Crash after ACK/timer

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Benny,

The assertion failure is happening in the following function

PJ_DEF(pj_atomic_value_t) pj_atomic_get(pj_atomic_t *atomic_var)
{
    PJ_CHECK_STACK();
    PJ_ASSERT_RETURN(atomic_var, 0);

    return atomic_var->value;
}

in os_core_win32.c
And the following is the call stack:

   msvcr90d.dll!_wassert(const wchar_t * expr=0x005fc13c, const wchar_t * filename=0x005fbcd8, unsigned int lineno=598)  Line 335	C
 > TestPJSIP.exe!pj_atomic_get(pj_atomic_t * atomic_var=0x00000000)  Line 598 + 0x24 bytes	C
   TestPJSIP.exe!pjsip_tx_data_dec_ref(pjsip_tx_data * tdata=0x01899fcc)  Line 350 + 0xf bytes	C
   TestPJSIP.exe!tsx_destroy(pjsip_transaction * tsx=0x0188c08c)  Line 943 + 0xf bytes	C
   TestPJSIP.exe!tsx_set_state(pjsip_transaction * tsx=0x0188c08c, pjsip_tsx_state_e state=PJSIP_TSX_STATE_DESTROYED, pjsip_event_id_e event_src_type=PJSIP_EVENT_TIMER, void * event_src=0x0188c190)  Line 1094 + 0x9 bytes	C
   TestPJSIP.exe!tsx_on_state_terminated(pjsip_transaction * tsx=0x0188c08c, pjsip_event * event=0x0112fbb0)  Line 2856 + 0x19 bytes	C
   TestPJSIP.exe!tsx_timer_callback(pj_timer_heap_t * theap=0x0033c328, pj_timer_entry * entry=0x0188c190)  Line 1009 + 0x12 bytes	C
   TestPJSIP.exe!pj_timer_heap_poll(pj_timer_heap_t * ht=0x0033c328, pj_time_val * next_delay=0x0112fdd8)  Line 517 + 0x12 bytes	C
   TestPJSIP.exe!pjsip_endpt_handle_events2(pjsip_endpoint * endpt=0x0033c184, const pj_time_val * max_timeout=0x0112ffa8, unsigned int * p_count=0x00000000)  Line 665 + 0x10 bytes	C
   TestPJSIP.exe!pjsip_endpt_handle_events(pjsip_endpoint * endpt=0x0033c184, const pj_time_val * max_timeout=0x0112ffa8)  Line 721 + 0xf bytes	C
   TestPJSIP.exe!CSipClient::SipClientThread(void * __formal=0x00000000)  Line 107 + 0x13 bytes	C++

thanks,
manoj

On Fri, 08 Aug 2008 Benny Prijono wrote :
>On Fri, Aug 8, 2008 at 12:13 PM, manoj manoj
><manoj_karakkat at rediffmail.com>wrote:
>
> > Hi,
> >
> > We are facing a crash in a PJSIP while receiving an incoming call - the
> > point at which it is crashing is when an ACK is received.
> >
> > Here is what we are doing:
> >
> > - When an INVITE message is received, a UAS dialog is created
> >   - Send 180 Ringing, 200 OK on the same dialog
> > - An ACK is received from the server
> >
> > The ACK is destroying the transaction. After this, a timer expires and
> > tries destroy the already destroyed transaction and it crashes there.  You
> > can see the same from the following log snippet:
> >
> > Actually there's nothing wrong there. The ACK only sets the transaction to
>TERMINATED, it doesn't actually destroy it. The destroy is done after some
>timer elapsed.
>
>Perhaps you can mention exactly where does it crash. It could be in
>application code you know. :)
>
>Cheers
>  Benny
>
>
> >
> > 16:25:49.016 sip_endpoint.c Processing incoming message: Request msg
> > INVITE/cseq=15725 (rdata01221854)
> > 16:25:49.672    tsx0189A7CC Transaction created for Request msg
> > INVITE/cseq=15725 (rdata01221854)
> > 16:25:49.672    tsx0189A7CC Incoming Request msg INVITE/cseq=15725
> > (rdata01221854) in state Null
> > 16:25:49.672    tsx0189A7CC State changed from Null to Trying, event=RX_MSG
> > 16:25:49.672    dlg01279A1C Transaction tsx0189A7CC state changed to Trying
> > 16:25:49.672    dlg01279A1C UAS dialog created
> > 16:25:49.672    dlg01279A1C Module mod-invite added as dialog usage,
> > data=0127A020
> > 16:25:49.672    dlg01279A1C Session count inc to 2 by mod-invite
> > 16:25:49.672    inv01279A1C UAS invite session created for dialog
> > dlg01279A1C
> > 16:25:49.672      endpoint Response msg 180/INVITE/cseq=15725
> > (tdta0126B198) created
> > 16:25:49.672    dlg01279A1C Initial answer Response msg
> > 180/INVITE/cseq=15725 (tdta0126B198)
> > 16:25:49.672    inv01279A1C Sending Response msg 180/INVITE/cseq=15725
> > (tdta0126B198)
> > 16:25:49.672    dlg01279A1C Sending Response msg 180/INVITE/cseq=15725
> > (tdta0126B198)
> > 16:25:49.672    tsx0189A7CC Sending Response msg 180/INVITE/cseq=15725
> > (tdta0126B198) in state Trying
> > 16:25:49.672  sip_resolve.c Target '10.2.1.164:5060' type=UDP resolved to
> > '10.2.1.164:5060' type=UDP
> > 16:25:49.672    tsx0189A7CC State changed from Trying to Proceeding,
> > event=TX_MSG
> > 16:25:49.672    dlg01279A1C Transaction tsx0189A7CC state changed to
> > Proceeding
> > 16:25:49.672    inv01279A1C SDP negotiation done, status=220049
> > 16:25:49.672    inv01279A1C Sending Response msg 200/INVITE/cseq=15725
> > (tdta0126B198)
> > 16:25:49.672    dlg01279A1C Sending Response msg 200/INVITE/cseq=15725
> > (tdta0126B198)
> > 16:25:49.672    tsx0189A7CC Sending Response msg 200/INVITE/cseq=15725
> > (tdta0126B198) in state Proceeding
> > 16:25:49.672    tsx0189A7CC State changed from Proceeding to Completed,
> > event=TX_MSG
> > 16:25:49.672    dlg01279A1C Transaction tsx0189A7CC state changed to
> > Completed
> > 16:25:49.672 sip_endpoint.c Processing incoming message: Request msg
> > INVITE/cseq=15725 (rdata01221854)
> > 16:25:49.672    tsx0189A7CC Incoming Request msg INVITE/cseq=15725
> > (rdata01221854) in state Completed
> > 16:25:49.672    tsx0189A7CC Retransmiting Response msg
> > 200/INVITE/cseq=15725 (tdta0126B198), count=0, restart?=0
> > 16:25:49.781 sip_endpoint.c Processing incoming message: Request msg
> > ACK/cseq=15725 (rdata01221854)
> > 16:25:49.781    dlg01279A1C Received Request msg ACK/cseq=15725
> > (rdata01221854)
> > 16:25:49.781    tsx0189A7CC Request to terminate transaction
> > 16:25:49.781    tsx0189A7CC State changed from Completed to Terminated,
> > event=USER
> > 16:25:49.781    dlg01279A1C Transaction tsx0189A7CC state changed to
> > Terminated
> > 16:25:49.781  tdta0126B198 Destroying txdata Response msg
> > 200/INVITE/cseq=15725 (tdta0126B198)
> > 16:25:49.875    tsx0189A7CC Timeout timer event
> > 16:25:49.875    tsx0189A7CC State changed from Terminated to Destroyed,
> > event=TIMER
> >
> >
> > Thanks,
> > Manoj
> >
> >
> > [image: Rediff Shopping]<http://adworks.rediff.com/cgi-bin/AdWorks/click.cgi/www.rediff.com/signature-default.htm/1050715198 at Middle5/2206641_2199021/2201651/1?PARTNER=3&OAS_QUERY=null>
> > _______________________________________________
> > Visit our blog: http://blog.pjsip.org
> >
> > pjsip mailing list
> > pjsip at lists.pjsip.org
> > http://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org
> >
> >
>_______________________________________________
>Visit our blog: http://blog.pjsip.org
>
>pjsip mailing list
>pjsip at lists.pjsip.org
>http://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.pjsip.org/pipermail/pjsip_lists.pjsip.org/attachments/20080808/457eb845/attachment.html
[Index of Archives]     [Asterisk Users]     [Asterisk App Development]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [Linux API]
  Powered by Linux