Wireshark-bugs: [Wireshark-bugs] [Bug 10993] New: Buildbot crash output: fuzz-2015-02-22-4968.pc
Date: Sun, 22 Feb 2015 19:10:02 +0000
Bug ID | 10993 |
---|---|
Summary | Buildbot crash output: fuzz-2015-02-22-4968.pcap |
Product | Wireshark |
Version | unspecified |
Hardware | x86-64 |
URL | https://www.wireshark.org/download/automated/captures/fuzz-2015-02-22-4968.pcap |
OS | Ubuntu |
Status | CONFIRMED |
Severity | Major |
Priority | High |
Component | Dissection engine (libwireshark) |
Assignee | bugzilla-admin@wireshark.org |
Reporter | buildbot-do-not-reply@wireshark.org |
Problems have been found with the following capture file: https://www.wireshark.org/download/automated/captures/fuzz-2015-02-22-4968.pcap stderr: Input file: /home/wireshark/menagerie/menagerie/13422-SQLServer-SMB2-selected.pcapng Build host information: Linux wsbb04 3.13.0-45-generic #74-Ubuntu SMP Tue Jan 13 19:36:28 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux Distributor ID: Ubuntu Description: Ubuntu 14.04.1 LTS Release: 14.04 Codename: trusty Buildbot information: BUILDBOT_REPOSITORY=ssh://wireshark-buildbot@code.wireshark.org:29418/wireshark BUILDBOT_BUILDNUMBER=3148 BUILDBOT_URL=http://buildbot.wireshark.org/trunk/ BUILDBOT_BUILDERNAME=Clang Code Analysis BUILDBOT_SLAVENAME=clang-code-analysis BUILDBOT_GOT_REVISION=422ad100aad4c076ab05f1373dad59481ea12072 Return value: 0 Dissector bug: 0 Valgrind error count: 215 Git commit commit 422ad100aad4c076ab05f1373dad59481ea12072 Author: Gerald Combs <gerald@wireshark.org> Date: Fri Feb 20 10:32:15 2015 -0800 Qt: Apply the main window geometry directly. As of g2c00d66 we create the main window after we've read the recent settings. This means that we can get rid of the property animation workaround in MainWindow::loadWindowGeometry. Change-Id: I028061c5bdab9261f9394a1840bcdcb752a4f0c8 Reviewed-on: https://code.wireshark.org/review/7278 Reviewed-by: Gerald Combs <gerald@wireshark.org> Command and args: ./tools/valgrind-wireshark.sh ==5994== Memcheck, a memory error detector ==5994== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al. ==5994== Using Valgrind-3.10.0.SVN and LibVEX; rerun with -h for copyright info ==5994== Command: /home/wireshark/builders/wireshark-master-fuzz/clangcodeanalysis/install/bin/tshark -nr /fuzz/buildbot/clangcodeanalysis/valgrind-fuzz/fuzz-2015-02-22-4968.pcap ==5994== ==5994== Use of uninitialised value of size 8 ==5994== at 0xA8A99F1: _itoa_word (_itoa.c:180) ==5994== by 0xA8AD6F6: vfprintf (vfprintf.c:1660) ==5994== by 0xA969DC4: __vsnprintf_chk (vsnprintf_chk.c:63) ==5994== by 0x6704738: col_add_fstr (column-utils.c:732) ==5994== by 0x6D7A3CA: dissect_scsi_cdb (packet-scsi.c:5899) ==5994== by 0x6D1B7FF: dissect_rsvd (packet-rsvd.c:297) ==5994== by 0x671418E: call_dissector_through_handle (packet.c:612) ==5994== by 0x6714B24: call_dissector_work (packet.c:700) ==5994== by 0x67167A1: call_dissector_with_data (packet.c:2386) ==5994== by 0x6DF0B99: dissect_smb2_ioctl_data (packet-smb2.c:4926) ==5994== by 0x6DEF772: dissect_smb2_ioctl_request (packet-smb2.c:5006) ==5994== by 0x6DEE3C2: dissect_smb2 (packet-smb2.c:6956) ==5994== ==5994== Conditional jump or move depends on uninitialised value(s) ==5994== at 0xA8A99F8: _itoa_word (_itoa.c:180) ==5994== by 0xA8AD6F6: vfprintf (vfprintf.c:1660) ==5994== by 0xA969DC4: __vsnprintf_chk (vsnprintf_chk.c:63) ==5994== by 0x6704738: col_add_fstr (column-utils.c:732) ==5994== by 0x6D7A3CA: dissect_scsi_cdb (packet-scsi.c:5899) ==5994== by 0x6D1B7FF: dissect_rsvd (packet-rsvd.c:297) ==5994== by 0x671418E: call_dissector_through_handle (packet.c:612) ==5994== by 0x6714B24: call_dissector_work (packet.c:700) ==5994== by 0x67167A1: call_dissector_with_data (packet.c:2386) ==5994== by 0x6DF0B99: dissect_smb2_ioctl_data (packet-smb2.c:4926) ==5994== by 0x6DEF772: dissect_smb2_ioctl_request (packet-smb2.c:5006) ==5994== by 0x6DEE3C2: dissect_smb2 (packet-smb2.c:6956) ==5994== ==5994== Conditional jump or move depends on uninitialised value(s) ==5994== at 0xA8AD742: vfprintf (vfprintf.c:1660) ==5994== by 0xA969DC4: __vsnprintf_chk (vsnprintf_chk.c:63) ==5994== by 0x6704738: col_add_fstr (column-utils.c:732) ==5994== by 0x6D7A3CA: dissect_scsi_cdb (packet-scsi.c:5899) ==5994== by 0x6D1B7FF: dissect_rsvd (packet-rsvd.c:297) ==5994== by 0x671418E: call_dissector_through_handle (packet.c:612) ==5994== by 0x6714B24: call_dissector_work (packet.c:700) ==5994== by 0x67167A1: call_dissector_with_data (packet.c:2386) ==5994== by 0x6DF0B99: dissect_smb2_ioctl_data (packet-smb2.c:4926) ==5994== by 0x6DEF772: dissect_smb2_ioctl_request (packet-smb2.c:5006) ==5994== by 0x6DEE3C2: dissect_smb2 (packet-smb2.c:6956) ==5994== by 0x6DEEB46: dissect_smb2_heur (packet-smb2.c:7378) ==5994== ==5994== Conditional jump or move depends on uninitialised value(s) ==5994== at 0xA8AA659: vfprintf (vfprintf.c:1660) ==5994== by 0xA969DC4: __vsnprintf_chk (vsnprintf_chk.c:63) ==5994== by 0x6704738: col_add_fstr (column-utils.c:732) ==5994== by 0x6D7A3CA: dissect_scsi_cdb (packet-scsi.c:5899) ==5994== by 0x6D1B7FF: dissect_rsvd (packet-rsvd.c:297) ==5994== by 0x671418E: call_dissector_through_handle (packet.c:612) ==5994== by 0x6714B24: call_dissector_work (packet.c:700) ==5994== by 0x67167A1: call_dissector_with_data (packet.c:2386) ==5994== by 0x6DF0B99: dissect_smb2_ioctl_data (packet-smb2.c:4926) ==5994== by 0x6DEF772: dissect_smb2_ioctl_request (packet-smb2.c:5006) ==5994== by 0x6DEE3C2: dissect_smb2 (packet-smb2.c:6956) ==5994== by 0x6DEEB46: dissect_smb2_heur (packet-smb2.c:7378) ==5994== ==5994== Conditional jump or move depends on uninitialised value(s) ==5994== at 0xA8AA6DC: vfprintf (vfprintf.c:1660) ==5994== by 0xA969DC4: __vsnprintf_chk (vsnprintf_chk.c:63) ==5994== by 0x6704738: col_add_fstr (column-utils.c:732) ==5994== by 0x6D7A3CA: dissect_scsi_cdb (packet-scsi.c:5899) ==5994== by 0x6D1B7FF: dissect_rsvd (packet-rsvd.c:297) ==5994== by 0x671418E: call_dissector_through_handle (packet.c:612) ==5994== by 0x6714B24: call_dissector_work (packet.c:700) ==5994== by 0x67167A1: call_dissector_with_data (packet.c:2386) ==5994== by 0x6DF0B99: dissect_smb2_ioctl_data (packet-smb2.c:4926) ==5994== by 0x6DEF772: dissect_smb2_ioctl_request (packet-smb2.c:5006) ==5994== by 0x6DEE3C2: dissect_smb2 (packet-smb2.c:6956) ==5994== by 0x6DEEB46: dissect_smb2_heur (packet-smb2.c:7378) ==5994== ==5994== Conditional jump or move depends on uninitialised value(s) ==5994== at 0xA8AD742: vfprintf (vfprintf.c:1660) ==5994== by 0xA969DC4: __vsnprintf_chk (vsnprintf_chk.c:63) ==5994== by 0x6704738: col_add_fstr (column-utils.c:732) ==5994== by 0x6D7A6B7: dissect_scsi_cdb (packet-scsi.c:5901) ==5994== by 0x6D1B7FF: dissect_rsvd (packet-rsvd.c:297) ==5994== by 0x671418E: call_dissector_through_handle (packet.c:612) ==5994== by 0x6714B24: call_dissector_work (packet.c:700) ==5994== by 0x67167A1: call_dissector_with_data (packet.c:2386) ==5994== by 0x6DF0B99: dissect_smb2_ioctl_data (packet-smb2.c:4926) ==5994== by 0x6DEF71F: dissect_smb2_ioctl_request (packet-smb2.c:5003) ==5994== by 0x6DEE3C2: dissect_smb2 (packet-smb2.c:6956) ==5994== by 0x6DEEB46: dissect_smb2_heur (packet-smb2.c:7378) ==5994== ==5994== Conditional jump or move depends on uninitialised value(s) ==5994== at 0xA8AA659: vfprintf (vfprintf.c:1660) ==5994== by 0xA969DC4: __vsnprintf_chk (vsnprintf_chk.c:63) ==5994== by 0x6704738: col_add_fstr (column-utils.c:732) ==5994== by 0x6D7A6B7: dissect_scsi_cdb (packet-scsi.c:5901) ==5994== by 0x6D1B7FF: dissect_rsvd (packet-rsvd.c:297) ==5994== by 0x671418E: call_dissector_through_handle (packet.c:612) ==5994== by 0x6714B24: call_dissector_work (packet.c:700) ==5994== by 0x67167A1: call_dissector_with_data (packet.c:2386) ==5994== by 0x6DF0B99: dissect_smb2_ioctl_data (packet-smb2.c:4926) ==5994== by 0x6DEF71F: dissect_smb2_ioctl_request (packet-smb2.c:5003) ==5994== by 0x6DEE3C2: dissect_smb2 (packet-smb2.c:6956) ==5994== by 0x6DEEB46: dissect_smb2_heur (packet-smb2.c:7378) ==5994== ==5994== Conditional jump or move depends on uninitialised value(s) ==5994== at 0xA8AA6DC: vfprintf (vfprintf.c:1660) ==5994== by 0xA969DC4: __vsnprintf_chk (vsnprintf_chk.c:63) ==5994== by 0x6704738: col_add_fstr (column-utils.c:732) ==5994== by 0x6D7A6B7: dissect_scsi_cdb (packet-scsi.c:5901) ==5994== by 0x6D1B7FF: dissect_rsvd (packet-rsvd.c:297) ==5994== by 0x671418E: call_dissector_through_handle (packet.c:612) ==5994== by 0x6714B24: call_dissector_work (packet.c:700) ==5994== by 0x67167A1: call_dissector_with_data (packet.c:2386) ==5994== by 0x6DF0B99: dissect_smb2_ioctl_data (packet-smb2.c:4926) ==5994== by 0x6DEF71F: dissect_smb2_ioctl_request (packet-smb2.c:5003) ==5994== by 0x6DEE3C2: dissect_smb2 (packet-smb2.c:6956) ==5994== by 0x6DEEB46: dissect_smb2_heur (packet-smb2.c:7378) ==5994== ==5994== ==5994== HEAP SUMMARY: ==5994== in use at exit: 1,222,281 bytes in 29,845 blocks ==5994== total heap usage: 248,479 allocs, 218,634 frees, 31,419,656 bytes allocated ==5994== ==5994== LEAK SUMMARY: ==5994== definitely lost: 4,418 bytes in 176 blocks ==5994== indirectly lost: 37,192 bytes in 65 blocks ==5994== possibly lost: 0 bytes in 0 blocks ==5994== still reachable: 1,180,671 bytes in 29,604 blocks ==5994== suppressed: 0 bytes in 0 blocks ==5994== Rerun with --leak-check=full to see details of leaked memory ==5994== ==5994== For counts of detected and suppressed errors, rerun with: -v ==5994== Use --track-origins=yes to see where uninitialised values come from ==5994== ERROR SUMMARY: 215 errors from 8 contexts (suppressed: 0 from 0) [ no debug trace ]
You are receiving this mail because:
- You are watching all bug changes.
- Follow-Ups:
- [Wireshark-bugs] [Bug 10993] Buildbot crash output: fuzz-2015-02-22-4968.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10993] Buildbot crash output: fuzz-2015-02-22-4968.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10993] Buildbot crash output: fuzz-2015-02-22-4968.pcap
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 10993] Buildbot crash output: fuzz-2015-02-22-4968.pcap
- Prev by Date: [Wireshark-bugs] [Bug 10992] ICMP Redirect takes 4 bytes for IPv4 payload instead of 8
- Next by Date: [Wireshark-bugs] [Bug 10994] New: Buildbot crash output: fuzz-2015-02-22-4322.pcap
- Previous by thread: [Wireshark-bugs] [Bug 9398] dissectors bug with a SASL/GSSAPI/Kerberos security layer employing integrity only (no encryption)
- Next by thread: [Wireshark-bugs] [Bug 10993] Buildbot crash output: fuzz-2015-02-22-4968.pcap
- Index(es):