection = endpoint.CreateConnection(callReference, NULL, this, &pdu); 
... connection->AttachSignalChannel(token, this, true);  
... 
connection->HandleSignallingChannel(); 
... 
return connection->HadAnsweredCall(); 
} 

The function connection->HandleSignallingChannel() in really working with "this" (H46018Transport object) all time in the while-loop. 
thread2: H323EndPoint::CleanUpConnections() running. In this thread we are running: 1.connection.CleanUpOnCallEnd() - this function will call CleanUpOnTermination() for signallingChannel (H46018Transport object) which running in connection->HandleSignallingChannel() function. 2.delete current H323Connection (which will delete our signallingChannel object also) 
The concurrent access issue - in time when we are running connection->HandleSignallingChannel() function from  thread1, the H323Connection object can be deleted and signallingChannel will points to dead object - we have a crash in result. Also it is possible to run the connection->HadAnsweredCall() function for dead "connection" object. 
I have had the crash several times for this situation. 

Thanks -- Iurii Gordiienko 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.packetizer.com/pipermail/h323plus/attachments/20160122/d4727926/attachment-0001.html>


More information about the h323plus mailing list