Ethereal-dev: [Ethereal-dev] [jschilli@xxxxxxxxxxxxxxxx: AW: [Ethereal-users] Problems loading

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Gilbert Ramirez <gram@xxxxxxxxxx>
Date: Wed, 11 Oct 2000 11:48:15 -0400
Here's the Dr. Watson log.

--gilbert

----- Forwarded message from "Schilling, Johannes" <jschilli@xxxxxxxxxxxxxxxx> -----

Received: from hirschmann.de (gw.hirschmann.de [149.218.112.4]) by paat.pair.com (8.9.1/8.6.12) with ESMTP id LAA24202 for <gram@xxxxxxxxxx>; Wed, 11 Oct 2000 11:36:38 -0400 (EDT)
X-Envelope-To: <gram@xxxxxxxxxx>
Received: from hermes.hirschmann.de ([149.218.20.85]) by gw.hirschmann.de with ESMTP id <113285>; Wed, 11 Oct 2000 17:41:42 +0200
Received: by hermes with Internet Mail Service (5.5.2448.0)
	id <4VH35F1B>; Wed, 11 Oct 2000 17:36:13 +0200
Message-ID: <90177A89C11DD311B6C600A0C9990FA801BEA4C4@hermes>
From: "Schilling, Johannes" <jschilli@xxxxxxxxxxxxxxxx>
To: Gilbert Ramirez <gram@xxxxxxxxxx>
Subject: AW: [Ethereal-users] Problems loading files captured with windump
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2448.0)
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Wed, 11 Oct 2000 17:41:42 +0200

The message is:

ethereal.exe
Ausnahme: Zugriffsverletzung (0xc0000005), Adresse:0x004bf565

The drwtsn32.log shows:

Anwendungsausnahme aufgetreten:
        Anwendung:  (pid=3D245)
        Wann: 10/11/2000 @ 17:28:11.475
        Ausnahmenummer: c0000005 (Zugriffsverletzung)

*----> Systeminformationen <----*
        Computer-Name: NWT-NVS04
        Benutzername: jschilli
        Prozessoranzahl: 1
        Prozessortyp: x86 Family 6 Model 3 Stepping 4
        Windows NT-Version: 4.0
        Aktuelles Build: 1381
        Service Pack: 5
        Aktueller Typ: Uniprocessor Free
        Firma:=20
        Besitzer: Johannes Schilling

*----> Task-Liste <----*
   0 Idle.exe
   2 System.exe
  20 SMSS.exe
  24 CSRSS.exe
  34 WINLOGON.exe
  40 SERVICES.exe
  43 LSASS.exe
  65 SPOOLSS.exe
  79 smartagt.exe
  84 endpoint.exe
  88 LogWatNT.exe
  97 RPCSS.exe
 102 TCPSVCS.exe
 108 SNMP.exe
 111 WinVNC.exe
 116 PSTORES.exe
 151 NDDEAGNT.exe
  59 explorer.exe
 172 NTVDM.exe
 166 daconfig.exe
 170 F-AGNTNT.exe
 155 AcroTray.exe
 121 FINDFAST.exe
  44 OSA.exe
 162 notifier.exe
 127 MAPISP32.exe
 220 Aruser.exe
 242 outlook.exe
 193 winword.exe
 237 Go.exe
 227 msipcsv.exe
 225 HTel30.exe
 245 ethereal.exe
 231 DRWTSN32.exe
   0 _Total.exe

(00400000 - 00400000)=20
(77f70000 - 77fd0000) dll\ntdll.dbg
(10000000 - 10000000)=20
(77dc0000 - 77dff000) dll\advapi32.dbg
(77f00000 - 77f62000) dll\kernel32.dbg
(77e70000 - 77ec4000) dll\user32.dbg
(77ed0000 - 77efc000) dll\gdi32.dbg
(77e10000 - 77e67000) dll\rpcrt4.dbg
(78000000 - 78040000)=20
(776c0000 - 776c8000) dll\wsock32.dbg
(776a0000 - 776b4000) dll\ws2_32.dbg
(77690000 - 77697000) dll\ws2help.dbg
(00230000 - 00230000)=20
(00240000 - 00240000)=20
(00250000 - 00250000)=20
(003d0000 - 003d0000)=20
(005d0000 - 005d0000)=20
(76ad0000 - 76ad5000) dll\imm32.dbg
(77b80000 - 77c36000) dll\ole32.dbg
(70980000 - 70b2c000) SHELL32.dbg
(71040000 - 71063000) SHLWAPI.dbg
(77aa0000 - 77b15000) COMCTL32.dbg
(5f7f0000 - 5f7f7000) dll\rpcltc1.dbg
(010b0000 - 010b0000)=20
(77780000 - 77786000) dll\msidle.dbg

Statusabbild f=FCr Thread-ID 0xe2

eax=3D00000000 ebx=3D00ed4198 ecx=3D00ed3d30 edx=3D00000000 =
esi=3D00000008
edi=3D0012ef84
eip=3D004bf565 esp=3D0012df6c ebp=3D0012df6c iopl=3D0         nv up ei =
pl zr na po
nc
cs=3D001b  ss=3D0023  ds=3D0023  es=3D0023  fs=3D0038  gs=3D0000
efl=3D00000246


Funktion: <nosymbols>
        004bf54e 034d0c           add     ecx,[ebp+0xc]
ss:0102c972=3D????????
        004bf551 8b5508           mov     edx,[ebp+0x8]
ss:0102c972=3D????????
        004bf554 894a08           mov     [edx+0x8],ecx
ds:00efea06=3D000000ba
        004bf557 8b4508           mov     eax,[ebp+0x8]
ss:0102c972=3D????????
        004bf55a 8b4008           mov     eax,[eax+0x8]
ds:00efea06=3D000000ba
        004bf55d 5d               pop     ebp
        004bf55e c3               ret
        004bf55f 55               push    ebp
        004bf560 8bec             mov     ebp,esp
        004bf562 8b4508           mov     eax,[ebp+0x8]
ss:0102c972=3D????????
FEHLER ->004bf565 8b4808           mov     ecx,[eax+0x8]
ds:00efea06=3D000000ba
        004bf568 3b4d0c           cmp     ecx,[ebp+0xc]
ss:0102c972=3D????????
        004bf56b 771a             ja      004bf587
        004bf56d 8b5508           mov     edx,[ebp+0x8]
ss:0102c972=3D????????
        004bf570 c7420801000000   mov    dword ptr [edx+0x8],0x1
ds:00efea06=3D000000ba
        004bf577 8b4508           mov     eax,[ebp+0x8]
ss:0102c972=3D????????
        004bf57a 50               push    eax
        004bf57b e88bfeffff       call    004bf40b
        004bf580 83c404           add     esp,0x4
        004bf583 33c0             xor     eax,eax
        004bf585 eb15             jmp     004bf59c
        004bf587 8b4d08           mov     ecx,[ebp+0x8]
ss:0102c972=3D????????

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1  Param#2  Param#3  Param#4  Function Name
0012df6c 004bf478 00000000 00000001 00000001 0012dfa0 <nosymbols>=20

*----> Raw Stack Dump <----*
0012df6c  8c df 12 00 78 f4 4b 00 - 00 00 00 00 01 00 00 00
....x.K.........
0012df7c  01 00 00 00 a0 df 12 00 - 23 b5 01 10 78 70 ea 00
........#...xp..
0012df8c  98 df 12 00 22 f7 4b 00 - 30 3d ed 00 b4 df 12 00
....".K.0=3D......
0012df9c  a9 33 4b 00 30 3d ed 00 - c4 df 12 00 fe f8 4b 00
.3K.0=3D........K.
0012dfac  00 3d ed 00 20 e0 12 00 - d0 df 12 00 2e 35 4b 00  .=3D..
........5K.
0012dfbc  c0 df 12 00 01 00 00 00 - 01 00 00 00 8c 0f 59 00
..............Y.
0012dfcc  00 00 00 00 e8 df 12 00 - a8 f8 4b 00 01 00 00 00
..........K.....
0012dfdc  01 00 00 00 8c 0f 59 00 - 01 00 00 00 04 e0 12 00
......Y.........
0012dfec  bd f7 4b 00 00 3d ed 00 - 0e 00 00 00 c6 00 00 00
..K..=3D..........
0012dffc  44 3d ed 00 48 3d ed 00 - 38 e0 12 00 2e fb 4b 00
D=3D..H=3D..8.....K.
0012e00c  30 3d ed 00 00 3d ed 00 - 0e 00 00 00 c6 00 00 00
0=3D...=3D..........
0012e01c  c6 00 00 00 64 e0 12 00 - 00 00 00 00 2c e0 12 00
....d.......,...
0012e02c  16 f7 4b 00 30 3d ed 00 - 30 3d ed 00 58 e1 12 00
..K.0=3D..0=3D..X...
0012e03c  2a 43 42 00 00 3d ed 00 - 0e 00 00 00 c6 00 00 00
*CB..=3D..........
0012e04c  c6 00 00 00 98 41 ed 00 - 38 45 5a 00 34 45 5a 00
.....A..8EZ.4EZ.
0012e05c  ff fd ff ff 40 00 00 00 - 78 e1 12 00 01 00 00 00
[email protected].......
0012e06c  70 e0 12 00 e8 fd 50 00 - 01 00 00 00 a0 99 ee 00
p.....P.........
0012e07c  20 a1 ee 00 20 0e b7 00 - 00 00 00 00 58 e1 12 00   ...
.......X...
0012e08c  98 41 ed 00 84 ef 12 00 - 08 00 00 00 44 e0 12 00
.A..........D...
0012e09c  e3 42 42 00 b0 ff 12 00 - 00 00 00 00 30 32 43 56
.BB.........02CV

Statusabbild f=FCr Thread-ID 0xdb

eax=3D77e167ce ebx=3D00000000 ecx=3D00130000 edx=3D00000000 =
esi=3D0013b340
edi=3D0013ba18
eip=3D77f77f67 esp=3D0109fdf0 ebp=3D0109ff90 iopl=3D0         nv up ei =
pl nz ac po
nc
cs=3D001b  ss=3D0023  ds=3D0023  es=3D0023  fs=3D0038  gs=3D0000
efl=3D00000216


Funktion: ZwReplyWaitReceivePort
        77f77f5c b890000000       mov     eax,0x90
        77f77f61 8d542404         lea     edx,[esp+0x4]
ss:01f9e7f7=3D????????
        77f77f65 cd2e             int     2e
        77f77f67 c21000           ret     0x10
        77f77f6a 8bc0             mov     eax,eax

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1  Param#2  Param#3  Param#4  Function Name
0109ff90 77e15fa2 77e16821 0013b340 0109ffec 00000000
ntdll!ZwReplyWaitReceivePort=20
00003a98 00000000 00000000 00000000 00000000 00000000
rpcrt4!NdrVaryingArrayFree=20

*----> Raw Stack Dump <----*
0109fdf0  f8 5a e1 77 60 00 00 00 - 6c ff 09 01 00 00 00 00
.Z.w`...l.......
0109fe00  48 6e 13 00 60 b4 13 00 - 3c 58 13 00 44 58 13 00
Hn..`...<X..DX..
0109fe10  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
................
0109fe20  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
................
0109fe30  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
................
0109fe40  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
................
0109fe50  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
................
0109fe60  00 00 00 00 00 00 00 00 - 98 fe 09 01 24 10 5d 00
............$.].
0109fe70  00 00 5d 00 02 00 00 00 - 00 00 00 00 98 fe 09 01
..].............
0109fe80  b5 6f b8 77 00 00 b8 77 - 02 00 00 00 00 00 00 00
.o.w...w........
0109fe90  a8 40 13 00 01 00 00 00 - 38 41 13 00 1f 3e f7 77
[email protected]...>.w
0109fea0  00 00 98 70 02 00 00 00 - 00 00 00 00 1c ff 09 01
...p............
0109feb0  00 00 00 00 5b 12 f7 77 - 60 55 fb 77 61 12 f7 77
....[..w`U.wa..w
0109fec0  30 ff 09 01 5c f6 12 00 - f0 3a 13 00 00 00 00 00
0...\....:......
0109fed0  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
................
0109fee0  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
................
0109fef0  00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00
................
0109ff00  00 00 00 00 c0 fe 09 01 - 00 00 00 00 ff ff ff ff
................
0109ff10  a4 1f fa 77 e8 d0 fa 77 - ff ff ff ff 00 00 00 00
...w...w........
0109ff20  87 63 f8 77 8f 63 f8 77 - 30 ff 09 01 01 00 00 00
.c.w.c.w0.......

Thanks
Johannes Schilling


	-----Urspr=FCngliche Nachricht-----
	Von:	Gilbert Ramirez [SMTP:gram@xxxxxxxxxx]
	Gesendet am:	Mittwoch, 11. Oktober 2000 17:01
	An:	Schilling, Johannes; ethereal-users@xxxxxxxxxxxx
	Betreff:	Re: [Ethereal-users] Problems loading files captured
with windump

	On Wed, Oct 11, 2000 at 04:27:33PM +0200, Schilling, Johannes wrote:
	> Hi,
	>=20
	> I use ethereal with my Win NT PC. Since Version 0.8.12 I have
problems to
	> load a capture file which was captured with windump. Dr. Watson
comes up
	> with the following message:
	>=20
	>=20
	>=20
	> Is there a way to load these files with Version 0.8.12?

	The Dr. Watson error messag did not come across in the e-mail.

	--gilbert

----- End forwarded message -----