Michael Broughton wrote: > Hello, > > I am running into a crashing problem with pjsip. It does not happen very > often, this particular crash has happened four or five times over the > last few weeks (making tens of thousands of calls). The application is > uses pjsua-lib. > > pjsip/sip_transaction.c:2758 > > pj_assert(event->body.timer.entry == &tsx->timeout_timer); > > Each time the above pointer comparison has failed, there has been > exactly 48 bytes difference between the two pointers. > > I have not had the opportunity to become familiar with the sip part of > pjsip, so I am hoping someone can shed some light on this issue. I have > saved all of my core dumps and some of my log files if anymore > information is required. Hi Michael, I can't say with certainty of what have caused this, since in my pjsip copy (0.8.0) pjsip/sip_transaction.c:2758 points to different code, but I assume it's the assertion in tsx_on_state_completed_uac() function, is it right? Are you on 64bit machine? If so, then the 48 bytes difference may indicate that the event->body.timer.entry is a retransmit timer entry. Could you have a look at pjsip_transaction declaration in sip_transaction.h, and see if this makes sense? Hopefully this is true, since at least we know that the memory pool is still intact. If so, then the assertion occurred because the transaction got a retransmit timer event in Completed state, while it only expects to get timeout event to destroy the transaction. Perhaps a simple fix would be simply to ignore this retransmit request rather than throwing an assertion. cheers, -benny > Thanks, >
