Wireshark-bugs: [Wireshark-bugs] [Bug 11589] New: TCP bytes-in-flight calculation gets linearly
Date Index · Thread Index · Other Months · All Mailing Lists
Date Prev · Date Next · Thread Prev · Thread Next
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Mon, 12 Oct 2015 21:30:45 +0000
Bug ID 11589
Summary TCP bytes-in-flight calculation gets linearly slower if no ACKs are captured
Product Wireshark
Version Git
Hardware x86
OS All
Status UNCONFIRMED
Severity Normal
Priority Low
Component Dissection engine (libwireshark)
Assignee bugzilla-admin@wireshark.org
Reporter jeff.morriss.ws@gmail.com 

Build Information:
git, master-1.12, etc.
--
I have a large (180k frame) capture file (that some would call clearly broken
or maybe even malicious) which basically has one side of a TCP conversation
(data going in one direction and no ACKs coming back).  In Wireshark's default
mode (TCP sequence analysis and bytes-in-flight tracking are both enabled)
Wireshark clearly processes fewer and fewer frames per second as the file is
loaded (the "Time Left" shown in the Gtk+ GUI keeps *increasing* and repaints
become fewer and further between).  Disabling sequence analysis allows
Wireshark to load the file in near-0 time (5 seconds vs over 15 minutes).

I suppose there's a linear insertion of linear lookup of some sort.

You are receiving this mail because:
  • You are watching all bug changes.