[Oisf-users] Suffering Simultaneous Suricata Segfaults

Cooper F. Nelson cnelson at ucsd.edu
Fri Sep 28 23:59:57 UTC 2018

Bizarre, we had a segfault around the same time (also pacific time).

> messages:Sep 25 15:26:54 XXX kernel: [6733386.295527]
> W#10-enp35s0f0[62114]: segfault at 0 ip 000000000057de40 sp
> 00007f95d3889640 error 4 in suricata[400000+22e000]

The box had been up for months so I took the opportunity to patch and
reboot it, haven't had a segfault since.

Not sure if I'm using the addr2line command right:

> addr2line -e /usr/bin/suricata 000000000057de40
> util-decode-der.c:?

Maybe we all got hit by the same evil bit?



On 9/27/2018 10:36 AM, Greg Grasmehr wrote:
> Hello,
> Having the same issue, pointer to the problem code is below
>  addr2line -e /opt/suricata/bin/suricata 000000000055ae67
> /root/installers/suricata-4.0.5/src/util-decode-mime.c:2330
> /var/log/messages:Sep 25 15:28:19 is-pig3 kernel: W#45[31078]: segfault at 0 ip 000000000055ae67 sp 00007f9af7ffd8a0 error 4 in suricata[400000+1f7000]
> /var/log/messages:Sep 26 03:17:00 is-pig3 kernel: W#53[11268]: segfault at 0 ip 000000000055ae67 sp 00007fbbf97f88a0 error 4 in suricata[400000+1f7000]
> /var/log/messages-20180909:Sep  7 03:29:12 is-pig3 kernel: W#33[51367]: segfault at 0 ip 000000000055ae67 sp 00007f8c817f88a0 error 4 in suricata[400000+1f7000]
> Greg

Cooper Nelson
Network Security Analyst
UCSD ITS Security Team
cnelson at ucsd.edu x41042

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20180928/cfbee45f/attachment.sig>

More information about the Oisf-users mailing list