Wireshark exits when a capture is stopped on Windows

asked 2020-12-21 07:28:07 +0000

Singi gravatar image

updated 2020-12-21 15:19:49 +0000

grahamb gravatar image

Normal capture, the program will automatically exit after pressing stop capture, resulting in unable to save the captured data.

edit retag flag offensive close merge delete

Comments

On what operating system is this, and what version of Wireshark is this?

Guy Harris gravatar imageGuy Harris ( 2020-12-21 08:24:06 +0000 )edit

Windows 10. Wireshark Version 3.4.2 (v3.4.2-0-ga889cf1b1bf9)

Singi gravatar imageSingi ( 2020-12-21 08:36:50 +0000 )edit

Can you post the contents of the Wireshark menu item Help -> About Wireshark -> Wireshark dialog as there's more info there we need? Also what type of interface are you capturing on?

grahamb gravatar imagegrahamb ( 2020-12-21 15:19:22 +0000 )edit

@grahamb is there some way to determine whether this is a crash, rather than a normal exit, such as a dialog popped up by Windows for an application crash, or an event log search that would find an application crash?

Guy Harris gravatar imageGuy Harris ( 2020-12-21 21:03:43 +0000 )edit

@Guy Harris, if Windows Error Reporting (WER) is enabled, then with most crashes the usual dialog is displayed and something should be logged in the appropriate location. More info about WER here.

If a stack overflow occurs then there may not be any indication, the application can just disappear.

grahamb gravatar imagegrahamb ( 2020-12-21 22:50:00 +0000 )edit

If a stack overflow occurs then there may not be any indication, the application can just disappear.

Sigh. Props to Apple - Crash Reporter will add a log file for all crashes, including stack overflows, and, if it's a GUI app, will pop up a window showing the error.

Guy Harris gravatar imageGuy Harris ( 2020-12-21 23:10:02 +0000 )edit

I also have such one issue, my information as below:

Using the USB interface

Wireshark information:

3.4.2 (v3.4.2-0-ga889cf1b1bf9)

Compiled (64-bit) with Qt 5.15.1, with libpcap, with GLib 2.52.3, with zlib
1.2.11, with SMI 0.4.8, with c-ares 1.15.0, with Lua 5.2.4, with GnuTLS 3.6.3
and PKCS #11 support, with Gcrypt 1.8.3, with MIT Kerberos, with MaxMind DB
resolver, with nghttp2 1.39.2, with brotli, with LZ4, with Zstandard, with
Snappy, with libxml2 2.9.9, with QtMultimedia, with automatic updates using
WinSparkle 0.5.7, with AirPcap, with SpeexDSP (using bundled resampler).

Running on 64-bit Windows 10 (2009), build 19042, with Intel(R) Core(TM)
i7-8750H CPU @ 2.20GHz (with SSE4.2), with 16239 MB of physical memory, with
locale English_United States.utf8, with light display mode, without HiDPI, with ...
(more)
xiaolongba gravatar imagexiaolongba ( 2021-01-07 07:56:46 +0000 )edit
add a comment