Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: [Wireshark-dev] Cannot use "capture info" dialog, wireshark gets SIGUSR1

From: Alexey Neyman <avn@xxxxxxxxxxxxxxx>
Date: Fri, 8 Aug 2008 01:43:30 -0700
Howdy,

I am running Ubuntu Hardy 8.04.1, GCC 4.2.3 on x86_64. Wireshark sources 
are top-of-trunk.

When starting a capture, I tried to uncheck the boxes "Update list of 
packets in real time" and "Hide capture info dialog". The capture 
started fine, but when I hit the "Stop" button, Wireshark exited due to 
receipt of SIGUSR1.

If I use the "Stop capture" button on the toolbar, the capture stops and 
the list of captured packets is displayed.

I traced the problem to the following fact: the capture_info_delete_cb() 
function is called with a "data" pointer which is different from the 
one supplied to g_connect(). It so happens that the fork_child member 
at that "bad pointer" has a value of 0, and thus SIGUSR1 is delivered 
to the current process group instead of dumpcap.

Below, what GDB shows:

<<<<<
Breakpoint 6, capture_info_ui_create (cinfo=0x78be40, 
capture_opts=0x79c0e0) at capture_info_dlg.c:269
269       stop_bt = g_object_get_data(G_OBJECT(bbox), 
WIRESHARK_STOCK_CAPTURE_STOP);
(gdb) c
Continuing.

Breakpoint 7, capture_info_delete_cb (w=0x196e420, event=0x79c0e0, 
data=0x89c960) at capture_info_dlg.c:93
93      capture_info_delete_cb(GtkWidget *w _U_, GdkEvent *event _U_, 
gpointer data) {
<<<<

Note that the correct value for capture_opts somehow ended up in 'event' 
argument instead of 'data'. I am not sure if it is a GTK or Wireshark 
problem. Is GTK packaging arguments to signals in a wrong way on 
x86_64?

Best regards,
Alexey Neyman.