Menu
▾
▴
Re: [Iaxclient-devel] crash in iax_event_free on mac
|
From: Peter G. <jpg...@gm...> - 2008-06-25 14:26:03
|
Hi Dennis, On Tue, Jun 24, 2008 at 9:14 AM, Dennis Christopher <dch...@pi...> wrote: > Peter, > I have set an environment variable to detect re-use of freed pointers and I > can see a case in iax_get_event (near " Decrement remaining retries ") that > goes wrong because it references an event returned from iax_get_sched() > whose event ptr is null. In the code generally this seems possible because > freed ptrs are not > set to null after they are freed. This is reproducible. I'm not familiar > enough with the event loop yet to suggest a correction. How should we > proceed? I do not see the case you are talking about. In iax.c, in the block with the comment "Decrement remaining retries", starting at line 3357, the event variable is not used. The event variable is reused at line 3342 where it is assigned to point at newly malloc()ed memory. Stylistically, this reuse of event may not be awesome, but functionally in this particular case we have already guaranteed event to be null prior to reassigning it. I'm going to need more details about exactly which variables are employed in a sketchy manner and where it is happening. Note that I am referencing the head of iaxclient trunk. Note also that I have some other iaxclient and libiax2 cleanups that I will be committing to trunk soon (possibly today) that are unrelated to this issue. Thanks, Pete |
