[Oisf-users] segfault error 4 in suricata

Chris Boley ilgtech75 at gmail.com
Tue Oct 18 19:03:36 UTC 2016

I'm seeing a dmesg that states:
[287594.672339] Detect1[4179]: segfault at b62007bd ip 081aab38 sp b5efe794
error 4 in suricata[8048000+209000]

That is the only msg I can find noting a reason why suricata is crashing:

My build:
Suricata version 3.0.1 RELEASE

Suricata Configuration: [no's omitted]
  AF_PACKET support:                       yes
  NFQueue support:                         yes
  Detection enabled:                       yes
  PCRE jit:                                yes
  Suricatasc install:                      yes
Generic build parameters:
  Installation prefix:                     /usr
  Configuration directory:                 /etc/suricata/
  Log directory:                           /var/log/suricata/

  --prefix                                 /usr
  --sysconfdir                             /etc
  --localstatedir                          /var

  Host:                                    i686-pc-linux-gnu
  Compiler:                                gcc (exec name) / gcc (real)
  GCC Protect enabled:                     no
  GCC march native enabled:                no
  GCC Profile enabled:                     no
  Position Independent Executable enabled: no
  CFLAGS                                   -g -O2
  PCAP_CFLAGS                               -I/usr/include

I was just curious if anyone else had seen ver 3.0.1 behave like this?

I just ran a microcode update against my cpu's to make sure it wasn't
microcode related:
apt-get install microcode.ctl intel-microcode cpuid iucode-tool


/usr/sbin/iucode_tool -tb -lS /lib/firmware/intel-ucode/*
/usr/sbin/iucode_tool: system has processor(s) with signature 0x000406d8
selected microcodes:

No selected microcodes should mean I don't need any new proc microcode.

I'll restart my suricata appliance and see if it crashes again.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20161018/43e6f0fe/attachment.html>

More information about the Oisf-users mailing list