[Oisf-users] suricata-dbg 1.4rc1 segfault

Victor Julien lists at inliniac.net
Sat Dec 15 11:15:14 UTC 2012 

On 12/15/2012 12:13 PM, Peter Manev wrote:
> 
> 
> On Sat, Dec 15, 2012 at 11:22 AM, Victor Julien <lists at inliniac.net
> <mailto:lists at inliniac.net>> wrote:
> 
>     On 12/14/2012 05:38 PM, Victor Julien wrote:
>     > On 12/14/2012 03:03 PM, Fernando Sclavo wrote:
>     >> Hi all. I have a core dumped (segfault) from suricata-dbg, but
>     this one
>     >> was on normal operation, not on rule swap. Please guide how can I
>     obtain
>     >> the information you need.
>     >>
>     >> [ 2044.899843 <tel:%5B%202044.899843>] AFPacketeth52[1789]:
>     segfault at 2b ip 0000000000543940
>     >> sp 00007f098560c210 error 4 in suricata[400000+3a5000]
>     >>
>     >> warning: Can't read pathname for load map: Input/output error.
>     >> [Thread debugging using libthread_db enabled]
>     >> Using host libthread_db library
>     "/lib/x86_64-linux-gnu/libthread_db.so.1".
>     >> Core was generated by `suricata -D -c /etc/suricata/suricata.yaml
>     >> --af-packet'.
>     >> Program terminated with signal 11, Segmentation fault.
>     >> #0  0x0000000000543940 in ?? ()
>     >> (gdb) bt
>     >> #0  0x0000000000543940 in ?? ()
>     >> #1  0x00000000004c2534 in ?? ()
>     >> #2  0x00000000004c4ad1 in ?? ()
>     >> #3  0x00000000006871cc in ?? ()
>     >> #4  0x000000000060a0c9 in ?? ()
>     >> #5  0x000000000060db58 in ?? ()
>     >> #6  0x000000000060ecc4 in ?? ()
>     >> #7  0x0000000000687c96 in ?? ()
>     >> #8  0x00007f098cab7e9a in start_thread () from
>     >> /lib/x86_64-linux-gnu/libpthread.so.0
>     >> #9  0x00007f098c37bcbd in clone () from
>     /lib/x86_64-linux-gnu/libc.so.6
>     >> #10 0x0000000000000000 in ?? ()
>     >
>     > Hmm, that doesn't give us any further info. Wonder if that -dbg
>     package
>     > actually has the debug symbols...
>     >
> 
>     Yeah confirmed that it doesn't have them. Opened ticket
>     https://redmine.openinfosecfoundation.org/issues/683
> 
>     Maybe you can compile from source for now? If you do, please add
>     CFLAGS="-ggdb -O0" to your configure line.
> 
> 
> hmmm this is strange - the pkg says it is compiled with debug enabled
> and it is compiled wit the exact same CFLAGS...
> I will investigate and let you know.
> thanks 

Not sure, but I think it is possible that the debian build scripts strip
the binaries clean. IIRC there is something called dh_strip or something.

-- 
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------

More information about the Oisf-users mailing list