LibNiceConnection::close coredump

Support
1

question

  • i found m_Thread_.timed_join(timeout) called in LibNiceConnection::close method, and i face a coredump relation to it when i call LibNiceConnection::close() then delete it , the backtrace and log as below:

backtrace

#0  0x00007f35ca960c56 in __memcpy_ssse3_back () from /lib64/libc.so.6
#1  0x00007f35cb3da2e0 in copy (__n=59814224, __s2=<optimized out>, __s1=<optimized out>)
    at /home/zhongjiannan/package/gcc-6.1.0/x86_64-pc-linux-gnu/libstdc++-v3/include/bits/char_traits.h:290
#2  _M_copy (__n=59814224, __s=<optimized out>, __d=<optimized out>) at /home/zhongjiannan/package/gcc-6.1.0/x86_64-pc-linux-gnu/libstdc++-v3/include/bits/basic_string.h:2877
#3  std::string::append (this=this@entry=0x7f35717ef6e0, __str=...) at /home/zhongjiannan/package/gcc-6.1.0/x86_64-pc-linux-gnu/libstdc++-v3/include/bits/basic_string.tcc:773
#4  0x00007f35b8ed6c90 in operator+<char, std::char_traits<char>, std::allocator<char> > (__rhs=..., __lhs=0x7f35b9381cba "id: ", this=<optimized out>)
    at /usr/include/c++/4.8.2/bits/basic_string.tcc:702
#5  erizo::IceConnection::toLog (this=this@entry=0x7f358000d320) at ../erizo/src/erizo/IceConnection.h:124
#6  0x00007f35b8ed7680 in erizo::LibNiceConnection::mainLoop (this=0x7f358000d320) at ../erizo/src/erizo/LibNiceConnection.cpp:255
#7  0x00007f35b8b7c27a in thread_proxy () from /lib64/libboost_thread-mt.so.1.53.0
#8  0x00007f35cabdedc5 in start_thread () from /lib64/libpthread.so.0
#9  0x00007f35ca90d73d in clone () from /lib64/libc.so.6

log

2020-11-09 15:36:11,991  - DEBUG: LibNiceConnection - id: 230597350002604830,  message: interrupt thread to close, this: 0x7f358000d320
2020-11-09 15:36:11,991  - DEBUG: LibNiceConnection - id: 230597350002604830,  message:Unrefing loop
2020-11-09 15:36:11,991  - DEBUG: LibNiceConnection - id: 230597350002604830,  message: unrefing agent
2020-11-09 15:36:11,992  - DEBUG: LibNiceConnection - id: 230597350002604830,  message: Unrefing context
2020-11-09 15:36:11,992  - DEBUG: LibNiceConnection - id: 230597350002604830,  message: closed, this: 0x7f358000d320

reason

  • main_loop thread interruptted, but g_main_loop_run may still running, and delete LibNiceConnection instance cause wild pointer(0x7f358000d320)

  • why m_Thread_.timed_join used rather than m_Thread_.join() ?