Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 2978] New: Crash in Reassembly

Wireshark-bugs: [Wireshark-bugs] [Bug 2978] New: Crash in Reassembly

Date: Sat, 18 Oct 2008 04:15:41 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2978

           Summary: Crash in Reassembly
           Product: Wireshark
           Version: 1.0.0
          Platform: Sun
        OS/Version: Linux (other)
            Status: NEW
          Severity: Blocker
          Priority: Low
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: arun2.b@xxxxxxxxxxx


Build Information:
n g_mem_chunk_free () from /usr/lib/libglib-2.0.so.0
#1  0x00e5f689 in fragment_unhash (fragment_table=0x0, key=0xad5c188) at
reassemble.c:596
#2  0x00e60829 in fragment_add_seq_check_work (tvb=0xada94d8, offset=0,
pinfo=0xc5513e8, id=63, fragment_table=0xa2c2870, reassembled_table=0xa2c2960,
frag_number=0, frag_data_len=11, 
    more_frags=0, flags=4294967295) at reassemble.c:1648
#3  0x01271b09 in dissect_internal (tvb=0xc51df68, pinfo=0xc5513e8,
tree=0xa7109d0) at packet-internal.c:1030
#4  0x00e4cc27 in call_dissector_through_handle (handle=0xa090b08,
tvb=0xc51df68, pinfo=0xc5513e8, tree=0xa7109d0) at packet.c:409
#5  0x00e4d199 in call_dissector_work (handle=0xa090b08, tvb=0xc51df68,
pinfo_arg=0xc5513e8, tree=0xa7109d0) at packet.c:498
#6  0x00e4e824 in call_dissector (handle=0xa090b08, tvb=0xc51df68,
pinfo=0xc5513e8, tree=0xa7109d0) at packet.c:1800
#7  0x0126ff52 in dissect_mac_d (tvb=0xc7800b8, pinfo=0xc5513e8,
tree=0xa7109d0) at packet-umts_mac.c:717
#8  0x00e4cc27 in call_dissector_through_handle (handle=0x9f6fec0,
tvb=0xc7800b8, pinfo=0xc5513e8, tree=0xa7109d0) at packet.c:409
#9  0x00e4d199 in call_dissector_work (handle=0x9f6fec0, tvb=0xc7800b8,
pinfo_arg=0xc5513e8, tree=0xa7109d0) at packet.c:498
#10 0x00e4e824 in call_dissector (handle=0x9f6fec0, tvb=0xc7800b8,
pinfo=0xc5513e8, tree=0xa7109d0) at packet.c:1800
#11 0x0120bd13 in dissect_dch_channel_info (tvb=0xafaa700, pinfo=0xc5513e8,
tree=0xa512ab8, offset=209191096, p_fp_info=0xb554a488) at
packet-umts_fp.c:3009
#12 0x0120d93f in dissect_fp_heur (tvb=0xafaa700, pinfo=0xc5513e8,
tree=0xa7109d0) at packet-umts_fp.c:3513
#13 0x00e4e2d8 in dissector_try_heuristic (sub_dissectors=0x9eea0b8,
tvb=0xafaa700, pinfo=0xc5513e8, tree=0xa7109d0) at packet.c:1608
#14 0x0120520e in decode_udp_ports (tvb=0xc780084, offset=209191044,
pinfo=0xc5513e8, tree=0xa7109d0, uh_sport=16013, uh_dport=9010, uh_ulen=34) at
packet-udp.c:132
#15 0x01205891 in dissect (tvb=0xc780084, pinfo=0xc5513e8, tree=0xa7109d0,
ip_proto=17) at packet-udp.c:432
#16 0x00e4cc27 in call_dissector_through_handle (handle=0xa2d56d8,
tvb=0xc780084, pinfo=0xc5513e8, tree=0xa7109d0) at packet.c:409
#17 0x00e4d199 in call_dissector_work (handle=0xa2d56d8, tvb=0xc780084,
pinfo_arg=0xc5513e8, tree=0xa7109d0) at packet.c:498
#18 0x00e4d5a6 in dissector_try_port (sub_dissectors=0x0, port=17,
tvb=0xc780084, pinfo=0xc5513e8, tree=0xa7109d0) at packet.c:883
#19 0x01052a00 in dissect_ip (tvb=0xae4ae38, pinfo=0xc5513e8,
parent_tree=0xa7109d0) at packet-ip.c:1564
#20 0x00e4cc27 in call_dissector_through_handle (handle=0x9f4c678,
tvb=0xae4ae38, pinfo=0xc5513e8, tree=0xa7109d0) at packet.c:409
#21 0x00e4d199 in call_dissector_work (handle=0x9f4c678, tvb=0xae4ae38,
pinfo_arg=0xc5513e8, tree=0xa7109d0) at packet.c:498
#22 0x00e4d5a6 in dissector_try_port (sub_dissectors=0x0, port=2048,
tvb=0xae4ae38, pinfo=0xc5513e8, tree=0xa7109d0) at packet.c:883
#23 0x00fba932 in ethertype (etype=2048, tvb=0xbb04948, offset_after_etype=16,
pinfo=0xc5513e8, tree=0xa7109d0, fh_tree=0xa710988, etype_id=57355,
trailer_id=57356, fcs_len=0)
    at packet-ethertype.c:215
#24 0x01197eaa in dissect_sll (tvb=0xbb04948, pinfo=0xc5513e8, tree=0xa7109d0)
at packet-sll.c:281
#25 0x00e4cc27 in call_dissector_through_handle (handle=0xa2d3050,
tvb=0xbb04948, pinfo=0xc5513e8, tree=0xa7109d0) at packet.c:409
#26 0x00e4d199 in call_dissector_work (handle=0xa2d3050, tvb=0xbb04948,
pinfo_arg=0xc5513e8, tree=0xa7109d0) at packet.c:498
#27 0x00e4d5a6 in dissector_try_port (sub_dissectors=0x0, port=25,
tvb=0xbb04948, pinfo=0xc5513e8, tree=0xa7109d0) at packet.c:883
#28 0x00febb66 in dissect_frame (tvb=0xbb04948, pinfo=0xc5513e8,
parent_tree=0xa7109d0) at packet-frame.c:305
#29 0x00e4cc27 in call_dissector_through_handle (handle=0x9efd080,
tvb=0xbb04948, pinfo=0xc5513e8, tree=0xa7109d0) at packet.c:409
#30 0x00e4d199 in call_dissector_work (handle=0x9efd080, tvb=0xbb04948,
pinfo_arg=0xc5513e8, tree=0xa7109d0) at packet.c:498
#31 0x00e4e824 in call_dissector (handle=0x9efd080, tvb=0xbb04948,
pinfo=0xc5513e8, tree=0xa7109d0) at packet.c:1800
#32 0x00e4ecc6 in dissect_packet (edt=0xc5513e0, pseudo_header=0x0,
pd=0xa51cb98 "", fd=0xb517efd4, cinfo=0x0) at packet.c:345
#33 0x00e46bf9 in epan_dissect_run (edt=0xc5513e0, pseudo_header=0xa42f984,
data=0xa51cb98 "", fd=0xb517efd4, cinfo=0x819079c) at epan.c:161
#34 0x0806d8a7 in add_packet_to_packet_list (fdata=0xb517efd4, cf=0x8180680,
dfcode=0x0, pseudo_header=0xa42f984, buf=0xa51cb98 "", refilter=1) at
file.c:966
#35 0x0806db7f in read_packet (cf=0x8180680, dfcode=0x0, offset=8963139) at
file.c:1103
#36 0x0806e2f6 in cf_read (cf=0x8180680) at file.c:497
#37 0x08071ba5 in cf_reload (cf=0x8180680) at file.c:3859
#38 0x002030ae in g_cclosure_marshal_VOID__VOID () from
/usr/lib/libgobject-2.0.so.0
#39 0x001eb347 in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#40 0x0020094e in g_signal_has_handler_pending () from
/usr/lib/libgobject-2.0.so.0
#41 0x002029bc in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
#42 0x00202b1c in g_signal_emit_by_name () from /usr/lib/libgobject-2.0.so.0
#43 0x03cc4ee2 in gtk_tool_button_get_type () from /usr/lib/libgtk-x11-2.0.so.0
#44 0x002030ae in g_cclosure_marshal_VOID__VOID () from
/usr/lib/libgobject-2.0.so.0
#45 0x001eb347 in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#46 0x0020094e in g_signal_has_handler_pending () from
/usr/lib/libgobject-2.0.so.0
#47 0x002029bc in g_signal_emit_valist () from /usr/lib/libgobject-2.0.so.0
#48 0x00202c5a in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
#49 0x03b632b4 in gtk_button_clicked () from /usr/lib/libgtk-x11-2.0.so.0

--
Hi,
I am encountering a problem with Reassembly. G_mem_chunk_free is failing. I am
not able to trace the possible reasons. I have written my new dissector which
used reasssembly. The dissector uses a lot memory. Is memory leak cause of this
problem. I am not able to find any possible solutions. THE PROBLEM OCCURS ONLY
DURING REFRESING. :)...


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
Follow-Ups:
- [Wireshark-bugs] [Bug 2978] Crash in Reassembly
  - From: bugzilla-daemon
Prev by Date: [Wireshark-bugs] [Bug 2977] Non-printable charaters in code page 936
Next by Date: [Wireshark-bugs] [Bug 2978] Crash in Reassembly
Previous by thread: [Wireshark-bugs] [Bug 2977] Non-printable charaters in code page 936
Next by thread: [Wireshark-bugs] [Bug 2978] Crash in Reassembly
Index(es):
- Date
- Thread