Re: Memory consumption in tshark

[Evan Huus <eapache () gmail com>]

Also, just as a useful reference point: if you run your normal tshark
command (no valgrind) on the 1GB subset, what does memory usage of the
process peak at?

Thanks,
Evan

On Wed, Aug 28, 2013 at 9:41 AM, Evan Huus <eapache () gmail com> wrote:

> On Wed, Aug 28, 2013 at 9:31 AM, Dario Lombardo <
> dario.lombardo.ml () gmail com> wrote:
>
> > On Wed, Aug 28, 2013 at 1:29 PM, Evan Huus <eapache () gmail com> wrote:
> >
> > > It's dependant on platform and setup, but I'll assume a from-source
> > > build on Linux. In theory all you have to do is prefix your normal command
> > > with "libtool --mode=execute valgrind --tool=massif" and then the usual
> > > ./tshark etc.
> > >
> > > Valgrind takes a bunch more memory though, so you'll almost certainly
> > > want to use editcap to split the capture, and then run this on just a
> > > subset.
> > >
> > > It will produce an output file massif.out.PID which you can pass to the
> > > ms_print command for human-readable output. That output would be useful to
> > > us.
> > I'm attaching the output. I've run it on a 1GB pcap file.
>
> Thanks, though I'm afraid I forgot something :(
> We usually use the ./tools/valgrind-wireshark.sh script which sets a
> couple of environment variables to make the output more useful. I didn't
> mention it, because the helper script doesn't currently support extra flags
> (like the -Y and -w) you used. If you could set the following environment
> variables and run again, that would be appreciated:
> export WIRESHARK_DEBUG_EP_NO_CHUNKS=
> export WIRESHARK_DEBUG_SE_NO_CHUNKS=
> export WIRESHARK_DEBUG_WMEM_OVERRIDE=simple
> export G_SLICE=always-malloc
>
> Alternatively, you could just run "./tools/valgrind-wireshark.sh -m
> capture.pcap". It will take care of all of the environment stuff, and the
> libtool prefix etc, but it won't run with the -w or -Y flags. I expect the
> output to be more-or-less the same, but I'm not sure of that.
>
> Thanks again,
> Evan
>
> ___________________________________________________________________________
> > Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
> > Archives:    http://www.wireshark.org/lists/wireshark-dev
> > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
> >              mailto:wireshark-dev-request () wireshark org
> > ?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe