Wireshark-bugs: [Wireshark-bugs] [Bug 13250] New: Buildbot crash output: fuzz-2016-12-14-32314.p

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Thu, 15 Dec 2016 04:00:02 +0000
Bug ID 13250
Summary Buildbot crash output: fuzz-2016-12-14-32314.pcap
Product Wireshark
Version unspecified
Hardware x86-64
URL https://www.wireshark.org/download/automated/captures/fuzz-2016-12-14-32314.pcap
OS Ubuntu
Status CONFIRMED
Severity Major
Priority High
Component Dissection engine (libwireshark)
Assignee [email protected]
Reporter [email protected] 

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2016-12-14-32314.pcap

stderr:
Input file:
/home/wireshark/menagerie/menagerie/14807-160719-04_BLE_sensor_and_CGW_prefix_added_exp_pdu.pcapng

Build host information:
Linux wsbb04 4.4.0-47-generic #68-Ubuntu SMP Wed Oct 26 19:39:52 UTC 2016
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 16.04.1 LTS
Release:    16.04
Codename:    xenial

Buildbot information:
BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark
BUILDBOT_WORKERNAME=clang-code-analysis
BUILDBOT_BUILDNUMBER=3817
BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-master/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_GOT_REVISION=1c8223dbdff2aeb08848f4fae28b457b14f593b2

Return value:  0

Dissector bug:  0

Valgrind error count:  78



Git commit
commit 1c8223dbdff2aeb08848f4fae28b457b14f593b2
Author: Dario Lombardo <[email protected]>
Date:   Fri Dec 9 11:44:11 2016 +0100

    extcap: add info to extcap manpage (taken from README.extcap).

    Ping-Bug: 13218
    Change-Id: Ib43dc2ce8ae7991468b866aec3f03f6a5709f8b2
    Reviewed-on: https://code.wireshark.org/review/19177
    Reviewed-by: Michael Mann <[email protected]>
    Reviewed-by: Dario Lombardo <[email protected]>


==14868== Memcheck, a memory error detector
==14868== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==14868== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==14868== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install.plain/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2016-12-14-32314.pcap
==14868== 

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet 6:
packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet 22:
packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet 33:
packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet 44:
packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet 45:
packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"
==14868== Conditional jump or move depends on uninitialised value(s)
==14868==    at 0x4C33D52: __memcmp_sse4_1 (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14868==    by 0x69DE3B3: addresses_equal (address.h:230)
==14868==    by 0x69DE3B3: fragment_addresses_equal (reassemble.c:82)
==14868==    by 0xA6F9DCE: g_hash_table_lookup_extended (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==14868==    by 0x69DF8B6: lookup_fd_head (reassemble.c:541)
==14868==    by 0x69DF8B6: fragment_add_seq_common (reassemble.c:1886)
==14868==    by 0x69DFEB7: fragment_add_seq_check_work (reassemble.c:2037)
==14868==    by 0x69DFF79: fragment_add_seq_next (reassemble.c:2100)
==14868==    by 0x6B467A6: dissect_btle (packet-btle.c:944)
==14868==    by 0x69B4D35: call_dissector_through_handle (packet.c:650)
==14868==    by 0x69B4D35: call_dissector_work (packet.c:725)
==14868==    by 0x69B3DEC: call_dissector_only (packet.c:2954)
==14868==    by 0x69B3DEC: call_dissector_with_data (packet.c:2967)
==14868==    by 0x6F7B5E0: dissect_nordic_ble (packet-nordic_ble.c:287)
==14868==    by 0x69B4D35: call_dissector_through_handle (packet.c:650)
==14868==    by 0x69B4D35: call_dissector_work (packet.c:725)
==14868==    by 0x69B3DEC: call_dissector_only (packet.c:2954)
==14868==    by 0x69B3DEC: call_dissector_with_data (packet.c:2967)
==14868== 
==14868== Conditional jump or move depends on uninitialised value(s)
==14868==    at 0x4C33D52: __memcmp_sse4_1 (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14868==    by 0x69DE3ED: addresses_equal (address.h:230)
==14868==    by 0x69DE3ED: fragment_addresses_equal (reassemble.c:83)
==14868==    by 0xA6F9DCE: g_hash_table_lookup_extended (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==14868==    by 0x69DF8B6: lookup_fd_head (reassemble.c:541)
==14868==    by 0x69DF8B6: fragment_add_seq_common (reassemble.c:1886)
==14868==    by 0x69DFEB7: fragment_add_seq_check_work (reassemble.c:2037)
==14868==    by 0x69DFF79: fragment_add_seq_next (reassemble.c:2100)
==14868==    by 0x6B467A6: dissect_btle (packet-btle.c:944)
==14868==    by 0x69B4D35: call_dissector_through_handle (packet.c:650)
==14868==    by 0x69B4D35: call_dissector_work (packet.c:725)
==14868==    by 0x69B3DEC: call_dissector_only (packet.c:2954)
==14868==    by 0x69B3DEC: call_dissector_with_data (packet.c:2967)
==14868==    by 0x6F7B5E0: dissect_nordic_ble (packet-nordic_ble.c:287)
==14868==    by 0x69B4D35: call_dissector_through_handle (packet.c:650)
==14868==    by 0x69B4D35: call_dissector_work (packet.c:725)
==14868==    by 0x69B3DEC: call_dissector_only (packet.c:2954)
==14868==    by 0x69B3DEC: call_dissector_with_data (packet.c:2967)
==14868== 

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet 76:
packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet 81:
packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet 86:
packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet 99:
packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
110: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
129: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"
==14868== Conditional jump or move depends on uninitialised value(s)
==14868==    at 0x4C33D52: __memcmp_sse4_1 (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14868==    by 0x69DE3B3: addresses_equal (address.h:230)
==14868==    by 0x69DE3B3: fragment_addresses_equal (reassemble.c:82)
==14868==    by 0xA6F95F9: ??? (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==14868==    by 0x69DFED4: fragment_unhash (reassemble.c:789)
==14868==    by 0x69DFED4: fragment_add_seq_check_work (reassemble.c:2052)
==14868==    by 0x69DFF79: fragment_add_seq_next (reassemble.c:2100)
==14868==    by 0x6B46D49: dissect_btle (packet-btle.c:883)
==14868==    by 0x69B4D35: call_dissector_through_handle (packet.c:650)
==14868==    by 0x69B4D35: call_dissector_work (packet.c:725)
==14868==    by 0x69B3DEC: call_dissector_only (packet.c:2954)
==14868==    by 0x69B3DEC: call_dissector_with_data (packet.c:2967)
==14868==    by 0x6F7B5E0: dissect_nordic_ble (packet-nordic_ble.c:287)
==14868==    by 0x69B4D35: call_dissector_through_handle (packet.c:650)
==14868==    by 0x69B4D35: call_dissector_work (packet.c:725)
==14868==    by 0x69B3DEC: call_dissector_only (packet.c:2954)
==14868==    by 0x69B3DEC: call_dissector_with_data (packet.c:2967)
==14868==    by 0x6CA69F2: dissect_exported_pdu (packet-exported_pdu.c:285)
==14868== 
==14868== Conditional jump or move depends on uninitialised value(s)
==14868==    at 0x4C33D52: __memcmp_sse4_1 (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==14868==    by 0x69DE3ED: addresses_equal (address.h:230)
==14868==    by 0x69DE3ED: fragment_addresses_equal (reassemble.c:83)
==14868==    by 0xA6F95F9: ??? (in
/lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1)
==14868==    by 0x69DFED4: fragment_unhash (reassemble.c:789)
==14868==    by 0x69DFED4: fragment_add_seq_check_work (reassemble.c:2052)
==14868==    by 0x69DFF79: fragment_add_seq_next (reassemble.c:2100)
==14868==    by 0x6B46D49: dissect_btle (packet-btle.c:883)
==14868==    by 0x69B4D35: call_dissector_through_handle (packet.c:650)
==14868==    by 0x69B4D35: call_dissector_work (packet.c:725)
==14868==    by 0x69B3DEC: call_dissector_only (packet.c:2954)
==14868==    by 0x69B3DEC: call_dissector_with_data (packet.c:2967)
==14868==    by 0x6F7B5E0: dissect_nordic_ble (packet-nordic_ble.c:287)
==14868==    by 0x69B4D35: call_dissector_through_handle (packet.c:650)
==14868==    by 0x69B4D35: call_dissector_work (packet.c:725)
==14868==    by 0x69B3DEC: call_dissector_only (packet.c:2954)
==14868==    by 0x69B3DEC: call_dissector_with_data (packet.c:2967)
==14868==    by 0x6CA69F2: dissect_exported_pdu (packet-exported_pdu.c:285)
==14868== 

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
160: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
171: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
193: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
221: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
236: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
237: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
240: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
261: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
278: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
311: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
316: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
353: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
404: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
455: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
475: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
493: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
524: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
527: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
531: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
576: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
593: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
606: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
614: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
619: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
661: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
667: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
693: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
728: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
736: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
738: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
746: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
751: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
793: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
802: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
804: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
868: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
891: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"

** (process:14868): WARNING **: Dissector bug, protocol BT LE LL, in packet
905: packet-btle.c:840: failed assertion "btle_frame_info != ((void*)0)"
==14868== 
==14868== HEAP SUMMARY:
==14868==     in use at exit: 6,088,366 bytes in 9,754 blocks
==14868==   total heap usage: 285,506 allocs, 275,752 frees, 37,937,404 bytes
allocated
==14868== 
==14868== LEAK SUMMARY:
==14868==    definitely lost: 1,380 bytes in 87 blocks
==14868==    indirectly lost: 0 bytes in 0 blocks
==14868==      possibly lost: 0 bytes in 0 blocks
==14868==    still reachable: 6,086,986 bytes in 9,667 blocks
==14868==         suppressed: 0 bytes in 0 blocks
==14868== Rerun with --leak-check=full to see details of leaked memory
==14868== 
==14868== For counts of detected and suppressed errors, rerun with: -v
==14868== Use --track-origins=yes to see where uninitialised values come from
==14868== ERROR SUMMARY: 78 errors from 4 contexts (suppressed: 0 from 0)

[ no debug trace ]

You are receiving this mail because:
  • You are watching all bug changes.