Wireshark-bugs: [Wireshark-bugs] [Bug 10689] New: Buildbot crash output: fuzz-2014-11-10-12482.p
Date: Mon, 10 Nov 2014 18:10:03 +0000
Bug ID | 10689 |
---|---|
Summary | Buildbot crash output: fuzz-2014-11-10-12482.pcap |
Product | Wireshark |
Version | unspecified |
Hardware | x86-64 |
URL | https://www.wireshark.org/download/automated/captures/fuzz-2014-11-10-12482.pcap |
OS | Ubuntu |
Status | CONFIRMED |
Severity | Major |
Priority | High |
Component | Dissection engine (libwireshark) |
Assignee | [email protected] |
Reporter | [email protected] |
Problems have been found with the following capture file: https://www.wireshark.org/download/automated/captures/fuzz-2014-11-10-12482.pcap stderr: Input file: /home/wireshark/menagerie/menagerie/10783-traces_lass-pc-8.10.1.cap.gz Build host information: Linux wsbb04 3.13.0-39-generic #66-Ubuntu SMP Tue Oct 28 13:30:27 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Distributor ID: Ubuntu Description: Ubuntu 14.04.1 LTS Release: 14.04 Codename: trusty Buildbot information: BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark BUILDBOT_BUILDNUMBER=3049 BUILDBOT_URL=http://buildbot.wireshark.org/trunk/ BUILDBOT_BUILDERNAME=Clang Code Analysis BUILDBOT_SLAVENAME=clang-code-analysis BUILDBOT_GOT_REVISION=8153cbc56e0206f48c910c79b739e435a38e2b47 Return value: 0 Dissector bug: 0 Valgrind error count: 162 Git commit commit 8153cbc56e0206f48c910c79b739e435a38e2b47 Author: Gerald Combs <[email protected]> Date: Sat Nov 8 22:23:25 2014 -0800 Try to fix wsluarm dependency. Change-Id: I90f6a400bb5078c7719c3088d87c4632b810346b Reviewed-on: https://code.wireshark.org/review/5205 Reviewed-by: Gerald Combs <[email protected]> Command and args: ./tools/valgrind-wireshark.sh ==29072== Memcheck, a memory error detector ==29072== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al. ==29072== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for copyright info ==29072== Command: /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark -nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2014-11-10-12482.pcap ==29072== ==29072== Invalid read of size 1 ==29072== at 0x4C2F1B1: strcmp (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==29072== by 0x9AC9FC8: g_str_equal (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==29072== by 0x9AC90BF: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==29072== by 0x66D8204: Radiuslex (radius_dict.l:341) ==29072== by 0x66D947A: radius_load_dictionary (radius_dict.l:562) ==29072== by 0x6C4BF3F: register_radius_fields (packet-radius.c:2055) ==29072== by 0x66A6DFD: proto_registrar_get_byname (proto.c:861) ==29072== by 0x6C4A916: dissect_attribute_value_pairs (packet-radius.c:994) ==29072== by 0x6C4B9A2: dissect_radius (packet-radius.c:1715) ==29072== by 0x669927E: call_dissector_through_handle (packet.c:621) ==29072== by 0x6699B64: call_dissector_work (packet.c:712) ==29072== by 0x669A21B: dissector_try_uint_new (packet.c:1144) ==29072== Address 0x12461430 is 0 bytes inside a block of size 9 free'd ==29072== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==29072== by 0x66D81C9: Radiuslex (radius_dict.l:337) ==29072== by 0x66D947A: radius_load_dictionary (radius_dict.l:562) ==29072== by 0x6C4BF3F: register_radius_fields (packet-radius.c:2055) ==29072== by 0x66A6DFD: proto_registrar_get_byname (proto.c:861) ==29072== by 0x6C4A916: dissect_attribute_value_pairs (packet-radius.c:994) ==29072== by 0x6C4B9A2: dissect_radius (packet-radius.c:1715) ==29072== by 0x669927E: call_dissector_through_handle (packet.c:621) ==29072== by 0x6699B64: call_dissector_work (packet.c:712) ==29072== by 0x669A21B: dissector_try_uint_new (packet.c:1144) ==29072== by 0x669A266: dissector_try_uint (packet.c:1170) ==29072== by 0x6DCA239: decode_udp_ports (packet-udp.c:493) ==29072== ==29072== Invalid read of size 1 ==29072== at 0x4C2F1C8: strcmp (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==29072== by 0x9AC9FC8: g_str_equal (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==29072== by 0x9AC90BF: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==29072== by 0x66D8204: Radiuslex (radius_dict.l:341) ==29072== by 0x66D947A: radius_load_dictionary (radius_dict.l:562) ==29072== by 0x6C4BF3F: register_radius_fields (packet-radius.c:2055) ==29072== by 0x66A6DFD: proto_registrar_get_byname (proto.c:861) ==29072== by 0x6C4A916: dissect_attribute_value_pairs (packet-radius.c:994) ==29072== by 0x6C4B9A2: dissect_radius (packet-radius.c:1715) ==29072== by 0x669927E: call_dissector_through_handle (packet.c:621) ==29072== by 0x6699B64: call_dissector_work (packet.c:712) ==29072== by 0x669A21B: dissector_try_uint_new (packet.c:1144) ==29072== Address 0x12461431 is 1 bytes inside a block of size 9 free'd ==29072== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==29072== by 0x66D81C9: Radiuslex (radius_dict.l:337) ==29072== by 0x66D947A: radius_load_dictionary (radius_dict.l:562) ==29072== by 0x6C4BF3F: register_radius_fields (packet-radius.c:2055) ==29072== by 0x66A6DFD: proto_registrar_get_byname (proto.c:861) ==29072== by 0x6C4A916: dissect_attribute_value_pairs (packet-radius.c:994) ==29072== by 0x6C4B9A2: dissect_radius (packet-radius.c:1715) ==29072== by 0x669927E: call_dissector_through_handle (packet.c:621) ==29072== by 0x6699B64: call_dissector_work (packet.c:712) ==29072== by 0x669A21B: dissector_try_uint_new (packet.c:1144) ==29072== by 0x669A266: dissector_try_uint (packet.c:1170) ==29072== by 0x6DCA239: decode_udp_ports (packet-udp.c:493) ==29072== ==29072== Invalid read of size 1 ==29072== at 0x4C2F1B1: strcmp (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==29072== by 0x9AC9FC8: g_str_equal (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==29072== by 0x9AC95EF: g_hash_table_lookup (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==29072== by 0x66D76DD: add_attribute (radius_dict.l:359) ==29072== by 0x66D880F: Radiuslex (radius_dict.l:234) ==29072== by 0x66D947A: radius_load_dictionary (radius_dict.l:562) ==29072== by 0x6C4BF3F: register_radius_fields (packet-radius.c:2055) ==29072== by 0x66A6DFD: proto_registrar_get_byname (proto.c:861) ==29072== by 0x6C4A916: dissect_attribute_value_pairs (packet-radius.c:994) ==29072== by 0x6C4B9A2: dissect_radius (packet-radius.c:1715) ==29072== by 0x669927E: call_dissector_through_handle (packet.c:621) ==29072== by 0x6699B64: call_dissector_work (packet.c:712) ==29072== Address 0x12461430 is 0 bytes inside a block of size 9 free'd ==29072== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==29072== by 0x66D81C9: Radiuslex (radius_dict.l:337) ==29072== by 0x66D947A: radius_load_dictionary (radius_dict.l:562) ==29072== by 0x6C4BF3F: register_radius_fields (packet-radius.c:2055) ==29072== by 0x66A6DFD: proto_registrar_get_byname (proto.c:861) ==29072== by 0x6C4A916: dissect_attribute_value_pairs (packet-radius.c:994) ==29072== by 0x6C4B9A2: dissect_radius (packet-radius.c:1715) ==29072== by 0x669927E: call_dissector_through_handle (packet.c:621) ==29072== by 0x6699B64: call_dissector_work (packet.c:712) ==29072== by 0x669A21B: dissector_try_uint_new (packet.c:1144) ==29072== by 0x669A266: dissector_try_uint (packet.c:1170) ==29072== by 0x6DCA239: decode_udp_ports (packet-udp.c:493) ==29072== ==29072== Invalid read of size 1 ==29072== at 0x4C2F1C8: strcmp (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==29072== by 0x9AC9FC8: g_str_equal (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==29072== by 0x9AC95EF: g_hash_table_lookup (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==29072== by 0x66D76DD: add_attribute (radius_dict.l:359) ==29072== by 0x66D880F: Radiuslex (radius_dict.l:234) ==29072== by 0x66D947A: radius_load_dictionary (radius_dict.l:562) ==29072== by 0x6C4BF3F: register_radius_fields (packet-radius.c:2055) ==29072== by 0x66A6DFD: proto_registrar_get_byname (proto.c:861) ==29072== by 0x6C4A916: dissect_attribute_value_pairs (packet-radius.c:994) ==29072== by 0x6C4B9A2: dissect_radius (packet-radius.c:1715) ==29072== by 0x669927E: call_dissector_through_handle (packet.c:621) ==29072== by 0x6699B64: call_dissector_work (packet.c:712) ==29072== Address 0x12461431 is 1 bytes inside a block of size 9 free'd ==29072== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==29072== by 0x66D81C9: Radiuslex (radius_dict.l:337) ==29072== by 0x66D947A: radius_load_dictionary (radius_dict.l:562) ==29072== by 0x6C4BF3F: register_radius_fields (packet-radius.c:2055) ==29072== by 0x66A6DFD: proto_registrar_get_byname (proto.c:861) ==29072== by 0x6C4A916: dissect_attribute_value_pairs (packet-radius.c:994) ==29072== by 0x6C4B9A2: dissect_radius (packet-radius.c:1715) ==29072== by 0x669927E: call_dissector_through_handle (packet.c:621) ==29072== by 0x6699B64: call_dissector_work (packet.c:712) ==29072== by 0x669A21B: dissector_try_uint_new (packet.c:1144) ==29072== by 0x669A266: dissector_try_uint (packet.c:1170) ==29072== by 0x6DCA239: decode_udp_ports (packet-udp.c:493) ==29072== ==29072== ==29072== HEAP SUMMARY: ==29072== in use at exit: 2,384,242 bytes in 48,048 blocks ==29072== total heap usage: 346,135 allocs, 298,087 frees, 51,001,011 bytes allocated ==29072== ==29072== LEAK SUMMARY: ==29072== definitely lost: 5,456 bytes in 168 blocks ==29072== indirectly lost: 36,664 bytes in 50 blocks ==29072== possibly lost: 0 bytes in 0 blocks ==29072== still reachable: 2,342,122 bytes in 47,830 blocks ==29072== suppressed: 0 bytes in 0 blocks ==29072== Rerun with --leak-check=full to see details of leaked memory ==29072== ==29072== For counts of detected and suppressed errors, rerun with: -v ==29072== ERROR SUMMARY: 162 errors from 4 contexts (suppressed: 0 from 0) [ no debug trace ]
You are receiving this mail because:
- You are watching all bug changes.
- Follow-Ups:
- [Wireshark-bugs] [Bug 10689] Buildbot crash output: fuzz-2014-11-10-12482.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10689] Buildbot crash output: fuzz-2014-11-10-12482.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10689] Buildbot crash output: fuzz-2014-11-10-12482.pcap
- Prev by Date: [Wireshark-bugs] [Bug 10688] New: Extended 3GPP-GPRS-Negotiated-QoS-profile strings decoded incompletely
- Next by Date: [Wireshark-bugs] [Bug 10690] New: Typing: frame contains bytes [2342] in the Filter: area causes a crash
- Previous by thread: [Wireshark-bugs] [Bug 10688] Extended 3GPP-GPRS-Negotiated-QoS-profile strings decoded incompletely
- Next by thread: [Wireshark-bugs] [Bug 10689] Buildbot crash output: fuzz-2014-11-10-12482.pcap
- Index(es):