Wireshark-dev: Re: [Wireshark-dev] master branch of Wireshark/tshark hangs
From: Peter Wu <peter@xxxxxxxxxxxxx>
Date: Thu, 1 Jun 2017 17:18:22 +0200
Do you notice an infinite loop (increased CPU usage)? If that is the case, you could interrupt several times, obtain a backtrace and continue. Tip: to limit to the last five frames use "bt 5" instead of "bt". For more info about a command, use "help bt". Note that if the program hangs or aborts abnormally during a live capture, the temporary capture file can still be found in /tmp/. If you can reproduce the problem with loading that pcap offline, then you can be sure it is not related to the live capture (and it is likely a dissector issue). Kind regards, Peter On Thu, Jun 01, 2017 at 05:01:02PM +0200, Remy Leone wrote: > Thanks a lot of the explaination :-) > Here is the backtrace. I don't think Qt is involved. > > (gdb) bt > #0 dissect_ieee802154_payload_mlme_sub_ie (offset=8, tree=0x7f078bbd4690, > pinfo=0x11b81c8, tvb=0x1000f70) at packet-ieee802154.c:2628 > #1 dissect_ieee802154_payload_ie (offset=8, tree=<optimized out>, > pinfo=0x11b81c8, tvb=0x1000f70) at packet-ieee802154.c:2912 > #2 dissect_ieee802154_common (tvb=0x1000f20, pinfo=pinfo@entry=0x11b81c8, > tree=tree@entry=0x1107410, options=0) at packet-ieee802154.c:1783 > #3 0x00007f079b16d216 in dissect_ieee802154 (tvb=0x1000f20, > pinfo=0x11b81c8, tree=0x1107410, data=<optimized out>) at > packet-ieee802154.c:1074 > #4 0x00007f079ad5eae0 in call_dissector_through_handle > (handle=0x7f078fb55810, handle=0x7f078fb55810, data=0x0, tree=0x1107410, > pinfo=0x11b81c8, tvb=0x1000f20) at packet.c:684 > #5 call_dissector_work (handle=0x7f078fb55810, tvb=0x1000f20, > pinfo_arg=0x11b81c8, tree=0x1107410, add_proto_name=<optimized out>, > data=0x0) > at packet.c:759 > #6 0x00007f079ad606f2 in call_dissector_with_data (handle=<optimized out>, > tvb=0x1000f20, pinfo=0x11b81c8, tree=0x1107410, data=<optimized out>) > at packet.c:3005 > #7 0x00007f079b6afedc in dissect_zep (tvb=0x1000e80, pinfo=0x11b81c8, > tree=0x1107410, data=<optimized out>) at packet-zep.c:233 > #8 0x00007f079ad5eae0 in call_dissector_through_handle > (handle=0x7f078e4482a0, handle=0x7f078e4482a0, data=0x0, tree=0x1107410, > pinfo=0x11b81c8, tvb=0x1000e80) at packet.c:684 > #9 call_dissector_work (handle=0x7f078e4482a0, tvb=0x1000e80, > pinfo_arg=0x11b81c8, tree=0x1107410, add_proto_name=<optimized out>, > data=0x0) > at packet.c:759 > #10 0x00007f079ad5f3d9 in dissector_try_uint_new (sub_dissectors=<optimized > out>, uint_val=uint_val@entry=17754, tvb=tvb@entry=0x1000e80, > pinfo=pinfo@entry=0x11b81c8, tree=tree@entry=0x1107410, > add_proto_name=add_proto_name@entry=1, data=0x0) at packet.c:1329 > #11 0x00007f079ad5f421 in dissector_try_uint (sub_dissectors=<optimized > out>, uint_val=uint_val@entry=17754, tvb=tvb@entry=0x1000e80, > pinfo=pinfo@entry=0x11b81c8, tree=tree@entry=0x1107410) at packet.c:1353 > #12 0x00007f079b5a7720 in decode_udp_ports (tvb=tvb@entry=0x1000ed0, > offset=offset@entry=8, pinfo=pinfo@entry=0x11b81c8, > tree=tree@entry=0x1107410, uh_sport=<optimized out>, > uh_dport=<optimized out>, uh_ulen=89) at packet-udp.c:678 > #13 0x00007f079b5a7de2 in dissect (tvb=tvb@entry=0x1000ed0, > pinfo=0x11b81c8, tree=0x1107410, ip_proto=ip_proto@entry=17) at > packet-udp.c:1131 > #14 0x00007f079b5a84de in dissect_udp (tvb=0x1000ed0, pinfo=<optimized > out>, tree=<optimized out>, data=<optimized out>) at packet-udp.c:1137 > #15 0x00007f079ad5eae0 in call_dissector_through_handle > (handle=0x7f078fb98210, handle=0x7f078fb98210, data=0x7f078b9d3350, > tree=0x1107410, > pinfo=0x11b81c8, tvb=0x1000ed0) at packet.c:684 > #16 call_dissector_work (handle=0x7f078fb98210, tvb=0x1000ed0, > pinfo_arg=0x11b81c8, tree=0x1107410, add_proto_name=<optimized out>, > data=0x7f078b9d3350) at packet.c:759 > #17 0x00007f079ad5f3d9 in dissector_try_uint_new (sub_dissectors=<optimized > out>, uint_val=17, tvb=0x1000ed0, pinfo=0x11b81c8, tree=0x1107410, > add_proto_name=add_proto_name@entry=1, data=0x7f078b9d3350) at > packet.c:1329 > #18 0x00007f079b1818d8 in ip_try_dissect (heur_first=<optimized out>, > nxt=nxt@entry=17, tvb=tvb@entry=0x1000ed0, pinfo=pinfo@entry=0x11b81c8, > tree=tree@entry=0x1107410, iph=0x7f078b9d3350) at packet-ip.c:1854 > #19 0x00007f079b1a0764 in ipv6_dissect_next (nxt=17, tvb=0x1000ed0, > pinfo=0x11b81c8, tree=0x1107410, iph=<optimized out>) at packet-ipv6.c:2418 > #20 0x00007f079b1a10f1 in dissect_ipv6 (tvb=0x11b72a0, pinfo=0x11b81c8, > tree=0x1107410, data=<optimized out>) at packet-ipv6.c:2366 > #21 0x00007f079ad5eae0 in call_dissector_through_handle > (handle=0x7f078fb58b70, handle=0x7f078fb58b70, data=0x0, tree=0x1107410, > pinfo=0x11b81c8, tvb=0x11b72a0) at packet.c:684 > #22 call_dissector_work (handle=0x7f078fb58b70, tvb=0x11b72a0, > pinfo_arg=0x11b81c8, tree=0x1107410, add_proto_name=<optimized out>, > data=0x0) > at packet.c:759 > #23 0x00007f079ad606f2 in call_dissector_with_data (handle=<optimized out>, > tvb=0x11b72a0, pinfo=0x11b81c8, tree=0x1107410, data=<optimized out>) > at packet.c:3005 > #24 0x00007f079b3f3075 in dissect_raw (tvb=0x11b72a0, pinfo=0x11b81c8, > tree=0x1107410, data=<optimized out>) at packet-raw.c:158 > #25 0x00007f079ad5eae0 in call_dissector_through_handle > (handle=0x7f078fb8c3d0, handle=0x7f078fb8c3d0, data=0x1178548, > tree=0x1107410, > ---Type <return> to continue, or q <return> to quit---bt > 81c8, tvb=0x11b72a0) at packet.c:684 > #26 call_dissector_work (handle=0x7f078fb8c3d0, tvb=0x11b72a0, > pinfo_arg=0x11b81c8, tree=0x1107410, add_proto_name=<optimized out>, > data=0x1178548) at packet.c:759 > #27 0x00007f079ad5f3d9 in dissector_try_uint_new (sub_dissectors=<optimized > out>, uint_val=7, tvb=tvb@entry=0x11b72a0, pinfo=pinfo@entry=0x11b81c8, > tree=tree@entry=0x1107410, add_proto_name=add_proto_name@entry=1, > data=0x1178548) at packet.c:1329 > #28 0x00007f079b06f550 in dissect_frame (tvb=0x11b72a0, pinfo=0x11b81c8, > parent_tree=0x1107410, data=0x7ffd06021d60) at packet-frame.c:521 > #29 0x00007f079ad5eae0 in call_dissector_through_handle > (handle=0x7f078fac6e10, handle=0x7f078fac6e10, data=0x7ffd06021d60, > tree=0x1107410, pinfo=0x11b81c8, tvb=0x11b72a0) at packet.c:684 > #30 call_dissector_work (handle=0x7f078fac6e10, tvb=0x11b72a0, > pinfo_arg=0x11b81c8, tree=0x1107410, add_proto_name=<optimized out>, > data=0x7ffd06021d60) at packet.c:759 > #31 0x00007f079ad606f2 in call_dissector_with_data (handle=<optimized out>, > tvb=0x11b72a0, pinfo=0x11b81c8, tree=0x1107410, data=<optimized out>) at > packet.c:3005 > #32 0x00007f079ad60c2d in dissect_record (edt=edt@entry=0x11b81b0, > file_type_subtype=file_type_subtype@entry=2, phdr=phdr@entry=0x11784e0, > tvb=tvb@entry=0x11b72a0, fd=fd@entry=0x7ffd06021f20, > cinfo=cinfo@entry=0x644e60 <cfile+544>) at packet.c:567 > #33 0x00007f079ad53e64 in epan_dissect_run_with_taps (edt=edt@entry=0x11b81b0, > file_type_subtype=2, phdr=phdr@entry=0x11784e0, tvb=0x11b72a0, > fd=fd@entry=0x7ffd06021f20, > cinfo=cinfo@entry=0x644e60 <cfile+544>) > at epan.c:473 > #34 0x0000000000417a5c in process_packet_single_pass (cf=cf@entry=0x644c40 > <cfile>, edt=edt@entry=0x11b81b0, offset=<optimized out>, whdr=0x11784e0, > pd=pd@entry=0x117d4a0 "`", tap_flags=tap_flags@entry=0) > at tshark.c:3448 > #35 0x000000000040e9ec in process_cap_file (cf=0x644c40 <cfile>, > max_byte_count=<optimized out>, max_packet_count=<optimized out>, > out_file_name_res=<optimized out>, out_file_type=<optimized out>, > save_file=0x0) > at tshark.c:3279 > #36 main (argc=<optimized out>, argv=<optimized out>) at tshark.c:1983 > > Best regards > > R�my > > 2017-06-01 16:54 GMT+02:00 Peter Wu <peter@xxxxxxxxxxxxx>: > > > You can attach to an existing process by its process ID: > > > > gdb -q -p `pidof wireshark` > > > > then once attached, you can can obtain a backtrace with the "bt" > > command. You can use "c" to continue and press Ctrl-C in gdb to > > interrupt and enter commands like "bt". > > > > Kind regards, > > Peter > > > > On Thu, Jun 01, 2017 at 04:33:49PM +0200, Remy Leone wrote: > > > I'm not sure to understand. Wireshark doesn't crash but hangs in that > > case. > > > How could I get a symbolized stack trace? > > > > > > I've tried before to use libtool --mode=execute gdb ./wireshark but > > > wireshark keeps hanging and I don't know how to use it to get meaningful > > > information. > > > > > > Best regards > > > > > > R�my > > > > > > 2017-06-01 16:24 GMT+02:00 Peter Wu <peter@xxxxxxxxxxxxx>: > > > > > > > It could be a bug in the Qt GUI component of Wireshark. Is it possible > > > > to attach a debugger to "wireshark" or "dumpcap" and obtain a > > symbolized > > > > stack trace? > > > > > > > > Kind regards, > > > > Peter > > > > > > > > On Tue, May 23, 2017 at 03:51:58PM +0200, Remy Leone wrote: > > > > > I'm not sure about where to start investigating this issue. Where > > does > > > > the > > > > > critical operation happen when wireshark/tshark is sniffing? I > > suppose > > > > that > > > > > this is a problem of blocking read/write that is not happening > > properly > > > > but > > > > > I'm not sure about how to get started to investigate this. > > > > > > > > > > 2017-05-23 10:35 GMT+02:00 Jaap Keuter <jaap.keuter@xxxxxxxxx>: > > > > > > > > > > > Hi, > > > > > > > > > > > > You could inspect the bug database, but as far as I know this is > > not a > > > > > > known issue. > > > > > > Your setup seems rather normal, so that should not be cause for any > > > > > > problems. > > > > > > If you could investigate further into tun / named pipe capture > > > > behaviour > > > > > > that could be interesting. > > > > > > > > > > > > Thanks, > > > > > > Jaap > > > > > > > > > > > > > > > > > > > On 23 May 2017, at 09:27, Remy Leone <remy.leone@xxxxxxxx> > > wrote: > > > > > > > > > > > > > > Hello, > > > > > > > > > > > > > > I've stumbled upon the following problem with master branch of > > > > > > Wireshark: After a while (around 10 minutes) Wireshark (master) > > hangs > > > > when > > > > > > it's sniffing on a tun interface or a named pipe. > > > > > > > On the other side, when I use the last stable version of > > Wireshark > > > > > > (2.2.6) I can sniff on the same interface or named pipe without > > > > troubles > > > > > > for a long time. > > > > > > > > > > > > > > Was there any change lately that would have caused that? I got > > the > > > > > > stable version of Wireshark installed through ubuntu > > repository/ppa. My > > > > > > user id also belongs to the wireshark group and I can sniff without > > > > root > > > > > > priviledges. Could the hanging be caused by that? Is that a > > classical > > > > > > problem? > > > > > > > > > > > > > > Best regards > > > > > > > > > > > > > > R�my
- Follow-Ups:
- Re: [Wireshark-dev] master branch of Wireshark/tshark hangs
- From: Pascal Quantin
- Re: [Wireshark-dev] master branch of Wireshark/tshark hangs
- References:
- Re: [Wireshark-dev] master branch of Wireshark/tshark hangs
- From: Peter Wu
- Re: [Wireshark-dev] master branch of Wireshark/tshark hangs
- From: Remy Leone
- Re: [Wireshark-dev] master branch of Wireshark/tshark hangs
- From: Peter Wu
- Re: [Wireshark-dev] master branch of Wireshark/tshark hangs
- From: Remy Leone
- Re: [Wireshark-dev] master branch of Wireshark/tshark hangs
- Prev by Date: Re: [Wireshark-dev] master branch of Wireshark/tshark hangs
- Next by Date: Re: [Wireshark-dev] master branch of Wireshark/tshark hangs
- Previous by thread: Re: [Wireshark-dev] master branch of Wireshark/tshark hangs
- Next by thread: Re: [Wireshark-dev] master branch of Wireshark/tshark hangs
- Index(es):