Hi,
This has happened in the Asterisk. But it looks like the pjsip has the actual problem.
Could you please take a look this?
When the pjsip trying to sending a Re-invite for established session, it calls pjsip_inv_reinvite().
But atm, if session's SDP is empty(NULL), it makes crash.
Thank you.
Kind regards,
Sungtae
This has happened in the Asterisk. But it looks like the pjsip has the actual problem.
Could you please take a look this?
When the pjsip trying to sending a Re-invite for established session, it calls pjsip_inv_reinvite().
But atm, if session's SDP is empty(NULL), it makes crash.
[Current thread is 1 (Thread 0x7fe7aff82700 (LWP 32629))]
(gdb)
(gdb) where
#0 0x00007fe87fa6c0c2 in pj_strdup (pool=0x7fe7509ef1e0, dst=0x7fe76d5fca18, src="" at ../include/pj/string_i.h:40
#1 0x00007fe87fa15e84 in pjmedia_sdp_neg_modify_local_offer2 (pool=0x7fe7509ef1e0, neg=0x7fe76da058c0, flags=1, local=0x7fe76dc558a8) at ../src/pjmedia/sdp_neg.c:336
#2 0x00007fe87f9928b0 in pjsip_inv_reinvite (inv=0x7fe76d9551e8, new_contact=0x0, new_offer=0x7fe76dc558a8, p_tdata=0x7fe7aff81ba0) at ../src/pjsip-ua/sip_inv.c:3004
#3 0x00007fe821af5c6c in ast_sip_session_refresh (session=0x7fe76dbbb290, _on_request_creation_=0x0, _on_sdp_creation_=0x0, _on_response_=0x7fe80a9028ae <on_topology_change_response>,
method=AST_SIP_SESSION_REFRESH_METHOD_INVITE, generate_new_sdp=1, media_state=0x7fe834cfa590) at res_pjsip_session.c:1750
#4 0x00007fe821af443b in send_delayed_request (session=0x7fe76dbbb290, delay=0x7fe7ee8f97d0) at res_pjsip_session.c:1238
#5 0x00007fe821af479d in invite_terminated (vsession=0x7fe76dbbb290) at res_pjsip_session.c:1337
#6 0x00005582959ce79e in ast_taskprocessor_execute (tps=0x7fe76d9174c0) at taskprocessor.c:1185
#7 0x00005582959d808e in execute_tasks (data="" at threadpool.c:1354
#8 0x00005582959ce79e in ast_taskprocessor_execute (tps=0x558298a5ad80) at taskprocessor.c:1185
#9 0x00005582959d5c41 in threadpool_execute (pool=0x558298a55c30) at threadpool.c:367
#10 0x00005582959d78c0 in worker_active (worker=0x7fe7db36acc0) at threadpool.c:1137
#11 0x00005582959d7630 in worker_start (arg=0x7fe7db36acc0) at threadpool.c:1056
#12 0x00005582959e0fd0 in dummy_start (data="" at utils.c:1249
#13 0x00007fe87e0fe4a4 in start_thread (arg=0x7fe7aff82700) at pthread_create.c:456
#14 0x00007fe87c9bfd0f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:97
(gdb) frame 1
#1 0x00007fe87fa15e84 in pjmedia_sdp_neg_modify_local_offer2 (pool=0x7fe7509ef1e0, neg=0x7fe76da058c0, flags=1, local=0x7fe76dc558a8) at ../src/pjmedia/sdp_neg.c:336
336 pj_strdup(pool, &new_offer->origin.user, &old_offer->origin.user);
(gdb) list
331 /* RFC 3264 Section 8: When issuing an offer that modifies the session,
332 * the "o=" line of the new SDP MUST be identical to that in the
333 * previous SDP, except that the version in the origin field MUST
334 * increment by one from the previous SDP.
335 */
336 pj_strdup(pool, &new_offer->origin.user, &old_offer->origin.user);
337 new_offer->origin.id = old_offer->origin.id;
338
339 pj_strdup(pool, &new_offer->origin.net_type, &old_offer->origin.net_type);
340 pj_strdup(pool, &new_offer->origin.addr_type,&old_offer->origin.addr_type);
(gdb) p *neg
$2 = {
state = PJMEDIA_SDP_NEG_STATE_LOCAL_OFFER,
prefer_remote_codec_order = 0,
answer_with_multiple_codecs = 1,
has_remote_answer = 0,
answer_was_remote = 1,
initial_sdp = 0x0,
initial_sdp_tmp = 0x0,
active_local_sdp = 0x0,
active_remote_sdp = 0x0,
neg_local_sdp = 0x0,
neg_remote_sdp = 0x0
}
Thank you.
Kind regards,
Sungtae
Attachment:
fixed_empty_neg.patch
Description: Binary data
_______________________________________________ Visit our blog: http://blog.pjsip.org pjsip mailing list pjsip@xxxxxxxxxxxxxxx http://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org
