Wireshark-bugs: [Wireshark-bugs] [Bug 1151] Tshark segfaults with lots of IP addresses on eth de
Date: Tue, 10 Oct 2006 19:14:24 +0000 (GMT)
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1151 ------- Comment #6 from tamas@xxxxxxxx 2006-10-10 19:14 GMT ------- (In reply to comment #5) > version with my fix), build it, and then either install it and rebuild > Wireshark with it, or configure it with "./configure --prefix=/usr > --enable-ipv6" and build it with "make shared" and "make install-shared" (this > will replace the libpcap shared library). Installed, reinstalled, and it seems that it worked but unfortunately, compared to tcpdump, it's still starts very slowly. I've attached a strace and saw huge amounts of 'brk()'s so I've debugged inet.c a bit more: brk(0x8dba000) = 0x8dba000 brk(0x8ddb000) = 0x8ddb000 brk(0x8dfc000) = 0x8dfc000 brk(0x8e1d000) = 0x8e1d000 brk(0x8e3e000) = 0x8e3e000 brk(0x8e5f000) = 0x8e5f000 brk(0x8e80000) = 0x8e80000 brk(0x8ea1000) = 0x8ea1000 brk(0x8ec2000) = 0x8ec2000 brk(0x8ee3000) = 0x8ee3000 brk(0x8f04000) = 0x8f04000 brk(0x8f25000) = 0x8f25000 brk(0x8f46000) = 0x8f46000 brk(0x8f67000) = 0x8f67000 brk(0x8f88000) = 0x8f88000 munmap(0xb4496000, 17100800) = 0 socket(PF_PACKET, SOCK_DGRAM, 768) = 4 ioctl(4, SIOCGIFINDEX, {ifr_name="lo", ifr_index=3}) = 0 close(4) = 0 open("/sys/kernel/debug/usbmon", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = -1 ENOENT (No such file or directory) so I've put some debugging printfs to inet.c and got this - first, it reaches: 247 /* 248 * Are we at the end of the list? 249 */ 250 if (nextdev == NULL) { 251 /* 252 * Yes - we have to put the new entry 253 * after "prevdev". 254 */ 255 printf("nextdev == NULL\n"); 256 break; 257 } (it's still okay now) - next it goes to: 432 /* 433 * Find the end of the list of addresses. 434 */ 435 for (prevaddr = curdev->addresses; prevaddr != NULL; prevaddr = nextaddr) { 436 nextaddr = prevaddr->next; 437 if (nextaddr == NULL) { 438 /* 439 * This is the end of the list. 440 */ 441 printf("end of the list\n"); 442 break; 443 } 444 } (as it's found every interface) - but right after this it goes back to the beginning of the loop and flaps between this 137 /* 138 * Is there already an entry in the list for this interface? 139 */ 140 for (curdev = *alldevs; curdev != NULL; curdev = curdev->next) { 141 if (strcmp(name, curdev->name) == 0) 142 printf("counting interfaces before finding, name, curdev->name: %s, %s\n", name, curdev->name); 143 break; /* yes, we found it */ 144 } - and the "end of the line" part. So I assume it still goes through my eth0 because of the many IP addresses. The problem is it is slow with many IP addresses before reaching this function in inet.c. I know it's not a specific bug report, but I hope that I'll have time to debug it more this week. > The stack trace appears to be for a SIGABRT crash, not a SIGSEGV crash; did you > interrupt TShark with "kill -ABRT" (or "kill -6")? Yes. > Do you have a stack trace from the SIGSEGV you get when you type ^C? No. Unfortunately it says there's no stack trace (I'm no debugger so if you have any ideas why is it happening, let me know) but it shows backtrace when I attach to the process. Before I was attaching strace to the process, it seemed to "hang" after a load of debugging messages, and it seemed to wait for something. After attaching strace, the debugging messages I've inserted were scrollig (kinda strage, just any case you have an idea why). When I've attached gdb to the running and kinda stuck tshark process I've got add_addr_to_iflist (alldevs=0xbfdde188, name=0xb514d5c8 "eth0", flags=69699, addr=0xb514d574, addr_size=16, netmask=0xb514d590, netmask_size=16, broadaddr=0xb514d5ac, broadaddr_size=16, dstaddr=0x0, dstaddr_size=0, errbuf=0xbfdde1f8 "`áÝżtáÝżÇEúˇ`áÝż hűˇ\b") at inet.c:437 437 inet.c: No such file or directory. in inet.c (gdb) bt #0 add_addr_to_iflist (alldevs=0xbfdde188, name=0xb514d5c8 "eth0", flags=69699, addr=0xb514d574, addr_size=16, netmask=0xb514d590, netmask_size=16, broadaddr=0xb514d5ac, broadaddr_size=16, dstaddr=0x0, dstaddr_size=0, errbuf=0xbfdde1f8 "`áÝżtáÝżÇEúˇ`áÝż hűˇ\b") at inet.c:437 #1 0xb6c4ba0e in pcap_findalldevs (alldevsp=0xbfdde1b8, errbuf=0xbfdde1f8 "`áÝżtáÝżÇEúˇ`áÝż hűˇ\b") at fad-getad.c:252 #2 0x0804ec0c in get_interface_list_findalldevs (err=0xbfdde2f8, err_str=0xbfdde1f8 "`áÝżtáÝżÇEúˇ`áÝż hűˇ\b") at capture-pcap-util.c:258 #3 0x0804e9fb in get_interface_list (err=0xbfdde2f8, err_str=0xbfdde1f8 "`áÝżtáÝżÇEúˇ`áÝż hűˇ\b") at capture-pcap-util-unix.c:80 #4 0x0804f2e4 in get_interface_descriptive_name (if_name=0x8341180 "eth0") at capture_ui_utils.c:123 #5 0x08060c7b in capture () at tshark.c:1624 #6 0x08062e1a in main (argc=3, argv=0xbfdef8e4) at tshark.c:1490 Line 437 in inet.c is the last line here: for (prevaddr = curdev->addresses; prevaddr != NULL; prevaddr = nextaddr) { nextaddr = prevaddr->next; if (nextaddr == NULL) { Does it mean any help to you? Thank you :) -- Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
- References:
- Prev by Date: [Wireshark-bugs] [Bug 120] RTP Analysis always crashes (reproducibly)
- Next by Date: [Wireshark-bugs] [Bug 1155] New: file attach error on bugzilla.
- Previous by thread: [Wireshark-bugs] [Bug 1151] Tshark segfaults with lots of IP addresses on eth device
- Next by thread: [Wireshark-bugs] [Bug 1152] New: path not found !
- Index(es):