[reSIProcate] PresSvr crash
Hi,
I am playing with the presSvr application. After a client issues a
SUBSCRIBE and the subscription expires, I am getting a crash...
Here is the stack trace. I am not very familiar with the code yet but it
looks like iter->second points to unused memory (0xfeeefeee).
Any hint?
Thanks!
Christian
presSvr.exe!SubDialogMgr::processExpirations() Line 153 C++
SubDialogMgr::processExpirations()
{
ExpirationMap_t::iterator iter = mExpirationMap.begin();
while (( iter != mExpirationMap.end() ) && ( (iter->first) <= time(NULL)
))
{
>> DialogMap_t::iterator dlgIter = mDialogMap.find(iter->second);
if (dlgIter!=mDialogMap.end()
&& (dlgIter->second)->expires() <= time(NULL))
-----------------------------------------------------------------------
presSvr.exe!std::_Tree<std::_Tmap_traits<resip::Data,SubDialog
*,std::less<resip::Data>,std::allocator<std::pair<resip::Data const
,SubDialog *> >,0> >::find(const resip::Data & _Keyval={...}) Line 790 C++
iterator find(const key_type& _Keyval)
{ // find an element in mutable sequence that matches
_Keyval
>> iterator _Where = lower_bound(_Keyval);
return (_Where == end() || this->comp(_Keyval,
_Key(_Where._Mynode()))
? end() : _Where);
}
-----------------------------------------------------------------------
presSvr.exe!std::_Tree<std::_Tmap_traits<resip::Data,SubDialog
*,std::less<resip::Data>,std::allocator<std::pair<resip::Data const
,SubDialog *> >,0> >::lower_bound(const resip::Data & _Keyval={...}) Line
810 + 0xc C++
iterator lower_bound(const key_type& _Keyval)
{ // find leftmost node not less than _Keyval in mutable
tree
>> return (_TREE_ITERATOR(_Lbound(_Keyval)));
}
-----------------------------------------------------------------------
presSvr.exe!std::_Tree<std::_Tmap_traits<resip::Data,SubDialog
*,std::less<resip::Data>,std::allocator<std::pair<resip::Data const
,SubDialog *> >,0> >::_Lbound(const resip::Data & _Keyval={...}) Line 992
+ 0x19 C++
_Nodeptr _Lbound(const key_type& _Keyval) const
{ // find leftmost node not less than _Keyval
_Nodeptr _Pnode = _Root();
_Nodeptr _Wherenode = _Myhead; // end() if search fails
while (!_Isnil(_Pnode))
>> if (this->comp(_Key(_Pnode), _Keyval))
-----------------------------------------------------------------------
presSvr.exe!std::less<resip::Data>::operator()(const resip::Data &
_Left={...}, const resip::Data & _Right={...}) Line 140 C++
template<class _Ty>
struct less
: public binary_function<_Ty, _Ty, bool>
{ // functor for operator<
bool operator()(const _Ty& _Left, const _Ty& _Right) const
{ // apply operator< to operands
return (_Left < _Right);
>> }
-----------------------------------------------------------------------
presSvr.exe!resip::Data::operator<(const resip::Data & rhs={...}) Line 491
+ 0x37 C++
bool
Data::operator<(const Data& rhs) const
{
>> int res = strncmp(mBuf, rhs.mBuf, resipMin(mSize, rhs.mSize));
-----------------------------------------------------------------------
presSvr.exe!strncmp(unsigned char * first=0x0037b124, unsigned char *
last=0xfeeefeee, unsigned long count=0x00000020) Line 85 Asm
strncmp proc \
uses edi esi ebx, \
first:ptr byte, \
last:ptr byte, \
count:IWORD
mov ecx,[count] ; cx=max number of bytes to compare
jecxz short toend ; it's as if strings are equal
mov ebx,ecx ; bx saves count
mov edi,[first] ; di=first pointer (es=segment part)
mov esi,edi ; si saves first pointer
xor eax,eax ; ax=0
repne scasb ; count bytes
neg ecx ; cx=count - strlen
add ecx,ebx ; strlen + count - strlen
okay:
mov edi,esi ; restore first pointer
mov esi,[last] ; si = last pointer
>> repe cmpsb ; compare strings
mov al,[esi-1]
xor ecx,ecx ; set return value = 0