[ zombie dumpcap processes] dumpcap processes cannot be killed properly by capture.close_async when using multiple live captures concurrently. #711
Description
Describe the bug
dumpcap processes cannot be killed properly when multiple live captures are used concurrently.
To Reproduce
- use the attached test.py (change testpy.text to test.py) to reproduce.
- test with 1 live capture, i.e., run_test(1), see test.py, all tshark and dumpcap processes are closed properly
- test with multiple live captures, e.g., run_test(5), zombie dumpcap processes are generated.
Error Log
2024-09-23 18:18:29,492 - AsyncLiveCapture - DEBUG - Cleanup Subprocess (pid 507395)
2024-09-23 18:18:29,542 - AsyncLiveCapture - DEBUG - sniff finalized.
2024-09-23 18:18:29,543 - AsyncLiveCapture - DEBUG - Cleanup Subprocess (pid 507291)
2024-09-23 18:18:30,310 - AsyncLiveCapture - DEBUG - Waiting for process to close failed, may have zombie process.
Expected behavior
All tshark and dumpcap processed should be killed properly.
Versions (please complete the following information):
- OS: Ubuntu Oracular Oriole 24.10
- pyshark version: 0.6.1
- tshark version: 4.2.6
Example pcap / packet
- use attached test.py for reproduction
errorlog.txt
testpy.txt