Wireshark-bugs: [Wireshark-bugs] [Bug 2112] Buildbot crash output: fuzz-2007-12-17-25605.pcap
Date: Tue, 18 Dec 2007 04:19:19 +0000 (GMT)
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=2112 ------- Comment #5 from stephentfisher@xxxxxxxxx 2007-12-18 04:19 GMT ------- Backtrace on OS X, FWIW: Program received signal EXC_BAD_ACCESS, Could not access memory. Reason: KERN_INVALID_ADDRESS at address: 0xebfe5f86 0xffff07c7 in ___memcpy () at /System/Library/Frameworks/System.framework/PrivateHeaders/i386/cpu_capabilities.h:228 228 /System/Library/Frameworks/System.framework/PrivateHeaders/i386/cpu_capabilities.h: No such file or directory. in /System/Library/Frameworks/System.framework/PrivateHeaders/i386/cpu_capabilities.h (gdb) bt #0 0xffff07c7 in ___memcpy () at /System/Library/Frameworks/System.framework/PrivateHeaders/i386/cpu_capabilities.h:228 #1 0x00000004 in ?? () #2 0x03dabf3d in tvb_memcpy (tvb=0xadf0018, target=0xebfe5f86, offset=0, length=4) at tvbuff.c:1008 #3 0x04359ce7 in dissect_h245_Ipv4_network (tvb=0xaddcec8, offset=95, actx=0xbfffd3d8, tree=0x90db290, hf_index=19508) at h245.cnf:695 #4 0x041337b9 in dissect_per_sequence (tvb=0xaddcec8, offset=95, actx=0xbfffd3d8, parent_tree=0x90db290, hf_index=19507, ett_index=6036, sequence=0x4f04e00) at packet-per.c:1530 #5 0x04359dc8 in dissect_h245_T_iPAddress (tvb=0xaddcec8, offset=94, actx=0xbfffd3d8, tree=0x90db290, hf_index=19507) at h245.cnf:722 #6 0x041335ce in dissect_per_choice (tvb=0xaddcec8, offset=90, actx=0xbfffd3d8, tree=0x90db290, hf_index=19505, ett_index=6035, choice=0x4f04c60, value=0x0) at packet-per.c:1386 #7 0x0435a093 in dissect_h245_UnicastAddress (tvb=0xaddcec8, offset=90, actx=0xbfffd3d8, tree=0x90db290, hf_index=19505) at h245.cnf:866 #8 0x041335ce in dissect_per_choice (tvb=0xaddcec8, offset=88, actx=0xbfffd3d8, tree=0x90db290, hf_index=19470, ett_index=6034, choice=0x4f04b40, value=0x0) at packet-per.c:1386 #9 0x0435a1d7 in dissect_h245_TransportAddress (tvb=0xaddcec8, offset=88, actx=0xbfffd3d8, tree=0x90db290, hf_index=19470) at h245.cnf:944 #10 0x0435a21f in dissect_h245_T_mediaChannel (tvb=0xaddcec8, offset=88, actx=0xbfffd3d8, tree=0x90db290, hf_index=19470) at h245.cnf:721 #11 0x041337b9 in dissect_per_sequence (tvb=0xaddcec8, offset=88, actx=0xbfffd3d8, parent_tree=0x90db290, hf_index=19363, ett_index=6012, sequence=0x4f00240) at packet-per.c:1530 #12 0x0435a414 in dissect_h245_H2250LogicalChannelParameters (tvb=0xaddcec8, offset=64, actx=0xbfffd3d8, tree=0x90db290, hf_index=19363) at h245.cnf:824 #13 0x04133617 in dissect_per_choice (tvb=0xaddcec8, offset=48, actx=0xbfffd3d8, tree=0x90db290, hf_index=19359, ett_index=5975, choice=0x4f04ae0, value=0x0) at packet-per.c:1388 #14 0x0435a469 in dissect_h245_OLC_forw_multiplexParameters (tvb=0xaddcec8, offset=48, actx=0xbfffd3d8, tree=0x90db290, hf_index=19359) at h245.cnf:851 #15 0x041337b9 in dissect_per_sequence (tvb=0xaddcec8, offset=48, actx=0xbfffd3d8, parent_tree=0x90db290, hf_index=19356, ett_index=5974, sequence=0x4f04a80) at packet-per.c:1530 #16 0x0435a4c0 in dissect_h245_T_forwardLogicalChannelParameters (tvb=0xaddcec8, offset=24, actx=0xbfffd3d8, tree=0x90db290, hf_index=19356) at h245.cnf:143 #17 0x041337b9 in dissect_per_sequence (tvb=0xaddcec8, offset=24, actx=0xbfffd3d8, parent_tree=0x90db290, hf_index=18641, ett_index=5973, sequence=0x4f04760) at packet-per.c:1530 #18 0x0435aa57 in dissect_h245_OpenLogicalChannel (tvb=0xaddcec8, offset=0, actx=0xbfffd3d8, tree=0x90db290, hf_index=18641) at h245.cnf:118 #19 0x043610cd in dissect_h245_OpenLogicalChannelCodec (tvb=0xaddcec8, pinfo=0xc086488, tree=0x90db290, codec_str=0xbfffd4ba "???yx\004A") at h245.cnf:410 #20 0x0434c8d3 in dissect_h225_FastStart_item (tvb=0xaddce58, offset=520, actx=0xbfffd9d8, tree=0x90db290, hf_index=17883) at h225.cnf:275 #21 0x041306eb in dissect_per_sequence_of_helper (tvb=0xaddce58, offset=520, actx=0xbfffd9d8, tree=0x90e5008, func=0x434c7df <dissect_h225_FastStart_item>, hf_index=17883, length=8) at packet-per.c:496 #22 0x041310d9 in dissect_per_sequence_of (tvb=0xaddce58, offset=512, actx=0xbfffd9d8, parent_tree=0x90e5008, hf_index=17815, ett_index=5545, seq=0x4ef3360) at packet-per.c:527 #23 0x0434c927 in dissect_h225_FastStart (tvb=0xaddce58, offset=512, actx=0xbfffd9d8, tree=0x90e5008, hf_index=17815) at h225.cnf:295 #24 0x04133aa8 in dissect_per_sequence (tvb=0xaddce58, offset=496, actx=0xbfffd9d8, parent_tree=0x90e5008, hf_index=17772, ett_index=5541, sequence=0x4ef3f20) at packet-per.c:1616 #25 0x0434dc56 in dissect_h225_Setup_UUIE (tvb=0xaddce58, offset=8, actx=0xbfffd9d8, tree=0x90e5008, hf_index=17772) at h225.cnf:385 #26 0x041335ce in dissect_per_choice (tvb=0xaddce58, offset=4, actx=0xbfffd9d8, tree=0x90e5008, hf_index=17771, ett_index=5523, choice=0x4ef2fe0, value=0xbfffd7ac) at packet-per.c:1386 #27 0x0434e809 in dissect_h225_T_h323_message_body (tvb=0xaddce58, offset=4, actx=0xbfffd9d8, tree=0x90e5008, hf_index=17771) at h225.cnf:244 #28 0x041337b9 in dissect_per_sequence (tvb=0xaddce58, offset=4, actx=0xbfffd9d8, parent_tree=0x90e5008, hf_index=17767, ett_index=5522, sequence=0x4ef2e00) at packet-per.c:1530 #29 0x0434eda1 in dissect_h225_H323_UU_PDU (tvb=0xaddce58, offset=2, actx=0xbfffd9d8, tree=0x90e5008, hf_index=17767) at h225.cnf:616 #30 0x041337b9 in dissect_per_sequence (tvb=0xaddce58, offset=2, actx=0xbfffd9d8, parent_tree=0x90e5008, hf_index=17764, ett_index=5520, sequence=0x4ef2d80) at packet-per.c:1530 #31 0x04351789 in dissect_h225_H323UserInformation (tvb=0xaddce58, pinfo=0xc086488, tree=0x90db500) at h225.cnf:656 #32 0x03d854a7 in call_dissector_through_handle (handle=0xa343a20, tvb=0xaddce58, pinfo=0xc086488, tree=0x90db500) at packet.c:394 #33 0x03d85b1c in call_dissector_work (handle=0xa343a20, tvb=0xaddce58, pinfo_arg=0xc086488, tree=0x90db500) at packet.c:485 #34 0x03d870a8 in call_dissector (handle=0xa343a20, tvb=0xaddce58, pinfo=0xc086488, tree=0x90db500) at packet.c:1787 #35 0x0415a17d in dissect_q931_IEs (tvb=0xaddcf00, pinfo=0xc086488, root_tree=0x90db500, q931_tree=0x90dbab8, is_tpkt=1, offset=46, initial_codeset=0) at packet-q931.c:2692 #36 0x0415c08f in dissect_q931_pdu (tvb=0xaddcf00, pinfo=0xc086488, tree=0x90db500, is_tpkt=1) at packet-q931.c:2450 #37 0x03d854cb in call_dissector_through_handle (handle=0xa35fd30, tvb=0xaddcf00, pinfo=0xc086488, tree=0x90db500) at packet.c:396 #38 0x03d85b1c in call_dissector_work (handle=0xa35fd30, tvb=0xaddcf00, pinfo_arg=0xc086488, tree=0x90db500) at packet.c:485 #39 0x03d870a8 in call_dissector (handle=0xa35fd30, tvb=0xaddcf00, pinfo=0xc086488, tree=0x90db500) at packet.c:1787 #40 0x0425df9b in dissect_tpkt_encap (tvb=0xadf0398, pinfo=0xc086488, tree=0x90db500, desegment=1, subdissector_handle=0xa35fd30) at packet-tpkt.c:554 #41 0x0415c762 in dissect_q931_tpkt_heur (tvb=0xadf0398, pinfo=0xc086488, tree=0x90db500) at packet-q931.c:3080 #42 0x03d86bda in dissector_try_heuristic (sub_dissectors=0xa71b2a0, tvb=0xadf0398, pinfo=0xc086488, tree=0x90db500) at packet.c:1595 #43 0x042484ff in decode_tcp_ports (tvb=0xadf03d0, offset=20, pinfo=0xc086488, tree=0x90db500, src_port=36150, dst_port=1720, tcpd=0xb3bfd00) at packet-tcp.c:2383 #44 0x0424899a in process_tcp_payload (tvb=0xadf03d0, offset=20, pinfo=0xc086488, tree=0x90db500, tcp_tree=0x90e51d0, src_port=36150, dst_port=1720, seq=0, nxtseq=0, is_tcp_segment=0, tcpd=0xb3bfd00) at packet-tcp.c:2427 #45 0x04248e8a in dissect_tcp_payload (tvb=0xadf03d0, pinfo=0xc086488, offset=20, seq=1, nxtseq=448, sport=36150, dport=1720, tree=0x90db500, tcp_tree=0x90e51d0, tcpd=0xb3bfd00) at packet-tcp.c:1495 #46 0x0424ab2a in dissect_tcp (tvb=0xadf03d0, pinfo=0xc086488, tree=0x90db500) at packet-tcp.c:3154 #47 0x03d854cb in call_dissector_through_handle (handle=0xa8fe810, tvb=0xadf03d0, pinfo=0xc086488, tree=0x90db500) at packet.c:396 #48 0x03d85b1c in call_dissector_work (handle=0xa8fe810, tvb=0xadf03d0, pinfo_arg=0xc086488, tree=0x90db500) at packet.c:485 #49 0x03d85ebb in dissector_try_port (sub_dissectors=0xa3529c0, port=6, tvb=0xadf03d0, pinfo=0xc086488, tree=0x90db500) at packet.c:870 #50 0x04015c8b in dissect_ip (tvb=0xadf01d8, pinfo=0xc086488, parent_tree=0x90db500) at packet-ip.c:1564 #51 0x03d854cb in call_dissector_through_handle (handle=0xa352a10, tvb=0xadf01d8, pinfo=0xc086488, tree=0x90db500) at packet.c:396 #52 0x03d85b1c in call_dissector_work (handle=0xa352a10, tvb=0xadf01d8, pinfo_arg=0xc086488, tree=0x90db500) at packet.c:485 #53 0x03d85ebb in dissector_try_port (sub_dissectors=0xa3405b0, port=2048, tvb=0xadf01d8, pinfo=0xc086488, tree=0x90db500) at packet.c:870 #54 0x03f62400 in ethertype (etype=2048, tvb=0xaddcf38, offset_after_etype=14, pinfo=0xc086488, tree=0x90db500, fh_tree=0x90db6e0, etype_id=13464, trailer_id=13466, fcs_len=-1) at packet-ethertype.c:214 #55 0x03f5f15f in dissect_eth_common (tvb=0xaddcf38, pinfo=0xc086488, parent_tree=0x90db500, fcs_len=-1) at packet-eth.c:338 #56 0x03d854cb in call_dissector_through_handle (handle=0xa8d24a0, tvb=0xaddcf38, pinfo=0xc086488, tree=0x90db500) at packet.c:396 #57 0x03d85b1c in call_dissector_work (handle=0xa8d24a0, tvb=0xaddcf38, pinfo_arg=0xc086488, tree=0x90db500) at packet.c:485 #58 0x03d85ebb in dissector_try_port (sub_dissectors=0xa3417c0, port=1, tvb=0xaddcf38, pinfo=0xc086488, tree=0x90db500) at packet.c:870 #59 0x03f9144f in dissect_frame (tvb=0xaddcf38, pinfo=0xc086488, parent_tree=0x90db500) at packet-frame.c:300 #60 0x03d854cb in call_dissector_through_handle (handle=0xa341840, tvb=0xaddcf38, pinfo=0xc086488, tree=0x90db500) at packet.c:396 #61 0x03d85b1c in call_dissector_work (handle=0xa341840, tvb=0xaddcf38, pinfo_arg=0xc086488, tree=0x90db500) at packet.c:485 #62 0x03d870a8 in call_dissector (handle=0xa341840, tvb=0xaddcf38, pinfo=0xc086488, tree=0x90db500) at packet.c:1787 #63 0x03d87587 in dissect_packet (edt=0xc086480, pseudo_header=0xb289b4c, pd=0x90c5400 "", fd=0xadf3ce8, cinfo=0x1702ec) at packet.c:332 #64 0x0000d9aa in add_packet_to_packet_list (fdata=0xadf3ce8, cf=0x1601d0, dfcode=0x0, pseudo_header=0xb289b4c, buf=0x90c5400 "", refilter=1) at file.c:960 #65 0x0000dd39 in read_packet (cf=0x1601d0, dfcode=0x0, offset=660621) at file.c:1094 #66 0x0000e64b in cf_read (cf=0x1601d0) at file.c:496 #67 0x0001acd3 in main (argc=0, argv=0xbffff7e8) at main.c:3025 -- Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
- References:
- [Wireshark-bugs] [Bug 2112] New: Buildbot crash output: fuzz-2007-12-17-25605.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 2112] New: Buildbot crash output: fuzz-2007-12-17-25605.pcap
- Prev by Date: [Wireshark-bugs] [Bug 2113] Buildbot crash output: fuzz-2007-12-17-30092.pcap
- Next by Date: [Wireshark-bugs] [Bug 2113] Buildbot crash output: fuzz-2007-12-17-30092.pcap
- Previous by thread: [Wireshark-bugs] [Bug 2112] Buildbot crash output: fuzz-2007-12-17-25605.pcap
- Next by thread: [Wireshark-bugs] [Bug 2112] Buildbot crash output: fuzz-2007-12-17-25605.pcap
- Index(es):
- Get Wireshark
- Download
- Code of Conduct