Wireshark-dev: [Wireshark-dev] Coredump with wireshark TCP dissector

From: Garrett Kajmowicz <garrett.kajmowicz@xxxxxxxxx>
Date: Mon, 28 Sep 2015 14:12:11 -0400
I'm running Ubuntu. I used Wireshark (package: 1.12.1+g01b65bf-4+deb8u2build0.15.04.1) to capture an NFS packet trace, attempting to understand some latency issues with some applications. Packet trace came out to about 35 MiB.

Attempting to load the packet trace failed repeatedly. Using the commandline
wireshark -r /u/garrettk/capture2 -n

resulted in a core with the backtrace:


garrettk@garrettk-desktop:/tmp$ gdb /usr/bin/wireshark core  
GNU gdb (Ubuntu 7.9-1ubuntu1) 7.9
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/bin/wireshark...Reading symbols from /usr/lib/debug/.build-id/10/5e02de2192c9ede5d2bd8ccc026a08d6ce7b6b.debug...done.
done.
[New LWP 26153]
[New LWP 26154]
[New LWP 26167]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `wireshark -r /u/garrettk/capture2 -n'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007ff6ca0c0844 in g_strlcpy (dest=<optimized out>, src="" <error: Cannot access memory at address 0xffffffffffffffff>, dest_size=dest_size@entry=4096)
   at /build/buildd/glib2.0-2.44.1/./glib/gstrfuncs.c:1365
1365    /build/buildd/glib2.0-2.44.1/./glib/gstrfuncs.c: No such file or directory.
(gdb) bt
#0  0x00007ff6ca0c0844 in g_strlcpy (dest=<optimized out>, src="" <error: Cannot access memory at address 0xffffffffffffffff>, dest_size=dest_size@entry=4096)
   at /build/buildd/glib2.0-2.44.1/./glib/gstrfuncs.c:1365
#1  0x00007ff6c6c4bfa7 in col_add_lstr (cinfo=0x813b20 <cfile+480>, el=<optimized out>, str=0xffffffffffffffff <error: Cannot access memory at address 0xffffffffffffffff>)
   at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/column-utils.c:597
#2  0x00007ff6c7364941 in dissect_tcp (tvb=0x30d1cf0, pinfo=0x7ffed6b9beb8, tree=0xfff) at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/dissectors/packet-tcp.c:4186
#3  0x00007ff6c6c5b184 in call_dissector_through_handle (handle=handle@entry=0x2564dd0, tvb=tvb@entry=0x30d1cf0, pinfo=pinfo@entry=0x7ffed6b9beb8, tree=tree@entry=0x563e690, data=""
   at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/packet.c:626
#4  0x00007ff6c6c5bab5 in call_dissector_work (handle=0x2564dd0, tvb=0x30d1cf0, pinfo_arg=0x7ffed6b9beb8, tree=0x563e690, add_proto_name=1, data=""
   at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/packet.c:713
#5  0x00007ff6c6c5c16c in dissector_try_uint_new (sub_dissectors=<optimized out>, uint_val=6, tvb=0x30d1cf0, pinfo=0x7ffed6b9beb8, tree=0x563e690, add_proto_name=1, data=""
   at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/packet.c:1144
#6  0x00007ff6c702fffb in dissect_ip (tvb=0x30d1ed0, pinfo=0x7ffed6b9beb8, parent_tree=0xfff) at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/dissectors/packet-ip.c:2409
#7  0x00007ff6c6c5b184 in call_dissector_through_handle (handle=handle@entry=0x25f8fb0, tvb=tvb@entry=0x30d1ed0, pinfo=pinfo@entry=0x7ffed6b9beb8, tree=tree@entry=0x563e690, data=""
   at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/packet.c:626
#8  0x00007ff6c6c5bab5 in call_dissector_work (handle=0x25f8fb0, tvb=0x30d1ed0, pinfo_arg=0x7ffed6b9beb8, tree=0x563e690, add_proto_name=1, data="" at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/packet.c:713
#9  0x00007ff6c6c5c16c in dissector_try_uint_new (sub_dissectors=<optimized out>, uint_val=2048, tvb=0x30d1ed0, pinfo=0x7ffed6b9beb8, tree=0x563e690, add_proto_name=add_proto_name@entry=1, data=""
   at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/packet.c:1144
#10 0x00007ff6c6c5c1c1 in dissector_try_uint (sub_dissectors=<optimized out>, uint_val=<optimized out>, tvb=<optimized out>, pinfo=<optimized out>, tree=<optimized out>)
   at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/packet.c:1170
#11 0x00007ff6c6f080f2 in dissect_ethertype (tvb=0x2bbb310, pinfo=0xffffffffffffffff, tree=0xfff, data="" at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/dissectors/packet-ethertype.c:303
#12 0x00007ff6c6c5b1bf in call_dissector_through_handle (handle=handle@entry=0x231e860, tvb=tvb@entry=0x320f400, pinfo=pinfo@entry=0x7ffed6b9beb8, tree=tree@entry=0x563e690, data=""
   at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/packet.c:622
#13 0x00007ff6c6c5bab5 in call_dissector_work (handle=0x231e860, tvb=0x320f400, pinfo_arg=0x7ffed6b9beb8, tree=0x563e690, add_proto_name=1, data=""
   at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/packet.c:713
#14 0x00007ff6c6c5d712 in call_dissector_with_data (handle=<optimized out>, tvb=0x320f400, pinfo=0x7ffed6b9beb8, tree=0x563e690, data="" out>) at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/packet.c:2295
#15 0x00007ff6c6f06988 in dissect_eth_common (tvb=0x320f400, pinfo=0x7ffed6b9beb8, parent_tree=0xfff, fcs_len=-692473952) at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/dissectors/packet-eth.c:471
#16 0x00007ff6c6c5b184 in call_dissector_through_handle (handle=handle@entry=0x231e690, tvb=tvb@entry=0x320f400, pinfo=pinfo@entry=0x7ffed6b9beb8, tree=tree@entry=0x563e690, data=""
   at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/packet.c:626
#17 0x00007ff6c6c5bab5 in call_dissector_work (handle=0x231e690, tvb=0x320f400, pinfo_arg=0x7ffed6b9beb8, tree=0x563e690, add_proto_name=1, data="" at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/packet.c:713
#18 0x00007ff6c6c5c16c in dissector_try_uint_new (sub_dissectors=<optimized out>, uint_val=1, tvb=0x320f400, pinfo=0x7ffed6b9beb8, tree=0x563e690, add_proto_name=add_proto_name@entry=1, data=""
   at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/packet.c:1144
#19 0x00007ff6c6c5c1c1 in dissector_try_uint (sub_dissectors=<optimized out>, uint_val=<optimized out>, tvb=<optimized out>, pinfo=<optimized out>, tree=<optimized out>)
   at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/packet.c:1170
#20 0x00007ff6c6f3c27c in dissect_frame (tvb=0x2bbb310, pinfo=0xffffffffffffffff, parent_tree=0xfff) at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/dissectors/packet-frame.c:508
#21 0x00007ff6c6c5b184 in call_dissector_through_handle (handle=handle@entry=0x2469ed0, tvb=tvb@entry=0x320f400, pinfo=pinfo@entry=0x7ffed6b9beb8, tree=tree@entry=0x563e690, data=""
   at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/packet.c:626
#22 0x00007ff6c6c5bab5 in call_dissector_work (handle=0x2469ed0, tvb=0x320f400, pinfo_arg=0x7ffed6b9beb8, tree=0x563e690, add_proto_name=1, data="" at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/packet.c:713
#23 0x00007ff6c6c5d712 in call_dissector_with_data (handle=<optimized out>, tvb=0x320f400, pinfo=0x7ffed6b9beb8, tree=0x563e690, data="" out>) at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/packet.c:2295
#24 0x00007ff6c6c5db20 in dissect_record (edt=0x2bbb310, edt@entry=0x7ffed6b9bea0, file_type_subtype=2, phdr=0x0, tvb=0x320f400, fd=0x7ff6af12b2b8, fd@entry=0x31eadc0, cinfo=0x7ffed6b9beb8)
   at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/packet.c:497
#25 0x00007ff6c6c50e81 in epan_dissect_run (edt=edt@entry=0x7ffed6b9bea0, file_type_subtype=2, phdr=phdr@entry=0x7ffed6b9bdd0, tvb=0x320f400, fd=fd@entry=0x31eadc0, cinfo=cinfo@entry=0x813b20 <cfile+480>)
   at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/epan/epan.c:336
#26 0x00000000004f367d in packet_list_dissect_and_cache_record (packet_list=packet_list@entry=0x2defaa0 [PacketList], record=record@entry=0x7ff6afb2b0c0, dissect_color=1)
   at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/ui/gtk/packet_list_store.c:1161
#27 0x00000000004f3a8c in packet_list_get_value (tree_model=0x2defaa0, iter=<optimized out>, column=0, value=0x7ffed6b9c100) at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/ui/gtk/packet_list_store.c:399
#28 0x00007ff6cb322fc8 in apply_cell_attributes (renderer=0x2e1e730 [GtkCellRendererText], info=0x2e6b160, data="" at /build/buildd/gtk+3.0-3.14.13/./gtk/gtkcellarea.c:1249
Python Exception <class 'TypeError'> iter() returned non-iterator of type '_iterator':  
#29 0x00007ff6ca0911e0 in g_hash_table_foreach (hash_table=0x2f2c520, func=func@entry=0x7ff6cb322ef0 <apply_cell_attributes>, user_data=user_data@entry=0x7ffed6b9c1a0) at /build/buildd/glib2.0-2.44.1/./glib/ghash.c:1607
#30 0x00007ff6cb322e9b in gtk_cell_area_real_apply_attributes (area=<optimized out>, tree_model=0x2defaa0, iter=0x1dca900, is_expander=<optimized out>, is_expanded=<optimized out>)
   at /build/buildd/gtk+3.0-3.14.13/./gtk/gtkcellarea.c:1286
#31 0x00007ff6cb32852f in gtk_cell_area_box_apply_attributes (area=<optimized out>, tree_model=tree_model@entry=0x2defaa0, iter=iter@entry=0x1dca900, is_expander=<optimized out>, is_expanded=<optimized out>)
   at /build/buildd/gtk+3.0-3.14.13/./gtk/gtkcellareabox.c:1311
#32 0x00007ff6cb407cbf in _gtk_marshal_VOID__OBJECT_BOXED_BOOLEAN_BOOLEANv (closure=0x2dff3c0, return_value=<optimized out>, instance=<optimized out>, args=<optimized out>, marshal_data=<optimized out>, n_params=<optimized ou
t>, param_types=0x2dff4d0) at /build/buildd/gtk+3.0-3.14.13/./gtk/gtkmarshalers.c:5040
#33 0x00007ff6ca377504 in _g_closure_invoke_va (closure=0x2bbb310, closure@entry=0x2dff3c0, return_value=0xffffffffffffffff, return_value@entry=0x0, instance=0xfff, instance@entry=0x2e32410, args=0x7ffed6b9afa0,  
   args@entry=0x7ffed6b9c470, n_params=-1357729096, param_types=0xffffffffffffffff) at /build/buildd/glib2.0-2.44.1/./gobject/gclosure.c:831
#34 0x00007ff6ca390fa7 in g_signal_emit_valist (instance=0x2e32410, signal_id=<optimized out>, detail=0, var_args=var_args@entry=0x7ffed6b9c470) at /build/buildd/glib2.0-2.44.1/./gobject/gsignal.c:3214
#35 0x00007ff6ca3918ff in g_signal_emit (instance=instance@entry=0x2e32410, signal_id=<optimized out>, detail=detail@entry=0) at /build/buildd/glib2.0-2.44.1/./gobject/gsignal.c:3361
#36 0x00007ff6cb324a26 in gtk_cell_area_apply_attributes (area=0x2e32410 [GtkCellAreaBox], tree_model=0x2defaa0, iter=iter@entry=0x7ffed6b9c6d0, is_expander=0, is_expanded=0)
   at /build/buildd/gtk+3.0-3.14.13/./gtk/gtkcellarea.c:2375
#37 0x00007ff6cb528659 in gtk_tree_view_column_cell_set_cell_data (tree_column=tree_column@entry=0x2e52da0 [GtkTreeViewColumn], tree_model=<optimized out>, iter=iter@entry=0x7ffed6b9c6d0, is_expander=<optimized out>, is_expan
ded=<optimized out>) at /build/buildd/gtk+3.0-3.14.13/./gtk/gtktreeviewcolumn.c:2842
#38 0x00007ff6cb50b060 in validate_row (tree_view=tree_view@entry=0x2e3c3b0 [GtkTreeView], tree=0x5395e50, node=0x2c84490, iter=iter@entry=0x7ffed6b9c6d0, path=path@entry=0x1e1dc20)
   at /build/buildd/gtk+3.0-3.14.13/./gtk/gtktreeview.c:6316
#39 0x00007ff6cb511592 in validate_visible_area (tree_view=tree_view@entry=0x2e3c3b0 [GtkTreeView]) at /build/buildd/gtk+3.0-3.14.13/./gtk/gtktreeview.c:6421
#40 0x00007ff6cb512066 in do_presize_handler (tree_view=0x2e3c3b0 [GtkTreeView]) at /build/buildd/gtk+3.0-3.14.13/./gtk/gtktreeview.c:6996
#41 0x00007ff6cb512209 in presize_handler_callback (widget=<optimized out>, clock=<optimized out>, unused=<optimized out>) at /build/buildd/gtk+3.0-3.14.13/./gtk/gtktreeview.c:7027
#42 0x00007ff6cb53d134 in gtk_widget_on_frame_clock_update (frame_clock=0x1c6b390 [GdkFrameClockIdle], widget=0x2e3c3b0 [GtkTreeView]) at /build/buildd/gtk+3.0-3.14.13/./gtk/gtkwidget.c:5290
#46 0x00007ff6ca391e4a in <emit signal 0xffffffffffffffff <error: Cannot access memory at address 0xffffffffffffffff> on instance 0x1c6b390 [GdkFrameClockIdle]> (instance=0x2bbb310,  
   instance@entry=0x1c6b390, detailed_signal=0xffffffffffffffff <error: Cannot access memory at address 0xffffffffffffffff>, detailed_signal@entry=0x7ff6cafe242e "update")
   at /build/buildd/glib2.0-2.44.1/./gobject/gsignal.c:3401
   #43 0x00007ff6ca3772d5 in g_closure_invoke (closure=0x5499f40, return_value=0x0, n_param_values=1, param_values=0x7ffed6b9c980, invocation_hint=0x7ffed6b9c920) at /build/buildd/glib2.0-2.44.1/./gobject/gclosure.c:768
   #44 0x00007ff6ca38903c in signal_emit_unlocked_R (node=node@entry=0x1c3b7a0, detail=detail@entry=0, instance=instance@entry=0x1c6b390, emission_return=emission_return@entry=0x0, instance_and_params=instance_and_params@ent
ry=0x7ffed6b9c980) at /build/buildd/glib2.0-2.44.1/./gobject/gsignal.c:3549
   #45 0x00007ff6ca391698 in g_signal_emit_valist (instance=<optimized out>, signal_id=<optimized out>, detail=<optimized out>, var_args=<optimized out>) at /build/buildd/glib2.0-2.44.1/./gobject/gsignal.c:3305
#47 0x00007ff6caf7b69c in gdk_frame_clock_paint_idle (data="" at /build/buildd/gtk+3.0-3.14.13/./gdk/gdkframeclockidle.c:380
#48 0x00007ff6caf6dd08 in gdk_threads_dispatch (data="" data@entry=<error reading variable: value has been optimized out>) at /build/buildd/gtk+3.0-3.14.13/./gdk/gdk.c:656
#49 0x00007ff6ca0a25e3 in g_timeout_dispatch (source=0x28c5350, callback=<optimized out>, user_data=<optimized out>) at /build/buildd/glib2.0-2.44.1/./glib/gmain.c:4545
#50 0x00007ff6ca0a1b4d in g_main_context_dispatch (context=0x1c1ead0) at /build/buildd/glib2.0-2.44.1/./glib/gmain.c:3122
#51 0x00007ff6ca0a1b4d in g_main_context_dispatch (context=context@entry=0x1c1ead0) at /build/buildd/glib2.0-2.44.1/./glib/gmain.c:3737
#52 0x00007ff6ca0a1f20 in g_main_context_iterate (context=0x1c1ead0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at /build/buildd/glib2.0-2.44.1/./glib/gmain.c:3808
#53 0x00007ff6ca0a2242 in g_main_loop_run (loop=0x2f2bae0) at /build/buildd/glib2.0-2.44.1/./glib/gmain.c:4002
#54 0x00007ff6cb3fede5 in gtk_main () at /build/buildd/gtk+3.0-3.14.13/./gtk/gtkmain.c:1207
---Type <return> to continue, or q <return> to quit---
#55 0x0000000000423ffd in main (argc=0, argv=0x7ffed6b9d0d8) at /build/wireshark-mFWICu/wireshark-1.12.1+g01b65bf/ui/gtk/main.c:3248

No obvious match in bug database.
Not willing to create Yet Another Account with Yet Another Password to file the bug.
Let me know if you need more data.

-     Garrett