Wireshark-bugs: [Wireshark-bugs] [Bug 10683] New: Buildbot crash output: fuzz-2014-11-09-15739.p
Date: Sun, 09 Nov 2014 08:50:02 +0000
Bug ID | 10683 |
---|---|
Summary | Buildbot crash output: fuzz-2014-11-09-15739.pcap |
Product | Wireshark |
Version | unspecified |
Hardware | x86-64 |
URL | https://www.wireshark.org/download/automated/captures/fuzz-2014-11-09-15739.pcap |
OS | Ubuntu |
Status | CONFIRMED |
Severity | Major |
Priority | High |
Component | Dissection engine (libwireshark) |
Assignee | bugzilla-admin@wireshark.org |
Reporter | buildbot-do-not-reply@wireshark.org |
Problems have been found with the following capture file: https://www.wireshark.org/download/automated/captures/fuzz-2014-11-09-15739.pcap stderr: Input file: /home/wireshark/menagerie/menagerie/10783-traces_lass-pc-8.10.1.cap.gz Build host information: Linux wsbb04 3.13.0-39-generic #66-Ubuntu SMP Tue Oct 28 13:30:27 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux Distributor ID: Ubuntu Description: Ubuntu 14.04.1 LTS Release: 14.04 Codename: trusty Buildbot information: BUILDBOT_REPOSITORY=ssh://wireshark-buildbot@code.wireshark.org:29418/wireshark BUILDBOT_BUILDNUMBER=3048 BUILDBOT_URL=http://buildbot.wireshark.org/trunk/ BUILDBOT_BUILDERNAME=Clang Code Analysis BUILDBOT_SLAVENAME=clang-code-analysis BUILDBOT_GOT_REVISION=3428e809ddb2d5f673a539516711f61a36eb0ffc Return value: 0 Dissector bug: 0 Valgrind error count: 162 Git commit commit 3428e809ddb2d5f673a539516711f61a36eb0ffc Author: Guy Harris <guy@alum.mit.edu> Date: Fri Nov 7 15:16:17 2014 -0800 Don't forward-declare amqp_0_10_get_size_field(), as it no longer exists. Change-Id: I796826bafd0768b610c9afbde8407fd9d3cc775e Reviewed-on: https://code.wireshark.org/review/5180 Reviewed-by: Guy Harris <guy@alum.mit.edu> Command and args: ./tools/valgrind-wireshark.sh ==30842== Memcheck, a memory error detector ==30842== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al. ==30842== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for copyright info ==30842== Command: /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark -nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2014-11-09-15739.pcap ==30842== ==30842== Invalid read of size 1 ==30842== at 0x4C2F1B1: strcmp (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==30842== by 0x9AC9FC8: g_str_equal (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==30842== by 0x9AC90BF: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==30842== by 0x66D8204: Radiuslex (radius_dict.l:341) ==30842== by 0x66D947A: radius_load_dictionary (radius_dict.l:562) ==30842== by 0x6C4BDBF: register_radius_fields (packet-radius.c:2055) ==30842== by 0x66A6DFD: proto_registrar_get_byname (proto.c:861) ==30842== by 0x6C4A796: dissect_attribute_value_pairs (packet-radius.c:994) ==30842== by 0x6C4B822: dissect_radius (packet-radius.c:1715) ==30842== by 0x669927E: call_dissector_through_handle (packet.c:621) ==30842== by 0x6699B64: call_dissector_work (packet.c:712) ==30842== by 0x669A21B: dissector_try_uint_new (packet.c:1144) ==30842== Address 0x1245cbe0 is 0 bytes inside a block of size 9 free'd ==30842== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==30842== by 0x66D81C9: Radiuslex (radius_dict.l:337) ==30842== by 0x66D947A: radius_load_dictionary (radius_dict.l:562) ==30842== by 0x6C4BDBF: register_radius_fields (packet-radius.c:2055) ==30842== by 0x66A6DFD: proto_registrar_get_byname (proto.c:861) ==30842== by 0x6C4A796: dissect_attribute_value_pairs (packet-radius.c:994) ==30842== by 0x6C4B822: dissect_radius (packet-radius.c:1715) ==30842== by 0x669927E: call_dissector_through_handle (packet.c:621) ==30842== by 0x6699B64: call_dissector_work (packet.c:712) ==30842== by 0x669A21B: dissector_try_uint_new (packet.c:1144) ==30842== by 0x669A266: dissector_try_uint (packet.c:1170) ==30842== by 0x6DCA039: decode_udp_ports (packet-udp.c:493) ==30842== ==30842== Invalid read of size 1 ==30842== at 0x4C2F1C8: strcmp (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==30842== by 0x9AC9FC8: g_str_equal (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==30842== by 0x9AC90BF: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==30842== by 0x66D8204: Radiuslex (radius_dict.l:341) ==30842== by 0x66D947A: radius_load_dictionary (radius_dict.l:562) ==30842== by 0x6C4BDBF: register_radius_fields (packet-radius.c:2055) ==30842== by 0x66A6DFD: proto_registrar_get_byname (proto.c:861) ==30842== by 0x6C4A796: dissect_attribute_value_pairs (packet-radius.c:994) ==30842== by 0x6C4B822: dissect_radius (packet-radius.c:1715) ==30842== by 0x669927E: call_dissector_through_handle (packet.c:621) ==30842== by 0x6699B64: call_dissector_work (packet.c:712) ==30842== by 0x669A21B: dissector_try_uint_new (packet.c:1144) ==30842== Address 0x1245cbe1 is 1 bytes inside a block of size 9 free'd ==30842== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==30842== by 0x66D81C9: Radiuslex (radius_dict.l:337) ==30842== by 0x66D947A: radius_load_dictionary (radius_dict.l:562) ==30842== by 0x6C4BDBF: register_radius_fields (packet-radius.c:2055) ==30842== by 0x66A6DFD: proto_registrar_get_byname (proto.c:861) ==30842== by 0x6C4A796: dissect_attribute_value_pairs (packet-radius.c:994) ==30842== by 0x6C4B822: dissect_radius (packet-radius.c:1715) ==30842== by 0x669927E: call_dissector_through_handle (packet.c:621) ==30842== by 0x6699B64: call_dissector_work (packet.c:712) ==30842== by 0x669A21B: dissector_try_uint_new (packet.c:1144) ==30842== by 0x669A266: dissector_try_uint (packet.c:1170) ==30842== by 0x6DCA039: decode_udp_ports (packet-udp.c:493) ==30842== ==30842== Invalid read of size 1 ==30842== at 0x4C2F1B1: strcmp (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==30842== by 0x9AC9FC8: g_str_equal (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==30842== by 0x9AC95EF: g_hash_table_lookup (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==30842== by 0x66D76DD: add_attribute (radius_dict.l:359) ==30842== by 0x66D880F: Radiuslex (radius_dict.l:234) ==30842== by 0x66D947A: radius_load_dictionary (radius_dict.l:562) ==30842== by 0x6C4BDBF: register_radius_fields (packet-radius.c:2055) ==30842== by 0x66A6DFD: proto_registrar_get_byname (proto.c:861) ==30842== by 0x6C4A796: dissect_attribute_value_pairs (packet-radius.c:994) ==30842== by 0x6C4B822: dissect_radius (packet-radius.c:1715) ==30842== by 0x669927E: call_dissector_through_handle (packet.c:621) ==30842== by 0x6699B64: call_dissector_work (packet.c:712) ==30842== Address 0x1245cbe0 is 0 bytes inside a block of size 9 free'd ==30842== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==30842== by 0x66D81C9: Radiuslex (radius_dict.l:337) ==30842== by 0x66D947A: radius_load_dictionary (radius_dict.l:562) ==30842== by 0x6C4BDBF: register_radius_fields (packet-radius.c:2055) ==30842== by 0x66A6DFD: proto_registrar_get_byname (proto.c:861) ==30842== by 0x6C4A796: dissect_attribute_value_pairs (packet-radius.c:994) ==30842== by 0x6C4B822: dissect_radius (packet-radius.c:1715) ==30842== by 0x669927E: call_dissector_through_handle (packet.c:621) ==30842== by 0x6699B64: call_dissector_work (packet.c:712) ==30842== by 0x669A21B: dissector_try_uint_new (packet.c:1144) ==30842== by 0x669A266: dissector_try_uint (packet.c:1170) ==30842== by 0x6DCA039: decode_udp_ports (packet-udp.c:493) ==30842== ==30842== Invalid read of size 1 ==30842== at 0x4C2F1C8: strcmp (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==30842== by 0x9AC9FC8: g_str_equal (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==30842== by 0x9AC95EF: g_hash_table_lookup (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4002.0) ==30842== by 0x66D76DD: add_attribute (radius_dict.l:359) ==30842== by 0x66D880F: Radiuslex (radius_dict.l:234) ==30842== by 0x66D947A: radius_load_dictionary (radius_dict.l:562) ==30842== by 0x6C4BDBF: register_radius_fields (packet-radius.c:2055) ==30842== by 0x66A6DFD: proto_registrar_get_byname (proto.c:861) ==30842== by 0x6C4A796: dissect_attribute_value_pairs (packet-radius.c:994) ==30842== by 0x6C4B822: dissect_radius (packet-radius.c:1715) ==30842== by 0x669927E: call_dissector_through_handle (packet.c:621) ==30842== by 0x6699B64: call_dissector_work (packet.c:712) ==30842== Address 0x1245cbe1 is 1 bytes inside a block of size 9 free'd ==30842== at 0x4C2BDEC: free (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) ==30842== by 0x66D81C9: Radiuslex (radius_dict.l:337) ==30842== by 0x66D947A: radius_load_dictionary (radius_dict.l:562) ==30842== by 0x6C4BDBF: register_radius_fields (packet-radius.c:2055) ==30842== by 0x66A6DFD: proto_registrar_get_byname (proto.c:861) ==30842== by 0x6C4A796: dissect_attribute_value_pairs (packet-radius.c:994) ==30842== by 0x6C4B822: dissect_radius (packet-radius.c:1715) ==30842== by 0x669927E: call_dissector_through_handle (packet.c:621) ==30842== by 0x6699B64: call_dissector_work (packet.c:712) ==30842== by 0x669A21B: dissector_try_uint_new (packet.c:1144) ==30842== by 0x669A266: dissector_try_uint (packet.c:1170) ==30842== by 0x6DCA039: decode_udp_ports (packet-udp.c:493) ==30842== ==30842== ==30842== HEAP SUMMARY: ==30842== in use at exit: 2,382,294 bytes in 48,046 blocks ==30842== total heap usage: 344,753 allocs, 296,707 frees, 50,961,818 bytes allocated ==30842== ==30842== LEAK SUMMARY: ==30842== definitely lost: 5,428 bytes in 166 blocks ==30842== indirectly lost: 36,664 bytes in 50 blocks ==30842== possibly lost: 0 bytes in 0 blocks ==30842== still reachable: 2,340,202 bytes in 47,830 blocks ==30842== suppressed: 0 bytes in 0 blocks ==30842== Rerun with --leak-check=full to see details of leaked memory ==30842== ==30842== For counts of detected and suppressed errors, rerun with: -v ==30842== ERROR SUMMARY: 162 errors from 4 contexts (suppressed: 0 from 0) [ no debug trace ]
You are receiving this mail because:
- You are watching all bug changes.
- Follow-Ups:
- [Wireshark-bugs] [Bug 10683] Buildbot crash output: fuzz-2014-11-09-15739.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10683] Buildbot crash output: fuzz-2014-11-09-15739.pcap
- Prev by Date: [Wireshark-bugs] [Bug 9625] [BACnet] Event Notifications of Event Type CHANGE_OF_CHARACTERSTRING are not decoded properly
- Next by Date: [Wireshark-bugs] [Bug 10684] New: Remember Decode As choice
- Previous by thread: [Wireshark-bugs] [Bug 9625] [BACnet] Event Notifications of Event Type CHANGE_OF_CHARACTERSTRING are not decoded properly
- Next by thread: [Wireshark-bugs] [Bug 10683] Buildbot crash output: fuzz-2014-11-09-15739.pcap
- Index(es):