I have filed Bug 5382
(https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5382) for the
same.
It has attached a sample pcap file that causes the crash as well.
Thanks Martin for your advise.
- Antriksh
On Thu, Nov 11, 2010 at 6:29 PM, Martin Mathieson
<martin.r.mathieson@xxxxxxxxxxxxxx> wrote:
>
>
> On Thu, Nov 11, 2010 at 12:41 PM, Antriksh Pany <antriksh.pany@xxxxxxxxx>
> wrote:
>>
>> Hello
>>
>> The crash was occurring due to incorrect rnti type being filled up. We
>> actually had broadcast information flowing. But the rnti type was 3
>> (C_RNTI). And this seemed to be causing wireshark to attempt to decode
>> the message as a dedicated UE message (noticed that during the couple
>> of times that it did not crash in Windows).
>
> It would still be good to make sure we didn't crash, so that users such as
> yourself would see the problem more quickly.
> Wireshark shouldn't crash - it should show the packet as malformed and
> hopefully make the problem obvious.
>
>>
>> When I corrected the rnti type, the problem went away.
>>
>> I think this should be a very good indicator of where in code the
>> problem would be. If there are some pointers as to where to look in
>> code, I could consider having a look myself!
>>
>> Also, I guess wireshark could warn us when the RNTI is that of SI
>> (broadcast), but the rnti type is set differently.
>
> Yes, it probably should verify that the SI- and P- RNTI types have the
> correct value.
>
> Regards,
> Martin
>
>>
>> Cheers
>> Antriksh
>>
>>
>>
>> On Thu, Nov 11, 2010 at 12:22 PM, Antriksh Pany <antriksh.pany@xxxxxxxxx>
>> wrote:
>> > Hello
>> >
>> > I am facing a crash when I enable the option
>> > 'Try Heuristic LTE-MAC over UDP framing'
>> > and load an appropriate pcap.
>> >
>> > The crash does not occur when I turn off this option, and load the same
>> > pcap.
>> >
>> > This is the log:
>> > -----------------------
>> > bash-3.2$ /opt/wireshark/bin/wireshark
>> >
>> > (wireshark:10799): GLib-GObject-WARNING **: invalid (NULL) pointer
>> > instance
>> >
>> > (wireshark:10799): GLib-GObject-CRITICAL **: g_signal_emit_by_name:
>> > assertion `G_TYPE_CHECK_INSTANCE (instance)' failed
>> > Segmentation fault
>> > bash-3.2$
>> > bash-3.2$ uname -a
>> > Linux dennis 2.6.18-128.el5 #1 SMP Wed Dec 17 11:41:38 EST 2008 x86_64
>> > x86_64 x86_64 GNU/Linux
>> > bash-3.2$ /opt/wireshark/bin/wireshark -v
>> > wireshark 1.4.1
>> >
>> > Copyright 1998-2010 Gerald Combs <gerald@xxxxxxxxxxxxx> and
>> > contributors.
>> > This is free software; see the source for copying conditions. There is
>> > NO
>> > warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR
>> > PURPOSE.
>> >
>> > Compiled with GTK+ 2.10.4, (64-bit) with GLib 2.12.3, with libpcap
>> > 0.9.4, with
>> > libz 1.2.3, with POSIX capabilities (Linux), with libpcre (version
>> > unknown),
>> > without SMI, without c-ares, without ADNS, without Lua, without Python,
>> > with
>> > GnuTLS 1.4.1, with Gcrypt 1.2.4, with MIT Kerberos, without GeoIP,
>> > without
>> > PortAudio, without AirPcap.
>> >
>> > Running on Linux 2.6.18-128.el5, with libpcap version 0.9.4, with libz
>> > 1.2.3,
>> > GnuTLS 1.4.1, Gcrypt 1.2.4.
>> >
>> > Built using gcc 4.1.2 20080704 (Red Hat 4.1.2-44).
>> > bash-3.2$
>> > -----------------------
>> >
>> >
>> > Also, I had tried doing the same on Windows. It was able to open the
>> > pcap correctly on the first few occassions. But it consistently
>> > crashes on windows as well now.
>> > These are the problem details shown by Windows (windows 7):
>> > -----------------------
>> > Problem signature:
>> > Problem Event Name: APPCRASH
>> > Application Name: wireshark.exe
>> > Application Version: 1.4.1.34476
>> > Application Timestamp: 4cb35037
>> > Fault Module Name: libwireshark.dll
>> > Fault Module Version: 1.4.1.34476
>> > Fault Module Timestamp: 4cb34ea4
>> > Exception Code: c0000005
>> > Exception Offset: 0001148f
>> > OS Version: 6.1.7600.2.0.0.256.4
>> > Locale ID: 1033
>> > Additional Information 1: 0a9e
>> > Additional Information 2: 0a9e372d3b4ad19135b953a78882e789
>> > Additional Information 3: 0a9e
>> > Additional Information 4: 0a9e372d3b4ad19135b953a78882e789
>> > -----------------------
>> > I have tried things such as restarting the system etc, but nothing
>> > works.
>> >
>> > Any help/suggestions is appreciated.
>> >
>> > Thanks
>> > Antriksh Pany
>> >
>>
>> ___________________________________________________________________________
>> Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
>> Archives: http://www.wireshark.org/lists/wireshark-users
>> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
>>
>> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>
>
> ___________________________________________________________________________
> Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
> Archives: http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>
