Re: [sr-dev] crash on dlg_clean_run

In this loop... int dlg_clean_run(ticks_t ti) { unsigned int i; unsigned int tm; dlg_cell_t *dlg; dlg_cell_t *tdlg; tm = (unsigned int)time(NULL); for(i=0; i<d_table->size; i++) { lock_set_get(d_table->locks, d_table->entries[i].lock_idx); dlg = d_table->entries[i].first; while (dlg) { tdlg = dlg; dlg = dlg->next; if(tdlg->state==DLG_STATE_UNCONFIRMED && tdlg->init_ts<tm-300) { /* dialog in early state older than 5min */ LM_NOTICE("dialog in early state is too old (%p ref %d)\n", tdlg, tdlg->ref); unlink_unsafe_dlg(&d_table->entries[i], tdlg); destroy_dlg(tdlg); } if(tdlg->state==DLG_STATE_CONFIRMED_NA && tdlg->start_ts<tm-60) { if(update_dlg_timer(&dlg->tl, 10)<0) { LM_ERR("failed to update dialog lifetime in long non-ack state\n"); } dlg->lifetime = 10; dlg->dflags |= DLG_FLAG_CHANGED; } } Should we, perhaps, in that last conditional block (if(tdlg->state==DLG_STATE_CONFIRMED_NA && tdlg->start_ts<tm-60)), be operating on 'tdlg' rather than 'dlg', much as in the previous if block? Is that a typo/oversight/mistake/legacy code? -- Alex Balashov - Principal Evariste Systems LLC Tel: +1-678-954-0670 Web: http://www.evaristesys.com/, http://www.alexbalashov.com/ Please be kind to the English language: http://www.entrepreneur.com/article/232906