Ethereal-dev: [Ethereal-dev] [jschilli@xxxxxxxxxxxxxxxx: AW: [Ethereal-users] Problems loading
Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.
From: Gilbert Ramirez <gram@xxxxxxxxxx>
Date: Wed, 11 Oct 2000 11:48:15 -0400
Here's the Dr. Watson log. --gilbert ----- Forwarded message from "Schilling, Johannes" <jschilli@xxxxxxxxxxxxxxxx> ----- Received: from hirschmann.de (gw.hirschmann.de [149.218.112.4]) by paat.pair.com (8.9.1/8.6.12) with ESMTP id LAA24202 for <gram@xxxxxxxxxx>; Wed, 11 Oct 2000 11:36:38 -0400 (EDT) X-Envelope-To: <gram@xxxxxxxxxx> Received: from hermes.hirschmann.de ([149.218.20.85]) by gw.hirschmann.de with ESMTP id <113285>; Wed, 11 Oct 2000 17:41:42 +0200 Received: by hermes with Internet Mail Service (5.5.2448.0) id <4VH35F1B>; Wed, 11 Oct 2000 17:36:13 +0200 Message-ID: <90177A89C11DD311B6C600A0C9990FA801BEA4C4@hermes> From: "Schilling, Johannes" <jschilli@xxxxxxxxxxxxxxxx> To: Gilbert Ramirez <gram@xxxxxxxxxx> Subject: AW: [Ethereal-users] Problems loading files captured with windump MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="ISO-8859-1" Content-Transfer-Encoding: quoted-printable Date: Wed, 11 Oct 2000 17:41:42 +0200 The message is: ethereal.exe Ausnahme: Zugriffsverletzung (0xc0000005), Adresse:0x004bf565 The drwtsn32.log shows: Anwendungsausnahme aufgetreten: Anwendung: (pid=3D245) Wann: 10/11/2000 @ 17:28:11.475 Ausnahmenummer: c0000005 (Zugriffsverletzung) *----> Systeminformationen <----* Computer-Name: NWT-NVS04 Benutzername: jschilli Prozessoranzahl: 1 Prozessortyp: x86 Family 6 Model 3 Stepping 4 Windows NT-Version: 4.0 Aktuelles Build: 1381 Service Pack: 5 Aktueller Typ: Uniprocessor Free Firma:=20 Besitzer: Johannes Schilling *----> Task-Liste <----* 0 Idle.exe 2 System.exe 20 SMSS.exe 24 CSRSS.exe 34 WINLOGON.exe 40 SERVICES.exe 43 LSASS.exe 65 SPOOLSS.exe 79 smartagt.exe 84 endpoint.exe 88 LogWatNT.exe 97 RPCSS.exe 102 TCPSVCS.exe 108 SNMP.exe 111 WinVNC.exe 116 PSTORES.exe 151 NDDEAGNT.exe 59 explorer.exe 172 NTVDM.exe 166 daconfig.exe 170 F-AGNTNT.exe 155 AcroTray.exe 121 FINDFAST.exe 44 OSA.exe 162 notifier.exe 127 MAPISP32.exe 220 Aruser.exe 242 outlook.exe 193 winword.exe 237 Go.exe 227 msipcsv.exe 225 HTel30.exe 245 ethereal.exe 231 DRWTSN32.exe 0 _Total.exe (00400000 - 00400000)=20 (77f70000 - 77fd0000) dll\ntdll.dbg (10000000 - 10000000)=20 (77dc0000 - 77dff000) dll\advapi32.dbg (77f00000 - 77f62000) dll\kernel32.dbg (77e70000 - 77ec4000) dll\user32.dbg (77ed0000 - 77efc000) dll\gdi32.dbg (77e10000 - 77e67000) dll\rpcrt4.dbg (78000000 - 78040000)=20 (776c0000 - 776c8000) dll\wsock32.dbg (776a0000 - 776b4000) dll\ws2_32.dbg (77690000 - 77697000) dll\ws2help.dbg (00230000 - 00230000)=20 (00240000 - 00240000)=20 (00250000 - 00250000)=20 (003d0000 - 003d0000)=20 (005d0000 - 005d0000)=20 (76ad0000 - 76ad5000) dll\imm32.dbg (77b80000 - 77c36000) dll\ole32.dbg (70980000 - 70b2c000) SHELL32.dbg (71040000 - 71063000) SHLWAPI.dbg (77aa0000 - 77b15000) COMCTL32.dbg (5f7f0000 - 5f7f7000) dll\rpcltc1.dbg (010b0000 - 010b0000)=20 (77780000 - 77786000) dll\msidle.dbg Statusabbild f=FCr Thread-ID 0xe2 eax=3D00000000 ebx=3D00ed4198 ecx=3D00ed3d30 edx=3D00000000 = esi=3D00000008 edi=3D0012ef84 eip=3D004bf565 esp=3D0012df6c ebp=3D0012df6c iopl=3D0 nv up ei = pl zr na po nc cs=3D001b ss=3D0023 ds=3D0023 es=3D0023 fs=3D0038 gs=3D0000 efl=3D00000246 Funktion: <nosymbols> 004bf54e 034d0c add ecx,[ebp+0xc] ss:0102c972=3D???????? 004bf551 8b5508 mov edx,[ebp+0x8] ss:0102c972=3D???????? 004bf554 894a08 mov [edx+0x8],ecx ds:00efea06=3D000000ba 004bf557 8b4508 mov eax,[ebp+0x8] ss:0102c972=3D???????? 004bf55a 8b4008 mov eax,[eax+0x8] ds:00efea06=3D000000ba 004bf55d 5d pop ebp 004bf55e c3 ret 004bf55f 55 push ebp 004bf560 8bec mov ebp,esp 004bf562 8b4508 mov eax,[ebp+0x8] ss:0102c972=3D???????? FEHLER ->004bf565 8b4808 mov ecx,[eax+0x8] ds:00efea06=3D000000ba 004bf568 3b4d0c cmp ecx,[ebp+0xc] ss:0102c972=3D???????? 004bf56b 771a ja 004bf587 004bf56d 8b5508 mov edx,[ebp+0x8] ss:0102c972=3D???????? 004bf570 c7420801000000 mov dword ptr [edx+0x8],0x1 ds:00efea06=3D000000ba 004bf577 8b4508 mov eax,[ebp+0x8] ss:0102c972=3D???????? 004bf57a 50 push eax 004bf57b e88bfeffff call 004bf40b 004bf580 83c404 add esp,0x4 004bf583 33c0 xor eax,eax 004bf585 eb15 jmp 004bf59c 004bf587 8b4d08 mov ecx,[ebp+0x8] ss:0102c972=3D???????? *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 0012df6c 004bf478 00000000 00000001 00000001 0012dfa0 <nosymbols>=20 *----> Raw Stack Dump <----* 0012df6c 8c df 12 00 78 f4 4b 00 - 00 00 00 00 01 00 00 00 ....x.K......... 0012df7c 01 00 00 00 a0 df 12 00 - 23 b5 01 10 78 70 ea 00 ........#...xp.. 0012df8c 98 df 12 00 22 f7 4b 00 - 30 3d ed 00 b4 df 12 00 ....".K.0=3D...... 0012df9c a9 33 4b 00 30 3d ed 00 - c4 df 12 00 fe f8 4b 00 .3K.0=3D........K. 0012dfac 00 3d ed 00 20 e0 12 00 - d0 df 12 00 2e 35 4b 00 .=3D.. ........5K. 0012dfbc c0 df 12 00 01 00 00 00 - 01 00 00 00 8c 0f 59 00 ..............Y. 0012dfcc 00 00 00 00 e8 df 12 00 - a8 f8 4b 00 01 00 00 00 ..........K..... 0012dfdc 01 00 00 00 8c 0f 59 00 - 01 00 00 00 04 e0 12 00 ......Y......... 0012dfec bd f7 4b 00 00 3d ed 00 - 0e 00 00 00 c6 00 00 00 ..K..=3D.......... 0012dffc 44 3d ed 00 48 3d ed 00 - 38 e0 12 00 2e fb 4b 00 D=3D..H=3D..8.....K. 0012e00c 30 3d ed 00 00 3d ed 00 - 0e 00 00 00 c6 00 00 00 0=3D...=3D.......... 0012e01c c6 00 00 00 64 e0 12 00 - 00 00 00 00 2c e0 12 00 ....d.......,... 0012e02c 16 f7 4b 00 30 3d ed 00 - 30 3d ed 00 58 e1 12 00 ..K.0=3D..0=3D..X... 0012e03c 2a 43 42 00 00 3d ed 00 - 0e 00 00 00 c6 00 00 00 *CB..=3D.......... 0012e04c c6 00 00 00 98 41 ed 00 - 38 45 5a 00 34 45 5a 00 .....A..8EZ.4EZ. 0012e05c ff fd ff ff 40 00 00 00 - 78 e1 12 00 01 00 00 00 [email protected]....... 0012e06c 70 e0 12 00 e8 fd 50 00 - 01 00 00 00 a0 99 ee 00 p.....P......... 0012e07c 20 a1 ee 00 20 0e b7 00 - 00 00 00 00 58 e1 12 00 ... .......X... 0012e08c 98 41 ed 00 84 ef 12 00 - 08 00 00 00 44 e0 12 00 .A..........D... 0012e09c e3 42 42 00 b0 ff 12 00 - 00 00 00 00 30 32 43 56 .BB.........02CV Statusabbild f=FCr Thread-ID 0xdb eax=3D77e167ce ebx=3D00000000 ecx=3D00130000 edx=3D00000000 = esi=3D0013b340 edi=3D0013ba18 eip=3D77f77f67 esp=3D0109fdf0 ebp=3D0109ff90 iopl=3D0 nv up ei = pl nz ac po nc cs=3D001b ss=3D0023 ds=3D0023 es=3D0023 fs=3D0038 gs=3D0000 efl=3D00000216 Funktion: ZwReplyWaitReceivePort 77f77f5c b890000000 mov eax,0x90 77f77f61 8d542404 lea edx,[esp+0x4] ss:01f9e7f7=3D???????? 77f77f65 cd2e int 2e 77f77f67 c21000 ret 0x10 77f77f6a 8bc0 mov eax,eax *----> Stack Back Trace <----* FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name 0109ff90 77e15fa2 77e16821 0013b340 0109ffec 00000000 ntdll!ZwReplyWaitReceivePort=20 00003a98 00000000 00000000 00000000 00000000 00000000 rpcrt4!NdrVaryingArrayFree=20 *----> Raw Stack Dump <----* 0109fdf0 f8 5a e1 77 60 00 00 00 - 6c ff 09 01 00 00 00 00 .Z.w`...l....... 0109fe00 48 6e 13 00 60 b4 13 00 - 3c 58 13 00 44 58 13 00 Hn..`...<X..DX.. 0109fe10 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 0109fe20 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 0109fe30 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 0109fe40 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 0109fe50 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 0109fe60 00 00 00 00 00 00 00 00 - 98 fe 09 01 24 10 5d 00 ............$.]. 0109fe70 00 00 5d 00 02 00 00 00 - 00 00 00 00 98 fe 09 01 ..]............. 0109fe80 b5 6f b8 77 00 00 b8 77 - 02 00 00 00 00 00 00 00 .o.w...w........ 0109fe90 a8 40 13 00 01 00 00 00 - 38 41 13 00 1f 3e f7 77 [email protected]...>.w 0109fea0 00 00 98 70 02 00 00 00 - 00 00 00 00 1c ff 09 01 ...p............ 0109feb0 00 00 00 00 5b 12 f7 77 - 60 55 fb 77 61 12 f7 77 ....[..w`U.wa..w 0109fec0 30 ff 09 01 5c f6 12 00 - f0 3a 13 00 00 00 00 00 0...\....:...... 0109fed0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 0109fee0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 0109fef0 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................ 0109ff00 00 00 00 00 c0 fe 09 01 - 00 00 00 00 ff ff ff ff ................ 0109ff10 a4 1f fa 77 e8 d0 fa 77 - ff ff ff ff 00 00 00 00 ...w...w........ 0109ff20 87 63 f8 77 8f 63 f8 77 - 30 ff 09 01 01 00 00 00 .c.w.c.w0....... Thanks Johannes Schilling -----Urspr=FCngliche Nachricht----- Von: Gilbert Ramirez [SMTP:gram@xxxxxxxxxx] Gesendet am: Mittwoch, 11. Oktober 2000 17:01 An: Schilling, Johannes; ethereal-users@xxxxxxxxxxxx Betreff: Re: [Ethereal-users] Problems loading files captured with windump On Wed, Oct 11, 2000 at 04:27:33PM +0200, Schilling, Johannes wrote: > Hi, >=20 > I use ethereal with my Win NT PC. Since Version 0.8.12 I have problems to > load a capture file which was captured with windump. Dr. Watson comes up > with the following message: >=20 >=20 >=20 > Is there a way to load these files with Version 0.8.12? The Dr. Watson error messag did not come across in the e-mail. --gilbert ----- End forwarded message -----
- Follow-Ups:
- Prev by Date: Re: [Ethereal-dev] plntohs etc vs tvb_ routines
- Next by Date: [Ethereal-dev] Re: [Ethereal-users] Problems loading files captured with windump
- Previous by thread: RE: [Ethereal-dev] Re: [Ethereal-users] ARP decoding problems
- Next by thread: RE: [Ethereal-dev] [jschilli@xxxxxxxxxxxxxxxx: AW: [Ethereal-users] Problems loading files captured with windump]
- Index(es):