Wireshark mailing list archives
Re: Replacing wmem_packet_scope() with pinfo->pool?
From: "Dr. Matthias St. Pierre" <Matthias.St.Pierre () ncp-e com>
Date: Mon, 12 Jul 2021 16:41:51 +0000
Sorry Pascal, I overlooked that you already mentioned this difference at the end of your reply:
I had the same idea in the past, mostly because of subtle bugs where Wireshark was using already freed packet memory because of the difference between packet and pool scopes (that is documented in README.wmem but still error prone). ...
-----Original Message----- From: Wireshark-dev <wireshark-dev-bounces () wireshark org> On Behalf Of Dr. Matthias St. Pierre Sent: Monday, July 12, 2021 6:38 PM To: Developer support list for Wireshark <wireshark-dev () wireshark org> Subject: Re: [Wireshark-dev] Replacing wmem_packet_scope() with pinfo->pool? Hi Evan and Pascal,At a first glance, we already have pinfo->pool which maintains the lifetime of the packet_info object. As far as I can reason, this is almost/effectively the same as the existing wmem_packet_scope - it gets cleaned up later in the dissection flow, but there's still only ever one which gets reused for each packet.That's also my understanding.FWIW: Incidentally, I asked myself the same question only recently, because I noticed that packet-isakmp dissector used wmem_packet_scope() in most locations, except for the following two locations, where it allocates memory for the decrypted packets: https://gitlab.com/wireshark/wireshark/-/blob/86e2fda11e199b8d0e874147e60a1ba1f0ddb803/epan/dissectors/packet- isakmp.c#L2355 https://gitlab.com/wireshark/wireshark/-/blob/86e2fda11e199b8d0e874147e60a1ba1f0ddb803/epan/dissectors/packet- isakmp.c#L5960 Finally, I found the following explanation in README.wmem, which states that the scope of the pinfo pool is slightly larger than the packet scope:2.3 The Pinfo PoolCertain allocations (such as AT_STRINGZ address allocations and anything that might end up being passed to add_new_data_source) need their memory to stick around a little longer than the usual packet scope - basically until the next packet is dissected. This is, in fact, the scope of Wireshark's pinfo structure, so the pinfo struct has a 'pool' member which is a wmem pool scoped to the lifetime of the pinfo struct.https://gitlab.com/wireshark/wireshark/-/blob/86e2fda11e199b8d0e874147e60a1ba1f0ddb803/doc/README.wmem#L74-81 Matthias
Attachment:
smime.p7s
Description:
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Replacing wmem_packet_scope() with pinfo->pool? Evan Huus (Jul 12)
- Re: Replacing wmem_packet_scope() with pinfo->pool? Pascal Quantin (Jul 12)
- Re: Replacing wmem_packet_scope() with pinfo->pool? Dr. Matthias St. Pierre (Jul 12)
- Re: Replacing wmem_packet_scope() with pinfo->pool? Dr. Matthias St. Pierre (Jul 12)
- Re: Replacing wmem_packet_scope() with pinfo->pool? Dr. Matthias St. Pierre (Jul 12)
- Re: Replacing wmem_packet_scope() with pinfo->pool? João Valverde via Wireshark-dev (Jul 12)
- Re: Replacing wmem_packet_scope() with pinfo->pool? Evan Huus (Jul 12)
- Re: Replacing wmem_packet_scope() with pinfo->pool? João Valverde via Wireshark-dev (Jul 12)
- Re: Replacing wmem_packet_scope() with pinfo->pool? Evan Huus (Jul 12)
- Re: Replacing wmem_packet_scope() with pinfo->pool? João Valverde via Wireshark-dev (Jul 12)
- Re: Replacing wmem_packet_scope() with pinfo->pool? Evan Huus (Jul 12)
- Re: Replacing wmem_packet_scope() with pinfo->pool? Pascal Quantin (Jul 12)
- Re: Replacing wmem_packet_scope() with pinfo->pool? Moshe Kaplan (Jul 21)
- Re: Replacing wmem_packet_scope() with pinfo->pool? Pascal Quantin (Jul 21)