[bugzilla-daemon@xxxxxxxxxxxxx]

Bug ID	10666
Summary	Buildbot crash output: fuzz-2014-11-05-20958.pcap
Product	Wireshark
Version	unspecified
Hardware	x86-64
URL	https://www.wireshark.org/download/automated/captures/fuzz-2014-11-05-20958.pcap
OS	Ubuntu
Status	CONFIRMED
Severity	Major
Priority	High
Component	Dissection engine (libwireshark)
Assignee	bugzilla-admin@wireshark.org
Reporter	buildbot-do-not-reply@wireshark.org

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2014-11-05-20958.pcap

stderr:
Input file:
/home/wireshark/menagerie/menagerie/10783-traces_lass-pc-8.10.1.cap.gz

Build host information:
Linux wsbb04 3.13.0-39-generic #66-Ubuntu SMP Tue Oct 28 13:30:27 UTC 2014
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 14.04.1 LTS
Release:    14.04
Codename:    trusty

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-buildbot@code.wireshark.org:29418/wireshark
BUILDBOT_BUILDNUMBER=3040
BUILDBOT_URL=http://buildbot.wireshark.org/trunk/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_SLAVENAME=clang-code-analysis
BUILDBOT_GOT_REVISION=e38e82852e8ae4e5a4c600c6fdc6d4c1cedfbf77

Return value:  0

Dissector bug:  0

Valgrind error count:  162



Git commit
commit e38e82852e8ae4e5a4c600c6fdc6d4c1cedfbf77
Author: Stig Bjørlykke <stig@bjorlykke.org>
Date:   Tue Nov 4 12:04:20 2014 +0100

    Lua: Fix for register dissectors only once.

    The postdissector may be registered before adding the dissector function.

    Change-Id: I2285824835491ac91e00515bfb18eb471888eaf8
    Reviewed-on: https://code.wireshark.org/review/5106
    Petri-Dish: Stig Bjørlykke <stig@bjorlykke.org>
    Tested-by: Petri Dish Buildbot <buildbot-no-reply@wireshark.org>
    Reviewed-by: Stig Bjørlykke <stig@bjorlykke.org>
    Tested-by: Stig Bjørlykke <stig@bjorlykke.org>


Command and args: ./tools/valgrind-wireshark.sh -T

==9901== Memcheck, a memory error detector
==9901== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==9901== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for copyright info
==9901== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark
-Vx -nr
/fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2014-11-05-20958.pcap
==9901== 
==9901== Invalid read of size 1
==9901==    at 0x4C2F1B1: strcmp (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==9901==    by 0x9AC7FC8: g_str_equal (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==9901==    by 0x9AC70BF: ??? (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==9901==    by 0x66D7534: Radiuslex (radius_dict.l:341)
==9901==    by 0x66D87AA: radius_load_dictionary (radius_dict.l:562)
==9901==    by 0x6C4B02F: register_radius_fields (packet-radius.c:2055)
==9901==    by 0x66A611D: proto_registrar_get_byname (proto.c:861)
==9901==    by 0x6C4A589: dissect_radius (packet-radius.c:1439)
==9901==    by 0x669859E: call_dissector_through_handle (packet.c:621)
==9901==    by 0x6698E84: call_dissector_work (packet.c:712)
==9901==    by 0x669953B: dissector_try_uint_new (packet.c:1144)
==9901==    by 0x6699586: dissector_try_uint (packet.c:1170)
==9901==  Address 0x12c80f80 is 0 bytes inside a block of size 9 free'd
==9901==    at 0x4C2BDEC: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==9901==    by 0x66D74F9: Radiuslex (radius_dict.l:337)
==9901==    by 0x66D87AA: radius_load_dictionary (radius_dict.l:562)
==9901==    by 0x6C4B02F: register_radius_fields (packet-radius.c:2055)
==9901==    by 0x66A611D: proto_registrar_get_byname (proto.c:861)
==9901==    by 0x6C4A589: dissect_radius (packet-radius.c:1439)
==9901==    by 0x669859E: call_dissector_through_handle (packet.c:621)
==9901==    by 0x6698E84: call_dissector_work (packet.c:712)
==9901==    by 0x669953B: dissector_try_uint_new (packet.c:1144)
==9901==    by 0x6699586: dissector_try_uint (packet.c:1170)
==9901==    by 0x6DC92B9: decode_udp_ports (packet-udp.c:493)
==9901==    by 0x6DC9B56: dissect (packet-udp.c:839)
==9901== 
==9901== Invalid read of size 1
==9901==    at 0x4C2F1C8: strcmp (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==9901==    by 0x9AC7FC8: g_str_equal (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==9901==    by 0x9AC70BF: ??? (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==9901==    by 0x66D7534: Radiuslex (radius_dict.l:341)
==9901==    by 0x66D87AA: radius_load_dictionary (radius_dict.l:562)
==9901==    by 0x6C4B02F: register_radius_fields (packet-radius.c:2055)
==9901==    by 0x66A611D: proto_registrar_get_byname (proto.c:861)
==9901==    by 0x6C4A589: dissect_radius (packet-radius.c:1439)
==9901==    by 0x669859E: call_dissector_through_handle (packet.c:621)
==9901==    by 0x6698E84: call_dissector_work (packet.c:712)
==9901==    by 0x669953B: dissector_try_uint_new (packet.c:1144)
==9901==    by 0x6699586: dissector_try_uint (packet.c:1170)
==9901==  Address 0x12c80f81 is 1 bytes inside a block of size 9 free'd
==9901==    at 0x4C2BDEC: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==9901==    by 0x66D74F9: Radiuslex (radius_dict.l:337)
==9901==    by 0x66D87AA: radius_load_dictionary (radius_dict.l:562)
==9901==    by 0x6C4B02F: register_radius_fields (packet-radius.c:2055)
==9901==    by 0x66A611D: proto_registrar_get_byname (proto.c:861)
==9901==    by 0x6C4A589: dissect_radius (packet-radius.c:1439)
==9901==    by 0x669859E: call_dissector_through_handle (packet.c:621)
==9901==    by 0x6698E84: call_dissector_work (packet.c:712)
==9901==    by 0x669953B: dissector_try_uint_new (packet.c:1144)
==9901==    by 0x6699586: dissector_try_uint (packet.c:1170)
==9901==    by 0x6DC92B9: decode_udp_ports (packet-udp.c:493)
==9901==    by 0x6DC9B56: dissect (packet-udp.c:839)
==9901== 
==9901== Invalid read of size 1
==9901==    at 0x4C2F1B1: strcmp (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==9901==    by 0x9AC7FC8: g_str_equal (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==9901==    by 0x9AC75EF: g_hash_table_lookup (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==9901==    by 0x66D6A0D: add_attribute (radius_dict.l:359)
==9901==    by 0x66D7B3F: Radiuslex (radius_dict.l:234)
==9901==    by 0x66D87AA: radius_load_dictionary (radius_dict.l:562)
==9901==    by 0x6C4B02F: register_radius_fields (packet-radius.c:2055)
==9901==    by 0x66A611D: proto_registrar_get_byname (proto.c:861)
==9901==    by 0x6C4A589: dissect_radius (packet-radius.c:1439)
==9901==    by 0x669859E: call_dissector_through_handle (packet.c:621)
==9901==    by 0x6698E84: call_dissector_work (packet.c:712)
==9901==    by 0x669953B: dissector_try_uint_new (packet.c:1144)
==9901==  Address 0x12c80f80 is 0 bytes inside a block of size 9 free'd
==9901==    at 0x4C2BDEC: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==9901==    by 0x66D74F9: Radiuslex (radius_dict.l:337)
==9901==    by 0x66D87AA: radius_load_dictionary (radius_dict.l:562)
==9901==    by 0x6C4B02F: register_radius_fields (packet-radius.c:2055)
==9901==    by 0x66A611D: proto_registrar_get_byname (proto.c:861)
==9901==    by 0x6C4A589: dissect_radius (packet-radius.c:1439)
==9901==    by 0x669859E: call_dissector_through_handle (packet.c:621)
==9901==    by 0x6698E84: call_dissector_work (packet.c:712)
==9901==    by 0x669953B: dissector_try_uint_new (packet.c:1144)
==9901==    by 0x6699586: dissector_try_uint (packet.c:1170)
==9901==    by 0x6DC92B9: decode_udp_ports (packet-udp.c:493)
==9901==    by 0x6DC9B56: dissect (packet-udp.c:839)
==9901== 
==9901== Invalid read of size 1
==9901==    at 0x4C2F1C8: strcmp (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==9901==    by 0x9AC7FC8: g_str_equal (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==9901==    by 0x9AC75EF: g_hash_table_lookup (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0)
==9901==    by 0x66D6A0D: add_attribute (radius_dict.l:359)
==9901==    by 0x66D7B3F: Radiuslex (radius_dict.l:234)
==9901==    by 0x66D87AA: radius_load_dictionary (radius_dict.l:562)
==9901==    by 0x6C4B02F: register_radius_fields (packet-radius.c:2055)
==9901==    by 0x66A611D: proto_registrar_get_byname (proto.c:861)
==9901==    by 0x6C4A589: dissect_radius (packet-radius.c:1439)
==9901==    by 0x669859E: call_dissector_through_handle (packet.c:621)
==9901==    by 0x6698E84: call_dissector_work (packet.c:712)
==9901==    by 0x669953B: dissector_try_uint_new (packet.c:1144)
==9901==  Address 0x12c80f81 is 1 bytes inside a block of size 9 free'd
==9901==    at 0x4C2BDEC: free (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==9901==    by 0x66D74F9: Radiuslex (radius_dict.l:337)
==9901==    by 0x66D87AA: radius_load_dictionary (radius_dict.l:562)
==9901==    by 0x6C4B02F: register_radius_fields (packet-radius.c:2055)
==9901==    by 0x66A611D: proto_registrar_get_byname (proto.c:861)
==9901==    by 0x6C4A589: dissect_radius (packet-radius.c:1439)
==9901==    by 0x669859E: call_dissector_through_handle (packet.c:621)
==9901==    by 0x6698E84: call_dissector_work (packet.c:712)
==9901==    by 0x669953B: dissector_try_uint_new (packet.c:1144)
==9901==    by 0x6699586: dissector_try_uint (packet.c:1170)
==9901==    by 0x6DC92B9: decode_udp_ports (packet-udp.c:493)
==9901==    by 0x6DC9B56: dissect (packet-udp.c:839)
==9901== 
==9901== 
==9901== HEAP SUMMARY:
==9901==     in use at exit: 2,384,079 bytes in 47,959 blocks
==9901==   total heap usage: 613,052 allocs, 565,093 frees, 71,798,847 bytes
allocated
==9901== 
==9901== LEAK SUMMARY:
==9901==    definitely lost: 3,690 bytes in 163 blocks
==9901==    indirectly lost: 36,680 bytes in 51 blocks
==9901==      possibly lost: 0 bytes in 0 blocks
==9901==    still reachable: 2,343,709 bytes in 47,745 blocks
==9901==         suppressed: 0 bytes in 0 blocks
==9901== Rerun with --leak-check=full to see details of leaked memory
==9901== 
==9901== For counts of detected and suppressed errors, rerun with: -v
==9901== ERROR SUMMARY: 162 errors from 4 contexts (suppressed: 0 from 0)

[ no debug trace ]

---

      You are receiving this mail because:

• You are watching all bug changes.