Wireshark · Wireshark-users: [Wireshark-users] WS 1.2.6 is crashing by opening a 147MB file

Wireshark-users: [Wireshark-users] WS 1.2.6 is crashing by opening a 147MB file

From: János Löbb <janos.lobb@xxxxxxxx>

Date: Tue, 25 May 2010 14:20:53 -0400

Hi,

I used tcpdump on AIX 5.3 to capture a 10 minute long traffic on my database server.  The command was something like:

tcpdump -i en8 -w /prod/sybase/logs/seqtcpdump.pcap host sequoia and not bml0028

It came to a 147MB capture file.  I scp-ed it over to my Mac that has Intel processors and 4 GB memory with OS X 10.6.3  and WireShark 1.2.6 on it and tried to open the file after a fresh start.  At about 32% loading the file, WireShark crashed.

Here is the first part of the crashreport:

<snip>
Process:         wireshark-bin [1557]
Path:            /Applications/Wireshark.app/Contents/Resources/bin/wireshark-bin
Identifier:      wireshark-bin
Version:         ??? (???)
Code Type:       X86 (Native)
Parent Process:  Wireshark [1555]

Date/Time:       2010-05-25 13:59:58.299 -0400
OS Version:      Mac OS X 10.6.3 (10D578)
Report Version:  6

Exception Type:  EXC_CRASH (SIGABRT)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Crashed Thread:  0  Dispatch queue: com.apple.main-thread

Application Specific Information:
abort() called

Thread 0 Crashed:  Dispatch queue: com.apple.main-thread
0   libSystem.B.dylib             	0x9278a132 __kill + 10
1   libSystem.B.dylib             	0x9278a124 kill$UNIX2003 + 32
2   libSystem.B.dylib             	0x9281c8e5 raise + 26
3   libSystem.B.dylib             	0x9283299c abort + 93
4   libglib-2.0.0.dylib           	0x03744ad4 mem_error + 164
5   libglib-2.0.0.dylib           	0x037450ab slab_allocator_alloc_chunk + 459
6   libglib-2.0.0.dylib           	0x0374661b g_slice_alloc + 1643
7   libgtk-x11-2.0.0.dylib        	0x02e0a184 real_insert_row + 164
8   libgtk-x11-2.0.0.dylib        	0x02e02198 gtk_clist_append + 88
9   wireshark-bin                 	0x0005e63f packet_list_append + 63
10  wireshark-bin                 	0x00010367 add_packet_to_packet_list + 567
11  wireshark-bin                 	0x000106a6 read_packet + 486
12  wireshark-bin                 	0x00011052 cf_read + 1634
13  wireshark-bin                 	0x000204a8 file_open_cmd + 2552
14  libgtk-x11-2.0.0.dylib        	0x02ea30d6 gtk_item_factory_callback_marshal + 54
15  libgobject-2.0.0.dylib        	0x036a2c89 g_closure_invoke + 329
16  libgobject-2.0.0.dylib        	0x036b33bc signal_emit_unlocked_R + 1900
17  libgobject-2.0.0.dylib        	0x036b4a7d g_signal_emit_valist + 1885
18  libgobject-2.0.0.dylib        	0x036b4dd9 g_signal_emit + 41
19  libgtk-x11-2.0.0.dylib        	0x02fe7e04 gtk_widget_activate + 148
20  libgtk-x11-2.0.0.dylib        	0x02ed0233 gtk_menu_shell_activate_item + 259
21  libgtk-x11-2.0.0.dylib        	0x02ed05d8 gtk_menu_shell_button_release + 696
22  libgtk-x11-2.0.0.dylib        	0x02ebe1eb _gtk_marshal_BOOLEAN__BOXED + 107
23  libgobject-2.0.0.dylib        	0x036a2c89 g_closure_invoke + 329
24  libgobject-2.0.0.dylib        	0x036b3545 signal_emit_unlocked_R + 2293
25  libgobject-2.0.0.dylib        	0x036b4752 g_signal_emit_valist + 1074
26  libgobject-2.0.0.dylib        	0x036b4dd9 g_signal_emit + 41
27  libgtk-x11-2.0.0.dylib        	0x02fe8096 gtk_widget_event_internal + 614
28  libgtk-x11-2.0.0.dylib        	0x02ebc375 gtk_propagate_event + 213
29  libgtk-x11-2.0.0.dylib        	0x02ebc8d2 gtk_main_do_event + 1090
30  libgdk-x11-2.0.0.dylib        	0x032bcfe5 gdk_event_dispatch + 85
31  libglib-2.0.0.dylib           	0x03727a8e g_main_context_dispatch + 558
32  libglib-2.0.0.dylib           	0x0372b50b g_main_context_iterate + 1163
33  libglib-2.0.0.dylib           	0x0372b847 g_main_loop_run + 471
34  libgtk-x11-2.0.0.dylib        	0x02ebb9f1 gtk_main + 177
35  wireshark-bin                 	0x000561fe main + 4814
36  wireshark-bin                 	0x000025c6 start + 54

Thread 1:  Dispatch queue: com.apple.libdispatch-manager
0   libSystem.B.dylib             	0x9274fb42 kevent + 10
1   libSystem.B.dylib             	0x9275025c _dispatch_mgr_invoke + 215
2   libSystem.B.dylib             	0x9274f719 _dispatch_queue_invoke + 163
3   libSystem.B.dylib             	0x9274f4be _dispatch_worker_thread2 + 240
4   libSystem.B.dylib             	0x9274ef41 _pthread_wqthread + 390
5   libSystem.B.dylib             	0x9274ed86 start_wqthread + 30

Thread 0 crashed with X86 Thread State (32-bit):
  eax: 0x00000000  ebx: 0x9283294b  ecx: 0xbfffdb2c  edx: 0x9278a132
  edi: 0xa0389b10  esi: 0x03d001e0  ebp: 0xbfffdb48  esp: 0xbfffdb2c
   ss: 0x0000001f  efl: 0x00000286  eip: 0x9278a132   cs: 0x00000007
   ds: 0x0000001f   es: 0x0000001f   fs: 0x00000000   gs: 0x00000037
  cr2: 0x9281c8cb

</snip>

What am I doing wrong ?  After the crash top showed still 2340M free on the machine and the disk has 52GB free space.  So I do not think I ran into some kind of limitation.  Should I try with 1.2.8 or with a development of 1.3.x ?

Thanks ahead,

János

Follow-Ups:
- Re: [Wireshark-users] WS 1.2.6 is crashing by opening a 147MB file
  - From: Guy Harris

Prev by Date: [Wireshark-users] changes for netbook
Next by Date: Re: [Wireshark-users] WS 1.2.6 is crashing by opening a 147MB file
Previous by thread: [Wireshark-users] changes for netbook
Next by thread: Re: [Wireshark-users] WS 1.2.6 is crashing by opening a 147MB file
Index(es):
- Date
- Thread