Actions
Bug #6109
closed
filterlog crash
Start date:
04/11/2016
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.2.x
Affected Architecture:
All
Description
filterlog occasionally core dumps (/filterlog.core) since at least 2.2.4 and still does with 2.3 RC.
(gdb) bt #0 0x0000000000402c00 in ?? () #1 0x00000000004034e8 in ?? () #2 0x0000000800a54394 in pcap_platform_finddevs () from /lib/libpcap.so.8 #3 0x0000000800a51752 in pcap_loop () from /lib/libpcap.so.8 #4 0x00000000004031f7 in ?? () #5 0x00000000004011af in ?? () #6 0x0000000800626000 in ?? () #7 0x0000000000000000 in ?? ()
I'd appreciate an identically built binary with -g and that's not stripped to dig further with gdb.
I've built filterlog from your repos in a FreeBSD 10.3-RELEASE VM and by comparing the assembly code I can pinpoint the error to movzbl (%r15),%r12d at 0x402af0 in
filterlog/files/print-tcp.c:194 402aec: 49 8d 47 01 lea 0x1(%r15),%rax 402af0: 45 0f b6 27 movzbl (%r15),%r12d 402af4: 41 83 fc 02 cmp $0x2,%r12d 402af8: 41 be 01 00 00 00 mov $0x1,%r14d 402afe: 73 05 jae 402b05 <tcp_print+0x325> 402b00: 49 89 c5 mov %rax,%r13 402b03: eb 18 jmp 402b1d <tcp_print+0x33d> filterlog/files/print-tcp.c:198 402b05: 44 0f b6 30 movzbl (%rax),%r14d
which corresponds to
opt = *cp++;
if (ZEROLENOPT(opt))
len = 1;
else {
len = *cp++; /* total including type, len */
Updated by 
Updated by
Actions