Ethereal-dev: [Ethereal-dev] Ethereal 0.9.1 segfault during filtering (w/gdb backtrace)

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Erik Inge Bolsø <knan@xxxxxxxxxxxxx>
Date: Fri, 8 Feb 2002 15:55:51 +0100 (CET)
Loaded a ~160M tcpdump from our lan, then did a "follow tcp stream" on a
random stream near the end. It aborts with this:

erik@maskingreie:~$ ethereal -r /mnt/monster/LANet-8-feb-2002.tcpdump

** ERROR **: file proto.c: line 1613 (alloc_field_info): assertion failed:
(tvb != NULL || length == 0)
aborting...
Aborted (core dumped)

erik@maskingreie:~/download/ethereal-0.9.1$ ethereal -v
ethereal 0.9.1, with GTK+ 1.2.8, with GLib 1.2.8, with libpcap 0.6, with
libz 1.1.3, with UCD SNMP 4.2.1

A backtrace:

#0  0x403e99f1 in __kill () from /lib/libc.so.6
#1  0x403e96d4 in raise (sig=6) at ../sysdeps/posix/raise.c:27
#2  0x403eae31 in abort () at ../sysdeps/generic/abort.c:88
#3  0x40290bfe in g_logv () at eval.c:88
#4  0x40290cb2 in g_log () at eval.c:88
#5  0x81d2bf2 in alloc_field_info (tree=0x847a514, hfindex=3937, tvb=0x0,
start=0, length=-1)
    at proto.c:1613
#6  0x81d16ca in proto_tree_add_item (tree=0x847a514, hfindex=3937,
tvb=0x0, start=0, length=-1,
    little_endian=0) at proto.c:534
#7  0x8144516 in dissect_mailslot_smb (mshdr_tvb=0x0, setup_tvb=0x0,
tvb=0x84753d0, mailslot=0x0,
    pinfo=0xa056da8, parent_tree=0x847a514) at packet-smb-mailslot.c:134
#8  0x8141287 in dissect_transaction_response (tvb=0x8475368,
pinfo=0xa056da8, tree=0xbbc55fc, offset=32,
    smb_tree=0xbbc5598) at packet-smb.c:11595
#9  0x81414da in dissect_smb_command (tvb=0x8475368, pinfo=0xa056da8,
top_tree=0x847a514, offset=32,
    smb_tree=0xbbc5598, cmd=37) at packet-smb.c:11956
#10 0x81424a2 in dissect_smb (tvb=0x8475368, pinfo=0xa056da8,
parent_tree=0x847a514) at packet-smb.c:14005
#11 0x81d0866 in dissector_try_heuristic (sub_dissectors=0x83708e8,
tvb=0x8475368, pinfo=0xa056da8,
    tree=0x847a514) at packet.c:840
#12 0x80f1de0 in dissect_netbios_payload (tvb=0x8475368, pinfo=0xa056da8,
tree=0x847a514)
    at packet-netbios.c:967
#13 0x80ed52f in dissect_nbss_packet (tvb=0x8475298, offset=0,
pinfo=0xa056da8, tree=0x847a514,
    max_data=164, is_cifs=1) at packet-nbns.c:1504
#14 0x80ed79f in dissect_nbss (tvb=0x8475298, pinfo=0xa056da8,
tree=0x847a514) at packet-nbns.c:1691
#15 0x81d024a in dissector_try_port (sub_dissectors=0x83ac478, port=445,
tvb=0x8475298, pinfo=0xa056da8,
    tree=0x847a514) at packet.c:491
#16 0x8155bca in decode_tcp_ports (tvb=0x84752cc, offset=20,
pinfo=0xa056da8, tree=0x847a514,
    src_port=445, dst_port=4410) at packet-tcp.c:807
#17 0x81567a7 in dissect_tcp (tvb=0x84752cc, pinfo=0xa056da8,
tree=0x847a514) at packet-tcp.c:1133
#18 0x81d024a in dissector_try_port (sub_dissectors=0x83778d0, port=6,
tvb=0x84752cc, pinfo=0xa056da8,
    tree=0x847a514) at packet.c:491
#19 0x80c2101 in dissect_ip (tvb=0x8475264, pinfo=0xa056da8,
tree=0x847a514) at packet-ip.c:1116
#20 0x81d024a in dissector_try_port (sub_dissectors=0x8375268, port=2048,
tvb=0x8475264, pinfo=0xa056da8,
    tree=0x847a514) at packet.c:491
#21 0x80a3d5b in ethertype (etype=2048, tvb=0x8475230,
offset_after_etype=14, pinfo=0xa056da8,
    tree=0x847a514, fh_tree=0xcdf8434, etype_id=735, trailer_id=737) at
packet-ethertype.c:156
#22 0x80a3b08 in dissect_eth (tvb=0x8475230, pinfo=0xa056da8,
tree=0x847a514) at packet-eth.c:230
#23 0x81d024a in dissector_try_port (sub_dissectors=0x83753e8, port=1,
tvb=0x8475230, pinfo=0xa056da8,
    tree=0x847a514) at packet.c:491
#24 0x80a518e in dissect_frame (tvb=0x8475230, pinfo=0xa056da8,
tree=0x847a514) at packet-frame.c:143
#25 0x81d0b7a in call_dissector (handle=0x83754c0, tvb=0x8475230,
pinfo=0xa056da8, tree=0x847a514)
    at packet.c:955
#26 0x81cff4e in dissect_packet (edt=0xa056da0, pseudo_header=0x835ffb4,
pd=0x8360044 "", fd=0xf81bc80,
    cinfo=0x8370058) at packet.c:242
#27 0x81cea0d in epan_dissect_run (edt=0xa056da0, pseudo_header=0x835ffb4,
data=0x8360044 "",
    fd=0xf81bc80, cinfo=0x8370058) at epan.c:103
#28 0x8182913 in add_packet_to_packet_list (fdata=0xf81bc80, cf=0x835ff40,
pseudo_header=0x835ffb4,
    buf=0x8360044 "", refilter=1) at file.c:667
#29 0x8182fce in rescan_packets (cf=0x835ff40, action=0x82d12b2
"Filtering", refilter=1, redissect=0)
    at file.c:1022
#30 0x8182d93 in filter_packets (cf=0x835ff40,
    dftext=0xe77b588 "(ip.addr eq 192.168.2.171 and ip.addr eq
213.184.194.34) and (tcp.port eq 1035 and tcp.port eq 3389)") at
file.c:868
#31 0x8191357 in follow_stream_cb (w=0x8402c08, data=0x84008d8) at
follow_dlg.c:217
#32 0x401b00c4 in gtk_item_factory_callback_marshal () at eval.c:88
#33 0x401be737 in gtk_marshal_NONE__NONE () at eval.c:88
#34 0x401e9988 in gtk_handlers_run () at eval.c:88
#35 0x401e8e82 in gtk_signal_real_emit () at eval.c:88
#36 0x401e716d in gtk_signal_emit () at eval.c:88
#37 0x40219dbc in gtk_widget_activate () at eval.c:88
#38 0x401c566b in gtk_menu_shell_activate_item () at eval.c:88
#39 0x401c4a83 in gtk_menu_shell_button_release () at eval.c:88
#40 0x401be419 in gtk_marshal_BOOL__POINTER () at eval.c:88
#41 0x401e8ebb in gtk_signal_real_emit () at eval.c:88
#42 0x401e716d in gtk_signal_emit () at eval.c:88
#43 0x40219c90 in gtk_widget_event () at eval.c:88
#44 0x401be39a in gtk_propagate_event () at eval.c:88
#45 0x401bd6f6 in gtk_main_do_event () at eval.c:88
#46 0x40261a36 in gdk_event_dispatch () at eval.c:88
#47 0x4028e717 in g_main_dispatch () at eval.c:88
#48 0x4028ecdb in g_main_iterate () at eval.c:88
#49 0x4028ee59 in g_main_run () at eval.c:88
#50 0x401bd069 in gtk_main () at eval.c:88
#51 0x81a5002 in main (argc=0, argv=0xbffff820) at main.c:1937
#52 0x403da2eb in __libc_start_main (main=0x81a40e8 <main>, argc=3,
ubp_av=0xbffff814,
    init=0x8067fcc <_init>, fini=0x81e928c <_fini>, rtld_fini=0x4000c130
<_dl_fini>, stack_end=0xbffff80c)
    at ../sysdeps/generic/libc-start.c:129

Any suggestions?

(0.9.0 segfaulted during loading of this tcpdump, so some bug must have
been fixed in 0.9.1)

--
Erik I. Bols� | email: <knan at mo.himolde.no>
The UNIX philosophy basically involves giving you enough rope to
hang yourself.  And then a couple of feet more, just to be sure.