Ask Your Question
0

Wireshark 2.4.1 GTK Crash on long run

asked 2017-10-30 08:02:25 +0000

Dinesh Sadu gravatar image

Error: Wireshark-gtk.exe:11536 GLib-ERROR**- gmem.c:10 failed to allocate

======================

Version 2.4.1 (v2.4.1-0-gf42a0d2b6c)

Copyright 1998-2017 Gerald Combs [email protected] and contributors. License GPLv2+: GNU GPL version 2 or later http://www.gnu.org/licenses/old-licenses/gpl-2.0.html This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 2.24.23, with Cairo 1.12.16, with Pango 1.36.8, with WinPcap (413), with GLib 2.42.0, with zlib 1.2.8, with SMI 0.4.8, with c-ares 1.12.0, with Lua 5.2.4, with GnuTLS 3.4.11, with Gcrypt 1.7.6, with MIT Kerberos, with GeoIP, with nghttp2 1.14.0, with LZ4, with Snappy, with libxml2 2.9.4, with PortAudio V19-devel (built Aug 29 2017), with AirPcap, with SBC, with SpanDSP.

Running on 64-bit Windows 7 Service Pack 1, build 7601, with Intel(R) Core(TM) i5-3470 CPU @ 3.20GHz (with SSE4.2), with 8066 MB of physical memory, with locale EnglishUnited States.1252, with WinPcap version 4.1.3 (packet.dll version 0.94), based on libpcap version 1.0 branch 10_rel0b (20091008), with GnuTLS 3.4.11, with Gcrypt 1.7.6, without AirPcap.

Built using Microsoft Visual C++ 14.0 build 24215

Wireshark is Open Source Software released under the GNU General Public License.

Check the man page and http://www.wireshark.org for more information.

======================

edit retag flag offensive close merge delete

Comments

Could you please report a bug (https://bugs.wireshark.org/bugzilla/) for this. Adding information how to reproduce this crash and attaching a capture file to trigger the crash would be helpful!.

Uli gravatar imageUli ( 2017-10-30 08:46:21 +0000 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2017-10-30 14:18:19 +0000

Pascal Quantin gravatar image

updated 2017-10-30 17:19:40 +0000

It is not recommended to run Wireshark / tshark for long run, due to the amount of memory required to build all the relationship between packets. See this link and this one for details. Better perform the capture first and analyze it afterwards (after splitting the capture if required).

Note that the amount of packets you can capture before getting a crash will depend on plenty of factors: the protocols involved, your protocols configuration, the WIresahrk version used, etc...

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2017-10-30 08:02:25 +0000

Seen: 1,060 times

Last updated: Oct 30 '17