Re: assertion when using tshark/wireshark on large captures

[Stephen Fisher <steve () stephen-fisher com>]

On Wed, Feb 16, 2011 at 10:31:54PM +0000, Bahr, Brad (Adecco Engineering & Technical) wrote:

> From a cursory glance at the source heading of emem.c, I gather that 
> this file provides memory management / garbage cleanup functions.

Correct.

> I'm definitely a novice when it comes to C/C++, so I don't have a clue 
> as to what would be causing g_assert to be getting a false from "ret 
> != 0 || versinfo.dwPlatformId == VER_PLATFORM_WIN32_WINDOWS".

This is interesting.  SVN revision 18178 introduced this to attempt to 
recover after the VirtualProtect() funcion call fails I think:

  http://anonsvn.wireshark.org/viewvc?view=rev&revision=18178

Which was to fix bug #915 on Windows 98! 
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=915

You should probably open a bug report at https://bugs.wireshark.org and 
include the details from this e-mail.  Depending on the complexity of 
the information Wireshark has to reassemble and store about the packets, 
you could still be running out of RAM with that large capture file, but 
this is an unusual place for it to fail.  See 
http://wiki.wireshark.org/KnownBugs/OutOfMemory for more details on 
that.

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe