Wireshark-bugs: [Wireshark-bugs] [Bug 10016] segmentation fault observed in wireshark while chec
Date: Thu, 26 Jun 2014 12:30:17 +0000
Balint Reczey changed bug 10016
| What | Removed | Added |
|---|---|---|
| CC | balint@balintreczey.hu |
Comment # 6
on bug 10016
from Balint Reczey
I tried reproducing the issue using Valgrind on master but Wireshark did not crash. OTOH I got quite a few errors detected by Valgrind, not just in Wireshark: rbalint@chaos:~/projects/wireshark.git-build$ WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1 valgrind run/wireshark ==26477== Memcheck, a memory error detector ==26477== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al. ==26477== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info ==26477== Command: run/wireshark ==26477== 14:18:46 Warn Preference "column.hidden" has been converted to "gui.column.hidden" Save your preferences to make this change permanent. 14:18:46 Warn Preference "column.format" has been converted to "gui.column.format" Save your preferences to make this change permanent. ==26477== Conditional jump or move depends on uninitialised value(s) ==26477== at 0x433BE7: __ws80211_get_iface_info (ws80211_utils.c:415) ==26477== by 0x4342E9: ws80211_find_interfaces (ws80211_utils.c:482) ==26477== by 0x447A47: tb80211_refresh_interfaces (main_80211_toolbar.c:304) ==26477== by 0x447ECA: ws80211_toolbar_new (main_80211_toolbar.c:418) ==26477== by 0x426906: main (main.c:3794) ==26477== ==26477== Conditional jump or move depends on uninitialised value(s) ==26477== at 0x51E6D5: rtpstream_packet (tap-rtp-common.c:269) ==26477== by 0x7D3D41A: tap_push_tapped_queue (tap.c:331) ==26477== by 0x7D06A29: epan_dissect_run_with_taps (epan.c:347) ==26477== by 0x42B9C3: retap_packet (file.c:2369) ==26477== by 0x42E20E: process_specified_records.constprop.13 (file.c:2340) ==26477== by 0x42EA4F: cf_retap_packets (file.c:2413) ==26477== by 0x4A687D: rtpstream_launch (rtp_stream_dlg.c:1125) ==26477== by 0x60BE6DF: g_closure_invoke (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.3200.4) ==26477== by 0x60CF74F: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.3200.4) ==26477== by 0x60D76BB: g_signal_emit_valist (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.3200.4) ==26477== by 0x60D7851: g_signal_emit (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.3200.4) ==26477== by 0x4ECC7D2: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-3.so.0.400.2) ==26477== ==26477== Invalid read of size 1 ==26477== at 0x4C2A051: __GI_strcmp (mc_replace_strmem.c:712) ==26477== by 0xBFBBF7F: setlocale (setlocale.c:210) ==26477== by 0x4A51E6: add_to_list_store (rtp_stream_dlg.c:720) ==26477== by 0x4A5CBF: rtpstream_dlg_update (rtp_stream_dlg.c:1085) ==26477== by 0x60BE6DF: g_closure_invoke (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.3200.4) ==26477== by 0x60CF74F: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.3200.4) ==26477== by 0x60D76BB: g_signal_emit_valist (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.3200.4) ==26477== by 0x60D7851: g_signal_emit (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.3200.4) ==26477== by 0x4ECC7D2: ??? (in /usr/lib/x86_64-linux-gnu/libgtk-3.so.0.400.2) ==26477== by 0x60BE6DF: g_closure_invoke (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.3200.4) ==26477== by 0x60CF072: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.3200.4) ==26477== by 0x60D76BB: g_signal_emit_valist (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.3200.4) ==26477== Address 0x12d382c0 is 0 bytes inside a block of size 12 free'd ==26477== at 0x4C27D4E: free (vg_replace_malloc.c:427) ==26477== by 0xBFBBCBD: setname (setlocale.c:173) ==26477== by 0xBFBC0B0: setlocale (setlocale.c:417) ==26477== by 0x4A50AD: add_to_list_store (rtp_stream_dlg.c:687) ==26477== by 0x4A5CBF: rtpstream_dlg_update (rtp_stream_dlg.c:1085) ==26477== by 0x60BE6DF: g_closure_invoke (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.3200.4) ==26477== by 0x60CF74F: ??? (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.3200.4) ==26477== by 0x60D76BB: g_signal_emit_valist (in /usr/lib/x86_64-linux-gnu/libgobject-2.0.so.0.3200 ... (wireshark:26477): GLib-GObject-WARNING **: /tmp/buildd/glib2.0-2.33.12+really2.32.4/./gobject/gsignal.c:2459: signal `expose_event' is invalid for instance `0x4a6eb220' ==26477== ==26477== HEAP SUMMARY: ==26477== in use at exit: 17,954,792 bytes in 131,625 blocks ==26477== total heap usage: 2,261,047 allocs, 2,129,422 frees, 338,641,331 bytes allocated ==26477== ==26477== LEAK SUMMARY: ==26477== definitely lost: 86,744 bytes in 6,722 blocks ==26477== indirectly lost: 62,912 bytes in 1,449 blocks ==26477== possibly lost: 12,883,579 bytes in 76,337 blocks ==26477== still reachable: 4,921,557 bytes in 47,117 blocks ==26477== suppressed: 0 bytes in 0 blocks ==26477== Rerun with --leak-check=full to see details of leaked memory ==26477== ==26477== For counts of detected and suppressed errors, rerun with: -v ==26477== Use --track-origins=yes to see where uninitialised values come from ==26477== ERROR SUMMARY: 9799 errors from 131 contexts (suppressed: 54 from 11)
You are receiving this mail because:
- You are watching all bug changes.
- Prev by Date: [Wireshark-bugs] [Bug 10232] Buildbot crash output: fuzz-2014-06-26-16428.pcap
- Next by Date: [Wireshark-bugs] [Bug 10014] Add the ability to export Display Filter Macros
- Previous by thread: [Wireshark-bugs] [Bug 10129] Hangs when saving ESP SA
- Next by thread: [Wireshark-bugs] [Bug 10016] segmentation fault observed in wireshark while checking RTP playback option
- Index(es):