Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SegFault due to uninitialized videoroom->do_svc #2178

Closed
didiervb opened this issue May 27, 2020 · 2 comments
Closed

SegFault due to uninitialized videoroom->do_svc #2178

didiervb opened this issue May 27, 2020 · 2 comments

Comments

@didiervb
Copy link

didiervb commented May 27, 2020
edited
Loading

During testing (both with actual users and through automated load testing), we regularly get a segmentation fault in the janus videoroom plugin. We can trigger it fairly reliably.

The segfault location was initially determined through inspecting the core dump with gdb.

We rebuilt the latest janus from master with libasan support, and got the following output

AddressSanitizer: DEADLYSIGNAL
================================================================
==6==ERROR: AddressSanitizer: SEGV on unknown address 0x00000000006c (pc 0x7f4089670d8e bp 0x7f4088daeb20 sp 0x7f4088da09d0 T2600)
==6==The signal is caused by a READ memory access.
==6==Hint: address points to the zero page.
    #0 0x7f4089670d8d in janus_videoroom_handler plugins/janus_videoroom.c:6568
    #1 0x7f45afd2b414  (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x76414)
    #2 0x7f45af775fa2 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x7fa2)
    #3 0x7f45af6a64ce in clone (/lib/x86_64-linux-gnu/libc.so.6+0xf94ce)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV plugins/janus_videoroom.c:6568 in janus_videoroom_handler
Thread T2600 created by T0 here:
    #0 0x7f45b0292db0 in __interceptor_pthread_create (/usr/lib/x86_64-linux-gnu/libasan.so.5+0x50db0)
    #1 0x7f45afd4cc3f  (/usr/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x97c3f)
==6==ABORTING

It crashes om the same spot every time during multiple testruns (videoroom.c line 6568):
if(subscriber->room->do_svc) {

(line number may not match exactly with janus source, since we added a couple of logging statements as well)

A test with the whole block commented out stops the segfaults from occuring.

Looking further in the code, it looks to me as if the videoroom->do_svc variable is not correctly initialized if it's not set to true in the configuration:

  • when writing the configuration, the value is only written out to file if it's true
  • when reading the configuration, the value is only transferred to videoroom->do_svc if it's value
    is true
@didiervb
Copy link
Author

We are testing a fix, can create a PR later if it works.

@lminiero
Copy link
Member

Very likely subscriber->room is NULL when you get there, hence the crash. Nothing to do with the variable initialization. Will add a check.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lminiero @didiervb