[Pascal Quantin <pascal.quantin@xxxxxxxxx>]

Hi Thomas,

2016-10-30 22:39 GMT+01:00 Thomas Wiens <th.wiens@xxxxxx>:

Hi,
I'm working on a protocol where I want to use proto_tree_add_bitmask for
a 64 Bit value.
You can see the structure in the attached screenshot.
This are my hf definitions (1st one is the header, the other ones are
the fields):

{ &hf_s7commp_data_returnvalue,
  { "Return value", "s7comm-plus.returnvalue", FT_UINT64, BASE_HEX,
NULL, 0x0,
    NULL, HFILL }},

{ &hf_s7commp_data_retval_errorcode,
  { "Error code", "s7comm-plus.returnvalue.errorcode", FT_UINT64,
BASE_HEX, NULL, 0x000000000000ffff,
    NULL, HFILL }},
{ &hf_s7commp_data_retval_omsline,
  { "OMS line", "s7comm-plus.returnvalue.omsline", FT_UINT64, BASE_DEC,
NULL, 0x00000000ffff0000,
    NULL, HFILL }},
{ &hf_s7commp_data_retval_errorsource,
  { "Error source", "s7comm-plus.returnvalue.errorsource", FT_UINT64,
BASE_HEX, NULL, 0x000000ff00000000,
    NULL, HFILL }},
{ &hf_s7commp_data_retval_genericerrorcode,
  { "Generic error code", "s7comm-plus.returnvalue.genericerrorcode",
FT_UINT64, BASE_HEX, NULL, 0x00007f0000000000,
    NULL, HFILL }},
{ &hf_s7commp_data_retval_servererror,
  { "Server error", "s7comm-plus.returnvalue.servererror", FT_BOOLEAN,
64, NULL, 0x0000800000000000,
    NULL, HFILL }},
{ &hf_s7commp_data_retval_debuginfo,
  { "Debug info", "s7comm-plus.returnvalue.debuginfo", FT_UINT64,
BASE_HEX, NULL, 0x3fff000000000000,
    NULL, HFILL }},
{ &hf_s7commp_data_retval_errorextension,
  { "Error extension", "s7comm-plus.returnvalue.errorextension",
FT_BOOLEAN, 64, NULL, 0x4000000000000000,
    NULL, HFILL }},

In general it works, but there are two problems:

1) It seems to be impossible to decode a value inside the bitmask as
signed integer

The "Error code" value should be 16 bit signed integer.
I've tried all combinations, but I seems that this is really not possible.
I always get a DISSECTOR_ASSERT_NOT_REACHED from proto_tree_add_uint64().

When looking at proto_item_add_bitmask_tree() it looks like proto_tree_add_uint64() is called both for FT_UINT64 and ft_INT64 (which seems surprising, not to say wrong). Until this gets clarified, you might get more success by manually creating the subtree and adding items, and using the FT_INTXXtype when required.
 

2) Using value strings in a 64 bit bitmask aren't possible

When I want to use a value_string for an entry inside the bitmask like
VALS(errorcode_names) for example, wireshark crashes when I select a column.
In the shown screenshot I've manually added the strings to the main item.

For 64 bits field, you must use the VALS64() macro and not the VALS() one. See doc/README.dissector chapter 1.5:

"-- val64_string

val64_strings are like value_strings, except that the integer type
used is a guint64 (instead of guint32). Instead of using the VALS()
macro for the 'strings' field in the header_field_info struct array,
'VALS64()' is used."
 

I could not simply split the bitmask into two 32 bit values, because the
protocol I'm working on uses variable length encoding.
Thus I'm decoding the value for myself, then calling
proto_tree_add_bitmask_value and passing my own value to the function.

I'm working under Windows 7 32 Bit, if this is a source of the problem.

Thanks in advance

--
Thomas

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request@wireshark.org?subject=unsubscribe