Project

General

Profile

Bug #4109 » valgrind.log

Jan Hugo Prins, 11/05/2020 07:44 PM

 
==32594== Memcheck, a memory error detector
==32594== Copyright (C) 2002-2017, and GNU GPL'd, by Julian Seward et al.
==32594== Using Valgrind-3.14.0 and LibVEX; rerun with -h for copyright info
==32594== Command: suricata -c /etc/suricata/cluster0.yaml --pfring
==32594== Parent PID: 29141
==32594==
==32594== Syscall param ioctl(SIOCETHTOOL) points to uninitialised byte(s)
==32594== at 0x8EED2B7: ioctl (syscall-template.S:81)
==32594== by 0x302C81: GetEthtoolValue (util-ioctl.c:293)
==32594== by 0x30364F: DisableIfaceOffloadingLinux (util-ioctl.c:441)
==32594== by 0x30364F: DisableIfaceOffloading (util-ioctl.c:713)
==32594== by 0x2C7BB6: ParsePfringConfig (runmode-pfring.c:412)
==32594== by 0x32A76F: RunModeSetLiveCaptureWorkers (util-runmodes.c:351)
==32594== by 0x2C84CB: RunModeIdsPfringWorkers (runmode-pfring.c:550)
==32594== by 0x2CBA3B: RunModeDispatch (runmodes.c:391)
==32594== by 0x2EAB99: SuricataMain (suricata.c:2800)
==32594== by 0x8E1A504: (below main) (libc-start.c:266)
==32594== Address 0x1ffefffcd7 is on thread 1's stack
==32594== in frame #1, created by GetEthtoolValue (util-ioctl.c:280)
==32594==
==32594== Syscall param ioctl(SIOCETHTOOL) points to uninitialised byte(s)
==32594== at 0x8EED2B7: ioctl (syscall-template.S:81)
==32594== by 0x302C81: GetEthtoolValue (util-ioctl.c:293)
==32594== by 0x30366F: DisableIfaceOffloadingLinux (util-ioctl.c:448)
==32594== by 0x30366F: DisableIfaceOffloading (util-ioctl.c:713)
==32594== by 0x2C7BB6: ParsePfringConfig (runmode-pfring.c:412)
==32594== by 0x32A76F: RunModeSetLiveCaptureWorkers (util-runmodes.c:351)
==32594== by 0x2C84CB: RunModeIdsPfringWorkers (runmode-pfring.c:550)
==32594== by 0x2CBA3B: RunModeDispatch (runmodes.c:391)
==32594== by 0x2EAB99: SuricataMain (suricata.c:2800)
==32594== by 0x8E1A504: (below main) (libc-start.c:266)
==32594== Address 0x1ffefffcd7 is on thread 1's stack
==32594== in frame #1, created by GetEthtoolValue (util-ioctl.c:280)
==32594==
==32594== Syscall param ioctl(SIOCETHTOOL) points to uninitialised byte(s)
==32594== at 0x8EED2B7: ioctl (syscall-template.S:81)
==32594== by 0x302C81: GetEthtoolValue (util-ioctl.c:293)
==32594== by 0x30368F: DisableIfaceOffloadingLinux (util-ioctl.c:455)
==32594== by 0x30368F: DisableIfaceOffloading (util-ioctl.c:713)
==32594== by 0x2C7BB6: ParsePfringConfig (runmode-pfring.c:412)
==32594== by 0x32A76F: RunModeSetLiveCaptureWorkers (util-runmodes.c:351)
==32594== by 0x2C84CB: RunModeIdsPfringWorkers (runmode-pfring.c:550)
==32594== by 0x2CBA3B: RunModeDispatch (runmodes.c:391)
==32594== by 0x2EAB99: SuricataMain (suricata.c:2800)
==32594== by 0x8E1A504: (below main) (libc-start.c:266)
==32594== Address 0x1ffefffcd7 is on thread 1's stack
==32594== in frame #1, created by GetEthtoolValue (util-ioctl.c:280)
==32594==
==32594== Syscall param ioctl(SIOCETHTOOL) points to uninitialised byte(s)
==32594== at 0x8EED2B7: ioctl (syscall-template.S:81)
==32594== by 0x302C81: GetEthtoolValue (util-ioctl.c:293)
==32594== by 0x3036AF: DisableIfaceOffloadingLinux (util-ioctl.c:462)
==32594== by 0x3036AF: DisableIfaceOffloading (util-ioctl.c:713)
==32594== by 0x2C7BB6: ParsePfringConfig (runmode-pfring.c:412)
==32594== by 0x32A76F: RunModeSetLiveCaptureWorkers (util-runmodes.c:351)
==32594== by 0x2C84CB: RunModeIdsPfringWorkers (runmode-pfring.c:550)
==32594== by 0x2CBA3B: RunModeDispatch (runmodes.c:391)
==32594== by 0x2EAB99: SuricataMain (suricata.c:2800)
==32594== by 0x8E1A504: (below main) (libc-start.c:266)
==32594== Address 0x1ffefffcd7 is on thread 1's stack
==32594== in frame #1, created by GetEthtoolValue (util-ioctl.c:280)
==32594==
==32594== Syscall param ioctl(SIOCETHTOOL) points to uninitialised byte(s)
==32594== at 0x8EED2B7: ioctl (syscall-template.S:81)
==32594== by 0x302C81: GetEthtoolValue (util-ioctl.c:293)
==32594== by 0x3036CF: DisableIfaceOffloadingLinux (util-ioctl.c:469)
==32594== by 0x3036CF: DisableIfaceOffloading (util-ioctl.c:713)
==32594== by 0x2C7BB6: ParsePfringConfig (runmode-pfring.c:412)
==32594== by 0x32A76F: RunModeSetLiveCaptureWorkers (util-runmodes.c:351)
==32594== by 0x2C84CB: RunModeIdsPfringWorkers (runmode-pfring.c:550)
==32594== by 0x2CBA3B: RunModeDispatch (runmodes.c:391)
==32594== by 0x2EAB99: SuricataMain (suricata.c:2800)
==32594== by 0x8E1A504: (below main) (libc-start.c:266)
==32594== Address 0x1ffefffcd7 is on thread 1's stack
==32594== in frame #1, created by GetEthtoolValue (util-ioctl.c:280)
==32594==
==32594== Thread 2 W#01-zc:0@2:
==32594== Syscall param socketcall.setsockopt(optval) points to uninitialised byte(s)
==32594== at 0x8EF79AA: setsockopt (syscall-template.S:81)
==32594== by 0x66593FC: __pfring_zc_ipc_map (in /usr/lib/libpfring.so.7.9.0)
==32594== by 0x66595EA: pfring_zc_ipc_attach_queue (in /usr/lib/libpfring.so.7.9.0)
==32594== by 0x6655BCE: pfring_mod_zc_spsc_open (in /usr/lib/libpfring.so.7.9.0)
==32594== by 0x66538A6: pfring_zc_open (in /usr/lib/libpfring.so.7.9.0)
==32594== by 0x6642784: pfring_open (in /usr/lib/libpfring.so.7.9.0)
==32594== by 0x2D72C9: ReceivePfringThreadInit (source-pfring.c:550)
==32594== by 0x2EE98A: TmThreadsSlotPktAcqLoop (tm-threads.c:258)
==32594== by 0x87C9E64: start_thread (pthread_create.c:307)
==32594== by 0x8EF688C: clone (clone.S:111)
==32594== Address 0x2a1ab760 is on thread 2's stack
==32594== in frame #1, created by __pfring_zc_ipc_map (???:)
==32594==
==32594== Syscall param socketcall.setsockopt(optval) points to uninitialised byte(s)
==32594== at 0x8EF79AA: setsockopt (syscall-template.S:81)
==32594== by 0x6659667: pfring_zc_ipc_attach_queue (in /usr/lib/libpfring.so.7.9.0)
==32594== by 0x6655BCE: pfring_mod_zc_spsc_open (in /usr/lib/libpfring.so.7.9.0)
==32594== by 0x66538A6: pfring_zc_open (in /usr/lib/libpfring.so.7.9.0)
==32594== by 0x6642784: pfring_open (in /usr/lib/libpfring.so.7.9.0)
==32594== by 0x2D72C9: ReceivePfringThreadInit (source-pfring.c:550)
==32594== by 0x2EE98A: TmThreadsSlotPktAcqLoop (tm-threads.c:258)
==32594== by 0x87C9E64: start_thread (pthread_create.c:307)
==32594== by 0x8EF688C: clone (clone.S:111)
==32594== Address 0x2a1ab810 is on thread 2's stack
==32594== in frame #1, created by pfring_zc_ipc_attach_queue (???:)
==32594==
==32594== Syscall param socketcall.setsockopt(optval) points to uninitialised byte(s)
==32594== at 0x8EF79AA: setsockopt (syscall-template.S:81)
==32594== by 0x66599A9: pfring_zc_ipc_attach_buffer_pool (in /usr/lib/libpfring.so.7.9.0)
==32594== by 0x6655BE8: pfring_mod_zc_spsc_open (in /usr/lib/libpfring.so.7.9.0)
==32594== by 0x66538A6: pfring_zc_open (in /usr/lib/libpfring.so.7.9.0)
==32594== by 0x6642784: pfring_open (in /usr/lib/libpfring.so.7.9.0)
==32594== by 0x2D72C9: ReceivePfringThreadInit (source-pfring.c:550)
==32594== by 0x2EE98A: TmThreadsSlotPktAcqLoop (tm-threads.c:258)
==32594== by 0x87C9E64: start_thread (pthread_create.c:307)
==32594== by 0x8EF688C: clone (clone.S:111)
==32594== Address 0x2a1ab810 is on thread 2's stack
==32594== in frame #1, created by pfring_zc_ipc_attach_buffer_pool (???:)
==32594==
==32594== Thread 3 W#01-zc:0@3:
==32594== Conditional jump or move depends on uninitialised value(s)
==32594== at 0x2D7E04: PfringProcessPacket (source-pfring.c:255)
==32594== by 0x2D7E04: ReceivePfringLoop (source-pfring.c:413)
==32594== by 0x2EEB5D: TmThreadsSlotPktAcqLoop (tm-threads.c:312)
==32594== by 0x87C9E64: start_thread (pthread_create.c:307)
==32594== by 0x8EF688C: clone (clone.S:111)
==32594==
==32594== Invalid read of size 8
==32594== at 0x32CC08: StorageGetById (util-storage.c:224)
==32594== by 0x2BFCCE: EveAddCommonOptions (output-json.c:451)
==32594== by 0x2A6EC0: AlertJson.isra.9 (output-json-alert.c:622)
==32594== by 0x2A7D58: JsonAlertLogger (output-json-alert.c:767)
==32594== by 0x2BC72B: OutputPacketLog (output-packet.c:116)
==32594== by 0x2A3293: OutputLoggerLog (output.c:882)
==32594== by 0x29669F: FlowWorker (flow-worker.c:545)
==32594== by 0x2ED2CD: TmThreadsSlotVarRun (tm-threads.c:117)
==32594== by 0x2D7EA0: TmThreadsSlotProcessPkt (tm-threads.h:192)
==32594== by 0x2D7EA0: ReceivePfringLoop (source-pfring.c:415)
==32594== by 0x2EEB5D: TmThreadsSlotPktAcqLoop (tm-threads.c:312)
==32594== by 0x87C9E64: start_thread (pthread_create.c:307)
==32594== by 0x8EF688C: clone (clone.S:111)
==32594== Address 0x130 is not stack'd, malloc'd or (recently) free'd
==32594==
==32594==
==32594== Process terminating with default action of signal 11 (SIGSEGV): dumping core
==32594== Access not within mapped region at address 0x130
==32594== at 0x32CC08: StorageGetById (util-storage.c:224)
==32594== by 0x2BFCCE: EveAddCommonOptions (output-json.c:451)
==32594== by 0x2A6EC0: AlertJson.isra.9 (output-json-alert.c:622)
==32594== by 0x2A7D58: JsonAlertLogger (output-json-alert.c:767)
==32594== by 0x2BC72B: OutputPacketLog (output-packet.c:116)
==32594== by 0x2A3293: OutputLoggerLog (output.c:882)
==32594== by 0x29669F: FlowWorker (flow-worker.c:545)
==32594== by 0x2ED2CD: TmThreadsSlotVarRun (tm-threads.c:117)
==32594== by 0x2D7EA0: TmThreadsSlotProcessPkt (tm-threads.h:192)
==32594== by 0x2D7EA0: ReceivePfringLoop (source-pfring.c:415)
==32594== by 0x2EEB5D: TmThreadsSlotPktAcqLoop (tm-threads.c:312)
==32594== by 0x87C9E64: start_thread (pthread_create.c:307)
==32594== by 0x8EF688C: clone (clone.S:111)
==32594== If you believe this happened as a result of a stack
==32594== overflow in your program's main thread (unlikely but
==32594== possible), you can try to increase the size of the
==32594== main thread stack using the --main-stacksize= flag.
==32594== The main thread stack size used in this run was 8388608.
==32594==
==32594== HEAP SUMMARY:
==32594== in use at exit: 358,603,288 bytes in 1,235,747 blocks
==32594== total heap usage: 7,980,287 allocs, 6,744,540 frees, 3,692,708,338 bytes allocated
==32594==
==32594== LEAK SUMMARY:
==32594== definitely lost: 0 bytes in 0 blocks
==32594== indirectly lost: 0 bytes in 0 blocks
==32594== possibly lost: 36,479 bytes in 126 blocks
==32594== still reachable: 358,566,809 bytes in 1,235,621 blocks
==32594== suppressed: 0 bytes in 0 blocks
==32594== Rerun with --leak-check=full to see details of leaked memory
==32594==
==32594== For counts of detected and suppressed errors, rerun with: -v
==32594== Use --track-origins=yes to see where uninitialised values come from
==32594== ERROR SUMMARY: 1597783 errors from 10 contexts (suppressed: 0 from 0)
==32594== could not unlink /tmp/vgdb-pipe-from-vgdb-to-32594-by-root-on-idsprobe01.ids.be.nl
==32594== could not unlink /tmp/vgdb-pipe-to-vgdb-from-32594-by-root-on-idsprobe01.ids.be.nl
==32594== could not unlink /tmp/vgdb-pipe-shared-mem-vgdb-32594-by-root-on-idsprobe01.ids.be.nl
(3-3/8)