Hi dev,
I am a final year engineering student pursuing my bachelors in Computer Science. I was going through the GSoC'13 ideas page and found "Filebacked-tvbuffs" interesting, so I looked it up. Here's a (probably not so) short summary of what I did and understood. I'm only a novice, so if I've got something wrong, please, enlighten me.
I went through the (interesting) archived conversation linked on the ideas page. I've realized most of the discussion was about "how to deal with large captures, so that users don't have to break up the captures". Swapping or if needed mmaped files would help. But since the goal of this project is to cut down the memory usage, I guess we're looking at non-mmaped files.
The project description says that data in packet-bytes view and packet-details view is duplicate of that on the disk. I tried to look this up in the code. So, originally the data is in a capture_file and wtap_*() gets the data out of that and it is finally handed to dissect_packet() which actually makes the tvbuff out of it and passes to the sub-dissectors(dissect_frame etc).
I think I now have an idea of how I would back up tvbuff by a hard disk. We add another "type" of tvbuff which is backed up by a file, the same way TVBUFF_SUBSET is backed by another tvbuff. Next we think about "how to back it by a file?". Ofcourse, we can implement a neat cache in the tvb layer itself, tuned for our accesses. But I have a couple of thoughts on this. Do tell me, if I am missing something here.
If we are accessing all the data in the tvbuff in one shot, there wouldn't be much use of a cache. Infact, it'll add housekeeping overhead. On the other hand, if we're making small repeated accesses to the data, a no-cache implementation would be pitifully slow. For this I need to look at usage of tvbuffs in those two views more closely. Also, now that there's this abstraction, the interface for accessing filebacked-tvbuff has to be a little different than normal tvbuffs (because the data access might require some housekeeping as opposed to the direct access of tvb->real_data+offset).
I thought I should talk to you guys first, because I could be going on a wild-goose-chase with this. If there's something you want me to take a look at or study, please do let me know. Also, if you can point me to a little bug, so that I can get my hands dirty, that'll be great.
Thanks for taking the time out to read this,
Ambarish
