Wireshark-bugs: [Wireshark-bugs] [Bug 9506] New: qtshark Flow Graph segfaults
Date: Wed, 04 Dec 2013 14:12:43 +0000
Bug ID | 9506 |
---|---|
Summary | qtshark Flow Graph segfaults |
Classification | Unclassified |
Product | Wireshark |
Version | SVN |
Hardware | x86-64 |
OS | Gentoo |
Status | UNCONFIRMED |
Severity | Major |
Priority | Low |
Component | Wireshark |
Assignee | bugzilla-admin@wireshark.org |
Reporter | dameiss@29west.com |
Created attachment 12226 [details] Patch file for ui/qt/sequence_dialog.cpp Build Information: TShark 1.11.3 (SVN Rev 53780 from /trunk) Copyright 1998-2013 Gerald Combs <gerald@wireshark.org> and contributors. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Compiled (64-bit) with GLib 2.32.4, with libpcap, with libz 1.2.8, with POSIX capabilities (Linux), with libnl 3, with SMI 0.4.8, with c-ares 1.7.4, with Lua 5.1, without Python, with GnuTLS 2.12.23, with Gcrypt 1.5.3, with MIT Kerberos, without GeoIP. Running on Linux 3.10.7-gentoo, with locale en_US.UTF-8, with libpcap version 1.3.0, with libz 1.2.8. Intel(R) Xeon(R) CPU W3565 @ 3.20GHz Built using gcc 4.6.3. -- This probably applies to all hardware and OS. Statistics->Flow Graph in qtshark crashes with a segfault. Resulting backtrace shows: Program terminated with signal 11, Segmentation fault. #0 0x00000000005e4116 in SequenceDiagram::draw (this=0x2e191f0, painter=0x7fff08ded980) at /home/dameiss/torch/svn/wireshark-trunk/ui/qt/sequence_diagram.cpp:201 201 if (sai->fd->num == selected_packet_) { (gdb) where #0 0x00000000005e4116 in SequenceDiagram::draw (this=0x2e191f0, painter=0x7fff08ded980) at /home/dameiss/torch/svn/wireshark-trunk/ui/qt/sequence_diagram.cpp:201 #1 0x0000000000559955 in QCustomPlot::draw (this=0x2d93860, painter=0x7fff08ded980) at /home/dameiss/torch/svn/wireshark-trunk/ui/qt/qcustomplot.cpp:10402 #2 0x0000000000558378 in QCustomPlot::replot (this=0x2d93860) at /home/dameiss/torch/svn/wireshark-trunk/ui/qt/qcustomplot.cpp:9904 #3 0x0000000000506ae0 in SequenceDialog::vScrollBarChanged (this=0x2d92580, value=876) at /home/dameiss/torch/svn/wireshark-trunk/ui/qt/sequence_dialog.cpp:228 #4 0x0000000000537669 in SequenceDialog::qt_static_metacall (_o=0x2d92580, _c=QMetaObject::InvokeMetaMethod, _id=3, _a=0x7fff08dedbb0) at /home/dameiss/torch/wireshark-build/wireshark-trunk-both-build-andromeda/ui/qt/moc_sequence_dialog.cxx:98 #5 0x00007f4de80c4f51 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib64/qt4/libQtCore.so.4 #6 0x00007f4de8c5420e in QAbstractSlider::valueChanged(int) () from /usr/lib64/qt4/libQtGui.so.4 #7 0x0000000000506bc1 in SequenceDialog::yAxisChanged (this=0x2d92580, range=...) at /home/dameiss/torch/svn/wireshark-trunk/ui/qt/sequence_dialog.cpp:240 #8 0x00000000005376b3 in SequenceDialog::qt_static_metacall (_o=0x2d92580, _c=QMetaObject::InvokeMetaMethod, _id=5, _a=0x7fff08dedd70) at /home/dameiss/torch/wireshark-build/wireshark-trunk-both-build-andromeda/ui/qt/moc_sequence_dialog.cxx:100 #9 0x00007f4de80c4f51 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib64/qt4/libQtCore.so.4 #10 0x00000000005ec7d5 in QCPAxis::rangeChanged (this=0x2d97b00, _t1=...) at /home/dameiss/torch/wireshark-build/wireshark-trunk-both-build-andromeda/ui/qt/moc_qcustomplot.cxx:1206 #11 0x0000000000547467 in QCPAxis::setRange (this=0x2d97b00, lower=-1, upper=17.871794871794872) at /home/dameiss/torch/svn/wireshark-trunk/ui/qt/qcustomplot.cpp:4256 #12 0x00000000005081b8 in SequenceDialog::resetAxes (this=0x2d92580, keep_lower=true) at /home/dameiss/torch/svn/wireshark-trunk/ui/qt/sequence_dialog.cpp:422 #13 0x00000000005066fd in SequenceDialog::resizeEvent (this=0x2d92580, event=0x7fff08dee5e0) at /home/dameiss/torch/svn/wireshark-trunk/ui/qt/sequence_dialog.cpp:170 #14 0x00007f4de863bdd0 in QWidget::event(QEvent*) () from /usr/lib64/qt4/libQtGui.so.4 #15 0x00007f4de85eacf4 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib64/qt4/libQtGui.so.4 #16 0x00007f4de85efac3 in QApplication::notify(QObject*, QEvent*) () from /usr/lib64/qt4/libQtGui.so.4 #17 0x00007f4de80b10ec in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib64/qt4/libQtCore.so.4 #18 0x00007f4de8635ff5 in QWidgetPrivate::sendPendingMoveAndResizeEvents(bool, bool) () from /usr/lib64/qt4/libQtGui.so.4 #19 0x00007f4de8635f39 in QWidgetPrivate::sendPendingMoveAndResizeEvents(bool, bool) () from /usr/lib64/qt4/libQtGui.so.4 #20 0x00007f4de863950b in QWidgetPrivate::prepareToRender(QRegion const&, QFlags<QWidget::RenderFlag>) () from /usr/lib64/qt4/libQtGui.so.4 #21 0x00007f4de8639904 in QWidgetPrivate::render(QPaintDevice*, QPoint const&, QRegion const&, QFlags<QWidget::RenderFlag>, bool) () from /usr/lib64/qt4/libQtGui.so.4 #22 0x00007f4de8639c49 in QWidget::render(QPaintDevice*, QPoint const&, QRegion const&, QFlags<QWidget::RenderFlag>) () from /usr/lib64/qt4/libQtGui.so.4 #23 0x00007f4de863ad28 in QWidgetEffectSourcePrivate::pixmap(Qt::CoordinateSystem, QPoint*, QGraphicsEffect::PixmapPadMode) const () from /usr/lib64/qt4/libQtGui.so.4 #24 0x00007f4de8c4d544 in QGraphicsEffectSource::pixmap(Qt::CoordinateSystem, QPoint*, QGraphicsEffect::PixmapPadMode) const () from /usr/lib64/qt4/libQtGui.so.4 #25 0x00007f4de8c4d639 in QGraphicsEffect::sourcePixmap(Qt::CoordinateSystem, QPoint*, QGraphicsEffect::PixmapPadMode) const () from /usr/lib64/qt4/libQtGui.so.4 #26 0x00007f4de8c4eeb1 in QGraphicsOpacityEffect::draw(QPainter*) () from /usr/lib64/qt4/libQtGui.so.4 #27 0x00007f4de8637769 in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/lib64/qt4/libQtGui.so.4 #28 0x00007f4de8637e1f in QWidgetPrivate::paintSiblingsRecursive(QPaintDevice*, QList<QObject*> const&, int, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/lib64/qt4/libQtGui.so.4 #29 0x00007f4de8636edc in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/lib64/qt4/libQtGui.so.4 #30 0x00007f4de8637e1f in QWidgetPrivate::paintSiblingsRecursive(QPaintDevice*, QList<QObject*> const&, int, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/lib64/qt4/libQtGui.so.4 #31 0x00007f4de8636edc in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/lib64/qt4/libQtGui.so.4 #32 0x00007f4de8637e1f in QWidgetPrivate::paintSiblingsRecursive(QPaintDevice*, QList<QObject*> const&, int, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/lib64/qt4/libQtGui.so.4 #33 0x00007f4de8636edc in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/lib64/qt4/libQtGui.so.4 #34 0x00007f4de8637e1f in QWidgetPrivate::paintSiblingsRecursive(QPaintDevice*, QList<QObject*> const&, int, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/lib64/qt4/libQtGui.so.4 #35 0x00007f4de8636edc in QWidgetPrivate::drawWidget(QPaintDevice*, QRegion const&, QPoint const&, int, QPainter*, QWidgetBackingStore*) () from /usr/lib64/qt4/libQtGui.so.4 #36 0x00007f4de88015e2 in QWidgetBackingStore::sync() () from /usr/lib64/qt4/libQtGui.so.4 #37 0x00007f4de862df00 in QWidgetPrivate::syncBackingStore() () from /usr/lib64/qt4/libQtGui.so.4 #38 0x00007f4de863bdb6 in QWidget::event(QEvent*) () from /usr/lib64/qt4/libQtGui.so.4 #39 0x00007f4de89eff8b in QMainWindow::event(QEvent*) () from /usr/lib64/qt4/libQtGui.so.4 #40 0x00007f4de85eacf4 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib64/qt4/libQtGui.so.4 #41 0x00007f4de85efac3 in QApplication::notify(QObject*, QEvent*) () from /usr/lib64/qt4/libQtGui.so.4 #42 0x00007f4de80b10ec in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib64/qt4/libQtCore.so.4 #43 0x00007f4de80b499a in QCoreApplicationPrivate::sendPostedEvents(QObject*, int, QThreadData*) () from /usr/lib64/qt4/libQtCore.so.4 #44 0x00007f4de80dfee3 in postEventSourceDispatch(_GSource*, int (*)(void*), void*) () from /usr/lib64/qt4/libQtCore.so.4 #45 0x00007f4de7c566f3 in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0 #46 0x00007f4de7c56a40 in g_main_context_iterate.isra.23 () from /usr/lib64/libglib-2.0.so.0 #47 0x00007f4de7c56b04 in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0 #48 0x00007f4de80e030f in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/qt4/libQtCore.so.4 #49 0x00007f4de868dc5e in QGuiEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/qt4/libQtGui.so.4 #50 0x00007f4de80b4e2f in QCoreApplication::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/qt4/libQtCore.so.4 #51 0x00000000004fe56b in update_progress_dlg (dlg=0xee37c8, percentage=0, status=0x7fff08df0ef0 " 0 of 11949 packets") at /home/dameiss/torch/svn/wireshark-trunk/ui/qt/progress_bar.cpp:100 #52 0x00000000004b54f5 in process_specified_packets (cf=0x8c6c60 <cfile>, range=0x7fff08df11d0, string1=0x60afcc "Recalculating statistics on", string2=0x60add0 "all packets", terminate_is_stop=1, callback=0x4b55eb <retap_packet>, callback_args=0x7fff08df1000) at /home/dameiss/torch/svn/wireshark-trunk/file.c:2282 #53 0x00000000004b5742 in cf_retap_packets (cf=0x8c6c60 <cfile>) at /home/dameiss/torch/svn/wireshark-trunk/file.c:2385 #54 0x0000000000601254 in sequence_analysis_list_get (cf=0x8c6c60 <cfile>, sainfo=0x2d925c0) at /home/dameiss/torch/svn/wireshark-trunk/ui/tap-sequence-analysis.c:238 #55 0x0000000000507ca0 in SequenceDialog::fillDiagram (this=0x2d92580) at /home/dameiss/torch/svn/wireshark-trunk/ui/qt/sequence_dialog.cpp:365 #56 0x00000000005064fe in SequenceDialog::SequenceDialog (this=0x2d92580, parent=0xdbbd80, cf=0x8c6c60 <cfile>, type=SequenceDialog::any) at /home/dameiss/torch/svn/wireshark-trunk/ui/qt/sequence_dialog.cpp:146 #57 0x00000000004e5721 in MainWindow::on_actionStatisticsFlowGraph_triggered (this=0xdbbd80) at /home/dameiss/torch/svn/wireshark-trunk/ui/qt/main_window_slots.cpp:1753 #58 0x000000000053540e in MainWindow::qt_static_metacall (_o=0xdbbd80, _c=QMetaObject::InvokeMetaMethod, _id=137, _a=0x7fff08df16f0) at /home/dameiss/torch/wireshark-build/wireshark-trunk-both-build-andromeda/ui/qt/moc_main_window.cxx:536 #59 0x00000000005357c5 in MainWindow::qt_metacall (this=0xdbbd80, _c=QMetaObject::InvokeMetaMethod, _id=137, _a=0x7fff08df16f0) at /home/dameiss/torch/wireshark-build/wireshark-trunk-both-build-andromeda/ui/qt/moc_main_window.cxx:612 #60 0x00007f4de80c5159 in QMetaObject::activate(QObject*, QMetaObject const*, int, void**) () from /usr/lib64/qt4/libQtCore.so.4 #61 0x00007f4de85e4862 in QAction::triggered(bool) () from /usr/lib64/qt4/libQtGui.so.4 #62 0x00007f4de85e4a4f in QAction::activate(QAction::ActionEvent) () from /usr/lib64/qt4/libQtGui.so.4 #63 0x00007f4de8a114e9 in QMenuPrivate::activateCausedStack(QList<QPointer<QWidget> > const&, QAction*, QAction::ActionEvent, bool) () from /usr/lib64/qt4/libQtGui.so.4 #64 0x00007f4de8a17732 in QMenuPrivate::activateAction(QAction*, QAction::ActionEvent, bool) () from /usr/lib64/qt4/libQtGui.so.4 #65 0x00007f4de863b6bc in QWidget::event(QEvent*) () from /usr/lib64/qt4/libQtGui.so.4 #66 0x00007f4de8a18ccb in QMenu::event(QEvent*) () from /usr/lib64/qt4/libQtGui.so.4 #67 0x00007f4de85eacf4 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () from /usr/lib64/qt4/libQtGui.so.4 #68 0x00007f4de85f0393 in QApplication::notify(QObject*, QEvent*) () from /usr/lib64/qt4/libQtGui.so.4 #69 0x00007f4de80b10ec in QCoreApplication::notifyInternal(QObject*, QEvent*) () from /usr/lib64/qt4/libQtCore.so.4 #70 0x00007f4de85ebcc2 in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool) () from /usr/lib64/qt4/libQtGui.so.4 #71 0x00007f4de8667f24 in QETWidget::translateMouseEvent(_XEvent const*) () from /usr/lib64/qt4/libQtGui.so.4 #72 0x00007f4de866667a in QApplication::x11ProcessEvent(_XEvent*) () from /usr/lib64/qt4/libQtGui.so.4 #73 0x00007f4de868dfc2 in x11EventSourceDispatch(_GSource*, int (*)(void*), void*) () from /usr/lib64/qt4/libQtGui.so.4 #74 0x00007f4de7c566f3 in g_main_context_dispatch () from /usr/lib64/libglib-2.0.so.0 #75 0x00007f4de7c56a40 in g_main_context_iterate.isra.23 () from /usr/lib64/libglib-2.0.so.0 #76 0x00007f4de7c56b04 in g_main_context_iteration () from /usr/lib64/libglib-2.0.so.0 #77 0x00007f4de80e0376 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/qt4/libQtCore.so.4 #78 0x00007f4de868dc5e in QGuiEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/qt4/libQtGui.so.4 #79 0x00007f4de80afb72 in QEventLoop::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/qt4/libQtCore.so.4 #80 0x00007f4de80afdc7 in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () from /usr/lib64/qt4/libQtCore.so.4 #81 0x00007f4de80b4c95 in QCoreApplication::exec() () from /usr/lib64/qt4/libQtCore.so.4 #82 0x00000000004c4796 in main (argc=0, argv=0x7fff08df3130) at /home/dameiss/torch/svn/wireshark-trunk/ui/qt/main.cpp:996 (gdb) print *sai $1 = {fd = 0x0, src_addr = {type = AT_NONE, hf = 0, len = 0, data = "" port_src = 0, dst_addr = {type = AT_NONE, hf = 0, len = 0, data = "" port_dst = 0, frame_label = 0x0, time_str = 0x0, comment = 0x0, conv_num = 0, display = 0, src_node = 0, dst_node = 0, line_style = 0} What appears to be happening is SequenceDiagram::draw() is iterating over the stored seq_analysis_item_t elements - but at the same time SequenceDialog::fillDiagram() is running - which destroys the old seq_analysis_info_t (which SequenceDiagram has stored a copy of and is referencing items in the list) then reloads it. I'll attach a patch to SequenceDialog::fillDiagram() which fixes the problem - essentially calling sequence_analysis_list_get() with a new seq_analysis_info_t, calling SequenceDialog::setData() with the new one, then destroying the current seq_analysis_info_t and replacing it with the new one.
You are receiving this mail because:
- You are watching all bug changes.
- Follow-Ups:
- [Wireshark-bugs] [Bug 9506] qtshark Flow Graph segfaults
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 9506] qtshark Flow Graph segfaults
- Prev by Date: [Wireshark-bugs] [Bug 9505] WCDMA RLC dissector cannot assemble PDUs with SNs skipped and wrap-arounded
- Next by Date: [Wireshark-bugs] [Bug 9506] qtshark Flow Graph segfaults
- Previous by thread: [Wireshark-bugs] [Bug 9505] WCDMA RLC dissector cannot assemble PDUs with SNs skipped and wrap-arounded
- Next by thread: [Wireshark-bugs] [Bug 9506] qtshark Flow Graph segfaults
- Index(es):