Wireshark-bugs: [Wireshark-bugs] [Bug 8160] New: 45071Delta time regressions to tshark introduce
Date: Thu, 03 Jan 2013 05:09:41 +0000
| Bug ID | 8160 |
|---|---|
| Summary | 45071Delta time regressions to tshark introduced with SVN 45071 |
| Classification | Unclassified |
| Product | Wireshark |
| Version | 1.9.x (Experimental) |
| Hardware | x86 |
| OS | Mac OS X 10.6 |
| Status | UNCONFIRMED |
| Severity | Major |
| Priority | Low |
| Component | TShark |
| Assignee | [email protected] |
| Reporter | [email protected] |
Created attachment 9761 [details] Small 40 packet trace file with timestamps adjusted to one second deltas. Build Information: jmac:~ sharkie7$ tshark -v TShark 1.9.0-SVN-46909 (SVN Rev 46909 from /trunk) Copyright 1998-2013 Gerald Combs <[email protected]> and contributors. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. Compiled (64-bit) with GLib 2.32.3, with libpcap, with libz 1.2.3, without POSIX capabilities, without libnl, with SMI 0.4.8, without c-ares, without ADNS, with Lua 5.1, without Python, with GnuTLS 2.12.19, with Gcrypt 1.5.0, with MIT Kerberos, with GeoIP. Running on Mac OS X 10.6.8, build 10K549 (Darwin 10.8.0), with locale en_US.UTF-8, with libpcap version 1.0.0, with libz 1.2.3. Built using gcc 4.2.1 (Apple Inc. build 5666) (dot 3). jmac:~ sharkie7$ -- When using tshark to display delta times (-td or -tdd) the delta times are displayed as zero. SVN 45071 introduced a number of optimizations to the delta captured and delta displayed timestamp calculations. The commit notes include: > Revision 45071 - Directory Listing > Modified Sun Sep 23 16:25:28 2012 UTC (3 months, 1 week ago) by darkjames > Store pointers to previously displayed and captured packet, not nstime_t deltas. > > This commit reduces size (from 144B to 128B on AMD64) of frame_data structure. > > Part of bug 5821: Reduce per-packet memory requirements. The SVN 45071 the delta and delta displayed values displayed in the Wireshark GUI appear to work just fine, but when reviewing the timestamps with tshark all delta times appear as zero. Modifying the column preferences to the following values and setting the standard "Time" column to display as delta displayed will help illustrate the issue. <snip> > # Packet list column format. > # Each pair of strings consists of a column title and its format. > column.format: > "No.", "%m", > "Time", "%t", > "Delta D", "%Gt", > "delta_dis", "%Cus:frame.time_delta_displayed:0:R", > "Source", "%s", > "Destination", "%d", > "Protocol", "%p", > "Length", "%L", > "Info", "%i" > > ######## User Interface: Font ######## <snip> In the tshark output below note the values duisplayed in the 2nd and 3rd columns (the "Time" and "Delta D" columns respectively) compared to the value of the 4th column (the "delta_dis" column): > jmac:~ sharkie7$ tshark -r dhcp-icmp-adjusted3.pcap -tdd > 1 0.000000 0.000000 0.000000000 0.0.0.0 -> 255.255.255.255 DHCP 590 DHCP Discover - Transaction ID 0x45a63193 > 2 0.000000 0.000000 1.000000000 0.0.0.0 -> 255.255.255.255 DHCP 590 DHCP Discover - Transaction ID 0x45a63193 > 3 0.000000 0.000000 1.000000000 0.0.0.0 -> 255.255.255.255 DHCP 590 DHCP Discover - Transaction ID 0x45a63193 > 4 0.000000 0.000000 1.000000000 0.0.0.0 -> 255.255.255.255 DHCP 590 DHCP Discover - Transaction ID 0x45a63193 > 5 0.000000 0.000000 1.000000000 0.0.0.0 -> 255.255.255.255 DHCP 590 DHCP Discover - Transaction ID 0x45a63193 > <snip> > jmac:~ sharkie7$ Compare the above tshark output to the tshark output from SVN 45070's tshark: > bash-3.2$ ./tshark -v > TShark 1.9.0 (SVN Rev 45070 from /trunk) > > Copyright 1998-2012 Gerald Combs <[email protected]> and contributors. > This is free software; see the source for copying conditions. There is NO > warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. > > Compiled (64-bit) with GLib 2.34.1, with libpcap, with libz 1.2.3, without POSIX > capabilities, without libnl, without SMI, without c-ares, without ADNS, without > Lua, without Python, without GnuTLS, without Gcrypt, with MIT Kerberos, without > GeoIP. > > Running on Mac OS X 10.6.8, build 10K549 (Darwin 10.8.0), with locale > en_US.UTF-8, with libpcap version 1.0.0, with libz 1.2.3. > > Built using gcc 4.2.1 (Apple Inc. build 5666) (dot 3). > bash-3.2$ > bash-3.2$ ./tshark -r ~/dhcp-icmp-adjusted3.pcap -tdd > 1 0.000000 0.000000 0.000000000 0.0.0.0 -> 255.255.255.255 DHCP 590 DHCP Discover - Transaction ID 0x45a63193 > 2 1.000000 1.000000 1.000000000 0.0.0.0 -> 255.255.255.255 DHCP 590 DHCP Discover - Transaction ID 0x45a63193 > 3 1.000000 1.000000 1.000000000 0.0.0.0 -> 255.255.255.255 DHCP 590 DHCP Discover - Transaction ID 0x45a63193 > 4 1.000000 1.000000 1.000000000 0.0.0.0 -> 255.255.255.255 DHCP 590 DHCP Discover - Transaction ID 0x45a63193 > 5 1.000000 1.000000 1.000000000 0.0.0.0 -> 255.255.255.255 DHCP 590 DHCP Discover - Transaction ID 0x45a63193 ><snip> > bash-3.2$ Prior to SVN 45071 the various delta displayed values for packet numbers 2 and above display as expected as 1.0 but with SVN 45071 the delta displayed values display as 0.0 EXCEPT for the custom column value. Another oddity with SVN 45071 and above is what happens with tshark is started with the '-2' option: > jmac:~ sharkie7$ tshark -r dhcp-icmp-adjusted3.pcap -tdd -2 > 1 0.000000 0.000000 0.000000000 0.0.0.0 -> 255.255.255.255 DHCP 590 DHCP Discover - Transaction ID 0x45a63193 > 2 -38.000000 -38.000000 -38.000000000 0.0.0.0 -> 255.255.255.255 DHCP 590 DHCP Discover - Transaction ID 0x45a63193 > 3 -37.000000 -37.000000 -37.000000000 0.0.0.0 -> 255.255.255.255 DHCP 590 DHCP Discover - Transaction ID 0x45a63193 > 4 -36.000000 -36.000000 -36.000000000 0.0.0.0 -> 255.255.255.255 DHCP 590 DHCP Discover - Transaction ID 0x45a63193 > 5 -35.000000 -35.000000 -35.000000000 0.0.0.0 -> 255.255.255.255 DHCP 590 DHCP Discover - Transaction ID 0x45a63193 > <snip> > jmac:~ sharkie7$ In this case all of the delta displayed values reported by tshark are affected by the -2 option.
You are receiving this mail because:
- You are watching all bug changes.
- Follow-Ups:
- [Wireshark-bugs] [Bug 8160] Delta time regressions to tshark introduced with SVN 45071
- From: bugzilla-daemon
- [Wireshark-bugs] [Bug 8160] Delta time regressions to tshark introduced with SVN 45071
- Prev by Date: [Wireshark-bugs] [Bug 2256] ansi_map does not execute is637 subdissector
- Next by Date: [Wireshark-bugs] [Bug 8160] Delta time regressions to tshark introduced with SVN 45071
- Previous by thread: [Wireshark-bugs] [Bug 2256] ansi_map does not execute is637 subdissector
- Next by thread: [Wireshark-bugs] [Bug 8160] Delta time regressions to tshark introduced with SVN 45071
- Index(es):