Wireshark · Wireshark-dev: Re: [Wireshark-dev] Performance degradation in trunk

Wireshark-dev: Re: [Wireshark-dev] Performance degradation in trunk

From: Martin Mathieson <martin.r.mathieson@xxxxxxxxxxxxxx>

Date: Thu, 12 Sep 2013 12:48:27 +0100

PS I suspect some new heuristic dissector has been introduced, since none of the other changes from 1.8 to trunk are likely to have such a significant performance impact.

I haven't checked to see when it was last changed, but I noticed a while back that SIP and HTTP were both pretty expensive. They look for a complete line, which for binary data, can be really far into the frame. I changed SIP and added https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=8822 for HTTP (with patch) as I don't know HTTP all that well.

Martin

References:
- [Wireshark-dev] Performance degradation in trunk
  - From: Anders Broman
- Re: [Wireshark-dev] Performance degradation in trunk
  - From: Bálint Réczey
- Re: [Wireshark-dev] Performance degradation in trunk
  - From: Evan Huus

Prev by Date: [Wireshark-dev] custom plugin (*.dll) is not working at plugin configured path %WIRESHARK%\plugins\<version>
Next by Date: Re: [Wireshark-dev] Performance degradation in trunk
Previous by thread: Re: [Wireshark-dev] Performance degradation in trunk
Next by thread: Re: [Wireshark-dev] Performance degradation in trunk
Index(es):
- Date
- Thread