Skip to content

Buildbot crash output: fuzz-2021-10-23-10702.pcap

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2021-10-23-10702.pcap

stderr:

Input file: /var/menagerie/menagerie/2566-omni.out.2.hdlc.pcap

Build host information:
Linux runner-yq5rrvnm-project-7898047-concurrent-1 5.4.0-89-generic #100-Ubuntu SMP Fri Sep 24 14:50:10 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:	Ubuntu
Description:	Ubuntu 20.04.3 LTS
Release:	20.04
Codename:	focal

Return value:  0

Dissector bug:  0

Valgrind error count:  1



Latest (but not necessarily the problem) commit:
ca8e6f3d Qt: Add back some Q_OBJECT calls.


Command and args: ./tools/valgrind-wireshark.sh -b /builds/wireshark/wireshark/_install/bin  
==24061== Memcheck, a memory error detector
==24061== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==24061== Using Valgrind-3.15.0 and LibVEX; rerun with -h for copyright info
==24061== Command: /builds/wireshark/wireshark/_install/bin/tshark -nr /tmp/fuzz/fuzz-2021-10-23-10702.pcap
==24061== 
Running as user "root" and group "root". This could be dangerous.
==24061== Warning: set address range perms: large range [0x92c9e028, 0xa2c9e058) (noaccess)
==24061== 
==24061== Process terminating with default action of signal 24 (SIGXCPU): dumping core
==24061==    at 0xC554200: ws_basestrtou64 (strtoi.c:151)
==24061==    by 0xC55445A: ws_basestrtou32 (strtoi.c:248)
==24061==    by 0xC554519: ws_strtou32 (strtoi.c:248)
==24061==    by 0x6A913AD: bencoded_string_length (packet-bt-dht.c:107)
==24061==    by 0x6A909BD: dissect_bt_dht_values (packet-bt-dht.c:269)
==24061==    by 0x6A902E4: dissect_bencoded_dict_entry (packet-bt-dht.c:423)
==24061==    by 0x6A9009E: dissect_bencoded_dict (packet-bt-dht.c:526)
==24061==    by 0x6A90259: dissect_bencoded_dict_entry (packet-bt-dht.c:416)
==24061==    by 0x6A9009E: dissect_bencoded_dict (packet-bt-dht.c:526)
==24061==    by 0x6A8FE9D: dissect_bt_dht (packet-bt-dht.c:598)
==24061==    by 0x6A8FDE8: dissect_bt_dht_heur (packet-bt-dht.c:614)
==24061==    by 0x810F30A: dissector_try_heuristic (packet.c:2894)
==24061== 
==24061== HEAP SUMMARY:
==24061==     in use at exit: 1,386,672,711 bytes in 50,994,856 blocks
==24061==   total heap usage: 202,971,252 allocs, 151,976,396 frees, 5,494,230,276 bytes allocated
==24061== 
==24061== LEAK SUMMARY:
==24061==    definitely lost: 0 bytes in 0 blocks
==24061==    indirectly lost: 0 bytes in 0 blocks
==24061==      possibly lost: 0 bytes in 0 blocks
==24061==    still reachable: 1,386,556,738 bytes in 50,994,081 blocks
==24061==         suppressed: 115,973 bytes in 775 blocks
==24061== Rerun with --leak-check=full to see details of leaked memory
==24061== 
==24061== For lists of detected and suppressed errors, rerun with: -s
==24061== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)

fuzz-test.sh stderr:
Running as user "root" and group "root". This could be dangerous.
./tools/fuzz-test.sh: line 247: 24062 Aborted                 (core dumped) "$RUNNER" $COMMON_ARGS $ARGS "$TMP_DIR/$TMP_FILE" > /dev/null 2>> "$TMP_DIR/$ERR_FILE.$SUBSHELL_PID"
./tools/fuzz-test.sh: line 247: 24061 CPU time limit exceeded (core dumped) "$RUNNER" $COMMON_ARGS $ARGS "$TMP_DIR/$TMP_FILE" > /dev/null 2>> "$TMP_DIR/$ERR_FILE.$SUBSHELL_PID"

no debug trace

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information