[libnice] [Nice] Multithreading bug when removing streams
Youness Alaoui
kakaroto at kakaroto.homelinux.net
Tue Jun 17 18:11:49 PDT 2014
Hi Stephan,
Thank you very much for the report, the stack from valgrind was enough to
track down the bug. Yes, libnice is safe in a multithread environment, but
this was one bug where the mutex was released in the middle of a function
call (when emitting the IO callback) and it was not checking if the stream
got delete between the moment it unlocked and locked the mutex again.
I've fixed it in my repository but haven't tested it :
https://github.com/kakaroto/libnice/commit/3fc8fce2a4715120abd2d451ad8b99f03f24bcdd
Thank you,
Youness.
On Sun, Apr 27, 2014 at 10:50 AM, Stephan Thamm <thammi at chaossource.net>
wrote:
> Hi,
> working on my node.js bindings for libnice [0] I came across what I
> suspect is
> a multithreading bug in libnice. I was unable to find a statement about
> multithreading support in the documentation, but a mail on this list [1]
> stated that the agent API should be safe.
>
> The error occurs after removing a stream. It seems that code tries to
> handle
> io for the stream after it was removed, which fails when GSList tries to
> access the freed memory.
>
> I was running my application inside valgrind when the error occured. This
> might have increased the chances of this bug occuring (everything is very
> slow
> ...). The stack traces are attached.
>
> The bug triggered on Debian with libnice 0.1.5 as well as
> 0.1.5+rc20140402-0exp1 from Debian Experimental.
>
> I hope that this information is enough to find the cause of the bug. I
> tried
> looking into the libnice code, but my understanding of the code is not
> (yet)
> good enough.
>
> [0] https://github.com/thammi/node-libnice
> [1] http://lists.freedesktop.org/archives/nice/2009-September/000293.html
> --
> So far, farewell
> Thammi
> _______________________________________________
> nice mailing list
> nice at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/nice
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/nice/attachments/20140617/80e9b701/attachment.html>
More information about the nice
mailing list