Wireshark · Wireshark-dev: Re: [Wireshark-dev] Why does the extcap stuff take so long to start up?

[Guy Harris <guy@xxxxxxxxxxxx>]

On Mar 26, 2017, at 11:30 PM, Michał Łabędzki <michal.tomasz.labedzki@xxxxxxxxx> wrote:

> Could you check if any of extcap binaries generates that delay?

A lot of the delay comes from extcap *non*-binaries; the code that scans the extcap directory tried running *everything* it finds there, except for "." and "..", and, if you're running from the build directory, that means executing somewhat heavyweight {fork/vfork}-exec calls on a bunch of source files, object files, .deps directories, Makefiles, etc..

bd3196b094ae46fa4396edbb406d68056cba6974 fixed that.

Currently, with that fix, I get results like

$ time ./tshark -r /tmp/nothing.pcap 

real    0m1.407s
user    0m0.312s
sys     0m0.676s

with the extcap directory in place and results like

$ time ./tshark -r /tmp/nothing.pcap 

real    0m0.334s
user    0m0.182s
sys     0m0.146s

with the extcap directory moved out of the way, so the extcap executables are taking some time to run, but it's better than wasting time trying to run androiddump.c or Makefile.am.