Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 2115] Buildbot crash output: fuzz-2007-12-17-6822.pcap

Wireshark-bugs: [Wireshark-bugs] [Bug 2115] Buildbot crash output: fuzz-2007-12-17-6822.pcap

Date: Tue, 18 Dec 2007 04:08:13 +0000 (GMT)
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2115





------- Comment #1 from stephentfisher@xxxxxxxxx  2007-12-18 04:08 GMT -------
Backtrace on OS X:

Program received signal EXC_BAD_ACCESS, Could not access memory.
Reason: KERN_INVALID_ADDRESS at address: 0x206e6f75
0xffff07c7 in ___memcpy () at
/System/Library/Frameworks/System.framework/PrivateHeaders/i386/cpu_capabilities.h:228
228    
/System/Library/Frameworks/System.framework/PrivateHeaders/i386/cpu_capabilities.h:
No such file or directory.
        in
/System/Library/Frameworks/System.framework/PrivateHeaders/i386/cpu_capabilities.h
(gdb) bt
#0  0xffff07c7 in ___memcpy () at
/System/Library/Frameworks/System.framework/PrivateHeaders/i386/cpu_capabilities.h:228
#1  0x00000004 in ?? ()
#2  0x03dabf3d in tvb_memcpy (tvb=0xaf2a900, target=0x206e6f75, offset=0,
length=4) at tvbuff.c:1008
#3  0x04359ce7 in dissect_h245_Ipv4_network (tvb=0xaf3f128, offset=95,
actx=0xbfffd3d8, tree=0x90e4128, hf_index=19508) at h245.cnf:695
#4  0x041337b9 in dissect_per_sequence (tvb=0xaf3f128, offset=95,
actx=0xbfffd3d8, parent_tree=0x90e4128, hf_index=19507, ett_index=6036,
sequence=0x4f04e00) at packet-per.c:1530
#5  0x04359dc8 in dissect_h245_T_iPAddress (tvb=0xaf3f128, offset=94,
actx=0xbfffd3d8, tree=0x90e4128, hf_index=19507) at h245.cnf:722
#6  0x041335ce in dissect_per_choice (tvb=0xaf3f128, offset=90,
actx=0xbfffd3d8, tree=0x90e4128, hf_index=19505, ett_index=6035,
choice=0x4f04c60, value=0x0) at packet-per.c:1386
#7  0x0435a093 in dissect_h245_UnicastAddress (tvb=0xaf3f128, offset=90,
actx=0xbfffd3d8, tree=0x90e4128, hf_index=19505) at h245.cnf:866
#8  0x041335ce in dissect_per_choice (tvb=0xaf3f128, offset=88,
actx=0xbfffd3d8, tree=0x90e4128, hf_index=19470, ett_index=6034,
choice=0x4f04b40, value=0x0) at packet-per.c:1386
#9  0x0435a1d7 in dissect_h245_TransportAddress (tvb=0xaf3f128, offset=88,
actx=0xbfffd3d8, tree=0x90e4128, hf_index=19470) at h245.cnf:944
#10 0x0435a21f in dissect_h245_T_mediaChannel (tvb=0xaf3f128, offset=88,
actx=0xbfffd3d8, tree=0x90e4128, hf_index=19470) at h245.cnf:721
#11 0x041337b9 in dissect_per_sequence (tvb=0xaf3f128, offset=88,
actx=0xbfffd3d8, parent_tree=0x90e4128, hf_index=19363, ett_index=6012,
sequence=0x4f00240) at packet-per.c:1530
#12 0x0435a414 in dissect_h245_H2250LogicalChannelParameters (tvb=0xaf3f128,
offset=64, actx=0xbfffd3d8, tree=0x90e4128, hf_index=19363) at h245.cnf:824
#13 0x04133617 in dissect_per_choice (tvb=0xaf3f128, offset=48,
actx=0xbfffd3d8, tree=0x90e4128, hf_index=19359, ett_index=5975,
choice=0x4f04ae0, value=0x0) at packet-per.c:1388
#14 0x0435a469 in dissect_h245_OLC_forw_multiplexParameters (tvb=0xaf3f128,
offset=48, actx=0xbfffd3d8, tree=0x90e4128, hf_index=19359) at h245.cnf:851
#15 0x041337b9 in dissect_per_sequence (tvb=0xaf3f128, offset=48,
actx=0xbfffd3d8, parent_tree=0x90e4128, hf_index=19356, ett_index=5974,
sequence=0x4f04a80) at packet-per.c:1530
#16 0x0435a4c0 in dissect_h245_T_forwardLogicalChannelParameters
(tvb=0xaf3f128, offset=24, actx=0xbfffd3d8, tree=0x90e4128, hf_index=19356) at
h245.cnf:143
#17 0x041337b9 in dissect_per_sequence (tvb=0xaf3f128, offset=24,
actx=0xbfffd3d8, parent_tree=0x90e4128, hf_index=18641, ett_index=5973,
sequence=0x4f04760) at packet-per.c:1530
#18 0x0435aa57 in dissect_h245_OpenLogicalChannel (tvb=0xaf3f128, offset=0,
actx=0xbfffd3d8, tree=0x90e4128, hf_index=18641) at h245.cnf:118
#19 0x043610cd in dissect_h245_OpenLogicalChannelCodec (tvb=0xaf3f128,
pinfo=0xc0ad498, tree=0x90e4128, codec_str=0xbfffd4ba "???yx\004B") at
h245.cnf:410
#20 0x0434c8d3 in dissect_h225_FastStart_item (tvb=0xaf2ac10, offset=528,
actx=0xbfffd9d8, tree=0x90e4128, hf_index=17883) at h225.cnf:275
#21 0x041306eb in dissect_per_sequence_of_helper (tvb=0xaf2ac10, offset=528,
actx=0xbfffd9d8, tree=0x90de768, func=0x434c7df <dissect_h225_FastStart_item>,
hf_index=17883, length=8) at packet-per.c:496
#22 0x041310d9 in dissect_per_sequence_of (tvb=0xaf2ac10, offset=520,
actx=0xbfffd9d8, parent_tree=0x90de768, hf_index=17815, ett_index=5545,
seq=0x4ef3360) at packet-per.c:527
#23 0x0434c927 in dissect_h225_FastStart (tvb=0xaf2ac10, offset=520,
actx=0xbfffd9d8, tree=0x90de768, hf_index=17815) at h225.cnf:295
#24 0x04133aa8 in dissect_per_sequence (tvb=0xaf2ac10, offset=504,
actx=0xbfffd9d8, parent_tree=0x90de768, hf_index=17772, ett_index=5541,
sequence=0x4ef3f20) at packet-per.c:1616
#25 0x0434dc56 in dissect_h225_Setup_UUIE (tvb=0xaf2ac10, offset=8,
actx=0xbfffd9d8, tree=0x90de768, hf_index=17772) at h225.cnf:385
#26 0x041335ce in dissect_per_choice (tvb=0xaf2ac10, offset=4, actx=0xbfffd9d8,
tree=0x90de768, hf_index=17771, ett_index=5523, choice=0x4ef2fe0,
value=0xbfffd7ac) at packet-per.c:1386
#27 0x0434e809 in dissect_h225_T_h323_message_body (tvb=0xaf2ac10, offset=4,
actx=0xbfffd9d8, tree=0x90de768, hf_index=17771) at h225.cnf:244
#28 0x041337b9 in dissect_per_sequence (tvb=0xaf2ac10, offset=4,
actx=0xbfffd9d8, parent_tree=0x90de768, hf_index=17767, ett_index=5522,
sequence=0x4ef2e00) at packet-per.c:1530
#29 0x0434eda1 in dissect_h225_H323_UU_PDU (tvb=0xaf2ac10, offset=2,
actx=0xbfffd9d8, tree=0x90de768, hf_index=17767) at h225.cnf:616
#30 0x041337b9 in dissect_per_sequence (tvb=0xaf2ac10, offset=2,
actx=0xbfffd9d8, parent_tree=0x90de768, hf_index=17764, ett_index=5520,
sequence=0x4ef2d80) at packet-per.c:1530
#31 0x04351789 in dissect_h225_H323UserInformation (tvb=0xaf2ac10,
pinfo=0xc0ad498, tree=0x90e8488) at h225.cnf:656
#32 0x03d854a7 in call_dissector_through_handle (handle=0xa3407a0,
tvb=0xaf2ac10, pinfo=0xc0ad498, tree=0x90e8488) at packet.c:394
#33 0x03d85b1c in call_dissector_work (handle=0xa3407a0, tvb=0xaf2ac10,
pinfo_arg=0xc0ad498, tree=0x90e8488) at packet.c:485
#34 0x03d870a8 in call_dissector (handle=0xa3407a0, tvb=0xaf2ac10,
pinfo=0xc0ad498, tree=0x90e8488) at packet.c:1787
#35 0x0415a17d in dissect_q931_IEs (tvb=0xaf2af90, pinfo=0xc0ad498,
root_tree=0x90e8488, q931_tree=0x90db4e0, is_tpkt=1, offset=47,
initial_codeset=0) at packet-q931.c:2692
#36 0x0415c08f in dissect_q931_pdu (tvb=0xaf2af90, pinfo=0xc0ad498,
tree=0x90e8488, is_tpkt=1) at packet-q931.c:2450
#37 0x03d854cb in call_dissector_through_handle (handle=0xa35cab0,
tvb=0xaf2af90, pinfo=0xc0ad498, tree=0x90e8488) at packet.c:396
#38 0x03d85b1c in call_dissector_work (handle=0xa35cab0, tvb=0xaf2af90,
pinfo_arg=0xc0ad498, tree=0x90e8488) at packet.c:485
#39 0x03d870a8 in call_dissector (handle=0xa35cab0, tvb=0xaf2af90,
pinfo=0xc0ad498, tree=0x90e8488) at packet.c:1787
#40 0x0425df9b in dissect_tpkt_encap (tvb=0xaf2a3c0, pinfo=0xc0ad498,
tree=0x90e8488, desegment=1, subdissector_handle=0xa35cab0) at
packet-tpkt.c:554
#41 0x0415c762 in dissect_q931_tpkt_heur (tvb=0xaf2a3c0, pinfo=0xc0ad498,
tree=0x90e8488) at packet-q931.c:3080
#42 0x03d86bda in dissector_try_heuristic (sub_dissectors=0xa71b218,
tvb=0xaf2a3c0, pinfo=0xc0ad498, tree=0x90e8488) at packet.c:1595
#43 0x042484ff in decode_tcp_ports (tvb=0xaf2aba0, offset=20, pinfo=0xc0ad498,
tree=0x90e8488, src_port=36215, dst_port=1720, tcpd=0xb3dcea0) at
packet-tcp.c:2383
#44 0x0424899a in process_tcp_payload (tvb=0xaf2aba0, offset=20,
pinfo=0xc0ad498, tree=0x90e8488, tcp_tree=0x90e8338, src_port=36215,
dst_port=1720, seq=0, nxtseq=0, is_tcp_segment=0, tcpd=0xb3dcea0) at
packet-tcp.c:2427
#45 0x04248e8a in dissect_tcp_payload (tvb=0xaf2aba0, pinfo=0xc0ad498,
offset=20, seq=1, nxtseq=450, sport=36215, dport=1720, tree=0x90e8488,
tcp_tree=0x90e8338, tcpd=0xb3dcea0) at packet-tcp.c:1495
#46 0x0424ab2a in dissect_tcp (tvb=0xaf2aba0, pinfo=0xc0ad498, tree=0x90e8488)
at packet-tcp.c:3154
#47 0x03d854cb in call_dissector_through_handle (handle=0xa8fbc10,
tvb=0xaf2aba0, pinfo=0xc0ad498, tree=0x90e8488) at packet.c:396
#48 0x03d85b1c in call_dissector_work (handle=0xa8fbc10, tvb=0xaf2aba0,
pinfo_arg=0xc0ad498, tree=0x90e8488) at packet.c:485
#49 0x03d85ebb in dissector_try_port (sub_dissectors=0xa34f740, port=6,
tvb=0xaf2aba0, pinfo=0xc0ad498, tree=0x90e8488) at packet.c:870
#50 0x04015c8b in dissect_ip (tvb=0xaf2ab30, pinfo=0xc0ad498,
parent_tree=0x90e8488) at packet-ip.c:1564
#51 0x03d854cb in call_dissector_through_handle (handle=0xa34f790,
tvb=0xaf2ab30, pinfo=0xc0ad498, tree=0x90e8488) at packet.c:396
#52 0x03d85b1c in call_dissector_work (handle=0xa34f790, tvb=0xaf2ab30,
pinfo_arg=0xc0ad498, tree=0x90e8488) at packet.c:485
#53 0x03d85ebb in dissector_try_port (sub_dissectors=0xa33d330, port=2048,
tvb=0xaf2ab30, pinfo=0xc0ad498, tree=0x90e8488) at packet.c:870
#54 0x03f62400 in ethertype (etype=2048, tvb=0xaf2aa88, offset_after_etype=14,
pinfo=0xc0ad498, tree=0x90e8488, fh_tree=0x90e1fd0, etype_id=13464,
trailer_id=13466, fcs_len=-1) at packet-ethertype.c:214
#55 0x03f5f15f in dissect_eth_common (tvb=0xaf2aa88, pinfo=0xc0ad498,
parent_tree=0x90e8488, fcs_len=-1) at packet-eth.c:338
#56 0x03d854cb in call_dissector_through_handle (handle=0xa8cf8a0,
tvb=0xaf2aa88, pinfo=0xc0ad498, tree=0x90e8488) at packet.c:396
#57 0x03d85b1c in call_dissector_work (handle=0xa8cf8a0, tvb=0xaf2aa88,
pinfo_arg=0xc0ad498, tree=0x90e8488) at packet.c:485
#58 0x03d85ebb in dissector_try_port (sub_dissectors=0xa33e540, port=1,
tvb=0xaf2aa88, pinfo=0xc0ad498, tree=0x90e8488) at packet.c:870
#59 0x03f9144f in dissect_frame (tvb=0xaf2aa88, pinfo=0xc0ad498,
parent_tree=0x90e8488) at packet-frame.c:300
#60 0x03d854cb in call_dissector_through_handle (handle=0xa33e5c0,
tvb=0xaf2aa88, pinfo=0xc0ad498, tree=0x90e8488) at packet.c:396
#61 0x03d85b1c in call_dissector_work (handle=0xa33e5c0, tvb=0xaf2aa88,
pinfo_arg=0xc0ad498, tree=0x90e8488) at packet.c:485
#62 0x03d870a8 in call_dissector (handle=0xa33e5c0, tvb=0xaf2aa88,
pinfo=0xc0ad498, tree=0x90e8488) at packet.c:1787
#63 0x03d87587 in dissect_packet (edt=0xc0ad490, pseudo_header=0xb288a5c,
pd=0x90a8000 "", fd=0xaf41340, cinfo=0x1702ec) at packet.c:332
#64 0x0000d9aa in add_packet_to_packet_list (fdata=0xaf41340, cf=0x1601d0,
dfcode=0x0, pseudo_header=0xb288a5c, buf=0x90a8000 "", refilter=1) at
file.c:960
#65 0x0000dd39 in read_packet (cf=0x1601d0, dfcode=0x0, offset=775545) at
file.c:1094
#66 0x0000e64b in cf_read (cf=0x1601d0) at file.c:496
#67 0x0001acd3 in main (argc=0, argv=0xbffff7e8) at main.c:3025


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
References:
- [Wireshark-bugs] [Bug 2115] New: Buildbot crash output: fuzz-2007-12-17-6822.pcap
  - From: bugzilla-daemon
Prev by Date: [Wireshark-bugs] [Bug 2118] Buildbot crash output: fuzz-2007-12-17-23622.pcap
Next by Date: [Wireshark-bugs] [Bug 2113] Buildbot crash output: fuzz-2007-12-17-30092.pcap
Previous by thread: [Wireshark-bugs] [Bug 2115] New: Buildbot crash output: fuzz-2007-12-17-6822.pcap
Next by thread: [Wireshark-bugs] [Bug 2115] Buildbot crash output: fuzz-2007-12-17-6822.pcap
Index(es):
- Date
- Thread