Wireshark-bugs: [Wireshark-bugs] [Bug 8539] Buildbot crash output: fuzz-2013-03-28-8509.pcap
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Fri, 29 Mar 2013 11:35:31 +0000

changed bug 8539

What Removed Added
CC   eapache@gmail.com

Comment # 1 on bug 8539 from 
A *very* quick looks makes this seem like a glib bug? When running normally or
under valgrind no errors are detected at all and everything seems to work fine.
It's only under the G_SLICE=debug-blocks environment that it blows up.

GDB gives the following backtrace:

#0  0x00007f50ddc8d037 in __GI_raise (sig=sig@entry=6) at
../nptl/sysdeps/unix/sysv/linux/raise.c:56
#1  0x00007f50ddc90698 in __GI_abort () at abort.c:90
#2  0x00007f50de9ab6b0 in mem_error (format=format@entry=0x7f50dea2a0f8 "failed
to allocate %u bytes (alignment: %u): %s\n") at
/build/buildd/glib2.0-2.36.0/./glib/gslice.c:1442
#3  0x00007f50de9aba42 in allocator_add_slab (chunk_size=240, ix=14,
allocator=<optimized out>) at /build/buildd/glib2.0-2.36.0/./glib/gslice.c:1261
#4  slab_allocator_alloc_chunk (chunk_size=chunk_size@entry=240) at
/build/buildd/glib2.0-2.36.0/./glib/gslice.c:1300
#5  0x00007f50de9f53bb in magazine_cache_pop_magazine (countp=0xbf0748, ix=14)
at /build/buildd/glib2.0-2.36.0/./glib/gslice.c:719
#6  thread_memory_magazine1_reload (ix=14, tmem=<optimized out>) at
/build/buildd/glib2.0-2.36.0/./glib/gslice.c:794
#7  g_slice_alloc (mem_size=mem_size@entry=240) at
/build/buildd/glib2.0-2.36.0/./glib/gslice.c:992
#8  0x00007f50e0158156 in proto_tree_set_representation (pi=<optimized out>,
format=0x7f50e0d0b015 "Config Field: %s (%u)", ap=0x7ffff04f7a18) at
proto.c:3672
#9  0x00007f50e015b801 in proto_tree_add_text (tree=tree@entry=0x21b7d20,
tvb=tvb@entry=0x21b51e0, start=start@entry=2, length=0, 
    format=format@entry=0x7f50e0d0b015 "Config Field: %s (%u)") at proto.c:1003
#10 0x00007f50e021e744 in dissect_r3_cmd_setconfig (tvb=<optimized out>,
start_offset=<optimized out>, length=<optimized out>, pinfo=<optimized out>,
tree=0x21b7d20)
    at packet-assa_r3.c:5208
#11 0x00007f50e0224945 in dissect_r3_command (r3_tree=0x21b2780,
pinfo=0x7ffff04f8ed0, start_offset=5, tvb=0x21b4c00, length=<optimized out>) at
packet-assa_r3.c:6620
#12 dissect_r3_packet (r3_tree=<optimized out>, pinfo=0x7ffff04f8ed0,
tvb=0x21b4c00) at packet-assa_r3.c:6680
#13 dissect_r3_message (tvb=tvb@entry=0x21b4c00,
pinfo=pinfo@entry=0x7ffff04f8ed0, tree=tree@entry=0x21b7d50) at
packet-assa_r3.c:6757
#14 0x00007f50e07a8da9 in tcp_dissect_pdus (tvb=0x21b5460,
pinfo=0x7ffff04f8ed0, tree=0x21b7d50, proto_desegment=proto_desegment@entry=1,
fixed_len=fixed_len@entry=4, 
    get_pdu_len=get_pdu_len@entry=0x7f50e021b900 <get_r3_message_len>,
dissect_pdu=dissect_pdu@entry=0x7f50e02246a0 <dissect_r3_message>) at
packet-tcp.c:2319
#15 0x00007f50e021a126 in dissect_r3 (tvb=<optimized out>, pinfo=<optimized
out>, tree=<optimized out>) at packet-assa_r3.c:6771
#16 0x00007f50e014db38 in call_dissector_through_handle (handle=0x1333050,
tvb=0x21b5460, pinfo=0x7ffff04f8ed0, tree=0x21b7d50, data="" at packet.c:458

You are receiving this mail because:
  • You are watching all bug changes.