https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=7240
Guy Harris <guy@xxxxxxxxxxxx> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|when running wireshark gui |Wireshark crashes with
|on 2nd interface, |misaligned access in
|application core dumps. |dissector for protocol
| |running atop NetBIOS
--- Comment #2 from Guy Harris <guy@xxxxxxxxxxxx> 2012-05-09 10:35:53 PDT ---
Given the set of routines on the stack, Wireshark is in the process of
dissecting a packet, so the crash is probably occurring in a dissector.
SIGBUS on Solaris-on-SPARC typically means "misaligned data fetch"; SPARC
processors, are, in general-purpose machines, the most common processors that
don't support unaligned data accesses (x86 processors do, I think most if not
all Power-family processors do, System/3x0 and z/Architecture processors do,
and newer ARM processors might do so).
The most likely dissector is SMB, although SMB2 and "raw DCERPC" are also
heuristic dissectors running atop various flavors of NetBIOS. (This happens to
be NetBIOS-over-TCP.)
The difference between bge0 and bge1 is probably just a difference between the
two networks they're on - there's probably XXX-over-NetBIOS traffic on the
network to which bge1 is attached that is either absent from the network to
which bge0 is attached or is rare on that network, and that traffic is what's
triggering the bug.
Could you try running dbx or gdb against the application and core dump, and use
the "where" command (which, as I remember, is the "show me the stack trace"
command in dbx and, for that reason, is an alias for the "backtrace" command in
gdb)?
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.
