Wireshark-dev: [Wireshark-dev] Getting a crash in UAT code (K12)

From: "Martin Mathieson" <martin.r.mathieson@xxxxxxxxxxxxxx>
Date: Mon, 28 Jul 2008 15:04:44 +0100
Hi,

I'm getting a crash that seems to be related to the K12 UAT file.

I get the following crash only when I try to load in a K12 capture file.

(lt-wireshark:25562): Pango-WARNING **: Invalid UTF-8 string passed to pango_layout_set_text()
14:54:17          Err  Per-packet memory corrupted.

Program received signal SIGABRT, Aborted.
[Switching to Thread 1111896624 (LWP 25562)]
0xffffe410 in __kernel_vsyscall ()
(gdb) bt
#0  0xffffe410 in __kernel_vsyscall ()
#1  0x4234c7d0 in raise () from /lib/libc.so.6
#2  0x4234dea3 in abort () from /lib/libc.so.6
#3  0x421de1bd in g_logv () from /opt/gnome/lib/libglib-2.0.so.0
#4  0x421de205 in g_log () from /opt/gnome/lib/libglib-2.0.so.0
#5  0x404846cb in ep_free_all () at emem.c:697
#6  0x40485ac7 in epan_dissect_run (edt=0x0, pseudo_header=0x0, data="" fd=0x0, cinfo=0x0) at epan.c:161
#7  0x08071bbe in add_packet_to_packet_list (fdata=0x8b348c0, cf=0x81af060, dfcode=0x0, pseudo_header=0x0, buf=0x0, refilter=1) at file.c:989
#8  0x08071e93 in read_packet (cf=0x81af060, dfcode=0x0, offset=14736) at file.c:1126
#9  0x08072696 in cf_read (cf=0x81af060) at file.c:520
#10 0x080fa5e2 in file_open_cmd (w=0x88ba460) at capture_file_dlg.c:663
#11 0x41f10599 in g_cclosure_marshal_VOID__VOID () from /opt/gnome/lib/libgobject-2.0.so.0
#12 0x41f038bd in g_closure_invoke () from /opt/gnome/lib/libgobject-2.0.so.0
#13 0x41f14243 in g_signal_connect_closure_by_id () from /opt/gnome/lib/libgobject-2.0.so.0
#14 0x41f15ac7 in g_signal_emit_valist () from /opt/gnome/lib/libgobject-2.0.so.0
#15 0x41f1716e in g_signal_emit_by_name () from /opt/gnome/lib/libgobject-2.0.so.0
#16 0x41c7e4e7 in gtk_tool_button_new_from_stock () from /opt/gnome/lib/libgtk-x11-2.0.so.0
#17 0x41f10599 in g_cclosure_marshal_VOID__VOID () from /opt/gnome/lib/libgobject-2.0.so.0
#18 0x41f038bd in g_closure_invoke () from /opt/gnome/lib/libgobject-2.0.so.0
#19 0x41f14243 in g_signal_connect_closure_by_id () from /opt/gnome/lib/libgobject-2.0.so.0
#20 0x41f15ac7 in g_signal_emit_valist () from /opt/gnome/lib/libgobject-2.0.so.0
#21 0x41f15c95 in g_signal_emit () from /opt/gnome/lib/libgobject-2.0.so.0
#22 0x41b05623 in gtk_button_clicked () from /opt/gnome/lib/libgtk-x11-2.0.so.0
#23 0x41b06efe in gtk_button_set_alignment () from /opt/gnome/lib/libgtk-x11-2.0.so.0
#24 0x41f10599 in g_cclosure_marshal_VOID__VOID () from /opt/gnome/lib/libgobject-2.0.so.0
#25 0x41f020c7 in g_value_set_static_boxed () from /opt/gnome/lib/libgobject-2.0.so.0
#26 0x41f038bd in g_closure_invoke () from /opt/gnome/lib/libgobject-2.0.so.0
#27 0x41f146da in g_signal_connect_closure_by_id () from /opt/gnome/lib/libgobject-2.0.so.0
#28 0x41f15ac7 in g_signal_emit_valist () from /opt/gnome/lib/libgobject-2.0.so.0
#29 0x41f15c95 in g_signal_emit () from /opt/gnome/lib/libgobject-2.0.so.0
#30 0x41b056b3 in gtk_button_released () from /opt/gnome/lib/libgtk-x11-2.0.so.0
#31 0x41b05711 in gtk_button_released () from /opt/gnome/lib/libgtk-x11-2.0.so.0
#32 0x41bd5bee in gtk_marshal_BOOLEAN__VOID () from /opt/gnome/lib/libgtk-x11-2.0.so.0
#33 0x41f020c7 in g_value_set_static_boxed () from /opt/gnome/lib/libgobject-2.0.so.0
#34 0x41f038bd in g_closure_invoke () from /opt/gnome/lib/libgobject-2.0.so.0
#35 0x41f14893 in g_signal_connect_closure_by_id () from /opt/gnome/lib/libgobject-2.0.so.0
#36 0x41f1588f in g_signal_emit_valist () from /opt/gnome/lib/libgobject-2.0.so.0
#37 0x41f15c95 in g_signal_emit () from /opt/gnome/lib/libgobject-2.0.so.0
#38 0x41cc08d8 in gtk_widget_get_default_style () from /opt/gnome/lib/libgtk-x11-2.0.so.0
#39 0x41bcf603 in gtk_propagate_event () from /opt/gnome/lib/libgtk-x11-2.0.so.0
#40 0x41bd0857 in gtk_main_do_event () from /opt/gnome/lib/libgtk-x11-2.0.so.0
#41 0x41dd758a in gdk_add_client_message_filter () from /opt/gnome/lib/libgdk-x11-2.0.so.0
#42 0x421d4abd in g_main_context_dispatch () from /opt/gnome/lib/libglib-2.0.so.0
#43 0x421d7cbf in g_main_context_check () from /opt/gnome/lib/libglib-2.0.so.0
#44 0x421d8069 in g_main_loop_run () from /opt/gnome/lib/libglib-2.0.so.0
#45 0x41bd0cd4 in gtk_main () from /opt/gnome/lib/libgtk-x11-2.0.so.0
#46 0x08089f48 in main (argc=0, argv=0xbf81d418) at main.c:2610
(gdb)                              




However, there seems to be some strange corruption during the call to uat_new(), as seen in this gdb session as wireshark was starting up (with no capture file specified).

./wireshark-gdb
GNU gdb 6.4
Copyright 2005 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i586-suse-linux"...Using host libthread_db library "/lib/libthread_db.so.1".

(gdb) b uat.c:78
No source file named uat.c.
Make breakpoint pending on future shared library load? (y or [n]) y
Breakpoint 1 (uat.c:78) pending.
(gdb) run
Starting program: /users/martinm/wireshark/.libs/lt-wireshark
[Thread debugging using libthread_db enabled]
[New Thread 1111896624 (LWP 25473)]
Breakpoint 2 at 0x404ba039: file uat.c, line 78.
Pending breakpoint "uat.c:78" resolved
[Switching to Thread 1111896624 (LWP 25473)]

Breakpoint 2, uat_new (name=0x41092396 "K12 Protocols", size=12, filename=0x410923c7 "k12_protos", from_profile=1101115632, data_ptr=0x41a1b0f4,
    numitems_ptr=0x41a1b0f0, category=0x41a1b0f0 "", help=0x41a1b0f0 "", copy_cb=0x41a1b0f0 <nk12_handles>, update_cb=0x41a1b0f0 <nk12_handles>,
    free_cb=0x41a1b0f0 <nk12_handles>, flds_array=0x4160cba0) at uat.c:78
78              uat->name = g_strdup(name);
(gdb) display name
1: name = 0x41092396 "K12 Protocols"
(gdb) n
88              uat->user_data = g_array_new(FALSE,FALSE,uat->record_size);
1: name = 0x41092396 "K12 Protocols"
(gdb)
78              uat->name = g_strdup(name);
1: name = 0x0
(gdb) p uat->name
$1 = 0x0
(gdb)  


These are the contents of k12_protos:

# This file is automatically generated, DO NOT MODIFY.
"C:\x5cK15\x5cstacks\x5cumts_iub\x5cumts_iub_rrc_up_2002-03.stk","fp"


Any ideas?