您尚未登录。

#1 2015-03-16 16:07:49

bubbles
会员
注册时间: 2013-11-17
帖子: 32

[已解决]Wireshark段错误 (核心已转储)

最近更新了Wireshark后,一直出现“段错误 (核心已转储)”,普通用户无法运行,开始我吧pm-utils删除还能运行,然后又安装了bleachbit,就又出现了

mkinitcpio -p linux 

后还是不行,

wireshark -v
wireshark 1.12.4 (Git Rev Unknown from unknown)

Copyright 1998-2015 Gerald Combs <gerald@wireshark.org> and contributors.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with GTK+ 3.14.9, with Cairo 1.14.0, with Pango 1.36.8, with
GLib 2.42.2, with libpcap, with libz 1.2.8, with POSIX capabilities (Linux),
with libnl 3, without SMI, without c-ares, without ADNS, with Lua 5.2, without
Python, with GnuTLS 3.3.13, with Gcrypt 1.6.3, with MIT Kerberos, without GeoIP,
with PortAudio V19-devel (built Jan 31 2014 21:19:35), without AirPcap.

Running on Linux 3.18.6-1-ARCH, with locale zh_CN.UTF-8, with libpcap version
1.6.2, with libz 1.2.8, GnuTLS 3.3.13, Gcrypt 1.6.3.
Intel(R) Core(TM) i3 CPU       M 380  @ 2.53GHz

Built using gcc 4.9.2 20150304 (prerelease).

有没有人遇到过这样的情况?
我现在用root运行是可以,但是会有警告,说用root运行是很危险的。。。功能都正常,可以抓包。
普通用户就是段错误。。。
遇到这种,从哪里分析,解决?

最近编辑记录 bubbles (2015-03-20 01:25:47)

离线

#2 2015-03-16 16:34:41

依云
会员
所在地: a.k.a. 百合仙子
注册时间: 2011-08-21
帖子: 8,917
个人网站

Re: [已解决]Wireshark段错误 (核心已转储)

IRC 有人报告 wireshark-gtk 有问题。试试 archlinuxcn 源里的 wireshark-gtk2?

在线

#3 2015-03-16 16:56:30

bubbles
会员
注册时间: 2013-11-17
帖子: 32

Re: [已解决]Wireshark段错误 (核心已转储)

百合仙子 说:

IRC 有人报告 wireshark-gtk 有问题。试试 archlinuxcn 源里的 wireshark-gtk2?

我刚才这样做,好像可以运行了,

$sudo chmod 754 /usr/bin/dumpcap
$sudo setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap
$sudo visudo 
用户设置成  username ALL=(ALL)  ALL
验证设置:
$getcap /usr/bin/dumpcap
  /usr/bin/dumpcap = cap_net_admin,cap_net_raw+eip
当然,前提是username在wireshark中,并且 /usr/bin/dumpcap在wireshark组中。

但是还又一个问题,我用$wireshark %f 来启动,出现段错误,直接$wireshark没又问题。
我把启动器里面的内容修改了之后就ok了,那希望下个版本能修复错误。谢了。

离线

#4 2015-03-16 17:34:29

bubbles
会员
注册时间: 2013-11-17
帖子: 32

Re: [已解决]Wireshark段错误 (核心已转储)

百合仙子 说:

IRC 有人报告 wireshark-gtk 有问题。试试 archlinuxcn 源里的 wireshark-gtk2?

汗,还是不行,还是老是段错误!:(:(:(

离线

#5 2015-03-16 17:43:26

依云
会员
所在地: a.k.a. 百合仙子
注册时间: 2011-08-21
帖子: 8,917
个人网站

Re: [已解决]Wireshark段错误 (核心已转储)

bubbles 说:
百合仙子 说:

IRC 有人报告 wireshark-gtk 有问题。试试 archlinuxcn 源里的 wireshark-gtk2?

汗,还是不行,还是老是段错误!:(:(:(

coredumpctl gdb
(gdb) bt

然后把显示的东西贴出来。

在线

#6 2015-03-16 17:50:41

atmouse
会员
注册时间: 2011-08-24
帖子: 701

Re: [已解决]Wireshark段错误 (核心已转储)

编译打包的时候 makepkg里面加下debug option

离线

#7 2015-03-16 18:07:12

bubbles
会员
注册时间: 2013-11-17
帖子: 32

Re: [已解决]Wireshark段错误 (核心已转储)

百合仙子 说:
bubbles 说:
百合仙子 说:

IRC 有人报告 wireshark-gtk 有问题。试试 archlinuxcn 源里的 wireshark-gtk2?

汗,还是不行,还是老是段错误!:(:(:(

coredumpctl gdb
(gdb) bt

然后把显示的东西贴出来。

$ coredumpctl gdb
           PID: 3707 (wireshark)
           UID: 1000 (x)
           GID: 100 (users)
        Signal: 11 (SEGV)
     Timestamp: 一 2015-03-16 18:06:24 CST (8s ago)
  Command Line: wireshark
    Executable: /usr/bin/wireshark
 Control Group: /user.slice/user-1000.slice/session-c1.scope
          Unit: session-c1.scope
         Slice: user-1000.slice
       Session: c1
     Owner UID: 1000 (x)
       Boot ID: 42110a96efbb404ab66934232a32a10b
    Machine ID: ffe73cdfc0114a8ca9b177ba8ceb8bb7
      Hostname: C
      Coredump: /var/lib/systemd/coredump/core.wireshark.1000.42110a96efbb404ab66934232a32a10b.3707.1426500384000000.lz4
       Message: Process 3707 (wireshark) of user 1000 dumped core.

GNU gdb (GDB) 7.9
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /usr/bin/wireshark...(no debugging symbols found)...done.
[New LWP 3707]
[New LWP 3708]

warning: Could not load shared library symbols for linux-vdso.so.1.
Do you need "set solib-search-path" or "set sysroot"?
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/usr/lib/libthread_db.so.1".
Core was generated by `wireshark'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00007f6cf84bb455 in g_type_check_instance_is_fundamentally_a ()
   from /usr/lib/libgobject-2.0.so.0
(gdb) quit
bt
#0  0x00007f6cf84bb455 in g_type_check_instance_is_fundamentally_a ()
   from /usr/lib/libgobject-2.0.so.0
#1  0x00007f6cf849cd2e in g_object_ref () from /usr/lib/libgobject-2.0.so.0
#2  0x00007f6cf81bfbed in g_list_foreach () from /usr/lib/libglib-2.0.so.0
#3  0x00007f6cf967d601 in gtk_window_set_icon_list ()
   from /usr/lib/libgtk-3.so.0
#4  0x0000000000441b10 in ?? ()
#5  0x00007f6cf8498175 in g_closure_invoke () from /usr/lib/libgobject-2.0.so.0
#6  0x00007f6cf84a9a5c in ?? () from /usr/lib/libgobject-2.0.so.0
#7  0x00007f6cf84b26f8 in g_signal_emit_valist ()
   from /usr/lib/libgobject-2.0.so.0
#8  0x00007f6cf84b295f in g_signal_emit () from /usr/lib/libgobject-2.0.so.0
#9  0x00007f6cf966dcfc in gtk_widget_realize () from /usr/lib/libgtk-3.so.0
#10 0x00000000004b9e3b in ?? ()
#11 0x0000000000422ebd in ?? ()
#12 0x00007f6cf733a800 in __libc_start_main () from /usr/lib/libc.so.6
#13 0x0000000000424119 in _start ()
(gdb) 

离线

#8 2015-03-17 10:20:30

bubbles
会员
注册时间: 2013-11-17
帖子: 32

Re: [已解决]Wireshark段错误 (核心已转储)

[2015-03-17 10:13] [ALPM] upgraded wireshark-cli (1.12.4-1 -> 1.12.4-2)
[2015-03-17 10:13] [ALPM] upgraded wireshark-gtk (1.12.4-1 -> 1.12.4-2)

到现在正常。

离线

#9 2015-03-17 11:13:53

依云
会员
所在地: a.k.a. 百合仙子
注册时间: 2011-08-21
帖子: 8,917
个人网站

Re: [已解决]Wireshark段错误 (核心已转储)

啊又忘记了多线程。
正常了就好~

在线

页脚