Wireshark · Wireshark-bugs: [Wireshark-bugs] [Bug 10370] New: Buildbot crash output: fuzz-2014-08-11-32641.pcap

Wireshark-bugs: [Wireshark-bugs] [Bug 10370] New: Buildbot crash output: fuzz-2014-08-11-32641.p

Date: Wed, 13 Aug 2014 16:30:02 +0000

Bug ID	10370
Summary	Buildbot crash output: fuzz-2014-08-11-32641.pcap
Product	Wireshark
Version	unspecified
Hardware	x86-64
URL	https://www.wireshark.org/download/automated/captures/fuzz-2014-08-11-32641.pcap
OS	Ubuntu
Status	CONFIRMED
Severity	Major
Priority	High
Component	Dissection engine (libwireshark)
Assignee	[email protected]
Reporter	[email protected]

Problems have been found with the following capture file:

https://www.wireshark.org/download/automated/captures/fuzz-2014-08-11-32641.pcap

stderr:
Input file: /home/wireshark/menagerie/menagerie/2406-IPFIX-out4.pcap

Build host information:
Linux wsbb04 3.13.0-32-generic #57-Ubuntu SMP Tue Jul 15 03:51:08 UTC 2014
x86_64 x86_64 x86_64 GNU/Linux
Distributor ID:    Ubuntu
Description:    Ubuntu 14.04.1 LTS
Release:    14.04
Codename:    trusty

Buildbot information:
BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark
BUILDBOT_BUILDNUMBER=2916
BUILDBOT_URL=http://buildbot.wireshark.org/trunk/
BUILDBOT_BUILDERNAME=Clang Code Analysis
BUILDBOT_SLAVENAME=clang-code-analysis
BUILDBOT_GOT_REVISION=6bddb0e4a9425e88c1e78202e4e571fce8d7b664

Return value:  0

Dissector bug:  0

Valgrind error count:  188



Git commit
commit 6bddb0e4a9425e88c1e78202e4e571fce8d7b664
Author: Pascal Quantin <[email protected]>
Date:   Sun Aug 10 15:25:59 2014 +0200

    PIM: fix a copy/paster error introduced in gebff85f

    Bug: 10358
    Change-Id: Iddfd5dcd53e80a18cb253834920d9625195b3669
    Reviewed-on: https://code.wireshark.org/review/3529
    Reviewed-by: Pascal Quantin <[email protected]>


Command and args: ./tools/valgrind-wireshark.sh -T

==26486== Memcheck, a memory error detector
==26486== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
==26486== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for copyright
info
==26486== Command:
/home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark
-Vx -nr
/fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2014-08-11-32641.pcap
==26486== 
==26486== Conditional jump or move depends on uninitialised value(s)
==26486==    at 0xA6C705C: __offtime (offtime.c:40)
==26486==    by 0xA6C98B5: __tz_convert (tzset.c:656)
==26486==    by 0x6664087: abs_time_to_str (to_str.c:593)
==26486==    by 0x664FB7E: proto_item_fill_label (proto.c:5876)
==26486==    by 0x6643745: proto_tree_print_node (print.c:186)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486== 
==26486== Conditional jump or move depends on uninitialised value(s)
==26486==    at 0xA6C7092: __offtime (offtime.c:45)
==26486==    by 0xA6C98B5: __tz_convert (tzset.c:656)
==26486==    by 0x6664087: abs_time_to_str (to_str.c:593)
==26486==    by 0x664FB7E: proto_item_fill_label (proto.c:5876)
==26486==    by 0x6643745: proto_tree_print_node (print.c:186)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486== 
==26486== Conditional jump or move depends on uninitialised value(s)
==26486==    at 0xA6C7125: __offtime (offtime.c:56)
==26486==    by 0xA6C98B5: __tz_convert (tzset.c:656)
==26486==    by 0x6664087: abs_time_to_str (to_str.c:593)
==26486==    by 0x664FB7E: proto_item_fill_label (proto.c:5876)
==26486==    by 0x6643745: proto_tree_print_node (print.c:186)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486== 
==26486== Conditional jump or move depends on uninitialised value(s)
==26486==    at 0xA6C72C6: __offtime (offtime.c:63)
==26486==    by 0xA6C98B5: __tz_convert (tzset.c:656)
==26486==    by 0x6664087: abs_time_to_str (to_str.c:593)
==26486==    by 0x664FB7E: proto_item_fill_label (proto.c:5876)
==26486==    by 0x6643745: proto_tree_print_node (print.c:186)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486== 
==26486== Conditional jump or move depends on uninitialised value(s)
==26486==    at 0xA6C7336: __offtime (offtime.c:63)
==26486==    by 0xA6C98B5: __tz_convert (tzset.c:656)
==26486==    by 0x6664087: abs_time_to_str (to_str.c:593)
==26486==    by 0x664FB7E: proto_item_fill_label (proto.c:5876)
==26486==    by 0x6643745: proto_tree_print_node (print.c:186)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486== 
==26486== Conditional jump or move depends on uninitialised value(s)
==26486==    at 0xA6C73F6: __offtime (offtime.c:83)
==26486==    by 0xA6C98B5: __tz_convert (tzset.c:656)
==26486==    by 0x6664087: abs_time_to_str (to_str.c:593)
==26486==    by 0x664FB7E: proto_item_fill_label (proto.c:5876)
==26486==    by 0x6643745: proto_tree_print_node (print.c:186)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486== 
==26486== Conditional jump or move depends on uninitialised value(s)
==26486==    at 0xA6C7408: __offtime (offtime.c:83)
==26486==    by 0xA6C98B5: __tz_convert (tzset.c:656)
==26486==    by 0x6664087: abs_time_to_str (to_str.c:593)
==26486==    by 0x664FB7E: proto_item_fill_label (proto.c:5876)
==26486==    by 0x6643745: proto_tree_print_node (print.c:186)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486== 
==26486== Conditional jump or move depends on uninitialised value(s)
==26486==    at 0xA66083E: vfprintf (vfprintf.c:1660)
==26486==    by 0xA7200C4: __vsnprintf_chk (vsnprintf_chk.c:63)
==26486==    by 0x714EC45: wmem_strdup_vprintf (wmem_strutl.c:105)
==26486==    by 0x714ED36: wmem_strdup_printf (wmem_strutl.c:75)
==26486==    by 0x6664076: abs_time_to_str (to_str.c:628)
==26486==    by 0x664FB7E: proto_item_fill_label (proto.c:5876)
==26486==    by 0x6643745: proto_tree_print_node (print.c:186)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486== 
==26486== Use of uninitialised value of size 8
==26486==    at 0xA65FCFB: _itoa_word (_itoa.c:179)
==26486==    by 0xA6639A6: vfprintf (vfprintf.c:1660)
==26486==    by 0xA7200C4: __vsnprintf_chk (vsnprintf_chk.c:63)
==26486==    by 0x714EC45: wmem_strdup_vprintf (wmem_strutl.c:105)
==26486==    by 0x714ED36: wmem_strdup_printf (wmem_strutl.c:75)
==26486==    by 0x6664076: abs_time_to_str (to_str.c:628)
==26486==    by 0x664FB7E: proto_item_fill_label (proto.c:5876)
==26486==    by 0x6643745: proto_tree_print_node (print.c:186)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486== 
==26486== Conditional jump or move depends on uninitialised value(s)
==26486==    at 0xA65FD05: _itoa_word (_itoa.c:179)
==26486==    by 0xA6639A6: vfprintf (vfprintf.c:1660)
==26486==    by 0xA7200C4: __vsnprintf_chk (vsnprintf_chk.c:63)
==26486==    by 0x714EC45: wmem_strdup_vprintf (wmem_strutl.c:105)
==26486==    by 0x714ED36: wmem_strdup_printf (wmem_strutl.c:75)
==26486==    by 0x6664076: abs_time_to_str (to_str.c:628)
==26486==    by 0x664FB7E: proto_item_fill_label (proto.c:5876)
==26486==    by 0x6643745: proto_tree_print_node (print.c:186)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486== 
==26486== Conditional jump or move depends on uninitialised value(s)
==26486==    at 0xA6639F2: vfprintf (vfprintf.c:1660)
==26486==    by 0xA7200C4: __vsnprintf_chk (vsnprintf_chk.c:63)
==26486==    by 0x714EC45: wmem_strdup_vprintf (wmem_strutl.c:105)
==26486==    by 0x714ED36: wmem_strdup_printf (wmem_strutl.c:75)
==26486==    by 0x6664076: abs_time_to_str (to_str.c:628)
==26486==    by 0x664FB7E: proto_item_fill_label (proto.c:5876)
==26486==    by 0x6643745: proto_tree_print_node (print.c:186)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486== 
==26486== Conditional jump or move depends on uninitialised value(s)
==26486==    at 0xA660909: vfprintf (vfprintf.c:1660)
==26486==    by 0xA7200C4: __vsnprintf_chk (vsnprintf_chk.c:63)
==26486==    by 0x714EC45: wmem_strdup_vprintf (wmem_strutl.c:105)
==26486==    by 0x714ED36: wmem_strdup_printf (wmem_strutl.c:75)
==26486==    by 0x6664076: abs_time_to_str (to_str.c:628)
==26486==    by 0x664FB7E: proto_item_fill_label (proto.c:5876)
==26486==    by 0x6643745: proto_tree_print_node (print.c:186)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486== 
==26486== Conditional jump or move depends on uninitialised value(s)
==26486==    at 0xA66098C: vfprintf (vfprintf.c:1660)
==26486==    by 0xA7200C4: __vsnprintf_chk (vsnprintf_chk.c:63)
==26486==    by 0x714EC45: wmem_strdup_vprintf (wmem_strutl.c:105)
==26486==    by 0x714ED36: wmem_strdup_printf (wmem_strutl.c:75)
==26486==    by 0x6664076: abs_time_to_str (to_str.c:628)
==26486==    by 0x664FB7E: proto_item_fill_label (proto.c:5876)
==26486==    by 0x6643745: proto_tree_print_node (print.c:186)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486==    by 0x6643606: proto_tree_print_node (print.c:241)
==26486==    by 0x6644FEB: proto_tree_children_foreach (proto.c:615)
==26486== 
==26486== 
==26486== HEAP SUMMARY:
==26486==     in use at exit: 1,212,246 bytes in 29,467 blocks
==26486==   total heap usage: 227,443 allocs, 197,976 frees, 28,819,275 bytes
allocated
==26486== 
==26486== LEAK SUMMARY:
==26486==    definitely lost: 3,592 bytes in 158 blocks
==26486==    indirectly lost: 36,648 bytes in 49 blocks
==26486==      possibly lost: 0 bytes in 0 blocks
==26486==    still reachable: 1,172,006 bytes in 29,260 blocks
==26486==         suppressed: 0 bytes in 0 blocks
==26486== Rerun with --leak-check=full to see details of leaked memory
==26486== 
==26486== For counts of detected and suppressed errors, rerun with: -v
==26486== Use --track-origins=yes to see where uninitialised values come from
==26486== ERROR SUMMARY: 188 errors from 13 contexts (suppressed: 0 from 0)

[ no debug trace ]

You are receiving this mail because:

You are watching all bug changes.

Follow-Ups:
- [Wireshark-bugs] [Bug 10370] Buildbot crash output: fuzz-2014-08-11-32641.pcap
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10370] Buildbot crash output: fuzz-2014-08-11-32641.pcap
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10370] Buildbot crash output: fuzz-2014-08-11-32641.pcap
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10370] Buildbot crash output: fuzz-2014-08-11-32641.pcap
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10370] Buildbot crash output: fuzz-2014-08-11-32641.pcap
  - From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10370] Buildbot crash output: fuzz-2014-08-11-32641.pcap
  - From: bugzilla-daemon

Prev by Date: [Wireshark-bugs] [Bug 10366] v 1.12.0 doesn't capture ANYTHING except localhost
Next by Date: [Wireshark-bugs] [Bug 10371] New: about_dialog.cpp compile error on RHEL6.5 with gcc 4.4.7
Previous by thread: [Wireshark-bugs] [Bug 10369] ISDN packets incorrectly decode as RSL
Next by thread: [Wireshark-bugs] [Bug 10370] Buildbot crash output: fuzz-2014-08-11-32641.pcap
Index(es):
- Date
- Thread