[Wireshark-bugs] [Bug 14971] Qt: SCTP Graph Dialog: Abort when doing analysis

2018-07-18 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14971

Peter Wu  changed:

   What|Removed |Added

 Resolution|--- |FIXED
 Status|CONFIRMED   |RESOLVED

--- Comment #14 from Peter Wu  ---
Fixed in:
v2.9.0rc0-1236-g8563b94d56
v2.6.2rc0-172-g1ef4bbed55

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14971] Qt: SCTP Graph Dialog: Abort when doing analysis

2018-07-18 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14971

--- Comment #13 from Gerrit Code Review  ---
Change 28739 merged by Peter Wu:
Qt: update to QCustomPlot 1.3.2

https://code.wireshark.org/review/28739

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14971] Qt: SCTP Graph Dialog: Abort when doing analysis

2018-07-17 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14971

--- Comment #12 from Gerrit Code Review  ---
Change 28739 had a related patch set uploaded by Peter Wu:
Qt: update to QCustomPlot 1.3.2

https://code.wireshark.org/review/28739

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14971] Qt: SCTP Graph Dialog: Abort when doing analysis

2018-07-17 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14971

--- Comment #11 from Gerrit Code Review  ---
Change 28732 merged by Anders Broman:
Qt: update to QCustomPlot 1.3.2

https://code.wireshark.org/review/28732

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14971] Qt: SCTP Graph Dialog: Abort when doing analysis

2018-07-16 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14971

--- Comment #10 from Gerrit Code Review  ---
Change 28732 had a related patch set uploaded by Peter Wu:
Qt: update to QCustomPlot 1.3.2

https://code.wireshark.org/review/28732

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14971] Qt: SCTP Graph Dialog: Abort when doing analysis

2018-07-16 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14971

Peter Wu  changed:

   What|Removed |Added

 Ever confirmed|0   |1
 Status|UNCONFIRMED |CONFIRMED
 CC||alexis.lagou...@gmail.com,
   ||ger...@wireshark.org

--- Comment #9 from Peter Wu  ---
This issue has been fixed in the upstream code a while back:
https://gitlab.com/DerManu/QCustomPlot/commit/2c28a1ead4bebe33a8ca8074ea7abdc0c7047dd8?w=1

Our version is based on 1.3.0, this issue was fixed in 1.3.1 (the latest 1.x
version is 1.3.2 from December 22, 2015). The latest 2.x release is 2.0.1 (June
25, 2018).

Alexis had a WIP patch to upgrade to 2.0
(https://code.wireshark.org/review/17980) and there was a discussion earlier
this year on upgrading our version,
https://www.wireshark.org/lists/wireshark-dev/201802/msg00050.html

I've tried to update our library to 1.3.2, will push a patch shortly.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14971] Qt: SCTP Graph Dialog: Abort when doing analysis

2018-07-16 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14971

Vasil Velichkov  changed:

   What|Removed |Added

 CC||vvvelich...@gmail.com

--- Comment #8 from Vasil Velichkov  ---
Created attachment 16498
  --> https://bugs.wireshark.org/bugzilla/attachment.cgi?id=16498=edit
gdb output

Hi Peter, 

I've traced the QCPGraph::getPreparedData function with gdb and attached the
output.

In the if case it does not append anything to the scatterData vector so it ends
up empty

15793   if (intervalDataCount >= 2) // last pixel had multiple data
points, consolidate them
15794   {
15795 // determine value pixel span and add as many points in
interval to maintain certain vertical data density (this is specific to scat   
  ter plot):
15796 double valuePixelSpan =
qAbs(valueAxis->coordToPixel(minValue)-valueAxis->coordToPixel(maxValue));
15797 int dataModulo = qMax(1,
qRound(qreal(intervalDataCount/(valuePixelSpan/4.0; // approximately every
4 value pixels one data poin  t on average
15798 QCPDataMap::const_iterator intervalIt = currentIntervalStart;
15799 int c = 0;
15800 while (intervalIt != it)
15801 {
15802   if ((c % dataModulo == 0 || intervalIt == minValueIt ||
intervalIt == maxValueIt) && intervalIt.value().value > valueMinRange && i 
ntervalIt.value().value < valueMaxRange)
15803 scatterData->append(intervalIt.value());
15804   ++c;
15805   ++intervalIt;
15806 }
15807   } else if (currentIntervalStart.value().value > valueMinRange
&& currentIntervalStart.value().value < valueMaxRange)
15808 scatterData->append(currentIntervalStart.value());

and in QCPGraph::pointDistance there is no check if the returned vector is
empty or not

16433 // no line displayed, only calculate distance to scatter points:
16434 QVector *scatterData = new QVector;
16435 getScatterPlotData(scatterData);
16436 double minDistSqr = std::numeric_limits::max();
16437 QPointF ptA;
16438 QPointF ptB = coordsToPixels(scatterData->at(0).key,
scatterData->at(0).value); // getScatterPlotData returns in plot coordinates,
so transf  orm to pixels

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14971] Qt: SCTP Graph Dialog: Abort when doing analysis

2018-07-16 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14971

--- Comment #7 from Vasil Velichkov  ---
Hi Peter,

(In reply to Peter Wu from comment #6)
> > Yes, a race condition sounds like a possible reason, I will try to run
> > wireshark under valgrind's helgrind and report any findings.
> 
> I don't think Hellgrind will show results since there should not be any
> multithreading involved. 

You were right, helgrind outputs a lot of messages but nothing directly related
to the crash.

> What would be interesting is how it got that point
> where "scatterData" is empty. Perhaps you could record/dump the state that
> controlled how "getPreparedData" decided (not) to write "scatterData"?

I was able to find a reproducer and captured a screen cast [1] to demonstrate
it.

I've run wireshark under gdb using SCTP-INIT-Collision.cap [2]. It didn't
display any dots (which probably is another bug) but I've clicked multiple
times in the white squares were the dots are suppose to be, then clicked "Only
SACK", and then clicked again one or two times in the white squares.

I'll try to record/dump the getPreparedData state but first I need to figure
out how to do this, any suggestions are appreciated. 

[1]
https://drive.google.com/file/d/196YTmWx4LcY0IEYmGisweVtokxJG5VQY/view?usp=sharing
[2]
https://wiki.wireshark.org/SampleCaptures?action=AttachFile=get=SCTP-INIT-Collision.cap

P.S.
I've upgraded my system to Fedora 28 (due to a hard disk failure)

./run/wireshark -v
Wireshark 2.9.0 (v2.9.0rc0-1230-g627a8d31)

Copyright 1998-2018 Gerald Combs  and contributors.
License GPLv2+: GNU GPL version 2 or later

This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with Qt 5.10.1, with libpcap, with POSIX capabilities
(Linux),
with libnl 3, with GLib 2.56.1, with zlib 1.2.11, with SMI 0.4.8, with c-ares
1.13.0, without Lua, with GnuTLS 3.6.2, with Gcrypt 1.8.3, with MIT Kerberos,
with MaxMind DB resolver, without nghttp2, without LZ4, without Snappy, without
libxml2, with QtMultimedia, without SBC, without SpanDSP, without bcg729.

Running on Linux 4.17.6-200.fc28.x86_64, withIntel(R) Core(TM) i7-3520M
CPU @ 2.90GHz (with SSE4.2), with 15857 MB of physical memory, with locale
en_US.UTF-8, with libpcap version 1.8.1, with GnuTLS 3.6.2, with Gcrypt 1.8.3,
with zlib 1.2.11, binary plugins supported (0 loaded).

Built using gcc 8.1.1 20180502 (Red Hat 8.1.1-1).

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14971] Qt: SCTP Graph Dialog: Abort when doing analysis

2018-07-16 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14971

--- Comment #6 from Peter Wu  ---
> Yes, a race condition sounds like a possible reason, I will try to run
> wireshark under valgrind's helgrind and report any findings.

I don't think Hellgrind will show results since there should not be any
multithreading involved. What would be interesting is how it got that point
where "scatterData" is empty. Perhaps you could record/dump the state that
controlled how "getPreparedData" decided (not) to write "scatterData"?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14971] Qt: SCTP Graph Dialog: Abort when doing analysis

2018-07-15 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14971

--- Comment #5 from Vasil Velichkov  ---
(In reply to Peter Wu from comment #4)
> (In reply to Vasil Velichkov from comment #3)
> > I'm investigating some SCTP problems on a live platform but I'm not able to
> > share the pcap traces.
> 
> Are the capture files large? Perhaps the capture is still being rescanned
> while the dialog is being loaded.

Yes they are pretty big, one of the captures is 49MB and contains 242922
packets.

> > > How easy is it for you to trigger the crash?
> > 
> > Not easy at all, I had only 3 or 4 crashes during the several hours long
> > investigation.
> 
> I thought it would be a memory corruption issue, but your valgrind trace
> should have complained in that case. So perhaps it is a race condition (I
> have not further investigated the cause).

Yes, a race condition sounds like a possible reason, I will try to run
wireshark under valgrind's helgrind and report any findings.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14971] Qt: SCTP Graph Dialog: Abort when doing analysis

2018-07-15 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14971

--- Comment #4 from Peter Wu  ---
(In reply to Vasil Velichkov from comment #3)
> I'm investigating some SCTP problems on a live platform but I'm not able to
> share the pcap traces.

Are the capture files large? Perhaps the capture is still being rescanned while
the dialog is being loaded.

> > How easy is it for you to trigger the crash?
> 
> Not easy at all, I had only 3 or 4 crashes during the several hours long
> investigation.

I thought it would be a memory corruption issue, but your valgrind trace should
have complained in that case. So perhaps it is a race condition (I have not
further investigated the cause).

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14971] Qt: SCTP Graph Dialog: Abort when doing analysis

2018-07-15 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14971

--- Comment #3 from Vasil Velichkov  ---
Hi Peter,

> Can you point to a specific capture for reproduction? 

I'm investigating some SCTP problems on a live platform but I'm not able to
share the pcap traces.

> How easy is it for you to trigger the crash?

Not easy at all, I had only 3 or 4 crashes during the several hours long
investigation.

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14971] Qt: SCTP Graph Dialog: Abort when doing analysis

2018-07-15 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14971

Peter Wu  changed:

   What|Removed |Added

 CC||pe...@lekensteyn.nl

--- Comment #2 from Peter Wu  ---
Can you point to a specific capture for reproduction? I tried "sctp.cap" and
"sctp-www.cap", but could not trigger a crash:
https://wiki.wireshark.org/SampleCaptures#Stream_Control_Transmission_Protocol_.28SCTP.29

Based on the trace, we can assume that:
1. "mData->size() > 1" (since QCPGraph::pointDistance checks for that).
2. scatterData is an empty vector.
3. That means that getScatterPlotData(scatterData) did not fill it.
4. That means that getPreparedData(0, scatterData) did not fill it.
5. The "getVisibleDataBounds(lower, upper)" returns valid bounds (due to (1)).
6. [following conditions still need to be checked]

How easy is it for you to trigger the crash?

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14971] Qt: SCTP Graph Dialog: Abort when doing analysis

2018-07-12 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14971

--- Comment #1 from Vasil Velichkov  ---
And here is valgrind output

$ valgrind --tool=memcheck ./run/wireshark short.pcapng 
==4674== Memcheck, a memory error detector
==4674== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==4674== Using Valgrind-3.13.0 and LibVEX; rerun with -h for copyright info
==4674== Command: ./run/wireshark short.pcapng
==4674== 
==4674== 
==4674== Process terminating with default action of signal 6 (SIGABRT): dumping
core
==4674==at 0xD3D99FB: raise (raise.c:51)
==4674==by 0xD3DB7FF: abort (abort.c:89)
==4674==by 0xC315736: QMessageLogger::fatal(char const*, ...) const (in
/usr/lib64/libQt5Core.so.5.9.4)
==4674==by 0xC310DA9: qt_assert_x(char const*, char const*, char const*,
int) (in /usr/lib64/libQt5Core.so.5.9.4)
==4674==by 0x3135DE: QVector::at(int) const (qvector.h:423)
==4674==by 0x2F2594: QCPGraph::pointDistance(QPointF const&) const
(qcustomplot.cpp:16438)
==4674==by 0x2F28AF: QCPGraph::selectTest(QPointF const&, bool, QVariant*)
const (qcustomplot.cpp:15013)
==4674==by 0x2DBAB6: QCustomPlot::layerableAt(QPointF const&, bool,
QVariant*) const (qcustomplot.cpp:11046)
==4674==by 0x3110C3: QCustomPlot::mouseReleaseEvent(QMouseEvent*)
(qcustomplot.cpp:10817)
==4674==by 0xB8F98B7: QWidget::event(QEvent*) (in
/usr/lib64/libQt5Widgets.so.5.9.4)
==4674==by 0xB8BAF2B: QApplicationPrivate::notify_helper(QObject*, QEvent*)
(in /usr/lib64/libQt5Widgets.so.5.9.4)
==4674==by 0xB8C2CCE: QApplication::notify(QObject*, QEvent*) (in
/usr/lib64/libQt5Widgets.so.5.9.4)
==4674== 
==4674== Process terminating with default action of signal 11 (SIGSEGV)
==4674==  General Protection Fault
==4674==at 0xD4F7E9C: _dl_catch_error (dl-error-skeleton.c:187)
==4674==by 0xD4F7616: dlerror_run (dl-libc.c:46)
==4674==by 0xD4F7616: __libc_dlclose (dl-libc.c:222)
==4674==by 0xD523314: free_mem (in /usr/lib64/libc-2.25.so)
==4674==by 0xD522F11: __libc_freeres (in /usr/lib64/libc-2.25.so)
==4674==by 0x4A286DB: _vgnU_freeres (vg_preloaded.c:77)
==4674== 
==4674== HEAP SUMMARY:
==4674== in use at exit: 79,415,119 bytes in 251,527 blocks
==4674==   total heap usage: 1,427,173 allocs, 1,175,646 frees, 491,897,635
bytes allocated
==4674== 
==4674== LEAK SUMMARY:
==4674==definitely lost: 383 bytes in 8 blocks
==4674==indirectly lost: 0 bytes in 0 blocks
==4674==  possibly lost: 1,130,727 bytes in 3,976 blocks
==4674==still reachable: 78,215,281 bytes in 246,979 blocks
==4674==   of which reachable via heuristic:
==4674== length64   : 3,272 bytes in 59 blocks
==4674== newarray   : 4,248 bytes in 103 blocks
==4674== multipleinheritance: 84,560 bytes in 119
blocks
==4674== suppressed: 0 bytes in 0 blocks
==4674== Rerun with --leak-check=full to see details of leaked memory
==4674== 
==4674== For counts of detected and suppressed errors, rerun with: -v
==4674== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
Segmentation fault

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe

[Wireshark-bugs] [Bug 14971] Qt: SCTP Graph Dialog: Abort when doing analysis

2018-07-12 Thread bugzilla-daemon 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14971

Vasil Velichkov  changed:

   What|Removed |Added

Summary|Qt: SCTP Graph Dialog:  |Qt: SCTP Graph Dialog:
   |Segmentation fault when |Abort when doing analysis
   |doing analysis  |

-- 
You are receiving this mail because:
You are watching all bug changes.___
Sent via:Wireshark-bugs mailing list 
Archives:https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
 mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe