| Bug ID |
11589
|
| Summary |
TCP bytes-in-flight calculation gets linearly slower if no ACKs are captured
|
| Product |
Wireshark
|
| Version |
Git
|
| Hardware |
x86
|
| OS |
All
|
| Status |
UNCONFIRMED
|
| Severity |
Normal
|
| Priority |
Low
|
| Component |
Dissection engine (libwireshark)
|
| Assignee |
[email protected]
|
| Reporter |
[email protected]
|
Build Information:
git, master-1.12, etc.
--
I have a large (180k frame) capture file (that some would call clearly broken
or maybe even malicious) which basically has one side of a TCP conversation
(data going in one direction and no ACKs coming back). In Wireshark's default
mode (TCP sequence analysis and bytes-in-flight tracking are both enabled)
Wireshark clearly processes fewer and fewer frames per second as the file is
loaded (the "Time Left" shown in the Gtk+ GUI keeps *increasing* and repaints
become fewer and further between). Disabling sequence analysis allows
Wireshark to load the file in near-0 time (5 seconds vs over 15 minutes).
I suppose there's a linear insertion of linear lookup of some sort.
You are receiving this mail because:
- You are watching all bug changes.