[Oisf-users] Suricata 1.4 stable segfault
Fernando Sclavo
fsclavo at gmail.com
Fri Dec 21 16:34:05 UTC 2012
Victor, we have a complete core from apport crash, but there isn't too
much additional info on it:
idsuser at suricata:/var/crash$ sudo apport-retrace -s -S system
_usr_bin_suricata.0.crash
ERROR: report file does not contain one of the required fields: CoreDump
DistroRelease Package ExecutablePath
idsuser at suricata:/var/crash$ sudo apport-retrace -s -R
_usr_bin_suricata.0.crash
--- stack trace ---
#0 0x000000000048c0a1 in ?? ()
No symbol table info available.
Cannot access memory at address 0x7f85dcfb4bf8
On 12/21/2012 01:10 PM, Victor Julien wrote:
> On 12/21/2012 04:48 PM, Fernando Sclavo wrote:
>> Hi all. After some days without crashes, running Suricata 1.4 stable
>> (from ppa), we have a segmentation fault (and a core dump). Please let
>> me know about any additional useful information we can provide.
>>
>> dmesg:
>> [ 46.980378] device eth4 entered promiscuous mode
>> [ 47.077284] device eth5 entered promiscuous mode
>> [ 54.882639] device eth6 entered promiscuous mode
>> [ 54.982021] device eth7 entered promiscuous mode
>> [ 788.564093] show_signal_msg: 105 callbacks suppressed
>> [ 788.564099] AFPacketeth512[2287]: segfault at 27 ip 000000000048c0a1
>> sp 00007f85dcfb4b40 error 4 in suricata[400000+1b2000]
>> [ 963.568027] INFO: task Suricata-Main:1954 blocked for more than 120
>> seconds.
>> [ 963.569069] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs"
>> disables this message.
>> [ 963.570304] Suricata-Main D 0000000000000008 0 1954 1
>> 0x00000000
>> [ 963.570309] ffff880bab2a7cb8 0000000000000082 0000000000000000
>> ffffffffffffffe0
>> [ 963.570320] ffff880bab2a7fd8 ffff880bab2a7fd8 ffff880bab2a7fd8
>> 00000000000137c0
>> [ 963.570329] ffff8817c690dc00 ffff880bcfc81700 0000000000000000
>> ffff880bcde4f380
>> [ 963.570337] Call Trace:
>> [ 963.570347] [<ffffffff8165b0cf>] schedule+0x3f/0x60
>> [ 963.570354] [<ffffffff8106c575>] exit_mm+0x85/0x130
>> [ 963.570359] [<ffffffff8106c78e>] do_exit+0x16e/0x450
>> [ 963.570365] [<ffffffff8107af5a>] ? __dequeue_signal+0x6a/0xb0
>> [ 963.570369] [<ffffffff8106cc14>] do_group_exit+0x44/0xa0
>> [ 963.570374] [<ffffffff8107dadc>] get_signal_to_deliver+0x21c/0x420
>> [ 963.570380] [<ffffffff81014865>] do_signal+0x45/0x130
>> [ 963.570386] [<ffffffff81090708>] ? hrtimer_nanosleep+0xb8/0x180
>> [ 963.570391] [<ffffffff8108f2d0>] ? update_rmtp+0x70/0x70
>> [ 963.570396] [<ffffffff81014b15>] do_notify_resume+0x65/0x80
>> [ 963.570401] [<ffffffff81665890>] int_signal+0x12/0x17
>> [ 963.570406] INFO: task AFPacketeth41:2275 blocked for more than 120
>> seconds.
>> [ 963.571437] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs"
>> disables this message.
>> [ 963.572690] AFPacketeth41 D ffffffff81806240 0 2275 1
>> 0x00000000
>> [ 963.572693] ffff8817cfa47cb8 0000000000000082 0000000000000000
>> ffffffffffffffe0
>> [ 963.572711] ffff8817cfa47fd8 ffff8817cfa47fd8 ffff8817cfa47fd8
>> 00000000000137c0
>> [ 963.572729] ffff880bd1688000 ffff8817d01ec500 0000000000000000
>> ffff880bcde4f380
>> [ 963.572748] Call Trace:
>> [ 963.572756] [<ffffffff8165b0cf>] schedule+0x3f/0x60
>> [ 963.572765] [<ffffffff8106c575>] exit_mm+0x85/0x130
>> [ 963.572774] [<ffffffff8106c78e>] do_exit+0x16e/0x450
>> [ 963.572783] [<ffffffff8107af5a>] ? __dequeue_signal+0x6a/0xb0
>> [ 963.572791] [<ffffffff8106cc14>] do_group_exit+0x44/0xa0
>> [ 963.572799] [<ffffffff8107dadc>] get_signal_to_deliver+0x21c/0x420
>> [ 963.572808] [<ffffffff81014865>] do_signal+0x45/0x130
>> [ 963.572817] [<ffffffff81095cc3>] ? ktime_get_ts+0x43/0xe0
>> [ 963.572826] [<ffffffff8101b779>] ? read_tsc+0x9/0x20
>> [ 963.572834] [<ffffffff81095d2d>] ? ktime_get_ts+0xad/0xe0
>> [ 963.572844] [<ffffffff8118c7a5>] ? poll_select_set_timeout+0x85/0xa0
>> [ 963.572853] [<ffffffff81014b15>] do_notify_resume+0x65/0x80
>> [ 963.572861] [<ffffffff81665890>] int_signal+0x12/0x17
>> [ 963.572867] INFO: task AFPacketeth51:2276 blocked for more than 120
>> seconds.
>> [ 963.573900] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs"
>> disables this message.
>> [ 963.575138] AFPacketeth51 D 000000000000000d 0 2276 1
>> 0x00000000
>> [ 963.575141] ffff8817d0fe9cb8 0000000000000082 0000000000000000
>> ffffffffffffffe0
>> [ 963.575149] ffff8817d0fe9fd8 ffff8817d0fe9fd8 ffff8817d0fe9fd8
>> 00000000000137c0
>> [ 963.575157] ffff8817cea30000 ffff8817d01e9700 0000000000000000
>> ffff880bcde4f380
>> [ 963.575165] Call Trace:
>> [ 963.575170] [<ffffffff8165b0cf>] schedule+0x3f/0x60
>> [ 963.575174] [<ffffffff8106c575>] exit_mm+0x85/0x130
>> [ 963.575178] [<ffffffff8106c78e>] do_exit+0x16e/0x450
>> [ 963.575183] [<ffffffff8109ea39>] ? futex_wait_queue_me+0xc9/0x100
>> [ 963.575188] [<ffffffff8107af5a>] ? __dequeue_signal+0x6a/0xb0
>> [ 963.575192] [<ffffffff8106cc14>] do_group_exit+0x44/0xa0
>> [ 963.575196] [<ffffffff8107dadc>] get_signal_to_deliver+0x21c/0x420
>> [ 963.575201] [<ffffffff81014865>] do_signal+0x45/0x130
>> [ 963.575205] [<ffffffff8101b779>] ? read_tsc+0x9/0x20
>> [ 963.575209] [<ffffffff81095d2d>] ? ktime_get_ts+0xad/0xe0
>> [ 963.575213] [<ffffffff8118c7a5>] ? poll_select_set_timeout+0x85/0xa0
>> [ 963.575218] [<ffffffff81014b15>] do_notify_resume+0x65/0x80
>> [ 963.575223] [<ffffffff8165d57c>] retint_signal+0x48/0x8c
>> [ 963.575227] INFO: task AFPacketeth52:2277 blocked for more than 120
>> seconds.
>> [ 963.576271] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs"
>> disables this message.
>> [ 963.577498] AFPacketeth52 D ffffffff81806240 0 2277 1
>> 0x00000000
>> [ 963.577501] ffff8817c8293cb8 0000000000000082 0000000000000000
>> ffffffffffffffe0
>> [ 963.577510] ffff8817c8293fd8 ffff8817c8293fd8 ffff8817c8293fd8
>> 00000000000137c0
>> [ 963.577518] ffff880bd1501700 ffff8817d01edc00 0000000000000000
>> ffff880bcde4f380
>> [ 963.577526] Call Trace:
>> [ 963.577531] [<ffffffff8165b0cf>] schedule+0x3f/0x60
>> [ 963.577535] [<ffffffff8106c575>] exit_mm+0x85/0x130
>> [ 963.577539] [<ffffffff8106c78e>] do_exit+0x16e/0x450
>> [ 963.577544] [<ffffffff8107af5a>] ? __dequeue_signal+0x6a/0xb0
>> [ 963.577548] [<ffffffff8106cc14>] do_group_exit+0x44/0xa0
>> [ 963.577552] [<ffffffff8107dadc>] get_signal_to_deliver+0x21c/0x420
>> [ 963.577557] [<ffffffff81014865>] do_signal+0x45/0x130
>> [ 963.577562] [<ffffffff8105702d>] ? set_next_entity+0xad/0xd0
>> [ 963.577566] [<ffffffff810571ca>] ? finish_task_switch+0x4a/0xf0
>> [ 963.577572] [<ffffffff8165aa7c>] ? __schedule+0x3cc/0x6f0
>> [ 963.577576] [<ffffffff8118c7a5>] ? poll_select_set_timeout+0x85/0xa0
>> [ 963.577581] [<ffffffff81014b15>] do_notify_resume+0x65/0x80
>> [ 963.577585] [<ffffffff8165d57c>] retint_signal+0x48/0x8c
>> [ 963.577589] INFO: task AFPacketeth53:2278 blocked for more than 120
>> seconds.
>> [ 963.578621] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs"
>> disables this message.
>> [ 963.579858] AFPacketeth53 D ffffffff81806240 0 2278 1
>> 0x00000000
>> [ 963.579861] ffff8817d0267cb8 0000000000000082 0000000000000000
>> ffffffffffffffe0
>> [ 963.579870] ffff8817d0267fd8 ffff8817d0267fd8 ffff8817d0267fd8
>> 00000000000137c0
>> [ 963.579878] ffff880bd15c4500 ffff8817d01eae00 0000000000000000
>> ffff880bcde4f380
>> [ 963.579886] Call Trace:
>> [ 963.579890] [<ffffffff8165b0cf>] schedule+0x3f/0x60
>> [ 963.579894] [<ffffffff8106c575>] exit_mm+0x85/0x130
>> [ 963.579898] [<ffffffff8106c78e>] do_exit+0x16e/0x450
>> [ 963.579903] [<ffffffff8107af5a>] ? __dequeue_signal+0x6a/0xb0
>> [ 963.579907] [<ffffffff8106cc14>] do_group_exit+0x44/0xa0
>> [ 963.579911] [<ffffffff8107dadc>] get_signal_to_deliver+0x21c/0x420
>> [ 963.579916] [<ffffffff81014865>] do_signal+0x45/0x130
>> [ 963.579920] [<ffffffff8101b779>] ? read_tsc+0x9/0x20
>> [ 963.579924] [<ffffffff81095d2d>] ? ktime_get_ts+0xad/0xe0
>> [ 963.579928] [<ffffffff8118c7a5>] ? poll_select_set_timeout+0x85/0xa0
>> [ 963.579933] [<ffffffff81014b15>] do_notify_resume+0x65/0x80
>> [ 963.579937] [<ffffffff8165d57c>] retint_signal+0x48/0x8c
>> [ 963.579941] INFO: task AFPacketeth54:2279 blocked for more than 120
>> seconds.
>> [ 963.580984] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs"
>> disables this message.
>> [ 963.582212] AFPacketeth54 D ffffffff81806240 0 2279 1
>> 0x00000000
>> [ 963.582216] ffff8817d01adcb8 0000000000000082 0000000000000000
>> ffffffffffffffe0
>> [ 963.582224] ffff8817d01adfd8 ffff8817d01adfd8 ffff8817d01adfd8
>> 00000000000137c0
>> [ 963.582232] ffff880bd15d9700 ffff8817cf839700 0000000000000000
>> ffff880bcde4f380
>> [ 963.582240] Call Trace:
>> [ 963.582244] [<ffffffff8165b0cf>] schedule+0x3f/0x60
>> [ 963.582248] [<ffffffff8106c575>] exit_mm+0x85/0x130
>> [ 963.582252] [<ffffffff8106c78e>] do_exit+0x16e/0x450
>> [ 963.582256] [<ffffffff8101be69>] ? sched_clock+0x9/0x10
>> [ 963.582260] [<ffffffff8107af5a>] ? __dequeue_signal+0x6a/0xb0
>> [ 963.582265] [<ffffffff8106cc14>] do_group_exit+0x44/0xa0
>> [ 963.582269] [<ffffffff8107dadc>] get_signal_to_deliver+0x21c/0x420
>> [ 963.582273] [<ffffffff81014865>] do_signal+0x45/0x130
>> [ 963.582278] [<ffffffff8105702d>] ? set_next_entity+0xad/0xd0
>> [ 963.582282] [<ffffffff810571ca>] ? finish_task_switch+0x4a/0xf0
>> [ 963.582286] [<ffffffff8165aa7c>] ? __schedule+0x3cc/0x6f0
>> [ 963.582290] [<ffffffff8118c7a5>] ? poll_select_set_timeout+0x85/0xa0
>> [ 963.582295] [<ffffffff81014b15>] do_notify_resume+0x65/0x80
>> [ 963.582299] [<ffffffff8165d57c>] retint_signal+0x48/0x8c
>> [ 963.582303] INFO: task AFPacketeth55:2280 blocked for more than 120
>> seconds.
>> [ 963.583334] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs"
>> disables this message.
>> [ 963.584583] AFPacketeth55 D ffffffff81806240 0 2280 1
>> 0x00000000
>> [ 963.584587] ffff8817ceb27cb8 0000000000000082 0000000000000000
>> ffffffffffffffe0
>> [ 963.584601] ffff8817ceb27fd8 ffff8817ceb27fd8 ffff8817ceb27fd8
>> 00000000000137c0
>> [ 963.584621] ffff880bd1519700 ffff8817cf838000 0000000000000000
>> ffff880bcde4f380
>> [ 963.584641] Call Trace:
>> [ 963.584650] [<ffffffff8165b0cf>] schedule+0x3f/0x60
>> [ 963.584659] [<ffffffff8106c575>] exit_mm+0x85/0x130
>> [ 963.584668] [<ffffffff8106c78e>] do_exit+0x16e/0x450
>> [ 963.584676] [<ffffffff8109ea39>] ? futex_wait_queue_me+0xc9/0x100
>> [ 963.584686] [<ffffffff8107af5a>] ? __dequeue_signal+0x6a/0xb0
>> [ 963.584695] [<ffffffff8106cc14>] do_group_exit+0x44/0xa0
>> [ 963.584703] [<ffffffff8107dadc>] get_signal_to_deliver+0x21c/0x420
>> [ 963.584713] [<ffffffff81014865>] do_signal+0x45/0x130
>> [ 963.584722] [<ffffffff8105702d>] ? set_next_entity+0xad/0xd0
>> [ 963.584731] [<ffffffff810a179c>] ? do_futex+0x7c/0x1b0
>> [ 963.584739] [<ffffffff810a1a17>] ? sys_futex+0x147/0x1a0
>> [ 963.584748] [<ffffffff81014b15>] do_notify_resume+0x65/0x80
>> [ 963.584758] [<ffffffff81665890>] int_signal+0x12/0x17
>> [ 963.584764] INFO: task AFPacketeth56:2281 blocked for more than 120
>> seconds.
>> [ 963.585798] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs"
>> disables this message.
>> [ 963.587035] AFPacketeth56 D ffffffff81806240 0 2281 1
>> 0x00000000
>> [ 963.587039] ffff8817c628bcb8 0000000000000082 0000000000000000
>> ffffffffffffffe0
>> [ 963.587047] ffff8817c628bfd8 ffff8817c628bfd8 ffff8817c628bfd8
>> 00000000000137c0
>> [ 963.587055] ffff880bd1608000 ffff8817cf83dc00 0000000000000000
>> ffff880bcde4f380
>> [ 963.587063] Call Trace:
>> [ 963.587067] [<ffffffff8165b0cf>] schedule+0x3f/0x60
>> [ 963.587071] [<ffffffff8106c575>] exit_mm+0x85/0x130
>> [ 963.587075] [<ffffffff8106c78e>] do_exit+0x16e/0x450
>> [ 963.587080] [<ffffffff8107af5a>] ? __dequeue_signal+0x6a/0xb0
>> [ 963.587084] [<ffffffff8106cc14>] do_group_exit+0x44/0xa0
>> [ 963.587088] [<ffffffff8107dadc>] get_signal_to_deliver+0x21c/0x420
>> [ 963.587093] [<ffffffff81014865>] do_signal+0x45/0x130
>> [ 963.587097] [<ffffffff8101b779>] ? read_tsc+0x9/0x20
>> [ 963.587101] [<ffffffff81095d2d>] ? ktime_get_ts+0xad/0xe0
>> [ 963.587105] [<ffffffff8118c7a5>] ? poll_select_set_timeout+0x85/0xa0
>> [ 963.587110] [<ffffffff81014b15>] do_notify_resume+0x65/0x80
>> [ 963.587114] [<ffffffff8165d57c>] retint_signal+0x48/0x8c
>> [ 963.587118] INFO: task AFPacketeth57:2282 blocked for more than 120
>> seconds.
>> [ 963.588161] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs"
>> disables this message.
>> [ 963.646123] AFPacketeth57 D ffffffff81806240 0 2282 1
>> 0x00000000
>> [ 963.646127] ffff8817c42cfcb8 0000000000000082 0000000000000000
>> ffffffffffffffe0
>> [ 963.646141] ffff8817c42cffd8 ffff8817c42cffd8 ffff8817c42cffd8
>> 00000000000137c0
>> [ 963.646162] ffff880bd1569700 ffff8817cf83c500 0000000000000000
>> ffff880bcde4f380
>> [ 963.646180] Call Trace:
>> [ 963.646185] [<ffffffff8165b0cf>] schedule+0x3f/0x60
>> [ 963.646189] [<ffffffff8106c575>] exit_mm+0x85/0x130
>> [ 963.646194] [<ffffffff8106c78e>] do_exit+0x16e/0x450
>> [ 963.646198] [<ffffffff8107af5a>] ? __dequeue_signal+0x6a/0xb0
>> [ 963.646204] [<ffffffff8106cc14>] do_group_exit+0x44/0xa0
>> [ 963.646208] [<ffffffff8107dadc>] get_signal_to_deliver+0x21c/0x420
>> [ 963.646218] [<ffffffff81014865>] do_signal+0x45/0x130
>> [ 963.646227] [<ffffffff8105702d>] ? set_next_entity+0xad/0xd0
>> [ 963.646236] [<ffffffff810571ca>] ? finish_task_switch+0x4a/0xf0
>> [ 963.646245] [<ffffffff8165aa7c>] ? __schedule+0x3cc/0x6f0
>> [ 963.646256] [<ffffffff8118c7a5>] ? poll_select_set_timeout+0x85/0xa0
>> [ 963.646264] [<ffffffff81014b15>] do_notify_resume+0x65/0x80
>> [ 963.646275] [<ffffffff8165d57c>] retint_signal+0x48/0x8c
>> [ 963.646281] INFO: task AFPacketeth58:2283 blocked for more than 120
>> seconds.
>> [ 963.676590] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs"
>> disables this message.
>> [ 963.736317] AFPacketeth58 D 0000000000000002 0 2283 1
>> 0x00000000
>> [ 963.736322] ffff8817d00e1cb8 0000000000000082 0000000000000000
>> ffffffffffffffe0
>> [ 963.736344] ffff8817d00e1fd8 ffff8817d00e1fd8 ffff8817d00e1fd8
>> 00000000000137c0
>> [ 963.736359] ffff8817c6909700 ffff8817cf83ae00 0000000000000000
>> ffff880bcde4f380
>> [ 963.736367] Call Trace:
>> [ 963.736371] [<ffffffff8165b0cf>] schedule+0x3f/0x60
>> [ 963.736376] [<ffffffff8106c575>] exit_mm+0x85/0x130
>> [ 963.736385] [<ffffffff8106c78e>] do_exit+0x16e/0x450
>> [ 963.736396] [<ffffffff8113b217>] ? do_anonymous_page.isra.38+0x247/0x2f0
>> [ 963.736406] [<ffffffff8107af5a>] ? __dequeue_signal+0x6a/0xb0
>> [ 963.736416] [<ffffffff8106cc14>] do_group_exit+0x44/0xa0
>> [ 963.736424] [<ffffffff8107dadc>] get_signal_to_deliver+0x21c/0x420
>> [ 963.736433] [<ffffffff81014865>] do_signal+0x45/0x130
>> [ 963.736443] [<ffffffff8105702d>] ? set_next_entity+0xad/0xd0
>> [ 963.736453] [<ffffffff810571ca>] ? finish_task_switch+0x4a/0xf0
>> [ 963.736463] [<ffffffff8165aa7c>] ? __schedule+0x3cc/0x6f0
>> [ 963.736472] [<ffffffff8118c7a5>] ? poll_select_set_timeout+0x85/0xa0
>> [ 963.736482] [<ffffffff81014b15>] do_notify_resume+0x65/0x80
>> [ 963.736491] [<ffffffff8165d57c>] retint_signal+0x48/0x8c
>> [ 3038.834097] device eth4 left promiscuous mode
>> [ 3039.452052] device eth5 left promiscuous mode
>> [ 3039.476818] device eth6 left promiscuous mode
>> [ 3039.933610] device eth7 left promiscuous mode
>>
>> GDB backtrace:
>> idsuser at suricata:/$ sudo gdb /usr/bin/suricata ./core
>> [sudo] password for idsuser:
>> GNU gdb (Ubuntu/Linaro 7.4-2012.04-0ubuntu2.1) 7.4-2012.04
>> Copyright (C) 2012 Free Software Foundation, Inc.
>> License GPLv3+: GNU GPL version 3 or later
>> <http://gnu.org/licenses/gpl.html>
>> This is free software: you are free to change and redistribute it.
>> There is NO WARRANTY, to the extent permitted by law. Type "show copying"
>> and "show warranty" for details.
>> This GDB was configured as "x86_64-linux-gnu".
>> For bug reporting instructions, please see:
>> <http://bugs.launchpad.net/gdb-linaro/>...
>> Reading symbols from /usr/bin/suricata...(no debugging symbols
>> found)...done.
>> BFD: Warning: //./core is truncated: expected core file size >=
>> 295277608960, found: 195342491648.
>>
>> warning: core file may not match specified executable file.
>> [New LWP 1784]
>> [New LWP 1840]
>> [New LWP 1843]
>> [New LWP 1845]
>> [New LWP 1842]
>> [New LWP 1846]
>> [New LWP 1844]
>> [New LWP 1847]
>> [New LWP 1850]
>> [New LWP 1848]
>> [New LWP 1852]
>> [New LWP 1849]
>> [New LWP 1851]
>> [New LWP 1860]
>> [New LWP 1853]
>> [New LWP 1858]
>> [New LWP 1861]
>> [New LWP 1863]
>> [New LWP 1865]
>> [New LWP 1855]
>> [New LWP 1864]
>> [New LWP 1872]
>> [New LWP 1868]
>> [New LWP 1871]
>> [New LWP 1856]
>> [New LWP 1857]
>> [New LWP 1866]
>> [New LWP 1867]
>> [New LWP 1859]
>> [New LWP 1869]
>> [New LWP 1854]
>> [New LWP 1862]
>> [New LWP 1841]
>> Cannot access memory at address 0x7f5fbf36c2a8
>> Cannot access memory at address 0x7f5fbf36c2a0
> This core dump seems incomplete: BFD: Warning: //./core is truncated:
> expected core file size >=
>> 295277608960, found: 195342491648.
> If you get another, please let us know.
>
> Cheers,
> Victor
>
>
More information about the Oisf-users
mailing list