Wireshark mailing list archives

Previous By Date Next
Previous By Thread Next

Unhandled exception

From: "Maynard, Chris" <Christopher.Maynard () IGT com>
Date: Mon, 17 Sep 2018 19:31:34 +0000
Hello,

Recently I've begun seeing the following unhandled exception with master when loading any capture file or attempting to 
capture on any interface - at least that I tried, but I haven't found any capture file or capture interface where this 
doesn't happen now:

      Unhandled exception ("proto.c:6497: failed assertion "(guint)hfid < gpa_hfinfo.len" (Unregistered hf!)", group=1, 
code=6)

The exception is occurring in proto.c:proto_tree_prime_with_hfid() at line 6497, within the PROTO_REGISTRAR_GET_NTH() 
macro, but unfortunately the stack trace isn't particularly helpful [to me].  Here's one when attempting to load an 
arbitrary capture file:


      libwireshark.dll!unhandled_catcher(except_t * except) Line 230  C

        libwireshark.dll!do_throw(except_t * except) Line 216   C
        libwireshark.dll!except_rethrow(except_t * except) Line 274     C
        Wireshark.exe!cf_read(_capture_file * cf, int reloading) Line 652       C
        Wireshark.exe!MainWindow::openCaptureFile(QString cf_path, QString read_filter, unsigned int type, int 
is_tempfile) Line 250    C++
        Wireshark.exe!MainWindow::openCaptureFile(QString cf_path, QString display_filter) Line 299     C++
        Wireshark.exe!MainWindow::qt_static_metacall(QObject * _o, QMetaObject::Call _c, int _id, void * * _a) Line 
1379        C++
        Qt5Core.dll!00007ffb168fe327()  Unknown
        Wireshark.exe!WelcomePage::recentFileActivated(QString _t1) Line 288    C++
        Wireshark.exe!WelcomePage::openRecentItem(QListWidgetItem * item) Line 398      C++
        Qt5Core.dll!00007ffb168fe327()  Unknown
        Qt5Widgets.dll!00007ffb17564824()       Unknown
        Qt5Core.dll!00007ffb168fe327()  Unknown
        Qt5Widgets.dll!00007ffb175231fa()       Unknown
        Qt5Widgets.dll!00007ffb1752972c()       Unknown
        Qt5Widgets.dll!00007ffb1732bc42()       Unknown
        Qt5Widgets.dll!00007ffb173ceac7()       Unknown
        Qt5Widgets.dll!00007ffb17530369()       Unknown
        Qt5Core.dll!00007ffb168e104d()  Unknown
        Qt5Widgets.dll!00007ffb17308cac()       Unknown
        Qt5Widgets.dll!00007ffb173068cd()       Unknown
        Qt5Core.dll!00007ffb168dec79()  Unknown
        Qt5Widgets.dll!00007ffb1730a006()       Unknown
        Qt5Widgets.dll!00007ffb17353fe9()       Unknown
        Qt5Widgets.dll!00007ffb17351d5e()       Unknown
        Qt5Widgets.dll!00007ffb17308cc0()       Unknown
        Qt5Widgets.dll!00007ffb17307b47()       Unknown
        Qt5Core.dll!00007ffb168dec79()  Unknown
        Qt5Gui.dll!00007ffb16d1e262()   Unknown
        Qt5Gui.dll!00007ffb16d048fb()   Unknown
        Qt5Core.dll!00007ffb169285c5()  Unknown
        [External Code]
        Qt5Core.dll!00007ffb16927d96()  Unknown
        qwindows.dll!00007ffb16609979() Unknown
        Qt5Core.dll!00007ffb168dab23()  Unknown
        Qt5Core.dll!00007ffb168dd8d4()  Unknown
        Wireshark.exe!main(int argc, char * * qt_argv) Line 907 C++
        Wireshark.exe!WinMain(HINSTANCE__ * __formal, HINSTANCE__ * __formal, char * __formal, int __formal) Line 104   
C++
        [External Code]

If I set WIRESHARK_ABORT_ON_DISSECTOR_BUG=1, it produces nothing of value [to me]:

      14:52:20.271          Err  Unregistered hf! index=-1

I removed all my Lua dissectors from the plugins directory, so this is just stock Wireshark master running.  Here's the 
Wireshark version information:


Version 2.9.0 (v2.9.0rc0-1854-g261817cf)
Compiled (64-bit) with Qt 5.11.1, with WinPcap (4_1_3), with GLib 2.52.2, with zlib 1.2.11, with SMI 0.4.8, with c-ares 
1.14.0, with Lua 5.2.4, with GnuTLS 3.4.11, with Gcrypt 1.8.3, with MIT Kerberos, with MaxMind DB resolver, with 
nghttp2 1.14.0, with LZ4, with Snappy, with libxml2 2.9.4, with QtMultimedia, with AirPcap, with SBC, with SpanDSP, 
with bcg729.
Running on 64-bit Windows 10 (1803), build 17134, with Intel(R) Xeon(R) CPU E3-1505M v5 @ 2.80GHz (with SSE4.2), with 
16225 MB of physical memory, with locale English_United States.1252, with WinPcap version 4.1.3 (packet.dll version 
4.1.0.2980), based on libpcap version 1.0 branch 1_0_rel0b (20091008), with GnuTLS 3.4.11, with Gcrypt 1.8.3, with 
AirPcap 4.1.0 build 1622, binary plugins supported (14 loaded). Built using Microsoft Visual C++ 14.0 build 24215

I will continue investigating, but maybe someone has some ideas?  Is anyone else seeing this?

Other observations:

checkhf produces no output of any particular consequence (just a bunch of "Unused [href|ei] entry"'s).

checkapi: 1 warning of no consequence here.

checkfiltername: a bunch of "[field] doesn't match PROTOABBREV" warnings, but probably nothing of consequence?

cppcheck: too much output to find the needle I'm looking for in this haystack.

- Chris
P.S. After updating to the latest sources, I tried deleting the entire build directory and forcing everything to be 
compiled again.  That didn't help.



CONFIDENTIALITY NOTICE: This message is the property of International Game Technology PLC and/or its subsidiaries and 
may contain proprietary, confidential or trade secret information.  This message is intended solely for the use of the 
addressee.  If you are not the intended recipient and have received this message in error, please delete this message 
from your system. Any unauthorized reading, distribution, copying, or other use of this message or its attachments is 
strictly prohibited.

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Previous By Date Next
Previous By Thread Next

Current thread: