Re: [Wireshark-dev] Err when using a pipe
1.6.6 isn't scheduled yet, but it's been a couple of months since 1.6.5 which would imply that it shouldn't be too much longer. vijay wrote: Is it possible to tell how longer would it be before Wireshark 1.6.6 is released ? On Mon, Mar 5, 2012 at 1:31 AM, Guy Harris g...@alum.mit.edu mailto:g...@alum.mit.edu wrote: On Mar 4, 2012, at 8:24 PM, Jeff Morriss wrote: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5939 It's scheduled to be fixed in 1.6.6. ...and I backported the relevant part (a tiny fraction of the change responsible for fixing it in the trunk; that change added a bunch of new functionality, so it's not appropriate for the 1.6 branch in its entirety) to 1.6 and checked it in. I've also scheduled that change for the 1.4 branch. ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org mailto:wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Err when using a pipe
Is it possible to tell how longer would it be before Wireshark 1.6.6 is released ? On Mon, Mar 5, 2012 at 1:31 AM, Guy Harris g...@alum.mit.edu wrote: On Mar 4, 2012, at 8:24 PM, Jeff Morriss wrote: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5939 It's scheduled to be fixed in 1.6.6. ...and I backported the relevant part (a tiny fraction of the change responsible for fixing it in the trunk; that change added a bunch of new functionality, so it's not appropriate for the 1.6 branch in its entirety) to 1.6 and checked it in. I've also scheduled that change for the 1.4 branch. ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Err when using a pipe
I digged in bit further and found where the SIGSEV is signaled. Its coming from the p_stats(). Here is what i got in gdb [New Thread 0xb78acb70 (LWP 3668)] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb78acb70 (LWP 3668)] 0x00f6f433 in pcap_stats () from /usr/lib/libpcap.so.0.8 looks like the seg-fault if thrown by libpcap. Has anyone else experianced the similar thing while using Wireshark 1.6.5 (im running it in Ubuntu on VirtualBox)? I got this when i start wireshark from the command line through: *./wireshark -k -i /tmp/pipe* It waits for any input from the pipe and when i did cat capturefile.pcap /tmp/pipe, wireshark displayed the contents partially (97 pckts out of 110) and crashed with *Segmentation fault*. On Fri, Mar 2, 2012 at 7:33 PM, vijay vijay.prasa...@gmail.com wrote: Hi, I start wireshark from command line : sudo ./wireshark -k -i /tmp/pipe I have a capture dump in libpcap format which i wite into the pipe (/tmp/pipe) after starting wireshark. Everytime i do this wireshark displays the contents of the file but at the end it shows segmentation fault. The capture file is from my previous run of wireshark saved in libpcap format. Wireshark perfectly works with the same file when open though GUI. I am using wireshark 1.6.5 on linux. Could some one pls tell me why this behavior occurs? Thanks Vijay ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Err when using a pipe
On Mar 4, 2012, at 2:23 AM, vijay wrote: I digged in bit further and found where the SIGSEV is signaled. Its coming from the p_stats(). Here is what i got in gdb [New Thread 0xb78acb70 (LWP 3668)] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb78acb70 (LWP 3668)] 0x00f6f433 in pcap_stats () from /usr/lib/libpcap.so.0.8 Is this in Wireshark or in dumpcap? The only code I can find in the top of the 1.6 branch that calls pcap_stats() is in dumpcap. And what's the full stack trace? ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Err when using a pipe
This is from dumpcap. Here is the complete stack. It occurring *while writing the IDB* #0 0x00ac7433 in pcap_stats () from /usr/lib/libpcap.so.0.8 #1 0x080513de in libpcap_write_interface_statistics_block (fp=0x805af70, interface_id=0, pd=0x0, bytes_written=0x80572fc, err=0xbfffd2a8) at pcapio.c:472 #2 0x080501c8 in capture_loop_close_output (stats_known=value optimized out, stats=value optimized out, capture_opts=value optimized out) at dumpcap.c:2467 #3 capture_loop_start (stats_known=value optimized out, stats=value optimized out, capture_opts=value optimized out) at dumpcap.c:3127 #4 0x08051224 in main (argc=value optimized out, argv=value optimized out) at dumpcap.c:3916 And one more important stuff i could figure out is that this segmentation fault occurs only when *wireshark is capturing in PCAPNG forma*t. I c*hanged the capture format to LIBPCAP and it worked fine*. The wireshark wiki tells that the capture file being used with pipe should be in LIBPCAP format and *my capture file is in LIBPCAP* only. Only wireshark capture format is PCAPNG. On Sun, Mar 4, 2012 at 3:27 PM, Guy Harris g...@alum.mit.edu wrote: On Mar 4, 2012, at 2:23 AM, vijay wrote: I digged in bit further and found where the SIGSEV is signaled. Its coming from the p_stats(). Here is what i got in gdb [New Thread 0xb78acb70 (LWP 3668)] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0xb78acb70 (LWP 3668)] 0x00f6f433 in pcap_stats () from /usr/lib/libpcap.so.0.8 Is this in Wireshark or in dumpcap? The only code I can find in the top of the 1.6 branch that calls pcap_stats() is in dumpcap. And what's the full stack trace? ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Err when using a pipe
On 03/04/2012 05:28 PM, vijay wrote: This is from dumpcap. Here is the complete stack. It occurring *while writing the IDB* #0 0x00ac7433 in pcap_stats () from /usr/lib/libpcap.so.0.8 #1 0x080513de in libpcap_write_interface_statistics_block (fp=0x805af70, interface_id=0, pd=0x0, bytes_written=0x80572fc, err=0xbfffd2a8) at pcapio.c:472 #2 0x080501c8 in capture_loop_close_output (stats_known=value optimized out, stats=value optimized out, capture_opts=value optimized out) at dumpcap.c:2467 #3 capture_loop_start (stats_known=value optimized out, stats=value optimized out, capture_opts=value optimized out) at dumpcap.c:3127 #4 0x08051224 in main (argc=value optimized out, argv=value optimized out) at dumpcap.c:3916 And one more important stuff i could figure out is that this segmentation fault occurs only when *wireshark is capturing in PCAPNG forma*t. I c*hanged the capture format to LIBPCAP and it worked fine*. See: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5939 It's scheduled to be fixed in 1.6.6. ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
Re: [Wireshark-dev] Err when using a pipe
On Mar 4, 2012, at 8:24 PM, Jeff Morriss wrote: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5939 It's scheduled to be fixed in 1.6.6. ...and I backported the relevant part (a tiny fraction of the change responsible for fixing it in the trunk; that change added a bunch of new functionality, so it's not appropriate for the 1.6 branch in its entirety) to 1.6 and checked it in. I've also scheduled that change for the 1.4 branch. ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
[Wireshark-dev] Err when using a pipe
Hi, I start wireshark from command line : sudo ./wireshark -k -i /tmp/pipe I have a capture dump in libpcap format which i wite into the pipe (/tmp/pipe) after starting wireshark. Everytime i do this wireshark displays the contents of the file but at the end it shows segmentation fault. The capture file is from my previous run of wireshark saved in libpcap format. Wireshark perfectly works with the same file when open though GUI. I am using wireshark 1.6.5 on linux. Could some one pls tell me why this behavior occurs? Thanks Vijay ___ Sent via:Wireshark-dev mailing list wireshark-dev@wireshark.org Archives:http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe