Ticket #1903 (closed defect: fixed)

Opened 3 years ago

Last modified 3 years ago

Crash when cleaning STUN response cache

Reported by: riza Owned by: bennylp
Priority: normal Milestone: release-2.5
Component: pjnath Version: trunk
Keywords: Cc:
Backport to 1.x milestone: Backported: no


The crash can be seen when using Asterisk 11+ in a very small number of calls (1 in 10,000) and can also be seen as a 100% CPU utilisation in some cases.

It seems to have started due to an optimisation in Chrome 47+ which triggers this timing-related problem. In the STUN engine, a retransmit cache is maintained in


When this linked-list of data is modified, the relevant lock


is held in all places except one.

A cache expiry timer is set on the above list, which fires


to clean the cache. This function does not get the group lock before trying to empty the list.

Thanks to Steve Davies for the report and patch

Change History

comment:1 Changed 3 years ago by riza

In 5233:

Re #1903: Fix crash when cleaning STUN response cache.

comment:2 Changed 3 years ago by riza

  • Status changed from new to closed
  • Resolution set to fixed
Note: See TracTickets for help on using tickets.