Opened 9 years ago

Closed 9 years ago

#1119 closed defect (fixed)

Crash if sending UPDATE fails in session timer module because network connectivity is lost (thanks Robbie Hanson for the fix!)

Reported by: bennylp Owned by: bennylp
Priority: major Milestone: release-1.8
Component: pjsip Version: trunk
Keywords: Cc:
Backport to 1.x milestone: Backported:

Description

When session timer is enabled, UPDATE will be sent periodically (according to timer-SE and timer-min-SE setting). When this is done while there's no network connectivity, a crash will occur, preceeded by the following assertion:

Assertion failed: (mutex->owner == pj_thread_this()), function pj_mutex_unlock, file ../src/pj/os_core_unix.c, line 1258

And the stack trace leading up to the assertion:

pj_mutex_unlock
pj_atomic_get
pjsip_tx_data_dec_ref
tsx_destroy
tsx_set_state
tsx_on_state_terminated
tsx_timer_callback
pj_timer_heap_poll
pjsip_endpt_handle_events2
pjsua_handle_events
worker_thread
thread_main
_pthread_start

The immediate reason for the assertion failure is because the pj_mutex_lock method in pj_atomic_get fails. And since the pj_mutex_lock failed, this causes the subsequent pj_mutex_unlock to blow up.

The larger reason for the crash comes from a reference counting error. The method pjsip_tx_data_dec_ref is called one too many times for the UPDATE.

Thank you Robbie Hanson for the report above and providing the fix.

Change History (1)

comment:1 Changed 9 years ago by bennylp

  • Resolution set to fixed
  • Status changed from new to closed

(In [3302]) Fixed ticket:1119: Crash if sending UPDATE fails in session timer module because network connectivity is lost (thanks Robbie Hanson for the fix!)

Note: See TracTickets for help on using tickets.