Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-dev: [Wireshark-dev] Wireshark 1.2.1 crash when Handing off dissector

Date Prev · Date Next · Thread Prev · Thread Next
From: "jdhagen chorus.net" <jdhagen@xxxxxxxxxx>
Date: Mon, 31 Aug 2009 10:43:16 -0500
I'm running Wireshark 1.2.1 on Windows XP SP3.

When it starts, it gets to 51% while executing the "Handing
off dissector" logic, which happens to be 2dparityfec, and
then crashes.

The details are:

Unhandled exception at 0x007F3FC9: 0xC0000005: Access violation
reading location 0x02C8D000.

ecx == 0x02C8CFFD

007F3FC9  mov         eax,dword ptr [ecx]

Memory at 0x02C8CFFD:

31 00 00 ?? ?? ?? ?? ??


It appears the code is trying to do a DWORD fetch from
address 0x02C8CFFD, but the memory starting at 0x02C8D000
isn't mapped into the address space, so it faults.

Is there a way to determine the function that is executing?

I tried a build using VC6 and that build didn't exhibit the problem.

Thanks.


Joe Hagen