AV bug in listener app

Discussion related to implementation and use of the H.323 Plus H.323 stack at http://www.h323plus.org.
Post Reply
montu
Posts: 5
Joined: Wed Jan 18, 2012 11:09 pm

AV bug in listener app

Post by montu »

Windows XP
MS VS 2008
ptlib-2.10.1
h323plus-1.23.0

I get AV when listener app tries to delete h245listener thread.
..\h323plus\src\transports.cxx:888

Code: Select all

void H323Transport::CleanUpOnTermination()
{
  Close();

  if (thread != NULL) {
    PTRACE(3, "H323\tH323Transport::CleanUpOnTermination for " << thread->GetThreadName());
    PAssert(thread->WaitForTermination(10000), "Transport thread did not terminate");
    delete thread; //FAIL: it seems that thread  already deleted, but its pointer isn`t NULL
    thread = NULL;
  }
}
Call stack:
h323-listener.exe!H323Transport::CleanUpOnTermination() Line 888 + 0x22 bytes C++
h323-listener.exe!H323Connection::CleanUpOnCallEnd() Line 831 C++
h323-listener.exe!H323EndPoint::CleanUpConnections() Line 1983 C++
h323-listener.exe!H323ConnectionsCleaner::Main() Line 291 C++
h323-listener.exe!PThread::MainFunction(void * threadPtr=0x014c69a0) Line 723 C++
msvcr90d.dll!_callthreadstartex() Line 348 + 0xf bytes C
msvcr90d.dll!_threadstartex(void * ptd=0x014c80e0) Line 331 C
I written sample apps (h323-caller and h323-listener) to check how it works, but can`t go on.
Here they are http://share.netbynet.ru/291h323samples.zip (23 kb)

When I use h323-caller as caller with CallGen sample as listener (http://www.h323plus.org/source/download ... 1_23_0.zip) the same thing happens.

montu
Posts: 5
Joined: Wed Jan 18, 2012 11:09 pm

Re: AV bug in listener app

Post by montu »

So far I find more info while debugging listener app.
The "problem" thread is H225TransportThread (..\h323plus\src\transports.cxx:55).
This thread has AutoDeleteThread flag set by default (PThread::autoDelete = true), so it should be deleted after termination.
Thread proc (..\h323plus\src\transports.cxx:135)

Code: Select all

void H225TransportThread::Main()
{
  PTRACE(3, "H225\tStarted incoming call thread");

  if (!transport->HandleFirstSignallingChannelPDU(this))
    delete transport;
}
But HandleFirstSignallingChannelPDU() method has following code
(..\h323plus\src\transports.cxx:849)

Code: Select all

PBoolean H323Transport::HandleFirstSignallingChannelPDU(PThread * thread)
{
<..........>
    thread->SetNoAutoDelete();
<..........>
}
The call to SetNoAutoDelete() (...\PTLIB\src\ptlib\msos\win32.cxx:963) passed by debugger, but don`t change PThread::autoDelete flag. So thread object deleted after termination and then deleted again by H323Transport in CleanUpOnTermination() method (..\h323plus\src\transports.cxx:888), this cause access violation error.

montu
Posts: 5
Joined: Wed Jan 18, 2012 11:09 pm

Solution

Post by montu »

I tried to change PThread::SetAutoDelete() method at ..\h323DLL\PTLIB\src\ptlib\msos\win32.cxx:963.
The following code works fine so far.

Code: Select all

void PThread::SetAutoDelete(AutoDeleteFlag deletion)
{
  PAssert(deletion != AutoDeleteThread || this != &PProcess::Current(), PLogicError);
  
  //OLD:
  //if (autoDelete == (deletion != AutoDeleteThread))
  //  return;
  //autoDelete = deletion == AutoDeleteThread;

  //NEW:
  const bool value_to_set = (deletion == AutoDeleteThread);
  if(autoDelete == value_to_set) //already set
	return;
  autoDelete = value_to_set;

  PProcess & process = PProcess::Current();

  process.deleteThreadMutex.Wait();
  if (autoDelete)
    process.autoDeleteThreads.Append(this);
  else {
    process.autoDeleteThreads.DisallowDeleteObjects();
    process.autoDeleteThreads.Remove(this);
    process.autoDeleteThreads.AllowDeleteObjects();
  }
  process.deleteThreadMutex.Signal();
}

shorne
Posts: 45
Joined: Thu Aug 27, 2009 4:17 am

Re: AV bug in listener app

Post by shorne »

Be careful using PTLIB SVN. It is suggested that you use the last stable release of PTLIB with h323plus CVS to avoid issues such as this. If you do use the SVN make sure you do regular SVN updates for fixes (and of course you WILL find new bugs)

The error you are trying to fix was fixed November last year.
http://opalvoip.svn.sourceforge.net/vie ... 5&r2=26698

Simon

Post Reply