Per an earlier thread, I am building a very simple multithreaded UAS redirect
server. (Note: in my earlier thread I was running it in stateless mode, but
now I am running in stateful mode).
The simple scenario is an INVITE that gets handed to a different worker thread,
a short time later the main thread crashes when trying to send a 100 Trying due
to a timer expiring in the stack.
It looks like this:
1. Main thread creates root, run event loop, gets incoming INVITE
2. Main thread sends su_msg_r to clone task (in separate thread) to look up a
contact for this request
3. Main thread returns 0 from the sip request callback
4. Short time later, N1 timer goes off and stack attempts to generate a 100
Trying (I have deliberately put a sleep in my clone task temporarily to make
this happen)
5. Library crashes in freeaddrinfo
Note that if I explicitly send a 100 Trying from the callback in the main
thread, no problem.
With logging turned up, this is what gets burped up to the console:
nta: timer N1 fired, sending 100 Trying
tport_tsend(0x9d42b48) tpn = UDP/192.168.1.249:15280
tport_resolve addrinfo = 192.168.1.249:15280
*** glibc detected *** sofia-rs: free(): invalid next size (fast): 0x09d46010
***
======= Backtrace: =========
/lib/libc.so.6[0x7050f1]
/lib/libc.so.6(cfree+0x90)[0x708bc0]
/lib/libc.so.6(freeaddrinfo+0x38)[0x751e68]
/usr/local/lib/libsofia-sip-ua.so.0(su_freeaddrinfo+0x1d)[0xe845bd]
/usr/local/lib/libsofia-sip-ua.so.0[0xe9cc10]
/usr/local/lib/libsofia-sip-ua.so.0(tport_tsend+0x2c2)[0xea65b2]
/usr/local/lib/libsofia-sip-ua.so.0[0xe2c551]
/usr/local/lib/libsofia-sip-ua.so.0(nta_incoming_treply+0xf0)[0xe2df90]
/usr/local/lib/libsofia-sip-ua.so.0[0xe2e45e]
/usr/local/lib/libsofia-sip-ua.so.0[0xe3026f]
/usr/local/lib/libsofia-sip-ua.so.0(su_timer_expire+0x10f)[0xe8cd2f]
/usr/local/lib/libsofia-sip-ua.so.0(su_base_port_run+0xa2)[0xe91012]
/usr/local/lib/libsofia-sip-ua.so.0(su_root_run+0x29)[0xe88ff9]
sofia-rs[0x8049e3a]
sofia-rs(__gxx_personality_v0+0x230)[0x8048fe8]
/lib/libc.so.6(__libc_start_main+0xdc)[0x6b1e8c]
sofia-rs(__gxx_personality_v0+0xd9)[0x8048e91]
Looking at the stack trace in gdb it looks like this:
(gdb) bt
#0 0x0023b402 in __kernel_vsyscall ()
#1 0x006c4d80 in raise () from /lib/libc.so.6
#2 0x006c6691 in abort () from /lib/libc.so.6
#3 0x006fd24b in __libc_message () from /lib/libc.so.6
#4 0x007050f1 in _int_free () from /lib/libc.so.6
#5 0x00708bc0 in free () from /lib/libc.so.6
#6 0x00751e68 in freeaddrinfo () from /lib/libc.so.6
#7 0x00e845bd in su_freeaddrinfo (res=0x9d46010) at su_addrinfo.c:971
#8 0x00e9cc10 in tport_resolve (self=<value optimized out>, msg=0x9d45b18,
tpn=0xbffb5db0) at tport.c:3966
#9 0x00ea65b2 in tport_tsend (self=0x9d42b48, msg=0x9d45b18, _tpn=0x9d45590,
tag=0xeeb050, value=0) at tport.c:3241
#10 0x00e2c551 in incoming_reply (irq=0x9d45520, msg=0x9d45b18, sip=0x9d45bb4)
at nta.c:6523
#11 0x00e2df90 in nta_incoming_treply (irq=0x9d45520, status=100,
phrase=0xed87b0 "Trying", tag=0x0, value=0) at nta.c:6382
#12 0x00e2e45e in incoming_timer (sa=0x9d42120) at nta.c:6793
#13 0x00e3026f in agent_timer (rm=0x0, timer=0x9d42b08, agent=0x9d42120) at
nta.c:1225
#14 0x00e8cd2f in su_timer_expire (timers=<value optimized out>,
timeout=0xbffb621c, now={tv_sec = 3471911287, tv_usec = 12984}) at
su_timer.c:533
#15 0x00e91012 in su_base_port_run (self=0x9d41458) at su_base_port.c:334
#16 0x00e88ff9 in su_root_run (self=0x9d41308) at su_port.h:310
#17 0x08049e3a in SofiaController::run (this=<value optimized out>) at
sofia-controller.cpp:119
#18 0x08048fe8 in main (argc=1, argv=0xbffb6344) at sofia-rs.cpp:14
My code in the main thread is pretty simple, initialization contains this:
int rv = su_init() ;
if( rv < 0 ) {..}
m_root = su_root_create( NULL ) ;
if( NULL == m_root ) {..}
su_root_threading( m_root, 1 ) ;
m_home = su_home_create() ;
if( NULL == m_home ) {..}
su_home_init( m_home ) ;
if( su_home_threadsafe( m_home ) < 0 ) {..}
Any idea why the stack is crashing there?
Dave
------------------------------------------------------------------------------
This SF.Net email is sponsored by the Verizon Developer Community
Take advantage of Verizon's best-in-class app development support
A streamlined, 14 day to market process makes app distribution fast and easy
Join now and get one step closer to millions of Verizon customers
http://p.sf.net/sfu/verizon-dev2dev
_______________________________________________
Sofia-sip-devel mailing list
Sofia-sip-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sofia-sip-devel
