Wireshark-bugs: [Wireshark-bugs] [Bug 6172] Crash in "Follow TCP Stream"
Date: Tue, 2 Aug 2011 12:42:54 -0700 (PDT)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=6172

--- Comment #11 from Stephen Fisher <steve@xxxxxxxxxxxxxxxxxx> 2011-08-02 13:42:53 MDT ---
It appears that the data which the src pointer points to in add_byte_views() of
gtk/main_proto_draw.c is being corrupted.  The pointed to location remains the
same before and after add_byte_tab() is called, but when doing Follow TCP
Stream, the crash happens during add_byte_tab even though it points to the same
location as the times when I click onto frame 38, to another frame, then back
to frame 38 without Follow TCP Stream.

It's only when there is a second tab, the "Reassembled TCP..." one, that this
problem happens.  Below is a quick patch for debugging:


Index: gtk/main_proto_draw.c
===================================================================
--- gtk/main_proto_draw.c       (revision 38310)
+++ gtk/main_proto_draw.c       (working copy)
@@ -747,6 +747,7 @@
 {
     GSList *src_le;
     data_source *src;
+    int i;

     /*
      * Get rid of all the old notebook tabs.
@@ -758,10 +759,16 @@
      * Add to the specified byte view notebook tabs for hex dumps
      * of all the data sources for the specified frame.
      */
+    i = 0;
     for (src_le = edt->pi.data_src; src_le != NULL; src_le = src_le->next) {
         src = src_le->data;
-        add_byte_tab(byte_nb_ptr, get_data_source_name(src), src->tvb,
edt->tree,
-                     tree_view);
+       g_warning("*** Frame #%d: iteration #%d:", edt->pi.fd->num, i);
+       g_warning("*** BEFORE src = %p", src);
+       add_byte_tab(byte_nb_ptr, get_data_source_name(src), src->tvb,
edt->tree,
+                    tree_view);
+       g_warning("*** AFTER src =  %p", src);
+       g_warning("\n");
+       i++;
     }

     /*

Running Wireshark with gdb (via libtool --mode=execute):

13:41:29          Warn *** Frame #1: iteration #0:
13:41:29          Warn *** BEFORE src = 0x80a001000
13:41:29          Warn *** AFTER src =  0x80a001000
13:41:29          Warn 

13:41:35          Warn *** Frame #38: iteration #0:
13:41:35          Warn *** BEFORE src = 0x80a001000
13:41:35          Warn *** AFTER src =  0x80a001000
13:41:35          Warn 

13:41:35          Warn *** Frame #38: iteration #1:
13:41:35          Warn *** BEFORE src = 0x80a0014d0
13:41:35          Warn *** AFTER src =  0x80a0014d0
13:41:35          Warn 

13:41:39          Warn *** Frame #38: iteration #0:
13:41:39          Warn *** BEFORE src = 0x80a001000
13:41:39          Warn *** AFTER src =  0x80a001000
13:41:39          Warn 

13:41:39          Warn *** Frame #38: iteration #1:
13:41:39          Warn *** BEFORE src = 0x80a0014d0

Program received signal SIGBUS, Bus error.
[Switching to Thread 8098041c0 (LWP 100060)]
0x00000008047b17ca in gtk_label_new () from /usr/local/lib/libgtk-x11-2.0.so.0

(gdb) frame 2
#2  0x00000000004673d5 in add_byte_views (edt=0x80e137240,
tree_view=0x80e0c4400, byte_nb_ptr=0x80e0b3130) at main_proto_draw.c:767
767             add_byte_tab(byte_nb_ptr, get_data_source_name(src), src->tvb,
edt->tree,
(gdb) p* src
$3 = {tvb = 0x596899c76d4193, name_initialized = 167777451, name =
0x696c412d7065654b <Error reading address 0x696c412d7065654b: Bad address>}

-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.