Hello,
there's a strange issue with PJSIP 1.8.10 on iOS. XCodes default
optimization level for Release builds is -Os. When compiled this way,
PJSIPs header parser crashes on incoming calls.
When compiling with -O2 or even -O3, everything works fine. XCode uses gcc
4.2 underneath.
I've narrowed it down to a loop that copies header-values into a temporary
header-structure in pjsip_dlg_update_remote_cap().
while (hdr) {
unsigned j;
/* Append the header content to temporary header */
for(j=0; j<hdr->count &&
tmp_hdr.count<PJSIP_GENERIC_ARRAY_MAX_COUNT; ++j)
{
tmp_hdr.values[tmp_hdr.count++] = hdr->values[j];
}
/* Get the next header for this capability */
hdr = (const pjsip_generic_array_hdr*)
pjsip_msg_find_hdr(msg, htypes[i], hdr->next);
}
Looks good to me. But shortly after that, some pj_strdup (from
pjsip_hdr_clone) tries to copy those strings from tmp_hdr.values and
there's only garbage in tmp_hdr.values. tmp_hdr.count is fine though.
When I modify the code by adding just a printf below(!!!) the while-loop,
gcc's optimizer is brought back to sanity again and the values are copied
just fine.
while (hdr) {
unsigned j;
/* Append the header content to temporary header */
for(j=0; j<hdr->count &&
tmp_hdr.count<PJSIP_GENERIC_ARRAY_MAX_COUNT; ++j)
{
tmp_hdr.values[tmp_hdr.count++] = hdr->values[j];
}
/* Get the next header for this capability */
hdr = (const pjsip_generic_array_hdr*)
pjsip_msg_find_hdr(msg, htypes[i], hdr->next);
}
printf("[tmp_hdr] %s values (%d)\n", tmp_hdr.name.ptr,
tmp_hdr.count);
An alterative "fix" was to add a printf on some tmp_hdr value inside the
inner for loop. So in the end I think, gcc gets something wrong by
optimizing access to tmp_hdr too much.
Does anyone know what the real source of the problem might be? What has
Apple done to good old gcc? Or is this even reproducable on a Unix/Linux
platform? Or is it just me?
Thanks in advance for any comment,
Sebastian.
