[pjsip] pjsip crash (possible heap corruption?)

Benny Prijono bennylp at teluu.com
Fri Jun 15 01:39:37 EDT 2012

On Fri, Jun 15, 2012 at 12:09 PM, Timo Teras <timo.teras at iki.fi> wrote:

> On Fri, 15 Jun 2012 11:46:50 +0700 Benny Prijono <bennylp at teluu.com>
> wrote:
> > IOCP ioqueue has been deprecated and we haven't used it for long time.
> > Please use select ioqueue.
> Why? IOCP is superior in performance by design.
It's due to this: https://trac.pjsip.org/repos/ticket/1015

As I also noted, select() backend has also problems that make it bad
> for me.
> See:
> http://lists.pjsip.org/pipermail/pjsip_lists.pjsip.org/2012-June/014742.html
Right, thanks. I think the whole ioqueue thing is due for a make over. :)

BTW. I would expect the memory corruption here happening exactly based
> on what I observed: at least in transport_send_rtp() it is not checked
> if the pending request is already in use - it'll just get reused
> blindly, and will result in bad things if it was pending.
> Increasing MAX_PENDING might help a bit - but the proper fix is to have
> the code check if pending queue is full and then make it start dropping
> packets properly.
> And as noted, MAX_PENDING should be large enough to accommodate almost
> the number of packets the sound card can send in one burst (about worth
> half of the latency or so).
That's true, ioqueue users (transport, in this case) is responsible for
supplying free ioqueue_op_key to prevent the problem.


> -Timo
