On Fri, Jun 23, 2000 at 10:50:23AM -0500, Christine Tran wrote:
>
> ># isalist -v
> >sparcv8plus+vis sparcv8plus sparcv8 sparcv8-fsmuld sparcv7 sparc
> >
> ># ethereal -v
> >ethereal 0.8.4, with GTK+ 1.2.6, with libpcap 0.4, with libz 1.1.3,
> without SNM
> >(dbx) where
> >=>[1] _proto_tree_add_item_value(0x1ce500, 0xea, 0x2c, 0x2, 0x0, 0x0), at
> >0x96520
> > [2] proto_tree_add_item(0x1ce500, 0xea, 0x2c, 0x2, 0x3ff00000, 0x0), at
> >0x962a0
> > [3] dissect_bpdu(0x15, 0x11, 0x3ff00000, 0x0, 0x402e0000, 0x0), at
> 0x32a94
> > [4] dissect_llc(0x1f56c8, 0x11, 0x23a188, 0x1ce17c, 0x1ce528, 0xef000),
> at
> >0x4b434
> > [5] dissect_eth(0x1f56c8, 0xe, 0x23a188, 0x1ce17c, 0x34, 0x122d10), at
> >0x3778c
> > [6] dissect_packet(0x1f56c8, 0x23a188, 0x1ce17c, 0x6, 0xfed36000, 0x1),
I'm not familiar enough with the sparc architecture to know hy
the debugger lists 6 arguments to each dissect*() call instead of either
3 or 4. What's interesting is the first argument to each dissect*()
call. The pointer to the data buffer (const u_char *pd) is 0x1f56c8
in the first 3 dissections (_packet, _eth, and _llc). Well, that's if
I'm converting this 6-arg list to a 3 or 4 arg list correctly in my head.
But then it changes in the call to dissect_bpdu to 0x15.
I checked the source in dissect_llc() that gets a dissector function
pointer from a table and then calls it. It's not changing 'pd' (it's constant),
nor is it passing a new value as 'pd' to the next dissector, so
why it changes in your process, I don't know.
Did you build this executable or did you install a binary image?
If you installed an image, I'd recommend compiling Ethereal (maybe 0.8.4,
but preferrably 0.8.9, the latest version) and see what happens.
--gilbert
