samba3 smbtorture DIR1 crash
Stefan (metze) Metzmacher
metze at samba.org
Thu Mar 23 11:04:46 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi *,
while find some bugs using samba4's smbtorture against samba3,
I tested samba3's smbtorture against samba4, and got this backtrace...
metze
Testing DIR1 (0)
/home/People/metze/devel/samba/4.0/samba4-ci/source/script/tests/test_functions.sh:
line 67: 15069 Speicherzugriffsfehler ( $cmdline >$TEST_LOG 2>&1 )
TEST OUTPUT:
host=localhost share=cifs user=administrator myname=SERNOX
Running DIR1
starting directory test
num_seen = 2002
num_seen = 1002
num_seen = 1000
SMBD OUTPUT:
TEST FAILED: valgrind -q --num-callers=30
- --log-file=/tmp/samba4-ci/st/valgrind.log bin/smbtorture
//localhost/cifs -Uadministrator%penguin DIR1 (status 139)
1 TESTS FAILED or SKIPPED (test_quick.sh)
START: Do Mär 23 11:57:36 CET 2006 (./script/tests/selftest.sh)
END: Do Mär 23 12:00:29 CET 2006 (./script/tests/selftest.sh)
VALGRIND FAILURE
==15069== Invalid read of size 4
==15069== at 0x8090FF4: interpret_long_filename (libsmb/clilist.c:93)
==15069== by 0x809189E: cli_list_new (libsmb/clilist.c:322)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069== Address 0x1BFEF45C is 4 bytes after a block of size 12224 alloc'd
==15069== at 0x1B9052B4: malloc (in
/usr/lib/valgrind/vgpreload_memcheck.so)
==15069== by 0x80D5B4B: malloc_ (lib/util.c:879)
==15069== by 0x80D5C99: Realloc (lib/util.c:986)
==15069== by 0x809369A: cli_receive_trans (libsmb/clitrans.c:210)
==15069== by 0x8091608: cli_list_new (libsmb/clilist.c:266)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069==
==15069== Invalid read of size 4
==15069== at 0x80C5FCC: interpret_long_date (lib/time.c:279)
==15069== by 0x809100B: interpret_long_filename (libsmb/clilist.c:112)
==15069== by 0x809189E: cli_list_new (libsmb/clilist.c:322)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069== Address 0x1BFEF460 is 8 bytes after a block of size 12224 alloc'd
==15069== at 0x1B9052B4: malloc (in
/usr/lib/valgrind/vgpreload_memcheck.so)
==15069== by 0x80D5B4B: malloc_ (lib/util.c:879)
==15069== by 0x80D5C99: Realloc (lib/util.c:986)
==15069== by 0x809369A: cli_receive_trans (libsmb/clitrans.c:210)
==15069== by 0x8091608: cli_list_new (libsmb/clilist.c:266)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069==
==15069== Invalid read of size 4
==15069== at 0x80C5FD7: interpret_long_date (lib/time.c:280)
==15069== by 0x809100B: interpret_long_filename (libsmb/clilist.c:112)
==15069== by 0x809189E: cli_list_new (libsmb/clilist.c:322)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069== Address 0x1BFEF464 is 12 bytes after a block of size 12224
alloc'd
==15069== at 0x1B9052B4: malloc (in
/usr/lib/valgrind/vgpreload_memcheck.so)
==15069== by 0x80D5B4B: malloc_ (lib/util.c:879)
==15069== by 0x80D5C99: Realloc (lib/util.c:986)
==15069== by 0x809369A: cli_receive_trans (libsmb/clitrans.c:210)
==15069== by 0x8091608: cli_list_new (libsmb/clilist.c:266)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069==
==15069== Invalid read of size 4
==15069== at 0x80C5FCC: interpret_long_date (lib/time.c:279)
==15069== by 0x8091027: interpret_long_filename (libsmb/clilist.c:114)
==15069== by 0x809189E: cli_list_new (libsmb/clilist.c:322)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069== Address 0x1BFEF468 is not stack'd, malloc'd or (recently) free'd
==15069==
==15069== Invalid read of size 4
==15069== at 0x80C5FD7: interpret_long_date (lib/time.c:280)
==15069== by 0x8091027: interpret_long_filename (libsmb/clilist.c:114)
==15069== by 0x809189E: cli_list_new (libsmb/clilist.c:322)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069== Address 0x1BFEF46C is not stack'd, malloc'd or (recently) free'd
==15069==
==15069== Invalid read of size 4
==15069== at 0x80C5FCC: interpret_long_date (lib/time.c:279)
==15069== by 0x8091043: interpret_long_filename (libsmb/clilist.c:116)
==15069== by 0x809189E: cli_list_new (libsmb/clilist.c:322)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069== Address 0x1BFEF470 is not stack'd, malloc'd or (recently) free'd
==15069==
==15069== Invalid read of size 4
==15069== at 0x80C5FD7: interpret_long_date (lib/time.c:280)
==15069== by 0x8091043: interpret_long_filename (libsmb/clilist.c:116)
==15069== by 0x809189E: cli_list_new (libsmb/clilist.c:322)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069== Address 0x1BFEF474 is not stack'd, malloc'd or (recently) free'd
==15069==
==15069== Invalid read of size 4
==15069== at 0x809105E: interpret_long_filename (libsmb/clilist.c:119)
==15069== by 0x809189E: cli_list_new (libsmb/clilist.c:322)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069== Address 0x1BFEF480 is 8 bytes before a block of size 10 alloc'd
==15069== at 0x1B9052B4: malloc (in
/usr/lib/valgrind/vgpreload_memcheck.so)
==15069== by 0x80D5B4B: malloc_ (lib/util.c:879)
==15069== by 0x80D5C99: Realloc (lib/util.c:986)
==15069== by 0x8093732: cli_receive_trans (libsmb/clitrans.c:219)
==15069== by 0x8091608: cli_list_new (libsmb/clilist.c:266)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069==
==15069== Invalid read of size 4
==15069== at 0x809106D: interpret_long_filename (libsmb/clilist.c:119)
==15069== by 0x809189E: cli_list_new (libsmb/clilist.c:322)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069== Address 0x1BFEF484 is 4 bytes before a block of size 10 alloc'd
==15069== at 0x1B9052B4: malloc (in
/usr/lib/valgrind/vgpreload_memcheck.so)
==15069== by 0x80D5B4B: malloc_ (lib/util.c:879)
==15069== by 0x80D5C99: Realloc (lib/util.c:986)
==15069== by 0x8093732: cli_receive_trans (libsmb/clitrans.c:219)
==15069== by 0x8091608: cli_list_new (libsmb/clilist.c:266)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069==
==15069== Invalid read of size 4
==15069== at 0x80910B7: interpret_long_filename (libsmb/clilist.c:124)
==15069== by 0x809189E: cli_list_new (libsmb/clilist.c:322)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069== Address 0x1BFEF494 is 2 bytes after a block of size 10 alloc'd
==15069== at 0x1B9052B4: malloc (in
/usr/lib/valgrind/vgpreload_memcheck.so)
==15069== by 0x80D5B4B: malloc_ (lib/util.c:879)
==15069== by 0x80D5C99: Realloc (lib/util.c:986)
==15069== by 0x8093732: cli_receive_trans (libsmb/clitrans.c:219)
==15069== by 0x8091608: cli_list_new (libsmb/clilist.c:266)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069==
==15069== Invalid read of size 2
==15069== at 0x80910CB: interpret_long_filename (libsmb/clilist.c:127)
==15069== by 0x809189E: cli_list_new (libsmb/clilist.c:322)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069== Address 0x1BFEF49C is 10 bytes after a block of size 10 alloc'd
==15069== at 0x1B9052B4: malloc (in
/usr/lib/valgrind/vgpreload_memcheck.so)
==15069== by 0x80D5B4B: malloc_ (lib/util.c:879)
==15069== by 0x80D5C99: Realloc (lib/util.c:986)
==15069== by 0x8093732: cli_receive_trans (libsmb/clitrans.c:219)
==15069== by 0x8091608: cli_list_new (libsmb/clilist.c:266)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069==
==15069== Invalid read of size 1
==15069== at 0x80910E7: interpret_long_filename (libsmb/clilist.c:132)
==15069== by 0x809189E: cli_list_new (libsmb/clilist.c:322)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069== Address 0x1BFEF49F is 13 bytes after a block of size 10 alloc'd
==15069== at 0x1B9052B4: malloc (in
/usr/lib/valgrind/vgpreload_memcheck.so)
==15069== by 0x80D5B4B: malloc_ (lib/util.c:879)
==15069== by 0x80D5C99: Realloc (lib/util.c:986)
==15069== by 0x8093732: cli_receive_trans (libsmb/clitrans.c:219)
==15069== by 0x8091608: cli_list_new (libsmb/clilist.c:266)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069==
==15069== Invalid read of size 4
==15069== at 0x80911C7: interpret_long_filename (libsmb/clilist.c:157)
==15069== by 0x809189E: cli_list_new (libsmb/clilist.c:322)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069== Address 0x1BFEF458 is 0 bytes after a block of size 12224 alloc'd
==15069== at 0x1B9052B4: malloc (in
/usr/lib/valgrind/vgpreload_memcheck.so)
==15069== by 0x80D5B4B: malloc_ (lib/util.c:879)
==15069== by 0x80D5C99: Realloc (lib/util.c:986)
==15069== by 0x809369A: cli_receive_trans (libsmb/clitrans.c:210)
==15069== by 0x8091608: cli_list_new (libsmb/clilist.c:266)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069==
==15069== Invalid write of size 4
==15069== at 0x8091870: cli_list_new (libsmb/clilist.c:320)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069== Address 0x1BFEF458 is 0 bytes after a block of size 12224 alloc'd
==15069== at 0x1B9052B4: malloc (in
/usr/lib/valgrind/vgpreload_memcheck.so)
==15069== by 0x80D5B4B: malloc_ (lib/util.c:879)
==15069== by 0x80D5C99: Realloc (lib/util.c:986)
==15069== by 0x809369A: cli_receive_trans (libsmb/clitrans.c:210)
==15069== by 0x8091608: cli_list_new (libsmb/clilist.c:266)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069==
==15069== Invalid read of size 1
==15069== at 0x809109E: interpret_long_filename (libsmb/clilist.c:122)
==15069== by 0x809189E: cli_list_new (libsmb/clilist.c:322)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069== Address 0x1BFF5530 is 0 bytes after a block of size 8 alloc'd
==15069== at 0x1B9052B4: malloc (in
/usr/lib/valgrind/vgpreload_memcheck.so)
==15069== by 0x80D5B4B: malloc_ (lib/util.c:879)
==15069== by 0x80D5C99: Realloc (lib/util.c:986)
==15069== by 0x8093732: cli_receive_trans (libsmb/clitrans.c:219)
==15069== by 0x8091608: cli_list_new (libsmb/clilist.c:266)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
==15069==
==15069== More than 30000 total errors detected. I'm not reporting any
more.
==15069== Final error counts will be inaccurate. Go fix your program!
==15069== Rerun with --error-limit=no to disable this cutoff. Note
==15069== that errors may occur in your program without prior warning from
==15069== Valgrind, because errors are no longer being displayed.
==15069==
==15069==
==15069== Process terminating with default action of signal 11 (SIGSEGV)
==15069== Access not within mapped region at address 0x1EB241CA
==15069== at 0x8090FF4: interpret_long_filename (libsmb/clilist.c:93)
==15069== by 0x809189E: cli_list_new (libsmb/clilist.c:322)
==15069== by 0x8092369: cli_list (libsmb/clilist.c:534)
==15069== by 0x806BFBC: run_dirtest1 (torture/torture.c:4532)
==15069== by 0x806C93C: run_test (torture/torture.c:4845)
==15069== by 0x806D03C: main (torture/torture.c:5034)
TEST STATUS: 2
make: *** [valgrindtest-quick] Fehler 2
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD4DBQFEIoDOm70gjA5TCD8RAgtQAJdsGFKI+MgOBpaK4y0YpA+2jU7dAKCUbZwL
MBZ+U940Yj1IwOYsgKg/Sw==
=bAB6
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list