Ethereal-dev: Re: [Ethereal-dev] crash on reading tracefile ( NFS ? )

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: "Martin Regner" <martin.regner@xxxxxxxxx>
Date: Fri, 15 Nov 2002 17:57:31 +0100
J.Smith wrote:
>Hi.
>
>Recently, I am experiencing some intermittent crashes when trying to read 
>tracefiles in Ethereal 0.9.7 on Win32. I personally get the impression that 
>the problems occur when a specific type of NFS traffic is present in the 
>captures, but Im not 100% positive that this is the cause of the crashes. 
>Anyways, I was sort of hoping that someone on this list could find the time 
>to look into the matter ;)

I haven't had time to look so much into the problem but I get a crash immediately when 
reading the capture with Ethereal 0.9.7 (Windows 98):

ETHEREAL orsakade ett ogiltigt sidfel i  (invalid page fault in module MSVCRT.DLL)
modul MSVCRT.DLL på adress 015f:78001648.
Registrerar:
EAX=00fa0630 CS=015f EIP=78001648 EFLGS=00010212
EBX=00004000 SS=0167 ESP=00e0d444 EBP=00e0d44c
ECX=0000018c DS=0167 ESI=00fa0000 FS=4edf
EDX=00000000 ES=0167 EDI=030cb5e4 GS=0000
Byte på CS:EIP:
f3 a5 ff 24 95 28 17 00 78 8b c7 ba 03 00 00 00 
Stackdump:
00f9c630 00e40888 00e0d48c 00911316 030c7c14 00f9c630 00004000 009112fc 00e40888 00004000 00edae04 00e0d488 00e40888 0000000b 00e0da78 00f39cb0 


With Ethereal 0.9.5 (Windows 98) I got a crash when clicking on frame 127:

THEREAL orsakade ett ogiltigt sidfel i (invalid page fault in module MSVCRT.DLL)
modul MSVCRT.DLL på adress 015f:78001648.
Registrerar:
EAX=00f227d0 CS=015f EIP=78001648 EFLGS=00010212
EBX=00004000 SS=0167 ESP=00d4e5c4 EBP=00d4e5cc
ECX=000009f4 DS=0167 ESI=00f20000 FS=4d7f
EDX=00000000 ES=0167 EDI=00e0d618 GS=0000
Byte på CS:EIP:
f3 a5 ff 24 95 28 17 00 78 8b c7 ba 03 00 00 00 
Stackdump:
00f1e7d0 00d73f8c 00d4e60c 00851316 00e0bde8 00f1e7d0 00004000 008512fc 00d73f8c 00004000 00eb4c70 00d4e608 00d73f8c 00de4780 00d4ebf8 00e77620 

Below is Visual Studio some debug output I got when I used Ethereal 0.9.5 (Win 2000)
MSVCRT! 7800124c()
GLIB-1.3! 00231316()
GLIB-1.3! 00231ef5()
proto_tree_set_bytes(field_info * 0x028d6380, const unsigned char * 0x026d9c98, int 1024) line 909 + 17 bytes
proto_tree_add_bytes(_GNode * 0x0269c700, int 5344, tvbuff * 0x02873d74, int 132, int 1024, const unsigned char * 0x026d9c98) line 862 + 17 bytes
proto_tree_add_bytes_format(_GNode * 0x0269c700, int 5344, tvbuff * 0x02873d74, int 132, int 1024, const unsigned char * 0x026d9c98, const char * 0x00770f94) line 891 + 29 bytes
dissect_rpc_opaque_data(tvbuff * 0x02873d74, int 132, _GNode * 0x028c3124, int 5344, int 0, char * * 0x00000000) line 618 + 38 bytes
dissect_rpc_data(tvbuff * 0x02873d74, _GNode * 0x028c3124, int 5344, int 128) line 675 + 25 bytes
dissect_nfsdata(tvbuff * 0x02873d74, int 128, _GNode * 0x028c3124, int 5344) line 2112 + 21 bytes
dissect_nfs3_read_reply(tvbuff * 0x02873d74, int 128, _packet_info * 0x0106e538, _GNode * 0x028c3124) line 3684 + 24 bytes
call_dissect_function(tvbuff * 0x02873d74, _packet_info * 0x0106e538, _GNode * 0x028c3124, int 28, int (tvbuff *, int, _packet_info *, _GNode *)* 0x004edc94 dissect_nfs3_read_reply(tvbuff *, int, _packet_info *, _GNode *), const char * 0x00744c1c) line 1063 + 19 bytes
dissect_rpc_message(tvbuff * 0x02873d74, _packet_info * 0x0106e538, _GNode * 0x0107a550, tvbuff * 0x02873d74, _fragment_data * 0x00000000, int 1, unsigned int 2147484800) line 2097 + 29 bytes
call_message_dissector(tvbuff * 0x02873d40, tvbuff * 0x02873d74, _packet_info * 0x0106e538, _GNode * 0x0107a550, tvbuff * 0x02873d74, int (tvbuff *, _packet_info *, _GNode *, tvbuff *, _fragment_data *, int, unsigned int)* 0x0051e76e dissect_rpc_message(tvbuff *, _packet_info *, _GNode *, tvbuff *, _fragment_data *, int, unsigned int), _fragment_data * 0x00000000, ...) line 2342 + 
dissect_rpc_fragment(tvbuff * 0x02873d40, int 0, _packet_info * 0x0106e538, _GNode * 0x0107a550, int (tvbuff *, _packet_info *, _GNode *, tvbuff *, _fragment_data *, int, unsigned int)* 0x0051e76e dissect_rpc_message(tvbuff *, _packet_info *, _GNode *, tvbuff *, _fragment_data *, int, unsigned int), int 0, int 6191, int 1207, int 0) line 2467 + 37 bytes
dissect_rpc_tcp_common(tvbuff * 0x02873d40, _packet_info * 0x0106e538, _GNode * 0x0107a550, int 0) line 2730 + 50 bytes
dissect_rpc_tcp(tvbuff * 0x02873d40, _packet_info * 0x0106e538, _GNode * 0x0107a550) line 2772 + 19 bytes
call_dissector(dissector_handle * 0x00f986c8, tvbuff * 0x02873d40, _packet_info * 0x0106e538, _GNode * 0x0107a550) line 1111 + 18 bytes
try_conversation_dissector(_address * 0x0106e57c, _address * 0x0106e588, int 2, unsigned int 2049, unsigned int 692, tvbuff * 0x02873d40, _packet_info * 0x0106e538, _GNode * 0x0107a550) line 940 + 24 bytes
decode_tcp_ports(tvbuff * 0x02873d0c, int 20, _packet_info * 0x0106e538, _GNode * 0x0107a550, int 2049, int 692) line 1034 + 41 bytes
desegment_tcp(tvbuff * 0x02873d0c, _packet_info * 0x0106e538, int 20, unsigned int 2771509068, unsigned int 2771510224, unsigned int 2049, unsigned int 692, _GNode * 0x0107a550, _GNode * 0x028bdcb8) line 346 + 29 bytes
dissect_tcp(tvbuff * 0x02873d0c, _packet_info * 0x0106e538, _GNode * 0x0107a550) line 1403 + 61 bytes
dissector_try_port(dissector_table * 0x00f86750, unsigned int 6, tvbuff * 0x02873d0c, _packet_info * 0x0106e538, _GNode * 0x0107a550) line 591 + 18 bytes
dissect_ip(tvbuff * 0x02873cd8, _packet_info * 0x0106e538, _GNode * 0x0107a550) line 1063 + 34 bytes
dissector_try_port(dissector_table * 0x00b0a4e0, unsigned int 2048, tvbuff * 0x02873cd8, _packet_info * 0x0106e538, _GNode * 0x0107a550) line 591 + 18 bytes
ethertype(unsigned short 2048, tvbuff * 0x02874f60, int 14, _packet_info * 0x0106e538, _GNode * 0x0107a550, _GNode * 0x0269c2dc, int 1833, int 1835) line 160 + 33 bytes
dissect_eth(tvbuff * 0x02874f60, _packet_info * 0x0106e538, _GNode * 0x0107a550) line 231 + 41 bytes
dissector_try_port(dissector_table * 0x00b0a670, unsigned int 1, tvbuff * 0x02874f60, _packet_info * 0x0106e538, _GNode * 0x0107a550) line 591 + 18 bytes
dissect_frame(tvbuff * 0x02874f60, _packet_info * 0x0106e538, _GNode * 0x0107a550) line 155 + 34 bytes
call_dissector(dissector_handle * 0x00b0a720, tvbuff * 0x02874f60, _packet_info * 0x0106e538, _GNode * 0x0107a550) line 1111 + 18 bytes
dissect_packet(_epan_dissect_t * 0x0106e530, wtap_pseudo_header * 0x00837cf4, const unsigned char * 0x00837d84, _frame_data * 0x026c27e4, _column_info * 0x00000000) line 316 + 32 bytes
epan_dissect_run(_epan_dissect_t * 0x0106e530, void * 0x00837cf4, const unsigned char * 0x00837d84, _frame_data * 0x026c27e4, _column_info * 0x00000000) line 98 + 25 bytes
print_packets(_capture_file * 0x00837c80, print_args_t * 0x0012ed38) line 1236 + 31 bytes
print_ok_cb(_GtkWidget * 0x0106aaf8, void * 0x01067fa0) line 570 + 14 bytes
GTK-1.3! 008cbebc()
GTK-1.3! 0090200b()
GTK-1.3! 00901352()
GTK-1.3! 008feb6a()
GTK-1.3! 0085e3e0()
GTK-1.3! 0085ff01()
GTK-1.3! 008cbebc()
GTK-1.3! 00901228()
GTK-1.3! 008feb6a()
GTK-1.3! 0085e320()
GTK-1.3! 0085f7e5()
GTK-1.3! 008cbc4a()
GTK-1.3! 00901388()
GTK-1.3! 008feb6a()
GTK-1.3! 00942430()
GTK-1.3! 008cbbc5()
GTK-1.3! 008cae94()
GDK-1.3! 009b3362()
GLIB-1.3! 0024005f()
GLIB-1.3! 0024075c()
GLIB-1.3! 00240902()
GLIB-1.3! 00240c4f()
GTK-1.3! 008ca869()
main(int 0, char * * 0x00b03cbc) line 2012
WinMain(HINSTANCE__ * 0x00400000, HINSTANCE__ * 0x00000000, char * 0x00134384, int 1) line 2097 + 23 bytes
ETHEREAL! WinMainCRTStartup + 308 bytes
KERNEL32! 77e8d326()

When disabling rpc protocol I don't get any crash.
I