[Oisf-users] Suricata 1.4.1 crashing
Listman
list.man at bluejeantime.com
Mon Mar 18 19:17:06 UTC 2013
I don't have several suricata binaries on my server. I had the same problem with suricata 1.4.
Zak
On Mar 18, 2013, at 12:42 PM, Anoop Saldanha <anoopsaldanha at gmail.com> wrote:
> On Mon, Mar 18, 2013 at 9:59 PM, Listman <list.man at bluejeantime.com> wrote:
>> It is on debian squeeze. It was installed via source. Does anyone know why I am getting the below error when suricata crashes:
>>
>>
>> GNU gdb (GDB) 7.0.1-debian
>> Copyright (C) 2009 Free Software Foundation, Inc.
>> License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
>> This is free software: you are free to change and redistribute it.
>> There is NO WARRANTY, to the extent permitted by law. Type "show copying"
>> and "show warranty" for details.
>> This GDB was configured as "i486-linux-gnu".
>> For bug reporting instructions, please see:
>> <http://www.gnu.org/software/gdb/bugs/>...
>> Reading symbols from /usr/bin/suricata...(no debugging symbols found)...done.
>>
>> warning: core file may not match specified executable file.
>> [New Thread 9884]
>> [New Thread 9883]
>> [New Thread 9882]
>> [New Thread 9881]
>> [New Thread 9880]
>> [New Thread 9879]
>> [New Thread 9878]
>> [New Thread 9877]
>> [New Thread 9876]
>> [New Thread 9875]
>> [New Thread 9874]
>> [New Thread 9873]
>> [New Thread 9872]
>> [New Thread 9871]
>> [New Thread 9870]
>> [New Thread 9867]
>>
>> warning: Can't read pathname for load map: Input/output error.
>> Reading symbols from /usr/lib/libhtp-0.2.so.1...done.
>> Loaded symbols for /usr/lib/libhtp-0.2.so.1
>> Reading symbols from /usr/lib/libmagic.so.1...(no debugging symbols found)...done.
>> Loaded symbols for /usr/lib/libmagic.so.1
>> Reading symbols from /usr/lib/libcap-ng.so.0...(no debugging symbols found)...done.
>> Loaded symbols for /usr/lib/libcap-ng.so.0
>> Reading symbols from /usr/lib/libpcap.so.0.8...(no debugging symbols found)...done.
>> Loaded symbols for /usr/lib/libpcap.so.0.8
>> Reading symbols from /usr/lib/libnet.so.1...(no debugging symbols found)...done.
>> Loaded symbols for /usr/lib/libnet.so.1
>> Reading symbols from /usr/lib/libnetfilter_queue.so.1...(no debugging symbols found)...done.
>> Loaded symbols for /usr/lib/libnetfilter_queue.so.1
>> Reading symbols from /usr/lib/libnfnetlink.so.0...(no debugging symbols found)...done.
>> Loaded symbols for /usr/lib/libnfnetlink.so.0
>> Reading symbols from /lib/i686/cmov/libpthread.so.0...(no debugging symbols found)...done.
>> Loaded symbols for /lib/i686/cmov/libpthread.so.0
>> Reading symbols from /usr/lib/libyaml-0.so.2...(no debugging symbols found)...done.
>> Loaded symbols for /usr/lib/libyaml-0.so.2
>> Reading symbols from /lib/libpcre.so.3...Reading symbols from /usr/lib/debug/lib/libpcre.so.3.12.1...done.
>> (no debugging symbols found)...done.
>> Loaded symbols for /lib/libpcre.so.3
>> Reading symbols from /lib/i686/cmov/libc.so.6...(no debugging symbols found)...done.
>> Loaded symbols for /lib/i686/cmov/libc.so.6
>> Reading symbols from /usr/lib/libz.so.1...(no debugging symbols found)...done.
>> Loaded symbols for /usr/lib/libz.so.1
>> Reading symbols from /lib/ld-linux.so.2...(no debugging symbols found)...done.
>> Loaded symbols for /lib/ld-linux.so.2
>> Core was generated by `suricata -D -c /etc/suricata/suricata.yaml -i eth0'.
>> Program terminated with signal 6, Aborted.
>> #0 0xb7741424 in __kernel_vsyscall ()
>>
>>
>> It is a 32 bit system with 8 core CPU with 8GB of ram. It is running kernel 2.6.26-2-686-bigmem.
>>
>
> The core file and the executable don't match. When you get a core
> next time round, can you immediately take a bt without re-compiling
> suricata? Or maybe you have opened gdb with the core against the
> wrong binary?
>
> --
> Anoop Saldanha
More information about the Oisf-users
mailing list