Wireshark-bugs: [Wireshark-bugs] [Bug 1151] Tshark segfaults with lots of IP addresses on eth de

Date: Tue, 10 Oct 2006 19:14:24 +0000 (GMT)
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1151





------- Comment #6 from tamas@xxxxxxxx  2006-10-10 19:14 GMT -------
(In reply to comment #5)
> version with my fix), build it, and then either install it and rebuild
> Wireshark with it, or configure it with "./configure --prefix=/usr
> --enable-ipv6" and build it with "make shared" and "make install-shared" (this
> will replace the libpcap shared library).

Installed, reinstalled, and it seems that it worked but unfortunately, compared
to tcpdump, it's still starts very slowly. I've attached a strace and saw huge
amounts of 'brk()'s so I've debugged inet.c a bit more:

brk(0x8dba000)                          = 0x8dba000
brk(0x8ddb000)                          = 0x8ddb000
brk(0x8dfc000)                          = 0x8dfc000
brk(0x8e1d000)                          = 0x8e1d000
brk(0x8e3e000)                          = 0x8e3e000
brk(0x8e5f000)                          = 0x8e5f000
brk(0x8e80000)                          = 0x8e80000
brk(0x8ea1000)                          = 0x8ea1000
brk(0x8ec2000)                          = 0x8ec2000
brk(0x8ee3000)                          = 0x8ee3000
brk(0x8f04000)                          = 0x8f04000
brk(0x8f25000)                          = 0x8f25000
brk(0x8f46000)                          = 0x8f46000
brk(0x8f67000)                          = 0x8f67000
brk(0x8f88000)                          = 0x8f88000
munmap(0xb4496000, 17100800)            = 0
socket(PF_PACKET, SOCK_DGRAM, 768)      = 4
ioctl(4, SIOCGIFINDEX, {ifr_name="lo", ifr_index=3}) = 0
close(4)                                = 0
open("/sys/kernel/debug/usbmon", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) =
-1 ENOENT (No such file or directory)

so I've put some debugging printfs to inet.c and got this

- first, it reaches:
247                         /*
248                          * Are we at the end of the list?
249                          */
250                         if (nextdev == NULL) {
251                                 /*
252                                  * Yes - we have to put the new entry
253                                  * after "prevdev".
254                                  */
255                                 printf("nextdev == NULL\n");
256                                 break;
257                         }
(it's still okay now)

- next it goes to:
432         /*
433          * Find the end of the list of addresses.
434          */
435         for (prevaddr = curdev->addresses; prevaddr != NULL; prevaddr =
nextaddr) {
436                 nextaddr = prevaddr->next;
437                 if (nextaddr == NULL) {
438                         /*
439                          * This is the end of the list.
440                          */
441                         printf("end of the list\n");
442                         break;
443                 }
444         }
(as it's found every interface)

- but right after this it goes back to the beginning of the loop and flaps
between this
137         /*
138          * Is there already an entry in the list for this interface?
139          */
140         for (curdev = *alldevs; curdev != NULL; curdev = curdev->next) {
141                 if (strcmp(name, curdev->name) == 0)
142                         printf("counting interfaces before finding, name,
curdev->name: %s, %s\n", name, curdev->name);
143                         break;  /* yes, we found it */
144         }

- and the "end of the line" part. 

So I assume it still goes through my eth0 because of the many IP addresses.
The problem is it is slow with many IP addresses before reaching this function
in inet.c. I know it's not a specific bug report, but I hope that I'll have
time to debug it more this week.

> The stack trace appears to be for a SIGABRT crash, not a SIGSEGV crash; did you
> interrupt TShark with "kill -ABRT" (or "kill -6")?

Yes.

> Do you have a stack trace from the SIGSEGV you get when you type ^C?

No. Unfortunately it says there's no stack trace (I'm no debugger so if you
have any ideas why is it happening, let me know) but it shows backtrace when I
attach to the process.

Before I was attaching strace to the process, it seemed to "hang" after a load
of debugging messages, and it seemed to wait for something. After attaching
strace, the debugging messages I've inserted were scrollig (kinda strage, just
any case you have an idea why).

When I've attached gdb to the running and kinda stuck tshark process I've got

add_addr_to_iflist (alldevs=0xbfdde188, name=0xb514d5c8 "eth0", flags=69699,
addr=0xb514d574, addr_size=16, netmask=0xb514d590, netmask_size=16,
    broadaddr=0xb514d5ac, broadaddr_size=16, dstaddr=0x0, dstaddr_size=0,
errbuf=0xbfdde1f8 "`áÝżtáÝżÇEúˇ`áÝż hűˇ\b") at inet.c:437
437     inet.c: No such file or directory.
        in inet.c
(gdb) bt
#0  add_addr_to_iflist (alldevs=0xbfdde188, name=0xb514d5c8 "eth0",
flags=69699, addr=0xb514d574, addr_size=16, netmask=0xb514d590,
netmask_size=16,
    broadaddr=0xb514d5ac, broadaddr_size=16, dstaddr=0x0, dstaddr_size=0,
errbuf=0xbfdde1f8 "`áÝżtáÝżÇEúˇ`áÝż hűˇ\b") at inet.c:437
#1  0xb6c4ba0e in pcap_findalldevs (alldevsp=0xbfdde1b8, errbuf=0xbfdde1f8
"`áÝżtáÝżÇEúˇ`áÝż hűˇ\b") at fad-getad.c:252
#2  0x0804ec0c in get_interface_list_findalldevs (err=0xbfdde2f8,
err_str=0xbfdde1f8 "`áÝżtáÝżÇEúˇ`áÝż hűˇ\b") at
capture-pcap-util.c:258
#3  0x0804e9fb in get_interface_list (err=0xbfdde2f8, err_str=0xbfdde1f8
"`áÝżtáÝżÇEúˇ`áÝż hűˇ\b") at capture-pcap-util-unix.c:80
#4  0x0804f2e4 in get_interface_descriptive_name (if_name=0x8341180 "eth0") at
capture_ui_utils.c:123
#5  0x08060c7b in capture () at tshark.c:1624
#6  0x08062e1a in main (argc=3, argv=0xbfdef8e4) at tshark.c:1490

Line 437 in inet.c is the last line here:

        for (prevaddr = curdev->addresses; prevaddr != NULL; prevaddr =
nextaddr) {
                nextaddr = prevaddr->next;
                if (nextaddr == NULL) {

Does it mean any help to you?

Thank you :)


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.