Crash when sorting columns during capture with display filter active
Summary
Clicking a column to sort packets multiple times during capture results in a crash.
Sample capture file
No capture file available. Seems to only happen with ongoing capture.
Steps to reproduce
- Start packet capture
- Set a display filter
- Repeatedly click "Source" column
- Wireshark exits with crash.
What is the current bug behavior?
It appears this happens if sorting is ongoing when clicking "Source" column to trigger a new sort.
The following can be seen with GDB:
Thread 1 "wireshark" received signal SIGSEGV, Segmentation fault.
0x00005555559c8cda in PacketListRecord::columnString (this=this@entry=0x186a0, cap_file=0x555555f6d1c0 <cfile>, column=2,
colorized=colorized@entry=false) at /home/mikaeka/myrepos/wireshark/ui/qt/models/packet_list_record.cpp:77
77 bool dissect_color = ( colorized && !colorized_ ) || ( color_ver_ != rows_color_ver_ );
(gdb) bt
#0 0x00005555559c8cda in PacketListRecord::columnString(_capture_file*, int, bool)
(this=this@entry=0x186a0, cap_file=0x555555f6d1c0 <cfile>, column=2, colorized=colorized@entry=false)
at /home/mikaeka/myrepos/wireshark/ui/qt/models/packet_list_record.cpp:77
#1 0x00005555559c2117 in PacketListModel::recordLessThan(PacketListRecord*, PacketListRecord*) (r1=0x55555d088290, r2=0x186a0)
at /home/mikaeka/myrepos/wireshark/ui/qt/models/packet_list_model.cpp:791
#2 0x00005555559c62a6 in __gnu_cxx::__ops::_Val_comp_iter<bool (*)(PacketListRecord*, PacketListRecord*)>::operator()<PacketListRecord*, QList<PacketListRecord*>::iterator>(PacketListRecord*&, QList<PacketListRecord*>::iterator)
(__it=..., __val=<synthetic pointer>: <optimized out>, this=<synthetic pointer>) at /usr/include/c++/10/bits/predefined_ops.h:237
#3 std::__unguarded_linear_insert<QList<PacketListRecord*>::iterator, __gnu_cxx::__ops::_Val_comp_iter<bool (*)(PacketListRecord*, PacketListRecord*)> >(QList<PacketListRecord*>::iterator, __gnu_cxx::__ops::_Val_comp_iter<bool (*)(PacketListRecord*, PacketListRecord*)>)
(__comp=..., __last=...) at /usr/include/c++/10/bits/stl_algo.h:1826
#4 std::__unguarded_insertion_sort<QList<PacketListRecord*>::iterator, __gnu_cxx::__ops::_Iter_comp_iter<bool (*)(PacketListRecord*, PacketListRecord*)> >(QList<PacketListRecord*>::iterator, QList<PacketListRecord*>::iterator, __gnu_cxx::__ops::_Iter_comp_iter<bool (*)(PacketListRecord*, PacketListRecord*)>) (__comp=..., __last=..., __first=...) at /usr/include/c++/10/bits/stl_algo.h:1867
#5 std::__final_insertion_sort<QList<PacketListRecord*>::iterator, __gnu_cxx::__ops::_Iter_comp_iter<bool (*)(PacketListRecord*, PacketListRecord*)> >(QList<PacketListRecord*>::iterator, QList<PacketListRecord*>::iterator, __gnu_cxx::__ops::_Iter_comp_iter<bool (*)(PacketListRecord*, PacketListRecord*)>) (__comp=..., __last=..., __first=...) at /usr/include/c++/10/bits/stl_algo.h:1887
#6 std::__sort<QList<PacketListRecord*>::iterator, __gnu_cxx::__ops::_Iter_comp_iter<bool (*)(PacketListRecord*, PacketListRecord*)> >(QList<PacketListRecord*>::iterator, QList<PacketListRecord*>::iterator, __gnu_cxx::__ops::_Iter_comp_iter<bool (*)(PacketListRecord*, PacketListRecord*)>) (__comp=..., __last=..., __first=...) at /usr/include/c++/10/bits/stl_algo.h:1977
#7 std::sort<QList<PacketListRecord*>::iterator, bool (*)(PacketListRecord*, PacketListRecord*)>(QList<PacketListRecord*>::iterator, QList<PacketListRecord*>::iterator, bool (*)(PacketListRecord*, PacketListRecord*)) (__comp=
0x5555559c2010 <PacketListModel::recordLessThan(PacketListRecord*, PacketListRecord*)>, __last=..., __first=...)
at /usr/include/c++/10/bits/stl_algo.h:4894
#8 PacketListModel::sort(int, Qt::SortOrder) (this=<optimized out>, column=<optimized out>, order=<optimized out>)
at /home/mikaeka/myrepos/wireshark/ui/qt/models/packet_list_model.cpp:647
#9 0x00007ffff6a82b33 in () at /lib/x86_64-linux-gnu/libQt6Core.so.6
#10 0x00007ffff7ba862f in QHeaderView::sortIndicatorChanged(int, Qt::SortOrder) () at /lib/x86_64-linux-gnu/libQt6Widgets.so.6
#11 0x00007ffff7bb3d79 in QHeaderView::mouseReleaseEvent(QMouseEvent*) () at /lib/x86_64-linux-gnu/libQt6Widgets.so.6
#12 0x00007ffff79268de in QWidget::event(QEvent*) () at /lib/x86_64-linux-gnu/libQt6Widgets.so.6
#13 0x00007ffff79c5b62 in QFrame::event(QEvent*) () at /lib/x86_64-linux-gnu/libQt6Widgets.so.6
#14 0x00007ffff6a2f1b4 in QCoreApplicationPrivate::sendThroughObjectEventFilters(QObject*, QEvent*) ()
at /lib/x86_64-linux-gnu/libQt6Core.so.6
#15 0x00007ffff78ccdd1 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () at /lib/x86_64-linux-gnu/libQt6Widgets.so.6
#16 0x00007ffff78d6a67 in QApplication::notify(QObject*, QEvent*) () at /lib/x86_64-linux-gnu/libQt6Widgets.so.6
#17 0x00007ffff6a2f3e8 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () at /lib/x86_64-linux-gnu/libQt6Core.so.6
#18 0x00007ffff78d5bc3 in QApplicationPrivate::sendMouseEvent(QWidget*, QMouseEvent*, QWidget*, QWidget*, QWidget**, QPointer<QWidget>&, bool, bool) () at /lib/x86_64-linux-gnu/libQt6Widgets.so.6
#19 0x00007ffff79383c9 in () at /lib/x86_64-linux-gnu/libQt6Widgets.so.6
#20 0x00007ffff793b1cb in () at /lib/x86_64-linux-gnu/libQt6Widgets.so.6
#21 0x00007ffff78ccde2 in QApplicationPrivate::notify_helper(QObject*, QEvent*) () at /lib/x86_64-linux-gnu/libQt6Widgets.so.6
#22 0x00007ffff6a2f3e8 in QCoreApplication::notifyInternal2(QObject*, QEvent*) () at /lib/x86_64-linux-gnu/libQt6Core.so.6
#23 0x00007ffff709099b in QGuiApplicationPrivate::processMouseEvent(QWindowSystemInterfacePrivate::MouseEvent*) ()
at /lib/x86_64-linux-gnu/libQt6Gui.so.6
#24 0x00007ffff70dbd0c in QWindowSystemInterface::sendWindowSystemEvents(QFlags<QEventLoop::ProcessEventsFlag>) ()
at /lib/x86_64-linux-gnu/libQt6Gui.so.6
#25 0x00007fffe9e0be7a in () at /lib/x86_64-linux-gnu/libQt6XcbQpa.so.6
#26 0x00007fffee776e6b in g_main_context_dispatch () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
#27 0x00007fffee777118 in () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
#28 0x00007fffee7771cf in g_main_context_iteration () at /lib/x86_64-linux-gnu/libglib-2.0.so.0
#29 0x00007ffff6c71599 in QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) ()
at /lib/x86_64-linux-gnu/libQt6Core.so.6
#30 0x00007ffff6a3b22b in QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) () at /lib/x86_64-linux-gnu/libQt6Core.so.6
#31 0x00007ffff6a37082 in QCoreApplication::exec() () at /lib/x86_64-linux-gnu/libQt6Core.so.6
#32 0x0000555555686828 in main(int, char**) (argc=<optimized out>, qt_argv=<optimized out>)
at /home/mikaeka/myrepos/wireshark/ui/qt/main.cpp:1097
(gdb) info args
this = 0x186a0
cap_file = 0x555555f6d1c0 <cfile>
column = 2
colorized = false
(gdb) p colorized
$3 = false
(gdb) p colorized_
Cannot access memory at address 0x186bc
(gdb) p color_ver_
Cannot access memory at address 0x186b8
(gdb) p rows_color_ver_
$4 = 1What is the expected correct behavior?
No crash
Build information
Version 4.5.0 (v4.5.0rc0-1158-gd86c97744ba0).
Copyright 1998-2024 Gerald Combs <gerald@wireshark.org> and contributors.
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
Compile-time info:
Bit width: 64-bit
Compiler: GCC 10.2.1 20210110
GLib: 2.66.8
With:
+brotli +Minizip 1.2.8
+Gcrypt 1.8.8 +nghttp2 1.43.0
+GnuTLS 3.7.1 and PKCS#11 +PCRE2 10.36 2020-12-04
+Kerberos (MIT) +POSIX capabilities (Linux)
+libnl 3 +Qt 6.4.2
+libpcap +QtDBus
+libsmi 0.4.8 +QtMultimedia
+libxml2 2.9.10 +Snappy 1.1.8
+Lua 5.4.2 +zlib 1.2.11
+LZ4 1.9.3 +Zstandard 1.4.8
+MaxMind 1.5.2
Without:
-automatic updates -nghttp3 -zlib-ng
Runtime info:
OS: Linux 5.10.0-33-amd64
CPU: AMD Ryzen 9 3900X 12-Core Processor (with SSE4.2)
Memory: 32054 MB of physical memory
GLib: 2.66.8
Locale: LC_TYPE=en_US.utf8
Plugins: supported, 22 loaded
With:
+brotli 1.0.9 +nghttp2 1.43.0
+c-ares 1.17.1 +PCRE2 10.36 2020-12-04
+Gcrypt 1.8.8 +QPA plugin "xcb"
+GnuTLS 3.7.1 +Qt 6.4.2
+libpcap 1.10.0 (with TPACKET_V3) +Xorg
+libsmi 0.4.8 +zlib 1.2.11
+light display mode +Zstandard 1.4.8
+LZ4 1.9.3
Without:
-HiDPI
Check the man page and www.wireshark.org for more information.