Wireshark-bugs: [Wireshark-bugs] [Bug 10797] New: Buildbot crash output: fuzz-2014-12-19-2215.pc
Date: Sat, 20 Dec 2014 21:50:03 +0000
Bug ID | 10797 |
---|---|
Summary | Buildbot crash output: fuzz-2014-12-19-2215.pcap |
Product | Wireshark |
Version | unspecified |
Hardware | x86-64 |
URL | https://www.wireshark.org/download/automated/captures/fuzz-2014-12-19-2215.pcap |
OS | Ubuntu |
Status | CONFIRMED |
Severity | Major |
Priority | High |
Component | Dissection engine (libwireshark) |
Assignee | [email protected] |
Reporter | [email protected] |
Problems have been found with the following capture file: https://www.wireshark.org/download/automated/captures/fuzz-2014-12-19-2215.pcap stderr: Input file: /home/wireshark/menagerie/menagerie/9630-ATLAS_FTAM_TCP_TRACE_2012110713400115.pcap Build host information: Linux wsbb04 3.13.0-39-generic #66-Ubuntu SMP Tue Oct 28 13:30:27 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Distributor ID: Ubuntu Description: Ubuntu 14.04.1 LTS Release: 14.04 Codename: trusty Buildbot information: BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark BUILDBOT_BUILDNUMBER=3084 BUILDBOT_URL=http://buildbot.wireshark.org/trunk/ BUILDBOT_BUILDERNAME=Clang Code Analysis BUILDBOT_SLAVENAME=clang-code-analysis BUILDBOT_GOT_REVISION=6011a047d3cd2aba84e7fdd3bf7e8403a2f3563b Return value: 0 Dissector bug: 0 Valgrind error count: 124 Git commit commit 6011a047d3cd2aba84e7fdd3bf7e8403a2f3563b Author: Guy Harris <[email protected]> Date: Wed Dec 17 16:41:21 2014 -0800 WTAP_ERR_UNWRITABLE_ errors aren't returned by reads or open-for-reading. Check for them *only* on opening for writing and writes. Change-Id: I4b537d511ec04bcfc81f69166a2b9a2ee9310067 Reviewed-on: https://code.wireshark.org/review/5827 Reviewed-by: Guy Harris <[email protected]> Command and args: ./tools/valgrind-wireshark.sh ==11382== Memcheck, a memory error detector ==11382== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al. ==11382== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for copyright info ==11382== Command: /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark -nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2014-12-19-2215.pcap ==11382== ==11382== Invalid read of size 1 ==11382== at 0x9B3DFE0: g_str_hash (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==11382== by 0x9B3D568: g_hash_table_lookup (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==11382== by 0x67CA020: call_ber_oid_callback (packet-ber.c:551) ==11382== by 0x67CAC6C: dissect_ber_sequence (packet-ber.c:2425) ==11382== by 0x6F338DF: dissect_ftam_T_document_type (ftam.cnf:91) ==11382== by 0x67C9056: dissect_ber_choice (packet-ber.c:2925) ==11382== by 0x6F32D6F: dissect_ftam_Contents_Type_Attribute (ftam.cnf:137) ==11382== by 0x67CAC6C: dissect_ber_sequence (packet-ber.c:2425) ==11382== by 0x6F33A9F: dissect_ftam_Create_Attributes_U (ftam.cnf:160) ==11382== by 0x67C818A: dissect_ber_tagged_type (packet-ber.c:717) ==11382== by 0x6F3586D: dissect_ftam_Create_Attributes (ftam.cnf:170) ==11382== by 0x67CAC6C: dissect_ber_sequence (packet-ber.c:2425) ==11382== Address 0x14b148f0 is 0 bytes inside a block of size 57 free'd ==11382== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==11382== by 0x66C1154: emem_free_all (emem.c:1187) ==11382== by 0x66C22C0: epan_dissect_run_with_taps (epan.c:350) ==11382== by 0x413803: process_packet (tshark.c:3583) ==11382== by 0x40C88F: main (tshark.c:3349) ==11382== ==11382== Invalid read of size 1 ==11382== at 0x9B3DFFD: g_str_hash (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==11382== by 0x9B3D568: g_hash_table_lookup (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==11382== by 0x67CA020: call_ber_oid_callback (packet-ber.c:551) ==11382== by 0x67CAC6C: dissect_ber_sequence (packet-ber.c:2425) ==11382== by 0x6F338DF: dissect_ftam_T_document_type (ftam.cnf:91) ==11382== by 0x67C9056: dissect_ber_choice (packet-ber.c:2925) ==11382== by 0x6F32D6F: dissect_ftam_Contents_Type_Attribute (ftam.cnf:137) ==11382== by 0x67CAC6C: dissect_ber_sequence (packet-ber.c:2425) ==11382== by 0x6F33A9F: dissect_ftam_Create_Attributes_U (ftam.cnf:160) ==11382== by 0x67C818A: dissect_ber_tagged_type (packet-ber.c:717) ==11382== by 0x6F3586D: dissect_ftam_Create_Attributes (ftam.cnf:170) ==11382== by 0x67CAC6C: dissect_ber_sequence (packet-ber.c:2425) ==11382== Address 0x14b148f1 is 1 bytes inside a block of size 57 free'd ==11382== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==11382== by 0x66C1154: emem_free_all (emem.c:1187) ==11382== by 0x66C22C0: epan_dissect_run_with_taps (epan.c:350) ==11382== by 0x413803: process_packet (tshark.c:3583) ==11382== by 0x40C88F: main (tshark.c:3349) ==11382== ==11382== Invalid read of size 1 ==11382== at 0x4C2E0E2: strlen (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==11382== by 0x9B6AB02: g_strdup (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==11382== by 0x66CCF10: find_string_dtbl_entry (packet.c:1224) ==11382== by 0x66CD816: dissector_try_string (packet.c:1413) ==11382== by 0x67CA088: call_ber_oid_callback (packet-ber.c:1120) ==11382== by 0x67CAC6C: dissect_ber_sequence (packet-ber.c:2425) ==11382== by 0x6F338DF: dissect_ftam_T_document_type (ftam.cnf:91) ==11382== by 0x67C9056: dissect_ber_choice (packet-ber.c:2925) ==11382== by 0x6F32D6F: dissect_ftam_Contents_Type_Attribute (ftam.cnf:137) ==11382== by 0x67CAC6C: dissect_ber_sequence (packet-ber.c:2425) ==11382== by 0x6F33A9F: dissect_ftam_Create_Attributes_U (ftam.cnf:160) ==11382== by 0x67C818A: dissect_ber_tagged_type (packet-ber.c:717) ==11382== Address 0x14b148f0 is 0 bytes inside a block of size 57 free'd ==11382== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==11382== by 0x66C1154: emem_free_all (emem.c:1187) ==11382== by 0x66C22C0: epan_dissect_run_with_taps (epan.c:350) ==11382== by 0x413803: process_packet (tshark.c:3583) ==11382== by 0x40C88F: main (tshark.c:3349) ==11382== ==11382== Invalid read of size 1 ==11382== at 0x4C2E0F4: strlen (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==11382== by 0x9B6AB02: g_strdup (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==11382== by 0x66CCF10: find_string_dtbl_entry (packet.c:1224) ==11382== by 0x66CD816: dissector_try_string (packet.c:1413) ==11382== by 0x67CA088: call_ber_oid_callback (packet-ber.c:1120) ==11382== by 0x67CAC6C: dissect_ber_sequence (packet-ber.c:2425) ==11382== by 0x6F338DF: dissect_ftam_T_document_type (ftam.cnf:91) ==11382== by 0x67C9056: dissect_ber_choice (packet-ber.c:2925) ==11382== by 0x6F32D6F: dissect_ftam_Contents_Type_Attribute (ftam.cnf:137) ==11382== by 0x67CAC6C: dissect_ber_sequence (packet-ber.c:2425) ==11382== by 0x6F33A9F: dissect_ftam_Create_Attributes_U (ftam.cnf:160) ==11382== by 0x67C818A: dissect_ber_tagged_type (packet-ber.c:717) ==11382== Address 0x14b148f1 is 1 bytes inside a block of size 57 free'd ==11382== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==11382== by 0x66C1154: emem_free_all (emem.c:1187) ==11382== by 0x66C22C0: epan_dissect_run_with_taps (epan.c:350) ==11382== by 0x413803: process_packet (tshark.c:3583) ==11382== by 0x40C88F: main (tshark.c:3349) ==11382== ==11382== Invalid read of size 8 ==11382== at 0x4C2F790: memcpy@@GLIBC_2.14 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==11382== by 0x9B6AB1C: g_strdup (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==11382== by 0x66CCF10: find_string_dtbl_entry (packet.c:1224) ==11382== by 0x66CD816: dissector_try_string (packet.c:1413) ==11382== by 0x67CA088: call_ber_oid_callback (packet-ber.c:1120) ==11382== by 0x67CAC6C: dissect_ber_sequence (packet-ber.c:2425) ==11382== by 0x6F338DF: dissect_ftam_T_document_type (ftam.cnf:91) ==11382== by 0x67C9056: dissect_ber_choice (packet-ber.c:2925) ==11382== by 0x6F32D6F: dissect_ftam_Contents_Type_Attribute (ftam.cnf:137) ==11382== by 0x67CAC6C: dissect_ber_sequence (packet-ber.c:2425) ==11382== by 0x6F33A9F: dissect_ftam_Create_Attributes_U (ftam.cnf:160) ==11382== by 0x67C818A: dissect_ber_tagged_type (packet-ber.c:717) ==11382== Address 0x14b148f0 is 0 bytes inside a block of size 57 free'd ==11382== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==11382== by 0x66C1154: emem_free_all (emem.c:1187) ==11382== by 0x66C22C0: epan_dissect_run_with_taps (epan.c:350) ==11382== by 0x413803: process_packet (tshark.c:3583) ==11382== by 0x40C88F: main (tshark.c:3349) ==11382== ==11382== Invalid read of size 8 ==11382== at 0x4C2F79E: memcpy@@GLIBC_2.14 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==11382== by 0x9B6AB1C: g_strdup (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==11382== by 0x66CCF10: find_string_dtbl_entry (packet.c:1224) ==11382== by 0x66CD816: dissector_try_string (packet.c:1413) ==11382== by 0x67CA088: call_ber_oid_callback (packet-ber.c:1120) ==11382== by 0x67CAC6C: dissect_ber_sequence (packet-ber.c:2425) ==11382== by 0x6F338DF: dissect_ftam_T_document_type (ftam.cnf:91) ==11382== by 0x67C9056: dissect_ber_choice (packet-ber.c:2925) ==11382== by 0x6F32D6F: dissect_ftam_Contents_Type_Attribute (ftam.cnf:137) ==11382== by 0x67CAC6C: dissect_ber_sequence (packet-ber.c:2425) ==11382== by 0x6F33A9F: dissect_ftam_Create_Attributes_U (ftam.cnf:160) ==11382== by 0x67C818A: dissect_ber_tagged_type (packet-ber.c:717) ==11382== Address 0x14b14900 is 16 bytes inside a block of size 57 free'd ==11382== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==11382== by 0x66C1154: emem_free_all (emem.c:1187) ==11382== by 0x66C22C0: epan_dissect_run_with_taps (epan.c:350) ==11382== by 0x413803: process_packet (tshark.c:3583) ==11382== by 0x40C88F: main (tshark.c:3349) ==11382== ==11382== Invalid read of size 2 ==11382== at 0x4C2F7E0: memcpy@@GLIBC_2.14 (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==11382== by 0x9B6AB1C: g_strdup (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==11382== by 0x66CCF10: find_string_dtbl_entry (packet.c:1224) ==11382== by 0x66CD816: dissector_try_string (packet.c:1413) ==11382== by 0x67CA088: call_ber_oid_callback (packet-ber.c:1120) ==11382== by 0x67CAC6C: dissect_ber_sequence (packet-ber.c:2425) ==11382== by 0x6F338DF: dissect_ftam_T_document_type (ftam.cnf:91) ==11382== by 0x67C9056: dissect_ber_choice (packet-ber.c:2925) ==11382== by 0x6F32D6F: dissect_ftam_Contents_Type_Attribute (ftam.cnf:137) ==11382== by 0x67CAC6C: dissect_ber_sequence (packet-ber.c:2425) ==11382== by 0x6F33A9F: dissect_ftam_Create_Attributes_U (ftam.cnf:160) ==11382== by 0x67C818A: dissect_ber_tagged_type (packet-ber.c:717) ==11382== Address 0x14b14928 is 56 bytes inside a block of size 57 free'd ==11382== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==11382== by 0x66C1154: emem_free_all (emem.c:1187) ==11382== by 0x66C22C0: epan_dissect_run_with_taps (epan.c:350) ==11382== by 0x413803: process_packet (tshark.c:3583) ==11382== by 0x40C88F: main (tshark.c:3349) ==11382== ==11382== ==11382== HEAP SUMMARY: ==11382== in use at exit: 1,226,092 bytes in 30,650 blocks ==11382== total heap usage: 984,799 allocs, 954,149 frees, 63,703,984 bytes allocated ==11382== ==11382== LEAK SUMMARY: ==11382== definitely lost: 12,688 bytes in 1,157 blocks ==11382== indirectly lost: 36,744 bytes in 51 blocks ==11382== possibly lost: 0 bytes in 0 blocks ==11382== still reachable: 1,176,660 bytes in 29,442 blocks ==11382== suppressed: 0 bytes in 0 blocks ==11382== Rerun with --leak-check=full to see details of leaked memory ==11382== ==11382== For counts of detected and suppressed errors, rerun with: -v ==11382== ERROR SUMMARY: 124 errors from 7 contexts (suppressed: 0 from 0) [ no debug trace ]
You are receiving this mail because:
- You are watching all bug changes.
- Follow-Ups:
- [Wireshark-bugs] [Bug 10797] Buildbot crash output: fuzz-2014-12-19-2215.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10797] Buildbot crash output: fuzz-2014-12-19-2215.pcap
- Prev by Date: [Wireshark-bugs] [Bug 10796] Crash when enabling FCoIB manual settings without filling address field
- Next by Date: [Wireshark-bugs] [Bug 10798] New: HTTP Requests are only partially dissected (data is "thrown away")
- Previous by thread: [Wireshark-bugs] [Bug 10796] Crash when enabling FCoIB manual settings without filling address field
- Next by thread: [Wireshark-bugs] [Bug 10797] Buildbot crash output: fuzz-2014-12-19-2215.pcap
- Index(es):