Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.
Wireshark logo

Wireshark-bugs: [Wireshark-bugs] [Bug 4227] New: Wireshark shows strange Time Offsets

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: bugzilla-daemon@xxxxxxxxxxxxx
Date: Mon, 9 Nov 2009 12:15:06 -0800 (PST)
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=4227

           Summary: Wireshark shows strange Time Offsets
           Product: Wireshark
           Version: 1.2.0
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Major
          Priority: Medium
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: paullo@xxxxxxxxxxxxx


Build Information:
Version 1.2.0 (SVN Rev 28753)

Copyright 1998-2009 Gerald Combs <gerald@xxxxxxxxxxxxx> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled with GTK+ 2.14.7, with GLib 2.18.4, with WinPcap (version unknown),
with libz 1.2.3, without POSIX capabilities, without libpcre, without SMI,
without c-ares, without ADNS, with Lua 5.1, without GnuTLS, without Gcrypt,
without Kerberos, without GeoIP, with PortAudio V19-devel (built Jun 15 2009),
without AirPcap.
NOTE: this build doesn't support the "matches" operator for Wireshark filter
syntax.

Running on Windows Vista, build 7600, without WinPcap.

Built using Microsoft Visual C++ 9.0 build 30729

Wireshark is Open Source Software released under the GNU General Public
License.

Check the man page and http://www.wireshark.org for more information.
--
For frame 41 of the attached trace, the time offset shows as a large negative
number.

For this trace, frames 3-40 are negative with regards to the capture file time
stamp.  This can happen with a capture in Network Monitor as our capture engine
is started before the capture file time stamp is applied.  There are also
instances that this can happen with our Network Monitor API.

Below are how the frame time stamps should look relative to each other.

28      50:35.5 -0.272056
29      50:35.5 -0.271088
30      50:35.6 -0.204949
31      50:35.6 -0.204117
32      50:35.6 -0.203302
33      50:35.6 -0.203216
34      50:35.6 -0.176445
35      50:35.6 -0.124371
36      50:35.7 -0.109663
37      50:35.7 -0.109541
38      50:35.7 -0.074765
39      50:35.7 -0.062888
40      50:35.7 -0.060028
41      50:35.8 0.053925
42      50:36.0 0.268924
43      50:36.1 0.286828
44      50:36.1 0.304676
45      50:36.1 0.305578
46      50:36.2 0.405141
47      50:36.2 0.405254
48      50:36.2 0.467501


-- 
Configure bugmail: https://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube