Hi, I'm running the latest 1.99 OSX version of Wireshark on OSX 10.10 Yosemite than ran fine until yesterday. All of a sudden I get the following error: Error from waitpid(): Interrupted system call. I completely uninstalled and reinstalled. Exactly 1 time I found an interface; second time:none! Can you help Kind regards, Loe asked 23 Jun '14, 01:24 Loe Walter showing 5 of 12 show 7 more comments |
2 Answers:
I was able to get around this by adding myself to the access_bpf group.
answered 22 Oct '14, 08:32 Amoeba Confirmed to fix the same issue in my environment. (22 Oct '14, 20:10) MagnusMortensen |
I believe you can check for EINTR and try again for waitpid(). A waitpid with WNOHANG can return for any number of reasons causing interrupted syscall. answered 20 Feb '15, 08:17 ws_fan_2014 Here is a diff that I verified works on my MacBook Pro running Yosemite.
(20 Feb '15, 16:11) ws_fan_2014 While it can be difficult to determine if an issue is user-based, environment-based or a bug so all are fair game for Ask Wireshark, actual bugs should go to the Wireshark Bugzilla, and patches should follow the Submission Guide and go into the Wireshark Gerrit system for review. (21 Feb '15, 01:08) grahamb ♦ |
Same thing here... that error means the interfaces can't be found. I checked and ChmodBPF is not installed. I am not sure, but it looks like a permissions thing is preventing proper install of Wireshark 1.99 (earlier versions don't even load to the main screen).
marc
"ChmodBPF is not installed". I.e., if you do
it doesn't print
?
Hi, Gary:
It DOES show it:
But the interfaces still don't show up in the app.
Thanks.
marc
So what does
ls -l /dev/bpf*
print?Hi, Gary:
See:
(other lines with the same permissions, owner, and group omitted)
Thanks.
marc.
So ChmodBPF is installed and it is doing what it's supposed to do (you have a ton of BPF devices, all with rw-rw---- permissions, and all owned by the access_bpf group).
What does the command
id
print?Hi, Gary:
I made myself root and launched Wireshark from the terminal and I see that it cannot capture the interfaces:
16:37:18.211 Capture Msg Capture Interface List failed!
Not sure what to do from here.
marc.
Hi Gary,
Can you come to some kind of conclusion when reading this:
Thanks again
Even stranger Gary... When opening Menu-> Capture -> Interfaces
I can see ALL interfaces and can even start en1 (Wireless)
Strange isn't it?
Loe
And now for something completely different.... I close Wireshark and start it again from the console. Same errors as earlier, but NO interfaces anymore....????
Loe
The only conclusion I can come to is that Wireshark isn't logging enough information to come to any more detailed conclusion. Try downloading the latest build from the OS X automated build directory and see what that does and what that logs; I changed the code to log more details on "Capture Interface Capabilities failed!" failures.
Using the latest build in the automated build directory (g4ac9895) I am having the same issue, my logs also look almost identical:
Rolling back to 1.10.8 (32Bit) does not exhibit the issue.