Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 373545 - wireshark -1.4.7 stops interpreting packets correctly
Summary: wireshark -1.4.7 stops interpreting packets correctly
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Netmon project
URL:
Whiteboard:
Keywords:
Depends on: 370683
Blocks:
  Show dependency tree
 
Reported: 2011-06-30 08:32 UTC by Francesco Lamonica
Modified: 2011-09-12 18:52 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Francesco Lamonica 2011-06-30 08:32:09 UTC 
After a while that wireshark is capturing packets and showing them in realtime it stops identifying them correctly and reports them to be just ethernet. pressing the "refresh" button (that is not clickable while capturing unfortunately) makes it recalculates the trace and shows the correct packet interpretation. his was not happening with wireshark 1.4.6

Reproducible: Always

Steps to Reproduce:
1.start capturing
2.wait for a random time (5-10 min usually)
3.
Actual Results:  
packets are identified as ethernet (white background) (Note: some times not all ethernet packets are shown)

Expected Results:  
packets should be correctly dissected

emerge --info
Portage 2.1.9.42 (default/linux/amd64/10.0/desktop, gcc-4.4.5, libc-0-r0, 2.6.38-gentoo-r6 x86_64)
=================================================================
System uname: Linux-2.6.38-gentoo-r6-x86_64-AMD_Phenom-tm-_II_X4_945_Processor-with-gentoo-2.0.2
Timestamp of tree: Wed, 29 Jun 2011 06:30:01 +0000
ccache version 2.4 [disabled]
app-shells/bash:     4.1_p9
dev-java/java-config: 2.1.11-r3
dev-lang/python:     2.7.1-r1, 3.1.3-r1
dev-util/ccache:     2.4-r9
dev-util/cmake:      2.8.4-r1
dev-util/pkgconfig:  0.25-r2
sys-apps/baselayout: 2.0.2
sys-apps/openrc:     0.8.2-r1
sys-apps/sandbox:    2.4
sys-devel/autoconf:  2.13, 2.65-r1
sys-devel/automake:  1.9.6-r3, 1.10.3, 1.11.1
sys-devel/binutils:  2.20.1-r1
sys-devel/gcc:       4.4.5
sys-devel/gcc-config: 1.4.1-r1
sys-devel/libtool:   2.2.10
sys-devel/make:      3.82
sys-kernel/linux-headers: 2.6.36.1
sys-libs/glibc:      2.12.2
virtual/os-headers:  0
ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="* -@EULA PUEL dlj-1.1 skype-eula googleearth AdobeFlash-10.1"
CBUILD="x86_64-pc-linux-gnu"
CFLAGS="-march=k8 -O2 -pipe"
CHOST="x86_64-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/share/config /usr/share/gnupg/qualified.txt"
CONFIG_PROTECT_MASK="/etc/ca-certificates.conf /etc/env.d /etc/env.d/java/ /etc/fonts/fonts.conf /etc/gconf /etc/gentoo-release /etc/php/apache2-php5.3/ext-active/ /etc/php/cgi-php5.3/ext-active/ /etc/php/cli-php5.3/ext-active/ /etc/revdep-rebuild /etc/sandbox.d /etc/terminfo"
CXXFLAGS="-march=k8 -O2 -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="assume-digests binpkg-logs candy distlocks fixlafiles fixpackages news parallel-fetch protect-owned sandbox sfperms strict unknown-features-warn unmerge-logs unmerge-orphans userfetch usersandbox"
FFLAGS=""
GENTOO_MIRRORS="http://distfiles.gentoo.org"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
LINGUAS="en it"
MAKEOPTS="-j5"
PKGDIR="/usr/portage/packages"
PORTAGE_CONFIGROOT="/"
PORTAGE_RSYNC_OPTS="--recursive --links --safe-links --perms --times --compress --force --whole-file --delete --stats --timeout=180 --exclude=/distfiles --exclude=/local --exclude=/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="3dnow 3dnowext X a52 aac acl acpi aften akode alsa amazon amd64 amr amrnb amrwb animgif audiofile branding bzip2 cairo ccache cdr cleartype cli consolekit cracklib crypt cscope cups curl cxx dbus dri dts dvd dvdr ebook encode exif fam ffmpeg firefox flac foomaticdb gcrypt gd gdbm gdu gif gimp gkrellm gpm gsm gtk hardened iconv imagemagick ipod java java6 jpeg lame lcms libgcrypt libssh2 logrotate loop-aes mad matroska mmx mmxext mng modules mp3 mp4 mpeg mpeg2 mplayer mudflap multilib musepack musicbrainz ncurses nls nptl nptlonly nsplugin ogg opencore-amr opengl openmp openssl opensslcrypt pam pango pcre pdf perl phonon plasma png policykit ppds pppd python qt3support qt4 readline samba sdl session smp sndfile speex spell sql sqlite3 sse sse2 sse3 sse4.1 sse4.2 sse4a sse5 ssl startup-notification subversion svg svnserve swat sysfs syslog tcpd theora tiff truetype udev unicode usb v4l v4l2 vorbis webkit x264 xcb xcomposite xinerama xml xorg xscreensaver xulrunner xv xvid zlib" ALSA_CARDS="hda-intel" ALSA_PCM_PLUGINS="adpcm alaw asym copy dmix dshare dsnoop empty extplug file hooks iec958 ioplug ladspa lfloat linear meter mmap_emul mulaw multi null plug rate route share shm softvol" APACHE2_MODULES="actions alias auth_basic authn_alias authn_anon authn_dbm authn_default authn_file authz_dbm authz_default authz_groupfile authz_host authz_owner authz_user autoindex cache cgi cgid dav dav_fs dav_lock deflate dir disk_cache env expires ext_filter file_cache filter headers include info log_config logio mem_cache mime mime_magic negotiation rewrite setenvif speling status unique_id userdir usertrack vhost_alias" CALLIGRA_FEATURES="braindump flow karbon kexi kpresenter krita tables words" CAMERAS="ptp2" COLLECTD_PLUGINS="df interface irq load memory rrdtool swap syslog" ELIBC="glibc" GPSD_PROTOCOLS="ashtech aivdm earthmate evermore fv18 garmin garmintxt gpsclock itrax mtk3301 nmea ntrip navcom oceanserver oldstyle oncore rtcm104v2 rtcm104v3 sirf superstar2 timing tsip tripmate tnt ubx" INPUT_DEVICES="evdev keyboard mouse" KERNEL="linux" LCD_DEVICES="bayrad cfontz cfontz633 glk hd44780 lb216 lcdm001 mtxorb ncurses text" LINGUAS="en it" PHP_TARGETS="php5-3" RUBY_TARGETS="ruby18" USERLAND="GNU" VIDEO_CARDS="vesa radeonhd vga" XTABLES_ADDONS="quota2 psd pknock lscan length2 ipv4options ipset ipp2p iface geoip fuzzy condition tee tarpit sysrq steal rawnat logmark ipmark dhcpmac delude chaos account" 
Unset:  CPPFLAGS, CTARGET, EMERGE_DEFAULT_OPTS, INSTALL_MASK, LANG, LC_ALL, PORTAGE_BUNZIP2_COMMAND, PORTAGE_COMPRESS, PORTAGE_COMPRESS_FLAGS, PORTAGE_RSYNC_EXTRA_OPTS, PORTDIR_OVERLAY
Comment 1 Peter Volkov (RETIRED) gentoo-dev 2011-06-30 09:24:49 UTC 
Could you, please, report this bug upstream?

http://bugs.winehq.org/
Comment 2 Francesco Lamonica 2011-06-30 10:02:00 UTC 
Hi Peter, should i report in to wine?
Comment 3 Peter Volkov (RETIRED) gentoo-dev 2011-06-30 10:28:54 UTC 
Err, sure now. That was firefox substitution :) Bugzilla is here:

https://bugs.wireshark.org/
Comment 4 Francesco Lamonica 2011-06-30 11:08:56 UTC 
i will try to report that, although i noticed that same happen with 1.4.6-r1 (just downgraded) after a while the packets are wrongly interpreted and it mess up also reception time (setting it in the future)... I'll try to downgrade to another version in order to spot the version that introduced this bug...
Comment 5 Francesco Lamonica 2011-06-30 13:23:51 UTC 
an update: launching from console i see these warnings:

[Errno 2] No such file or directory: '/usr/lib64/wireshark/python/1.4.4/wspy_dissectors'
15:19:02          Warn Error "Less data was read than was expected" while reading: "/tmp/wiresharkXXXX4cUhHI"

15:19:03          Warn Error "File contains a record that's not valid" while reading: "/tmp/wiresharkXXXX4cUhHI"

15:19:04          Warn Error "File contains a record that's not valid" while reading: "/tmp/wiresharkXXXX4cUhHI"

15:19:05          Warn Error "File contains a record that's not valid" while reading: "/tmp/wiresharkXXXX4cUhHI"

15:19:06          Warn Error "File contains a record that's not valid" while reading: "/tmp/wiresharkXXXX4cUhHI"

and then...


15:19:48          Warn Error "File contains a record that's not valid" while reading: "/tmp/wiresharkXXXX4cUhHI"

15:19:49          Warn Error "Less data was read than was expected" while reading: "/tmp/wiresharkXXXX4cUhHI"


at this point it seems to stop interpreting correctly...
running as user or superuser makes no difference

also wshark 1.4.4 seems to show this behaviour as well. I wonder if something else on my system is breaking this... Now will try to compile wireshark from source
Comment 6 Francesco Lamonica 2011-06-30 13:35:56 UTC 
compiling 1.4.7 from sources (./configure --prefix=/home/user/ws147) seems to be working
no warnings in console and capturing seems to be going just fine. So i suspect it not to be an upstream bug.
Comment 7 Peter Volkov (RETIRED) gentoo-dev 2011-06-30 13:50:34 UTC 
Probably compiling from the console you've got different configuration. Please, attach both build outputs, with build from console (without this bug) and build.log (with this bug).
Comment 8 Francesco Lamonica 2011-06-30 14:01:32 UTC 
Hi Peter, an update... even 1.4.7 from sources in the end gave the same error (it took just half an hour instead of a few mins) 1.6.0 although seems to be fine. I found these posts on wireshark bugzilla... that indicates zlib 1.2.5 as a possible culprit, specifically some gentoo modification to zlib.h

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5059

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5818

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4955

unfortunately downgrading from zlib 1.2.5 seems to be quite painful at the moment on my system.

since 1.6.0 is going fine (finger crossed) i think it should be at least unmasked if not stabilized... or zlib-1.2.5 should be fixed/masked... wireshark is unusable other way :(
Comment 9 Francesco Lamonica 2011-06-30 17:38:17 UTC 
another update: i've been capturing for hours now and 1.6.0 works just fine with zlib-1.2.5-r2. No problems, no warnings, etc.
Comment 10 Peter Volkov (RETIRED) gentoo-dev 2011-09-12 18:52:19 UTC 
1.6.2 in tree. Thank you for report.