This is from dumpcap. Here is the complete stack. It occurring *while writing the IDB*
#0 0x00ac7433 in pcap_stats () from /usr/lib/libpcap.so.0.8 #1 0x080513de in libpcap_write_interface_statistics_block (fp=0x805af70, interface_id=0, pd=0x0, bytes_written=0x80572fc, err=0xbfffd2a8) at pcapio.c:472 #2 0x080501c8 in capture_loop_close_output (stats_known=<value optimized out>, stats=<value optimized out>, capture_opts=<value optimized out>) at dumpcap.c:2467 #3 capture_loop_start (stats_known=<value optimized out>, stats=<value optimized out>, capture_opts=<value optimized out>) at dumpcap.c:3127 #4 0x08051224 in main (argc=<value optimized out>, argv=<value optimized out>) at dumpcap.c:3916 And one more important stuff i could figure out is that this segmentation fault occurs only when *wireshark is capturing in PCAPNG forma*t. I c*hanged the capture format to LIBPCAP and it worked fine*. The wireshark wiki tells that the capture file being used with pipe should be in LIBPCAP format and *my capture file is in LIBPCAP* only. Only wireshark capture format is PCAPNG. On Sun, Mar 4, 2012 at 3:27 PM, Guy Harris <g...@alum.mit.edu> wrote: > > On Mar 4, 2012, at 2:23 AM, vijay wrote: > > > I digged in bit further and found where the SIGSEV is signaled. Its > coming from the p_stats(). Here is what i got in gdb > > > > [New Thread 0xb78acb70 (LWP 3668)] > > > > Program received signal SIGSEGV, Segmentation fault. > > [Switching to Thread 0xb78acb70 (LWP 3668)] > > 0x00f6f433 in pcap_stats () from /usr/lib/libpcap.so.0.8 > > Is this in Wireshark or in dumpcap? The only code I can find in the top > of the 1.6 branch that calls pcap_stats() is in dumpcap. > > And what's the full stack trace? > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives: http://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe >
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe
