https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4115
Summary: Wireshark crashes while opening large trace files on Mac
OS X Snow Leopard
Product: Wireshark
Version: 1.3.x (Experimental)
Platform: x86
OS/Version: Mac OS X 10.6
Status: NEW
Severity: Critical
Priority: Medium
Component: Wireshark
AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
ReportedBy: anders@xxxxxxxxxxxxxxxx
Created an attachment (id=3769)
--> (https://bugs.wireshark.org/bugzilla/attachment.cgi?id=3769)
Crashfile while trying to load the large trace file.
Build Information:
AMJ:bin anders$ ./wireshark -v
2009-10-11 23:08:26.660 defaults[28822:903]
The domain/default pair of (kCFPreferencesAnyApplication,
AppleAquaColorVariant) does not exist
2009-10-11 23:08:26.687 defaults[28823:903]
The domain/default pair of (kCFPreferencesAnyApplication, AppleHighlightColor)
does not exist
wireshark 1.3.0 (SVN Rev 29912 from /trunk)
Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Compiled with GTK+ 2.12.9, with GLib 2.16.3, with libpcap 1.0.0, with libz
1.2.3, without POSIX capabilities, with libpcre 7.8, with SMI 0.4.8, with
c-ares
1.5.3, with Lua 5.1, without Python, with GnuTLS 2.6.2, with Gcrypt 1.4.3, with
MIT Kerberos, without GeoIP, with PortAudio V19-devel (built Nov 14 2008),
without AirPcap.
Running on Darwin 10.0.0 (MacOS 10.6.1), with libpcap version 1.0.0, GnuTLS
2.6.2, Gcrypt 1.4.3.
Built using gcc 4.0.1 (Apple Inc. build 5488).
AMJ:bin anders$
--
Scenario:
Intel based Mac Book Pro running Snow Leopard (10.6.1)
While loading large trace files wireshark crashes.
No error messages in the GUI.
The console logging reports the following:
11/10/09 22.53.23 org.x.startx[28600] (EE) XKB: Couldn't open rules
file /usr/X11/share/X11/xkb/rules/base
11/10/09 22.53.23 org.x.startx[28600] (EE) XKB: Couldn't open rules
file /usr/X11/share/X11/xkb/rules/base
11/10/09 22.53.24 org.x.privileged_startx[28609] font_cache: Updating FC
cache
11/10/09 22.53.25 org.x.startx[28600] font_cache: Done
11/10/09 22.53.26 org.x.startx[28600] X11.app Handing off fd to
server thread via DarwinListenOnOpenFD(6)
11/10/09 22.53.26 org.x.startx[28600] DarwinListenOnOpenFD: 6
11/10/09 22.53.26 org.x.startx[28600] Calling ListenOnOpenFD() for
new fd: 6
11/10/09 22.53.26 [0x0-0x472472].org.wireshark.Wireshark[28556]
(wireshark-bin:28559): Gtk-WARNING **: Unable to locate theme engine in
module_path: "clearlooks",
11/10/09 22.53.27 org.x.privileged_startx[28609] font_cache: Done
11/10/09 22.54.25 [0x0-0x472472].org.wireshark.Wireshark[28556]
wireshark-bin(28559,0xa05a0500) malloc: *** mmap(size=16777216) failed (error
code=12)
11/10/09 22.54.25 [0x0-0x472472].org.wireshark.Wireshark[28556] ***
error: can't allocate region
11/10/09 22.54.25 [0x0-0x472472].org.wireshark.Wireshark[28556] *** set
a breakpoint in malloc_error_break to debug
11/10/09 22.54.25 [0x0-0x472472].org.wireshark.Wireshark[28556]
***MEMORY-ERROR***: wireshark-bin[28559]: GSlice: failed to allocate 4088 bytes
(alignment: 4096): Cannot allocate memory
11/10/09 22.54.27 ReportCrash[28765] Saved crash report for
wireshark-bin[28559] version ??? (???) to
/Users/anders/Library/Logs/DiagnosticReports/wireshark-bin_2009-10-11-225427_AMJ.crash
This is also true for version 1.2.2.
Please find the two crash files attached.
Please let me know if You need additional information.
Regards,
Anders
--
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
