Wireshark-bugs: [Wireshark-bugs] [Bug 11026] New: Buildbot crash output: fuzz-2015-03-01-19967.p
Date: Tue, 03 Mar 2015 20:20:03 +0000
Bug ID 11026
Summary Buildbot crash output: fuzz-2015-03-01-19967.pcap
Product Wireshark
Version unspecified
Hardware x86-64
URL https://www.wireshark.org/download/automated/captures/fuzz-2015-03-01-19967.pcap
OS Ubuntu
Status CONFIRMED
Severity Major
Priority High
Component Dissection engine (libwireshark)
Assignee bugzilla-admin@wireshark.org
Reporter buildbot-do-not-reply@wireshark.org

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2015-03-01-19967.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/frame_comp.enc

Build host information:
Linux wsbb04 3.13.0-45-generic #74-Ubuntu SMP Tue Jan 13 19:36:28 UTC 2015
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 14.04.2 LTS
Release:    14.04
Codename:    trusty

Buildbot information:
BUILDBOT_REPOSITORY=ssh://wireshark-buildbot@code.wireshark.org:29418/wireshark
BUILDBOT_BUILDNUMBER=3170
BUILDBOT_URL=http://buildbot.wireshark.org/trunk/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_SLAVENAME=clang-code-analysis
BUILDBOT_GOT_REVISION=5892d3c42fd29f7c44520978e6cc17c116fb4985

Return value:  0

Dissector bug:  0

Valgrind error count:  1108



Git commit
commit 5892d3c42fd29f7c44520978e6cc17c116fb4985
Author: Guy Harris <guy@alum.mit.edu>
Date:   Sat Feb 28 01:13:41 2015 -0800

    Don't use ctime().

    The API checks warn about it being deprecated - that doesn't seem to
    cause a problem with the buildbot, but does result in failures from the
    Petri dish.  Format the first and last packet time in an ISO 8601-style
    format.

    Call them "First packet time" and "Last packet time", rather than "Start
    time" and "End time", as they're not necessarily the times when the
    capture started or ended.

    (Both make the output a bit more like the Statistics -> Summary window.)

    Change-Id: Ibf02999851f49c7951c6f6152c70efa271414bd9
    Reviewed-on: https://code.wireshark.org/review/7442
    Reviewed-by: Guy Harris <guy@alum.mit.edu>


Command and args: ./tools/valgrind-wireshark.sh -T

==26903== Memcheck, a memory error detector
==26903== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==26903== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for copyright
info
==26903== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark
-Vx -nr
/fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2015-03-01-19967.pcap
==26903== 
==26903== Use of uninitialised value of size 8
==26903==    at 0x673F4AC: bytes_to_hexstr (to_str.c:64)
==26903==    by 0x673F5CF: bytes_to_str (to_str.c:240)
==26903==    by 0x67313AD: proto_item_fill_label (proto.c:6188)
==26903==    by 0x672284D: proto_tree_print_node (print.c:146)
==26903==    by 0x6725ACB: proto_tree_children_foreach (proto.c:645)
==26903==    by 0x672270D: proto_tree_print_node (print.c:201)
==26903==    by 0x6725ACB: proto_tree_children_foreach (proto.c:645)
==26903==    by 0x672338A: proto_tree_print (print.c:115)
==26903==    by 0x4130EA: print_packet (tshark.c:4024)
==26903==    by 0x413A5A: process_packet (tshark.c:3636)
==26903==    by 0x40C8B9: main (tshark.c:3383)
==26903== 
==26903== Use of uninitialised value of size 8
==26903==    at 0x673F4B5: bytes_to_hexstr (to_str.c:65)
==26903==    by 0x673F5CF: bytes_to_str (to_str.c:240)
==26903==    by 0x67313AD: proto_item_fill_label (proto.c:6188)
==26903==    by 0x672284D: proto_tree_print_node (print.c:146)
==26903==    by 0x6725ACB: proto_tree_children_foreach (proto.c:645)
==26903==    by 0x672270D: proto_tree_print_node (print.c:201)
==26903==    by 0x6725ACB: proto_tree_children_foreach (proto.c:645)
==26903==    by 0x672338A: proto_tree_print (print.c:115)
==26903==    by 0x4130EA: print_packet (tshark.c:4024)
==26903==    by 0x413A5A: process_packet (tshark.c:3636)
==26903==    by 0x40C8B9: main (tshark.c:3383)
==26903== 
==26903== Use of uninitialised value of size 8
==26903==    at 0x6722252: print_hex_data_buffer (print.c:970)
==26903==    by 0x6723CF6: print_hex_data (print.c:886)
==26903==    by 0x413042: print_packet (tshark.c:4047)
==26903==    by 0x413A5A: process_packet (tshark.c:3636)
==26903==    by 0x40C8B9: main (tshark.c:3383)
==26903== 
==26903== Use of uninitialised value of size 8
==26903==    at 0x672226D: print_hex_data_buffer (print.c:971)
==26903==    by 0x6723CF6: print_hex_data (print.c:886)
==26903==    by 0x413042: print_packet (tshark.c:4047)
==26903==    by 0x413A5A: process_packet (tshark.c:3636)
==26903==    by 0x40C8B9: main (tshark.c:3383)
==26903== 
==26903== Conditional jump or move depends on uninitialised value(s)
==26903==    at 0x4C2E0F8: strlen (in
/usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==26903==    by 0xA8DA2CE: fputs (iofputs.c:35)
==26903==    by 0x67249D5: print_line_text (print_stream.c:131)
==26903==    by 0x67222D7: print_hex_data_buffer (print.c:986)
==26903==    by 0x6723CF6: print_hex_data (print.c:886)
==26903==    by 0x413042: print_packet (tshark.c:4047)
==26903==    by 0x413A5A: process_packet (tshark.c:3636)
==26903==    by 0x40C8B9: main (tshark.c:3383)
==26903== 
==26903== Syscall param write(buf) points to uninitialised byte(s)
==26903==    at 0xA957400: __write_nocancel (syscall-template.S:81)
==26903==    by 0xA8E4B92: _IO_file_write@@GLIBC_2.2.5 (fileops.c:1261)
==26903==    by 0xA8E606B: _IO_do_write@@GLIBC_2.2.5 (fileops.c:538)
==26903==    by 0xA8E5230: _IO_file_xsputn@@GLIBC_2.2.5 (fileops.c:1332)
==26903==    by 0xA8DA353: fputs (iofputs.c:40)
==26903==    by 0x67249D5: print_line_text (print_stream.c:131)
==26903==    by 0x672265D: proto_tree_print_node (print.c:152)
==26903==    by 0x6725ACB: proto_tree_children_foreach (proto.c:645)
==26903==    by 0x672270D: proto_tree_print_node (print.c:201)
==26903==    by 0x6725ACB: proto_tree_children_foreach (proto.c:645)
==26903==    by 0x672338A: proto_tree_print (print.c:115)
==26903==    by 0x4130EA: print_packet (tshark.c:4024)
==26903==  Address 0x4027201 is not stack'd, malloc'd or (recently) free'd
==26903== 
==26903== 
==26903== HEAP SUMMARY:
==26903==     in use at exit: 1,221,333 bytes in 29,817 blocks
==26903==   total heap usage: 245,634 allocs, 215,817 frees, 31,747,863 bytes
allocated
==26903== 
==26903== LEAK SUMMARY:
==26903==    definitely lost: 3,352 bytes in 144 blocks
==26903==    indirectly lost: 36,712 bytes in 50 blocks
==26903==      possibly lost: 256 bytes in 1 blocks
==26903==    still reachable: 1,181,013 bytes in 29,622 blocks
==26903==         suppressed: 0 bytes in 0 blocks
==26903== Rerun with --leak-check=full to see details of leaked memory
==26903== 
==26903== For counts of detected and suppressed errors, rerun with: -v
==26903== Use --track-origins=yes to see where uninitialised values come from
==26903== ERROR SUMMARY: 1108 errors from 6 contexts (suppressed: 0 from 0)

[ no debug trace ]


You are receiving this mail because:
  • You are watching all bug changes.