Wireshark-bugs: [Wireshark-bugs] [Bug 12939] New: Buildbot crash output: fuzz-2016-09-22-2022.pc
Date: Thu, 22 Sep 2016 16:00:03 +0000
Bug ID | 12939 |
---|---|
Summary | Buildbot crash output: fuzz-2016-09-22-2022.pcap |
Product | Wireshark |
Version | unspecified |
Hardware | x86-64 |
URL | https://www.wireshark.org/download/automated/captures/fuzz-2016-09-22-2022.pcap |
OS | Ubuntu |
Status | CONFIRMED |
Severity | Major |
Priority | High |
Component | Dissection engine (libwireshark) |
Assignee | [email protected] |
Reporter | [email protected] |
Problems have been found with the following capture file: https://www.wireshark.org/download/automated/captures/fuzz-2016-09-22-2022.pcap stderr: Input file: /home/wireshark/menagerie/menagerie/1432-hcilog_H4.log Build host information: Linux wsbb04 4.4.0-34-generic #53-Ubuntu SMP Wed Jul 27 16:06:39 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux Distributor ID: Ubuntu Description: Ubuntu 16.04.1 LTS Release: 16.04 Codename: xenial Buildbot information: BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark BUILDBOT_WORKERNAME=fuzz-test BUILDBOT_BUILDNUMBER=91 BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-2.2/ BUILDBOT_BUILDERNAME=Fuzz Test BUILDBOT_GOT_REVISION=6b495a13ccd40d42dcca4b0a8ca9e37784adaa1b Return value: 0 Dissector bug: 0 Valgrind error count: 464 Git commit commit 6b495a13ccd40d42dcca4b0a8ca9e37784adaa1b Author: Alexis La Goutte <[email protected]> Date: Tue Sep 20 14:14:38 2016 +0200 TLS: no extension length on padding extension also remove padding function (don't needed) Bug: 12922 Change-Id: Ie049ee21193ec82b8dc873a7dff78e9d058c7935 Reviewed-on: https://code.wireshark.org/review/17825 Petri-Dish: Peter Wu <[email protected]> Tested-by: Petri Dish Buildbot <[email protected]> Reviewed-by: Peter Wu <[email protected]> (cherry picked from commit b9d4a18ad2f10cc9216d8131d9e1ddc89bfc50ac) Reviewed-on: https://code.wireshark.org/review/17831 Reviewed-by: Anders Broman <[email protected]> ==1840== Memcheck, a memory error detector ==1840== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al. ==1840== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info ==1840== Command: /home/wireshark/builders/wireshark-2.2-fuzz/fuzztest/install/bin/tshark -Vx -nr /fuzz/buildbot/fuzztest/valgrind-fuzz-2.2/fuzz-2016-09-22-2022.pcap ==1840== ==1840== Conditional jump or move depends on uninitialised value(s) ==1840== at 0xB083163: inet_ntop6 (inet_ntop.c:134) ==1840== by 0xB083163: inet_ntop (inet_ntop.c:65) ==1840== by 0x692FD9C: ipv6_to_str (address_types.c:250) ==1840== by 0x693040D: address_to_str (address_types.c:700) ==1840== by 0x6968189: proto_item_fill_label (proto.c:7254) ==1840== by 0x695535D: proto_tree_print_node (print.c:180) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x6955224: proto_tree_print_node (print.c:235) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x69579D5: proto_tree_print (print.c:149) ==1840== by 0x4167DA: print_packet (tshark.c:3846) ==1840== by 0x416E8A: process_packet (tshark.c:3447) ==1840== by 0x40E247: load_cap_file (tshark.c:3189) ==1840== by 0x40E247: main (tshark.c:1889) ==1840== ==1840== Conditional jump or move depends on uninitialised value(s) ==1840== at 0xB082EA5: inet_ntop6 (inet_ntop.c:134) ==1840== by 0xB082EA5: inet_ntop (inet_ntop.c:65) ==1840== by 0x692FD9C: ipv6_to_str (address_types.c:250) ==1840== by 0x693040D: address_to_str (address_types.c:700) ==1840== by 0x6968189: proto_item_fill_label (proto.c:7254) ==1840== by 0x695535D: proto_tree_print_node (print.c:180) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x6955224: proto_tree_print_node (print.c:235) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x69579D5: proto_tree_print (print.c:149) ==1840== by 0x4167DA: print_packet (tshark.c:3846) ==1840== by 0x416E8A: process_packet (tshark.c:3447) ==1840== by 0x40E247: load_cap_file (tshark.c:3189) ==1840== by 0x40E247: main (tshark.c:1889) ==1840== ==1840== Conditional jump or move depends on uninitialised value(s) ==1840== at 0xB0831B1: inet_ntop6 (inet_ntop.c:134) ==1840== by 0xB0831B1: inet_ntop (inet_ntop.c:65) ==1840== by 0x692FD9C: ipv6_to_str (address_types.c:250) ==1840== by 0x693040D: address_to_str (address_types.c:700) ==1840== by 0x6968189: proto_item_fill_label (proto.c:7254) ==1840== by 0x695535D: proto_tree_print_node (print.c:180) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x6955224: proto_tree_print_node (print.c:235) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x69579D5: proto_tree_print (print.c:149) ==1840== by 0x4167DA: print_packet (tshark.c:3846) ==1840== by 0x416E8A: process_packet (tshark.c:3447) ==1840== by 0x40E247: load_cap_file (tshark.c:3189) ==1840== by 0x40E247: main (tshark.c:1889) ==1840== ==1840== Conditional jump or move depends on uninitialised value(s) ==1840== at 0xB082EDB: inet_ntop6 (inet_ntop.c:134) ==1840== by 0xB082EDB: inet_ntop (inet_ntop.c:65) ==1840== by 0x692FD9C: ipv6_to_str (address_types.c:250) ==1840== by 0x693040D: address_to_str (address_types.c:700) ==1840== by 0x6968189: proto_item_fill_label (proto.c:7254) ==1840== by 0x695535D: proto_tree_print_node (print.c:180) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x6955224: proto_tree_print_node (print.c:235) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x69579D5: proto_tree_print (print.c:149) ==1840== by 0x4167DA: print_packet (tshark.c:3846) ==1840== by 0x416E8A: process_packet (tshark.c:3447) ==1840== by 0x40E247: load_cap_file (tshark.c:3189) ==1840== by 0x40E247: main (tshark.c:1889) ==1840== ==1840== Use of uninitialised value of size 8 ==1840== at 0xAFA86D1: _itoa_word (_itoa.c:180) ==1840== by 0xAFAC0EC: vfprintf (vfprintf.c:1631) ==1840== by 0xAFCE10A: vsprintf (iovsprintf.c:42) ==1840== by 0xAFB3976: sprintf (sprintf.c:32) ==1840== by 0xB083064: inet_ntop6 (inet_ntop.c:177) ==1840== by 0xB083064: inet_ntop (inet_ntop.c:65) ==1840== by 0x692FD9C: ipv6_to_str (address_types.c:250) ==1840== by 0x693040D: address_to_str (address_types.c:700) ==1840== by 0x6968189: proto_item_fill_label (proto.c:7254) ==1840== by 0x695535D: proto_tree_print_node (print.c:180) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x6955224: proto_tree_print_node (print.c:235) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== ==1840== Conditional jump or move depends on uninitialised value(s) ==1840== at 0xAFA86D8: _itoa_word (_itoa.c:180) ==1840== by 0xAFAC0EC: vfprintf (vfprintf.c:1631) ==1840== by 0xAFCE10A: vsprintf (iovsprintf.c:42) ==1840== by 0xAFB3976: sprintf (sprintf.c:32) ==1840== by 0xB083064: inet_ntop6 (inet_ntop.c:177) ==1840== by 0xB083064: inet_ntop (inet_ntop.c:65) ==1840== by 0x692FD9C: ipv6_to_str (address_types.c:250) ==1840== by 0x693040D: address_to_str (address_types.c:700) ==1840== by 0x6968189: proto_item_fill_label (proto.c:7254) ==1840== by 0x695535D: proto_tree_print_node (print.c:180) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x6955224: proto_tree_print_node (print.c:235) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== ==1840== Conditional jump or move depends on uninitialised value(s) ==1840== at 0xAFAC16F: vfprintf (vfprintf.c:1631) ==1840== by 0xAFCE10A: vsprintf (iovsprintf.c:42) ==1840== by 0xAFB3976: sprintf (sprintf.c:32) ==1840== by 0xB083064: inet_ntop6 (inet_ntop.c:177) ==1840== by 0xB083064: inet_ntop (inet_ntop.c:65) ==1840== by 0x692FD9C: ipv6_to_str (address_types.c:250) ==1840== by 0x693040D: address_to_str (address_types.c:700) ==1840== by 0x6968189: proto_item_fill_label (proto.c:7254) ==1840== by 0x695535D: proto_tree_print_node (print.c:180) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x6955224: proto_tree_print_node (print.c:235) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x69579D5: proto_tree_print (print.c:149) ==1840== ==1840== Conditional jump or move depends on uninitialised value(s) ==1840== at 0xAFABC19: vfprintf (vfprintf.c:1631) ==1840== by 0xAFCE10A: vsprintf (iovsprintf.c:42) ==1840== by 0xAFB3976: sprintf (sprintf.c:32) ==1840== by 0xB083064: inet_ntop6 (inet_ntop.c:177) ==1840== by 0xB083064: inet_ntop (inet_ntop.c:65) ==1840== by 0x692FD9C: ipv6_to_str (address_types.c:250) ==1840== by 0x693040D: address_to_str (address_types.c:700) ==1840== by 0x6968189: proto_item_fill_label (proto.c:7254) ==1840== by 0x695535D: proto_tree_print_node (print.c:180) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x6955224: proto_tree_print_node (print.c:235) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x69579D5: proto_tree_print (print.c:149) ==1840== ==1840== Conditional jump or move depends on uninitialised value(s) ==1840== at 0xAFABCA2: vfprintf (vfprintf.c:1631) ==1840== by 0xAFCE10A: vsprintf (iovsprintf.c:42) ==1840== by 0xAFB3976: sprintf (sprintf.c:32) ==1840== by 0xB083064: inet_ntop6 (inet_ntop.c:177) ==1840== by 0xB083064: inet_ntop (inet_ntop.c:65) ==1840== by 0x692FD9C: ipv6_to_str (address_types.c:250) ==1840== by 0x693040D: address_to_str (address_types.c:700) ==1840== by 0x6968189: proto_item_fill_label (proto.c:7254) ==1840== by 0x695535D: proto_tree_print_node (print.c:180) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x6955224: proto_tree_print_node (print.c:235) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x69579D5: proto_tree_print (print.c:149) ==1840== ==1840== Conditional jump or move depends on uninitialised value(s) ==1840== at 0xAFAC16F: vfprintf (vfprintf.c:1631) ==1840== by 0xAFCE10A: vsprintf (iovsprintf.c:42) ==1840== by 0xAFB3976: sprintf (sprintf.c:32) ==1840== by 0xB08309D: inet_ntop6 (inet_ntop.c:177) ==1840== by 0xB08309D: inet_ntop (inet_ntop.c:65) ==1840== by 0x692FD9C: ipv6_to_str (address_types.c:250) ==1840== by 0x693040D: address_to_str (address_types.c:700) ==1840== by 0x6968189: proto_item_fill_label (proto.c:7254) ==1840== by 0x695535D: proto_tree_print_node (print.c:180) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x6955224: proto_tree_print_node (print.c:235) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x69579D5: proto_tree_print (print.c:149) ==1840== ==1840== Conditional jump or move depends on uninitialised value(s) ==1840== at 0xAFABC19: vfprintf (vfprintf.c:1631) ==1840== by 0xAFCE10A: vsprintf (iovsprintf.c:42) ==1840== by 0xAFB3976: sprintf (sprintf.c:32) ==1840== by 0xB08309D: inet_ntop6 (inet_ntop.c:177) ==1840== by 0xB08309D: inet_ntop (inet_ntop.c:65) ==1840== by 0x692FD9C: ipv6_to_str (address_types.c:250) ==1840== by 0x693040D: address_to_str (address_types.c:700) ==1840== by 0x6968189: proto_item_fill_label (proto.c:7254) ==1840== by 0x695535D: proto_tree_print_node (print.c:180) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x6955224: proto_tree_print_node (print.c:235) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x69579D5: proto_tree_print (print.c:149) ==1840== ==1840== Conditional jump or move depends on uninitialised value(s) ==1840== at 0xAFABCA2: vfprintf (vfprintf.c:1631) ==1840== by 0xAFCE10A: vsprintf (iovsprintf.c:42) ==1840== by 0xAFB3976: sprintf (sprintf.c:32) ==1840== by 0xB08309D: inet_ntop6 (inet_ntop.c:177) ==1840== by 0xB08309D: inet_ntop (inet_ntop.c:65) ==1840== by 0x692FD9C: ipv6_to_str (address_types.c:250) ==1840== by 0x693040D: address_to_str (address_types.c:700) ==1840== by 0x6968189: proto_item_fill_label (proto.c:7254) ==1840== by 0x695535D: proto_tree_print_node (print.c:180) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x6955224: proto_tree_print_node (print.c:235) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x69579D5: proto_tree_print (print.c:149) ==1840== ==1840== Conditional jump or move depends on uninitialised value(s) ==1840== at 0xAFAC16F: vfprintf (vfprintf.c:1631) ==1840== by 0xAFCE10A: vsprintf (iovsprintf.c:42) ==1840== by 0xAFB3976: sprintf (sprintf.c:32) ==1840== by 0xB0830D6: inet_ntop6 (inet_ntop.c:177) ==1840== by 0xB0830D6: inet_ntop (inet_ntop.c:65) ==1840== by 0x692FD9C: ipv6_to_str (address_types.c:250) ==1840== by 0x693040D: address_to_str (address_types.c:700) ==1840== by 0x6968189: proto_item_fill_label (proto.c:7254) ==1840== by 0x695535D: proto_tree_print_node (print.c:180) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x6955224: proto_tree_print_node (print.c:235) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x69579D5: proto_tree_print (print.c:149) ==1840== ==1840== Conditional jump or move depends on uninitialised value(s) ==1840== at 0xAFABC19: vfprintf (vfprintf.c:1631) ==1840== by 0xAFCE10A: vsprintf (iovsprintf.c:42) ==1840== by 0xAFB3976: sprintf (sprintf.c:32) ==1840== by 0xB0830D6: inet_ntop6 (inet_ntop.c:177) ==1840== by 0xB0830D6: inet_ntop (inet_ntop.c:65) ==1840== by 0x692FD9C: ipv6_to_str (address_types.c:250) ==1840== by 0x693040D: address_to_str (address_types.c:700) ==1840== by 0x6968189: proto_item_fill_label (proto.c:7254) ==1840== by 0x695535D: proto_tree_print_node (print.c:180) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x6955224: proto_tree_print_node (print.c:235) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x69579D5: proto_tree_print (print.c:149) ==1840== ==1840== Conditional jump or move depends on uninitialised value(s) ==1840== at 0xAFABCA2: vfprintf (vfprintf.c:1631) ==1840== by 0xAFCE10A: vsprintf (iovsprintf.c:42) ==1840== by 0xAFB3976: sprintf (sprintf.c:32) ==1840== by 0xB0830D6: inet_ntop6 (inet_ntop.c:177) ==1840== by 0xB0830D6: inet_ntop (inet_ntop.c:65) ==1840== by 0x692FD9C: ipv6_to_str (address_types.c:250) ==1840== by 0x693040D: address_to_str (address_types.c:700) ==1840== by 0x6968189: proto_item_fill_label (proto.c:7254) ==1840== by 0x695535D: proto_tree_print_node (print.c:180) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x6955224: proto_tree_print_node (print.c:235) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x69579D5: proto_tree_print (print.c:149) ==1840== ==1840== Conditional jump or move depends on uninitialised value(s) ==1840== at 0xAFAC16F: vfprintf (vfprintf.c:1631) ==1840== by 0xAFCE10A: vsprintf (iovsprintf.c:42) ==1840== by 0xAFB3976: sprintf (sprintf.c:32) ==1840== by 0xB083113: inet_ntop6 (inet_ntop.c:177) ==1840== by 0xB083113: inet_ntop (inet_ntop.c:65) ==1840== by 0x692FD9C: ipv6_to_str (address_types.c:250) ==1840== by 0x693040D: address_to_str (address_types.c:700) ==1840== by 0x6968189: proto_item_fill_label (proto.c:7254) ==1840== by 0x695535D: proto_tree_print_node (print.c:180) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x6955224: proto_tree_print_node (print.c:235) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x69579D5: proto_tree_print (print.c:149) ==1840== ==1840== Conditional jump or move depends on uninitialised value(s) ==1840== at 0xAFABC19: vfprintf (vfprintf.c:1631) ==1840== by 0xAFCE10A: vsprintf (iovsprintf.c:42) ==1840== by 0xAFB3976: sprintf (sprintf.c:32) ==1840== by 0xB083113: inet_ntop6 (inet_ntop.c:177) ==1840== by 0xB083113: inet_ntop (inet_ntop.c:65) ==1840== by 0x692FD9C: ipv6_to_str (address_types.c:250) ==1840== by 0x693040D: address_to_str (address_types.c:700) ==1840== by 0x6968189: proto_item_fill_label (proto.c:7254) ==1840== by 0x695535D: proto_tree_print_node (print.c:180) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x6955224: proto_tree_print_node (print.c:235) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x69579D5: proto_tree_print (print.c:149) ==1840== ==1840== Conditional jump or move depends on uninitialised value(s) ==1840== at 0xAFABCA2: vfprintf (vfprintf.c:1631) ==1840== by 0xAFCE10A: vsprintf (iovsprintf.c:42) ==1840== by 0xAFB3976: sprintf (sprintf.c:32) ==1840== by 0xB083113: inet_ntop6 (inet_ntop.c:177) ==1840== by 0xB083113: inet_ntop (inet_ntop.c:65) ==1840== by 0x692FD9C: ipv6_to_str (address_types.c:250) ==1840== by 0x693040D: address_to_str (address_types.c:700) ==1840== by 0x6968189: proto_item_fill_label (proto.c:7254) ==1840== by 0x695535D: proto_tree_print_node (print.c:180) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x6955224: proto_tree_print_node (print.c:235) ==1840== by 0x695A968: proto_tree_children_foreach (proto.c:689) ==1840== by 0x69579D5: proto_tree_print (print.c:149) ==1840== ==1840== ==1840== HEAP SUMMARY: ==1840== in use at exit: 446,038 bytes in 9,616 blocks ==1840== total heap usage: 610,432 allocs, 600,816 frees, 55,797,466 bytes allocated ==1840== ==1840== LEAK SUMMARY: ==1840== definitely lost: 343 bytes in 20 blocks ==1840== indirectly lost: 362 bytes in 4 blocks ==1840== possibly lost: 0 bytes in 0 blocks ==1840== still reachable: 445,333 bytes in 9,592 blocks ==1840== suppressed: 0 bytes in 0 blocks ==1840== Rerun with --leak-check=full to see details of leaked memory ==1840== ==1840== For counts of detected and suppressed errors, rerun with: -v ==1840== Use --track-origins=yes to see where uninitialised values come from ==1840== ERROR SUMMARY: 464 errors from 18 contexts (suppressed: 1 from 1) [ no debug trace ]
You are receiving this mail because:
- You are watching all bug changes.
- Follow-Ups:
- [Wireshark-bugs] [Bug 12939] Buildbot crash output: fuzz-2016-09-22-2022.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12939] Buildbot crash output: fuzz-2016-09-22-2022.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12939] Buildbot crash output: fuzz-2016-09-22-2022.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12939] Buildbot crash output: fuzz-2016-09-22-2022.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12939] Buildbot crash output: fuzz-2016-09-22-2022.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12939] Buildbot crash output: fuzz-2016-09-22-2022.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12939] Buildbot crash output: fuzz-2016-09-22-2022.pcap
- Prev by Date: [Wireshark-bugs] [Bug 12938] Decoding of RPCInterfaceUUID for PNIO
- Next by Date: [Wireshark-bugs] [Bug 12940] New: Buildbot crash output: randpkt-2016-09-22-7753.pcap
- Previous by thread: [Wireshark-bugs] [Bug 12938] Decoding of RPCInterfaceUUID for PNIO
- Next by thread: [Wireshark-bugs] [Bug 12939] Buildbot crash output: fuzz-2016-09-22-2022.pcap
- Index(es):