Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-users: [Wireshark-users] Crashes on OS X 10.5

From: Rob Heilman <rheilman@xxxxxxxxxxxx>
Date: Thu, 24 Jan 2008 14:18:39 -0500
Ever since the upgrade to Leopard/10.5 Wireshark has been fairly unstable. Errors like below seems to happen at random. I am currently running 10.5.1 and installed from ports (more info below) Is anyone else seeing this? If you have it running stable, did you install 10.5 as an upgrade from 10.4 or as a clean install? I completely rebuilt ports from scratch and would like to avoid a clean install of the OS if possible. X11 was installed from the Leopard DVD. I also installed the new Xcode as required but don't remember if the 10.5 upgrade deleted the previous version or if my install was actually considered upgrading.

-Rob Heilman

=============================================================================

Ares:~ rheilman$ wireshark
The program 'wireshark' received an X Window System error.
This probably reflects a bug in the program.
The error was 'BadMatch (invalid parameter attributes)'.
 (Details: serial 753345 error_code 8 request_code 152 minor_code 4)
 (Note to programmers: normally, X errors are reported asynchronously;
  that is, you will receive the error a while after causing it.
  To debug your program, run it with the --sync command line
  option to change this behavior. You can then get a meaningful
  backtrace from your debugger if you break on the gdk_x_error() function.)


Ares:~ rheilman$ system_profiler SPHardwareDataType SPSoftwareDataType
Hardware:

   Hardware Overview:

     Model Name: MacBook Pro 15"
     Model Identifier: MacBookPro2,2
     Processor Name: Intel Core 2 Duo
     Processor Speed: 2.33 GHz
     Number Of Processors: 1
     Total Number Of Cores: 2
     L2 Cache: 4 MB
     Memory: 2 GB
     Bus Speed: 667 MHz
     Boot ROM Version: MBP22.00A5.B07
     SMC Version: 1.12f5
     Serial Number: xxxx
     Sudden Motion Sensor:
         State: Enabled

Software:

   System Software Overview:

     System Version: Mac OS X 10.5.1 (9B18)
     Kernel Version: Darwin 9.1.0
     Boot Volume: Internal HD
     Boot Mode: Normal
     Computer Name: Ares
     User Name: xxxx
     Time since boot: 2 days 4:48



Ares:~ rheilman$ uname -a
Darwin Ares.local 9.1.0 Darwin Kernel Version 9.1.0: Wed Oct 31 17:46:22 PDT 2007; root:xnu-1228.0.2~1/RELEASE_I386 i386


Ares:~ rheilman$ for i in `pkgutil --pkgs=com.apple.pkg.X11*`; do pkgutil --pkg-info $i; done
package-id: com.apple.pkg.X11User
version: 10.5.0.1.1.1192168948
volume: /
location: ./
install-time: 1195677670
groups: com.apple.repair-permissions.pkg-group com.apple.FindSystemFiles.pkg-group
package-id: com.apple.pkg.X11SDKLeo
version: 4.0.0.9000000000.1.1192168948
volume: /
location: ./
install-time: 1196188398
groups: com.apple.repair-permissions.pkg-group com.apple.FindSystemFiles.pkg-group com.apple.DevToolsNonRelocatable.pkg-group
package-id: com.apple.pkg.X11DocumentationLeo
version: 1.0.0.9000000000.1.1192168948
volume: /
location: ./
install-time: 1196188418
groups: com.apple.repair-permissions.pkg-group com.apple.FindSystemFiles.pkg-group com.apple.DevToolsBoth.pkg-group


Ares:~ rheilman$ wireshark -v
wireshark 0.99.6

Copyright 1998-2007 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.12.1, with GLib 2.14.4, with libpcap 0.9.5, with libz
1.2.3, without libpcre, without Net-SNMP, without ADNS, without Lua, without
GnuTLS, without Gcrypt, with MIT Kerberos, without PortAudio, without AirPcap.
NOTE: this build doesn't support the "matches" operator for Wireshark filter
syntax.

Running on Darwin 9.1.0, with libpcap version 0.9.5.

Built using gcc 4.0.1 (Apple Inc. build 5465).


Ares:~ rheilman$ sudo port info wireshark
wireshark 0.99.6, net/wireshark (Variants: universal, darwin_6, darwin_7, darwin_8, darwin_9, adns, gnutls, libgcrypt, ipv6, net_snmp, pcre, no_ssl, no_x11)
http://wireshark.org/

A network analyzer that lets you capture and interactively browse Ethernet frames. Packet data can be read from a file, or live from a local network interface.

Library Dependencies: glib2, gtk2, openssl, libpcap, zlib
Platforms: darwin
Maintainers: opendarwin.org@xxxxxxxxxxx