[Oisf-users] Suricata 3.2 segmentation fault

Vieri rentorbuy at yahoo.com
Sat Dec 17 23:01:23 UTC 2016 

I would like to add to my previous e-mail that I now recompiled Suricata as I had it originally. Everything else was left untouched (same config, init script, system resources, etc.). Now I can easily reproduce the crash each time I "reload" (kill -USR2). Here's the build info:

# suricata --build-info
This is Suricata version 3.2 RELEASE
Features: NFQ PCAP_SET_BUFF LIBPCAP_VERSION_MAJOR=1 AF_PACKET HAVE_PACKET_FANOUT LIBCAP_NG LIBNET1.1 HAVE_HTP_URI_NORMALIZE_HOOK HAVE_NSS HAVE_LUA HAVE_LIBJANSSON TLS 
SIMD support: none
Atomic intrisics: 1 2 4 8 byte(s)
32-bits, Little-endian architecture
GCC version 4.7.3, C version 199901
compiled with -fstack-protector
compiled with _FORTIFY_SOURCE=2
L1 cache line size (CLS)=64
thread local storage method: __thread
compiled with LibHTP v0.5.22, linked against LibHTP v0.5.22

Suricata Configuration:
AF_PACKET support:                       yes
PF_RING support:                         no
NFQueue support:                         yes
NFLOG support:                           no
IPFW support:                            no
Netmap support:                          no
DAG enabled:                             no
Napatech enabled:                        no

Unix socket enabled:                     yes
Detection enabled:                       yes

libnss support:                          yes
libnspr support:                         yes
libjansson support:                      yes
hiredis support:                         no
Prelude support:                         no
PCRE jit:                                no, libpcre 8.35 blacklisted
LUA support:                             yes
libluajit:                               no
libgeoip:                                no
Non-bundled htp:                         yes
Old barnyard2 support:                   no
CUDA enabled:                            no
Hyperscan support:                       no
Libnet support:                          yes

Suricatasc install:                      yes

Profiling enabled:                       no
Profiling locks enabled:                 no

Development settings:
Coccinelle / spatch:                     no
Unit tests enabled:                      no
Debug output enabled:                    no
Debug validation enabled:                no

Generic build parameters:
Installation prefix:                     /usr
Configuration directory:                 /etc/suricata/
Log directory:                           /var/log/suricata/

--prefix                                 /usr
--sysconfdir                             /etc
--localstatedir                          /var

Host:                                    i686-pc-linux-gnu
Compiler:                                i686-pc-linux-gnu-gcc (exec name) / gcc (real)
GCC Protect enabled:                     yes
GCC march native enabled:                yes
GCC Profile enabled:                     no
Position Independent Executable enabled: no
CFLAGS                                   -O2 -march=i686 -pipe -march=native
PCAP_CFLAGS                               -I/usr/include
SECCFLAGS                                -fstack-protector -D_FORTIFY_SOURCE=2 -Wformat -Wformat-security



So the only big difference between this version that crashes and the debug version that doesn't is within the CFLAGS, ie. 
"CFLAGS                                   -ggdb -O0 -march=native" vs. "CFLAGS -O2 -march=i686 -pipe -march=native".

Vieri

More information about the Oisf-users mailing list