I have been stress testing sipxtapi media-update, and found that mpJitterBuffer::pushPacket() overwrites the payloadMap under some circonstances. Then sipxtapi crashes at the next frame decoding, because the decoder points to an invalid address.
mpJitterBuffer.h ---------------- MpAudioSample JbQ[JbQueueSize]; MpDecoderBase* payloadMap[JbPayloadMapSize]; mpJitterBuffer.cpp in MpJitterBuffer::pushPacket() ------------------------ decodedSamples = decoder->decode(rtpPacket, JbQueueSize-JbQCount, JbQ+JbQIn); Under high load, the decode function overwrites the payload map which is stored just behind the JbQ in memory. This never happens on my PC when I'm not stress testing sipxtapi, but I have also seen this happen on a slow laptop. If I change the JbQ declaration to MpAudioSample JbQ[JbQueueSize+256], I don't get any crash anymore under stress test. This is a very dirty fix, and I haven't currently been able to figure out where the real problem is. Best regards, stipus _______________________________________________ sipxtapi-dev mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipxtapi-dev/
