Wireshark-bugs: [Wireshark-bugs] [Bug 10239] New: Buildbot crash output: fuzz-2014-06-30-11164.p

Date: Mon, 30 Jun 2014 05:30:03 +0000
Bug ID 10239
Summary Buildbot crash output: fuzz-2014-06-30-11164.pcap
Classification Unclassified
Product Wireshark
Version unspecified
Hardware x86-64
URL http://www.wireshark.org/download/automated/captures/fuzz-2014-06-30-11164.pcap
OS Ubuntu
Status CONFIRMED
Severity Major
Priority High
Component Dissection engine (libwireshark)
Assignee [email protected]
Reporter [email protected]

Problems have been found with the following capture file:

http://www.wireshark.org/download/automated/captures/fuzz-2014-06-30-11164.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/10065-example_logs_mcap.btsnoop

Build host information:
Linux wsbb04 3.2.0-65-generic #98-Ubuntu SMP Wed Jun 11 20:27:07 UTC 2014
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 12.04.4 LTS
Release:    12.04
Codename:    precise

Buildbot information:
BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark
BUILDBOT_BUILDNUMBER=2838
BUILDBOT_URL=http://buildbot.wireshark.org/trunk/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_SLAVENAME=clang-code-analysis
BUILDBOT_GOT_REVISION=78e328c02de5a9f052748eb18b6fa03b93c1d89b

Return value:  0

Dissector bug:  0

Valgrind error count:  2



Git commit
commit 78e328c02de5a9f052748eb18b6fa03b93c1d89b
Author: Balint Reczey <[email protected]>
Date:   Sat Jun 28 18:07:50 2014 +0200

    Fix missing g_list_next() with GLib < 2.32

    Change-Id: I825e74de378acc9d35e4b620a3eeb4807fe7accd
    Reviewed-on: https://code.wireshark.org/review/2690
    Reviewed-by: Evan Huus <[email protected]>


Command and args: ./tools/valgrind-wireshark.sh 

==28027== Memcheck, a memory error detector
==28027== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al.
==28027== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info
==28027== Command:
/home/wireshark/builders/trunk-clang-ca/clangcodeanalysis/install/bin/tshark
-nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2014-06-30-11164.pcap
==28027== 
==28027== Conditional jump or move depends on uninitialised value(s)
==28027==    at 0x7145F6E: wmem_tree_lookup32 (wmem_tree.c:379)
==28027==    by 0x6755163:
dissect_bthci_evt_disconn_complete.isra.56.constprop.81
(packet-bthci_evt.c:1086)
==28027==    by 0x6755972: dissect_bthci_evt (packet-bthci_evt.c:3420)
==28027==    by 0x6607D6E: call_dissector_through_handle (packet.c:622)
==28027==    by 0x66087AD: call_dissector_work (packet.c:713)
==28027==    by 0x6608FD2: dissector_try_uint_new (packet.c:1145)
==28027==    by 0x695BDE2: dissect_hci_h4 (packet-hci_h4.c:135)
==28027==    by 0x6607D6E: call_dissector_through_handle (packet.c:622)
==28027==    by 0x66087AD: call_dissector_work (packet.c:713)
==28027==    by 0x6608FD2: dissector_try_uint_new (packet.c:1145)
==28027==    by 0x6609026: dissector_try_uint (packet.c:1171)
==28027==    by 0x68C214A: dissect_frame (packet-frame.c:508)
==28027== 
==28027== Conditional jump or move depends on uninitialised value(s)
==28027==    at 0x7145F72: wmem_tree_lookup32 (wmem_tree.c:382)
==28027==    by 0x6755163:
dissect_bthci_evt_disconn_complete.isra.56.constprop.81
(packet-bthci_evt.c:1086)
==28027==    by 0x6755972: dissect_bthci_evt (packet-bthci_evt.c:3420)
==28027==    by 0x6607D6E: call_dissector_through_handle (packet.c:622)
==28027==    by 0x66087AD: call_dissector_work (packet.c:713)
==28027==    by 0x6608FD2: dissector_try_uint_new (packet.c:1145)
==28027==    by 0x695BDE2: dissect_hci_h4 (packet-hci_h4.c:135)
==28027==    by 0x6607D6E: call_dissector_through_handle (packet.c:622)
==28027==    by 0x66087AD: call_dissector_work (packet.c:713)
==28027==    by 0x6608FD2: dissector_try_uint_new (packet.c:1145)
==28027==    by 0x6609026: dissector_try_uint (packet.c:1171)
==28027==    by 0x68C214A: dissect_frame (packet-frame.c:508)
==28027== 
==28027== 
==28027== HEAP SUMMARY:
==28027==     in use at exit: 1,207,095 bytes in 29,301 blocks
==28027==   total heap usage: 222,555 allocs, 193,254 frees, 28,473,023 bytes
allocated
==28027== 
==28027== LEAK SUMMARY:
==28027==    definitely lost: 5,384 bytes in 165 blocks
==28027==    indirectly lost: 36,648 bytes in 49 blocks
==28027==      possibly lost: 0 bytes in 0 blocks
==28027==    still reachable: 1,165,063 bytes in 29,087 blocks
==28027==         suppressed: 0 bytes in 0 blocks
==28027== Rerun with --leak-check=full to see details of leaked memory
==28027== 
==28027== For counts of detected and suppressed errors, rerun with: -v
==28027== Use --track-origins=yes to see where uninitialised values come from
==28027== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 3 from 3)

[ no debug trace ]


You are receiving this mail because:
  • You are watching all bug changes.