I would say it is likely 2 bytes of kernel memory that is leaked here.
The question is "what kind of memory is leaked?"
In the most bening case it would just be a buffer from a previous
received packet that is reused and thus it is just the checksum from
that packet.
In a less bening case ...
In any case I think the kernel guys should have a look at it and avoid
this leak regardless.
woohoo ethereal found a kernel bug !
On 3/14/06, Gerald Combs <gerald@xxxxxxxxxxxx> wrote:
> sahlberg@xxxxxxxxxxxx wrote:
> > User: sahlberg
> > Date: 2006/03/13 02:50 PM
> >
> > Log:
> > if tcp checksum validation is enabled
> > and if the checksum is wrong
> > and if the checksum field is 0x0000
>
> I know it's only two bytes but
>
> If the outgoing checksum is wrong
> and if offloading is enabled
> and if the checksum field is NOT 0x0000
>
> Would that indicate that your kernel isn't properly clearing memory, and
> that you're get a little snapshot of kernel memory for every outgoing
> TCP packet? I have a few captures that show this behavior.
> _______________________________________________
> Ethereal-dev mailing list
> Ethereal-dev@xxxxxxxxxxxx
> http://www.ethereal.com/mailman/listinfo/ethereal-dev
>