Wireshark mailing list archives

Re: Why does the extcap stuff take so long to start up?

From: Anders Broman <anders.broman () ericsson com>
Date: Tue, 28 Mar 2017 13:59:48 +0000



-----Original Message-----
From: wireshark-dev-bounces () wireshark org [mailto:wireshark-dev-bounces () wireshark org] On Behalf Of Guy Harris
Sent: den 27 mars 2017 22:33
To: Developer support list for Wireshark <wireshark-dev () wireshark org>
Subject: Re: [Wireshark-dev] Why does the extcap stuff take so long to start up?

On Mar 27, 2017, at 1:14 PM, Guy Harris <guy () alum mit edu> wrote:

Currently, with that fix, I get results like

$ time ./tshark -r /tmp/nothing.pcap 

real    0m1.407s
user    0m0.312s
sys     0m0.676s

with the extcap directory in place and results like

$ time ./tshark -r /tmp/nothing.pcap 

real    0m0.334s
user    0m0.182s
sys     0m0.146s

with the extcap directory moved out of the way, so the extcap executables are taking some time to run, but it's 
better than wasting time trying to run androiddump.c or Makefile.am.

And, if I move various extcap executables out of the way:

$ time ./tshark -r /tmp/nothing.pcap           # all executables

real    0m1.484s
user    0m0.313s
sys     0m0.720s

$ time ./tshark -r /tmp/nothing.pcap           # after removing androiddump

real    0m1.179s
user    0m0.287s
sys     0m0.588s

$ time ./tshark -r /tmp/nothing.pcap           # after removing ciscodump

real    0m0.950s
user    0m0.254s
sys     0m0.491s

$ time ./tshark -r /tmp/nothing.pcap           # after removing randpktcdump

real    0m0.688s
user    0m0.228s
sys     0m0.334s

$ time ./tshark -r /tmp/nothing.pcap           # after removing sshdump

real    0m0.493s
user    0m0.198s
sys     0m0.235s

$ time ./tshark -r /tmp/nothing.pcap           # after removing udpdump

real    0m0.335s
user    0m0.183s
sys     0m0.145s

So that's about .3 seconds for androiddump, about .23 seconds for ciscodump, about .26 seconds for randpktcdump, about 
.19 seconds for sshdump, and about .16 seconds for usbdump.

So none of them are individually out of the ordinary, but about 1.5 to 2.5 seconds per program, with 5 programs, adds 
up.


Would it be possible to run them in parallel?

Regards
Anders

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Why does the extcap stuff take so long to start up? Guy Harris (Mar 26)
- Re: Why does the extcap stuff take so long to start up? Michał Łabędzki (Mar 26)
  - Re: Why does the extcap stuff take so long to start up? Guy Harris (Mar 27)
    - Re: Why does the extcap stuff take so long to start up? Dario Lombardo (Mar 27)
    - Re: Why does the extcap stuff take so long to start up? Guy Harris (Mar 27)
    - Re: Why does the extcap stuff take so long to start up? Michał Łabędzki (Mar 27)
    - Re: Why does the extcap stuff take so long to start up? Dario Lombardo (Mar 28)
    - Re: Why does the extcap stuff take so long to start up? Anders Broman (Mar 28)