[Serdev] SER crashing at random locations

Durgani, Prakash B. PBDurgani at west.com
Wed Mar 23 16:19:01 UTC 2005 

I too am inclined to believe what you are saying.  I am isolating each
malloc/free combination in my code at the moment.

On the other hand, I didn't modify sl_send_reply, but I am invoking it
from my module rather the config script at times, and that's when I see
most of the problems.  Do you think its safe to call the "sl" module
functions directly from C code?  The config script however does load the
sl module during initialization.

Prakash

-----Original Message-----
From: Paul Jankowski [mailto:paul at teragen.com.au] 
Sent: Tuesday, March 22, 2005 4:04 PM
To: serdev at lists.iptel.org
Subject: RE: [Serdev] SER crashing at random locations

> it immediately notified a "Pointer Over-Write" when it invokes a
> sl_send_reply to send a 200 OK to the first REGISTER messages.
> 
> int2reverse_hex [Ut.h:224]
>         **c= digit >= 10 ? digit + 'a' - 10 : digit + '0';
> 
> Anyone seen this before? 

No, my SER modules don't have bugs :-) .

Seriously, it's quite unlikely that your problem is caused by the
existing SER code; far more likely that your module has overrun the
bounds of the memory allocated to it.

Look at the definition of int2reverse_hex():

  inline static int int2reverse_hex( char **c, int *size, int nr )

It takes a pointer to a pointer of type char, called "c".  If that c
points to the wrong place (or if that memory has been accessed using a
broken pointer), your program will malfunction.

In my opinion, there is a bug in your module code that writes to memory
that doesn't belong to it.  Note that sl_send_reply is probably a red
herring -- after all, you didn't modify it, did you?  Have a look at
http://www.adahome.com/articles/1997-05/bugtales/bugtales.3o4 for a
small sample of similar bugs.

Review your code to make sure that you only write as many bytes as you
have allocated.  If possible, have someone else look at your code.  The
first time I hit this kind of problem, it took me two days to find the
offending line; I had been allocating four bytes too few in one place
(which just happened to work on Alpha/AXP, due to its strict alignment
rules, but failed when I tried to port to x86).

Have fun,

Paul

-- 
P-a-u-l- -J-a-n-k-o-w-s-k-i
paul at teragen.com.au

 "A programmer," he said with obvious amazement, is the sort of person
"who
 drinks Coke in the morning."  -- Boston Globe article on The High Tech
Set

More information about the Serdev mailing list