Wireshark-bugs: [Wireshark-bugs] [Bug 12823] New: Buildbot crash output: fuzz-2016-09-04-23372.p
Date: Mon, 05 Sep 2016 03:10:03 +0000
| Bug ID | 12823 |
|---|---|
| Summary | Buildbot crash output: fuzz-2016-09-04-23372.pcap |
| Product | Wireshark |
| Version | unspecified |
| Hardware | x86-64 |
| URL | https://www.wireshark.org/download/automated/captures/fuzz-2016-09-04-23372.pcap |
| OS | Ubuntu |
| Status | CONFIRMED |
| Severity | Major |
| Priority | High |
| Component | Dissection engine (libwireshark) |
| Assignee | [email protected] |
| Reporter | [email protected] |
Problems have been found with the following capture file: https://www.wireshark.org/download/automated/captures/fuzz-2016-09-04-23372.pcap stderr: Input file: /home/wireshark/menagerie/menagerie/IrDA_Traffic.ntar Build host information: Linux wsbb04 4.4.0-34-generic #53-Ubuntu SMP Wed Jul 27 16:06:39 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux Distributor ID: Ubuntu Description: Ubuntu 16.04.1 LTS Release: 16.04 Codename: xenial Buildbot information: BUILDBOT_REPOSITORY=ssh://[email protected]:29418/wireshark BUILDBOT_WORKERNAME=fuzz-test BUILDBOT_BUILDNUMBER=75 BUILDBOT_URL=http://buildbot.wireshark.org/wireshark-2.2/ BUILDBOT_BUILDERNAME=Fuzz Test BUILDBOT_GOT_REVISION=4f6214a896cfe1af42232c50e4a76e6d15371884 Return value: 0 Dissector bug: 0 Valgrind error count: 10 Git commit commit 4f6214a896cfe1af42232c50e4a76e6d15371884 Author: Gerald Combs <[email protected]> Date: Thu Sep 1 13:51:13 2016 -0700 Qt: Conversation time column updates. Add a checkbox which lets you toggle between absolute and relative start times. Use the local time for now. Fixes bug 11618. Adjust our time precision based on the capture file's time precision. Fixes bug 12803. Bug: 11618 Bug: 12803 Change-Id: I0049d6db6e4d0b6967bf35e6d056a61bfb4de10f Reviewed-on: https://code.wireshark.org/review/17471 Reviewed-by: Gerald Combs <[email protected]> Petri-Dish: Gerald Combs <[email protected]> Tested-by: Petri Dish Buildbot <[email protected]> Reviewed-by: Michael Mann <[email protected]> ==7388== Memcheck, a memory error detector ==7388== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al. ==7388== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info ==7388== Command: /home/wireshark/builders/wireshark-2.2-fuzz/fuzztest/install/bin/tshark -nr /fuzz/buildbot/fuzztest/valgrind-fuzz-2.2/fuzz-2016-09-04-23372.pcap ==7388== ==7388== Use of uninitialised value of size 8 ==7388== at 0xA300BC4: g_hash_table_lookup (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1) ==7388== by 0x6937EA4: conversation_lookup_hashtable (conversation.c:822) ==7388== by 0x6938AD3: find_conversation (conversation.c:1035) ==7388== by 0xFB91B5F: add_lmp_conversation (packet-irda.c:1197) ==7388== by 0xFB8DE52: dissect_ircomm_ttp_lsap (packet-ircomm.c:331) ==7388== by 0xFB8F73D: dissect_iap_result (packet-irda.c:864) ==7388== by 0xFB91030: dissect_irlmp (packet-irda.c:1153) ==7388== by 0xFB91030: dissect_irlap (packet-irda.c:1738) ==7388== by 0xFB91030: dissect_irda (packet-irda.c:1847) ==7388== by 0x6947E2E: call_dissector_through_handle (packet.c:648) ==7388== by 0x6947E2E: call_dissector_work (packet.c:723) ==7388== by 0x6948558: dissector_try_uint_new (packet.c:1188) ==7388== by 0x6C46407: dissect_frame (packet-frame.c:507) ==7388== by 0x6947E2E: call_dissector_through_handle (packet.c:648) ==7388== by 0x6947E2E: call_dissector_work (packet.c:723) ==7388== by 0x6949861: call_dissector_with_data (packet.c:2816) ==7388== ==7388== Use of uninitialised value of size 8 ==7388== at 0xA300BC4: g_hash_table_lookup (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1) ==7388== by 0x6937EA4: conversation_lookup_hashtable (conversation.c:822) ==7388== by 0x6938B2F: find_conversation (conversation.c:1125) ==7388== by 0xFB91B5F: add_lmp_conversation (packet-irda.c:1197) ==7388== by 0xFB8DE52: dissect_ircomm_ttp_lsap (packet-ircomm.c:331) ==7388== by 0xFB8F73D: dissect_iap_result (packet-irda.c:864) ==7388== by 0xFB91030: dissect_irlmp (packet-irda.c:1153) ==7388== by 0xFB91030: dissect_irlap (packet-irda.c:1738) ==7388== by 0xFB91030: dissect_irda (packet-irda.c:1847) ==7388== by 0x6947E2E: call_dissector_through_handle (packet.c:648) ==7388== by 0x6947E2E: call_dissector_work (packet.c:723) ==7388== by 0x6948558: dissector_try_uint_new (packet.c:1188) ==7388== by 0x6C46407: dissect_frame (packet-frame.c:507) ==7388== by 0x6947E2E: call_dissector_through_handle (packet.c:648) ==7388== by 0x6947E2E: call_dissector_work (packet.c:723) ==7388== by 0x6949861: call_dissector_with_data (packet.c:2816) ==7388== ==7388== Use of uninitialised value of size 8 ==7388== at 0xA300BC4: g_hash_table_lookup (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1) ==7388== by 0x6937F44: conversation_insert_into_hashtable (conversation.c:551) ==7388== by 0x6938677: conversation_new (conversation.c:722) ==7388== by 0xFB91C0C: add_lmp_conversation (packet-irda.c:1218) ==7388== by 0xFB8DE52: dissect_ircomm_ttp_lsap (packet-ircomm.c:331) ==7388== by 0xFB8F73D: dissect_iap_result (packet-irda.c:864) ==7388== by 0xFB91030: dissect_irlmp (packet-irda.c:1153) ==7388== by 0xFB91030: dissect_irlap (packet-irda.c:1738) ==7388== by 0xFB91030: dissect_irda (packet-irda.c:1847) ==7388== by 0x6947E2E: call_dissector_through_handle (packet.c:648) ==7388== by 0x6947E2E: call_dissector_work (packet.c:723) ==7388== by 0x6948558: dissector_try_uint_new (packet.c:1188) ==7388== by 0x6C46407: dissect_frame (packet-frame.c:507) ==7388== by 0x6947E2E: call_dissector_through_handle (packet.c:648) ==7388== by 0x6947E2E: call_dissector_work (packet.c:723) ==7388== by 0x6949861: call_dissector_with_data (packet.c:2816) ==7388== ==7388== Use of uninitialised value of size 8 ==7388== at 0xA3003FB: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1) ==7388== by 0x6938677: conversation_new (conversation.c:722) ==7388== by 0xFB91C0C: add_lmp_conversation (packet-irda.c:1218) ==7388== by 0xFB8DE52: dissect_ircomm_ttp_lsap (packet-ircomm.c:331) ==7388== by 0xFB8F73D: dissect_iap_result (packet-irda.c:864) ==7388== by 0xFB91030: dissect_irlmp (packet-irda.c:1153) ==7388== by 0xFB91030: dissect_irlap (packet-irda.c:1738) ==7388== by 0xFB91030: dissect_irda (packet-irda.c:1847) ==7388== by 0x6947E2E: call_dissector_through_handle (packet.c:648) ==7388== by 0x6947E2E: call_dissector_work (packet.c:723) ==7388== by 0x6948558: dissector_try_uint_new (packet.c:1188) ==7388== by 0x6C46407: dissect_frame (packet-frame.c:507) ==7388== by 0x6947E2E: call_dissector_through_handle (packet.c:648) ==7388== by 0x6947E2E: call_dissector_work (packet.c:723) ==7388== by 0x6949861: call_dissector_with_data (packet.c:2816) ==7388== by 0x6949D9C: dissect_record (packet.c:531) ==7388== ==7388== Use of uninitialised value of size 8 ==7388== at 0xA2FFF97: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1) ==7388== by 0xA3004B9: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1) ==7388== by 0x6938677: conversation_new (conversation.c:722) ==7388== by 0xFB91C0C: add_lmp_conversation (packet-irda.c:1218) ==7388== by 0xFB8DE52: dissect_ircomm_ttp_lsap (packet-ircomm.c:331) ==7388== by 0xFB8F73D: dissect_iap_result (packet-irda.c:864) ==7388== by 0xFB91030: dissect_irlmp (packet-irda.c:1153) ==7388== by 0xFB91030: dissect_irlap (packet-irda.c:1738) ==7388== by 0xFB91030: dissect_irda (packet-irda.c:1847) ==7388== by 0x6947E2E: call_dissector_through_handle (packet.c:648) ==7388== by 0x6947E2E: call_dissector_work (packet.c:723) ==7388== by 0x6948558: dissector_try_uint_new (packet.c:1188) ==7388== by 0x6C46407: dissect_frame (packet-frame.c:507) ==7388== by 0x6947E2E: call_dissector_through_handle (packet.c:648) ==7388== by 0x6947E2E: call_dissector_work (packet.c:723) ==7388== by 0x6949861: call_dissector_with_data (packet.c:2816) ==7388== ==7388== Use of uninitialised value of size 8 ==7388== at 0xA300020: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1) ==7388== by 0xA3004B9: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1) ==7388== by 0x6938677: conversation_new (conversation.c:722) ==7388== by 0xFB91C0C: add_lmp_conversation (packet-irda.c:1218) ==7388== by 0xFB8DE52: dissect_ircomm_ttp_lsap (packet-ircomm.c:331) ==7388== by 0xFB8F73D: dissect_iap_result (packet-irda.c:864) ==7388== by 0xFB91030: dissect_irlmp (packet-irda.c:1153) ==7388== by 0xFB91030: dissect_irlap (packet-irda.c:1738) ==7388== by 0xFB91030: dissect_irda (packet-irda.c:1847) ==7388== by 0x6947E2E: call_dissector_through_handle (packet.c:648) ==7388== by 0x6947E2E: call_dissector_work (packet.c:723) ==7388== by 0x6948558: dissector_try_uint_new (packet.c:1188) ==7388== by 0x6C46407: dissect_frame (packet-frame.c:507) ==7388== by 0x6947E2E: call_dissector_through_handle (packet.c:648) ==7388== by 0x6947E2E: call_dissector_work (packet.c:723) ==7388== by 0x6949861: call_dissector_with_data (packet.c:2816) ==7388== ==7388== Use of uninitialised value of size 8 ==7388== at 0xA30002E: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1) ==7388== by 0xA3004B9: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1) ==7388== by 0x6938677: conversation_new (conversation.c:722) ==7388== by 0xFB91C0C: add_lmp_conversation (packet-irda.c:1218) ==7388== by 0xFB8DE52: dissect_ircomm_ttp_lsap (packet-ircomm.c:331) ==7388== by 0xFB8F73D: dissect_iap_result (packet-irda.c:864) ==7388== by 0xFB91030: dissect_irlmp (packet-irda.c:1153) ==7388== by 0xFB91030: dissect_irlap (packet-irda.c:1738) ==7388== by 0xFB91030: dissect_irda (packet-irda.c:1847) ==7388== by 0x6947E2E: call_dissector_through_handle (packet.c:648) ==7388== by 0x6947E2E: call_dissector_work (packet.c:723) ==7388== by 0x6948558: dissector_try_uint_new (packet.c:1188) ==7388== by 0x6C46407: dissect_frame (packet-frame.c:507) ==7388== by 0x6947E2E: call_dissector_through_handle (packet.c:648) ==7388== by 0x6947E2E: call_dissector_work (packet.c:723) ==7388== by 0x6949861: call_dissector_with_data (packet.c:2816) ==7388== ==7388== Use of uninitialised value of size 8 ==7388== at 0xA300044: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1) ==7388== by 0xA3004B9: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1) ==7388== by 0x6938677: conversation_new (conversation.c:722) ==7388== by 0xFB91C0C: add_lmp_conversation (packet-irda.c:1218) ==7388== by 0xFB8DE52: dissect_ircomm_ttp_lsap (packet-ircomm.c:331) ==7388== by 0xFB8F73D: dissect_iap_result (packet-irda.c:864) ==7388== by 0xFB91030: dissect_irlmp (packet-irda.c:1153) ==7388== by 0xFB91030: dissect_irlap (packet-irda.c:1738) ==7388== by 0xFB91030: dissect_irda (packet-irda.c:1847) ==7388== by 0x6947E2E: call_dissector_through_handle (packet.c:648) ==7388== by 0x6947E2E: call_dissector_work (packet.c:723) ==7388== by 0x6948558: dissector_try_uint_new (packet.c:1188) ==7388== by 0x6C46407: dissect_frame (packet-frame.c:507) ==7388== by 0x6947E2E: call_dissector_through_handle (packet.c:648) ==7388== by 0x6947E2E: call_dissector_work (packet.c:723) ==7388== by 0x6949861: call_dissector_with_data (packet.c:2816) ==7388== ==7388== Use of uninitialised value of size 8 ==7388== at 0xA300071: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1) ==7388== by 0xA3004B9: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1) ==7388== by 0x6938677: conversation_new (conversation.c:722) ==7388== by 0xFB91C0C: add_lmp_conversation (packet-irda.c:1218) ==7388== by 0xFB8DE52: dissect_ircomm_ttp_lsap (packet-ircomm.c:331) ==7388== by 0xFB8F73D: dissect_iap_result (packet-irda.c:864) ==7388== by 0xFB91030: dissect_irlmp (packet-irda.c:1153) ==7388== by 0xFB91030: dissect_irlap (packet-irda.c:1738) ==7388== by 0xFB91030: dissect_irda (packet-irda.c:1847) ==7388== by 0x6947E2E: call_dissector_through_handle (packet.c:648) ==7388== by 0x6947E2E: call_dissector_work (packet.c:723) ==7388== by 0x6948558: dissector_try_uint_new (packet.c:1188) ==7388== by 0x6C46407: dissect_frame (packet-frame.c:507) ==7388== by 0x6947E2E: call_dissector_through_handle (packet.c:648) ==7388== by 0x6947E2E: call_dissector_work (packet.c:723) ==7388== by 0x6949861: call_dissector_with_data (packet.c:2816) ==7388== ==7388== Conditional jump or move depends on uninitialised value(s) ==7388== at 0xA30017D: ??? (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1) ==7388== by 0xA301102: g_hash_table_remove_all (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1) ==7388== by 0xA30113D: g_hash_table_destroy (in /lib/x86_64-linux-gnu/libglib-2.0.so.0.4800.1) ==7388== by 0x6938351: conversation_cleanup (conversation.c:494) ==7388== by 0x6948088: cleanup_dissection (packet.c:297) ==7388== by 0x693D86D: epan_free (epan.c:235) ==7388== by 0x40DFE5: main (tshark.c:2041) ==7388== ==7388== ==7388== HEAP SUMMARY: ==7388== in use at exit: 445,912 bytes in 9,614 blocks ==7388== total heap usage: 258,040 allocs, 248,426 frees, 32,627,233 bytes allocated ==7388== ==7388== LEAK SUMMARY: ==7388== definitely lost: 343 bytes in 20 blocks ==7388== indirectly lost: 362 bytes in 4 blocks ==7388== possibly lost: 0 bytes in 0 blocks ==7388== still reachable: 445,207 bytes in 9,590 blocks ==7388== suppressed: 0 bytes in 0 blocks ==7388== Rerun with --leak-check=full to see details of leaked memory ==7388== ==7388== For counts of detected and suppressed errors, rerun with: -v ==7388== Use --track-origins=yes to see where uninitialised values come from ==7388== ERROR SUMMARY: 10 errors from 10 contexts (suppressed: 1 from 1) [ no debug trace ]
You are receiving this mail because:
- You are watching all bug changes.
- Follow-Ups:
- [Wireshark-bugs] [Bug 12823] Buildbot crash output: fuzz-2016-09-04-23372.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 12823] Buildbot crash output: fuzz-2016-09-04-23372.pcap
- Prev by Date: [Wireshark-bugs] [Bug 12303] ERF metadata support
- Next by Date: [Wireshark-bugs] [Bug 12823] Buildbot crash output: fuzz-2016-09-04-23372.pcap
- Previous by thread: [Wireshark-bugs] [Bug 12303] ERF metadata support
- Next by thread: [Wireshark-bugs] [Bug 12823] Buildbot crash output: fuzz-2016-09-04-23372.pcap
- Index(es):
- Get Wireshark
- Download
- Code of Conduct