|
(gdb) thread 6
|
|
[Switching to thread 6 (Thread 0x7f4f94b55700 (LWP 8242))]#0 0x00007f4f96107253 in poll () from /lib64/libc.so.6
|
|
(gdb) bt full
|
|
#0 0x00007f4f96107253 in poll () from /lib64/libc.so.6
|
|
No symbol table info available.
|
|
#1 0x00007f4f9903a13c in ReceiveAFPLoop (tv=0x7f4f9ec25810,
|
|
data=0x7f4f8c0008f0, slot=<value optimized out>)
|
|
at source-af-packet.c:1002
|
|
packet_q_len = <value optimized out>
|
|
ptv = 0x7f4f8c0008f0
|
|
fds = {fd = 8, events = 1, revents = 0}
|
|
r = <value optimized out>
|
|
s = <value optimized out>
|
|
last_dump = 1372150278
|
|
current_time = {tv_sec = 1372150278, tv_usec = 27657}
|
|
__FUNCTION__ = "ReceiveAFPLoop"
|
|
#2 0x00007f4f9905ea76 in TmThreadsSlotPktAcqLoop (td=0x7f4f9ec25810)
|
|
at tm-threads.c:682
|
|
tv = 0x7f4f9ec25810
|
|
s = 0x7f4f9f478500
|
|
run = <value optimized out>
|
|
r = <value optimized out>
|
|
slot = 0x0
|
|
__FUNCTION__ = "TmThreadsSlotPktAcqLoop"
|
|
#3 0x00007f4f965c6851 in start_thread () from /lib64/libpthread.so.0
|
|
No symbol table info available.
|
|
#4 0x00007f4f9611090d in clone () from /lib64/libc.so.6
|
|
No symbol table info available.
|
|
|
|
-------------------------------------------------------------------------------------------------------------------------------
|
|
|
|
(gdb) thread 5
|
|
[Switching to thread 5 (Thread 0x7f4f93149700 (LWP 8243))]#0 list_array_get (
|
|
_l=<value optimized out>, idx=<value optimized out>) at dslib.c:243
|
|
243 if (++i == l->max_size) {
|
|
(gdb) bt full
|
|
#0 list_array_get (_l=<value optimized out>, idx=<value optimized out>)
|
|
at dslib.c:243
|
|
l = <value optimized out>
|
|
r = 0x0
|
|
i = 1676
|
|
#1 0x00007f4f98f94217 in DetectMpmPrefilter (th_v=0x7f4f9e86ed10,
|
|
de_ctx=0x7f4f9c1b9bd0, det_ctx=0x7f4f84016790, p=0x7f4f9be908a0)
|
|
at detect.c:994
|
|
tx = <value optimized out>
|
|
htp_state = 0x7f4f87008c90
|
|
tx_progress = <value optimized out>
|
|
idx = 7307
|
|
total_txs = 8126
|
|
#2 SigMatchSignatures (th_v=0x7f4f9e86ed10, de_ctx=0x7f4f9c1b9bd0,
|
|
det_ctx=0x7f4f84016790, p=0x7f4f9be908a0) at detect.c:1400
|
|
sms_runflags = 1 '\001'
|
|
alert_flags = 0 '\000'
|
|
alproto = 1
|
|
idx = <value optimized out>
|
|
flags = 8 '\b'
|
|
alstate = 0x7f4f87008c90
|
|
smsg = 0x0
|
|
s = 0x0
|
|
sm = 0x0
|
|
alversion = 13787
|
|
reset_de_state = <value optimized out>
|
|
app_decoder_events = <value optimized out>
|
|
app_decoder_events_cnt = 0
|
|
alerts = 0
|
|
i = <value optimized out>
|
|
mask = <value optimized out>
|
|
#3 0x00007f4f98f94cff in Detect (tv=<value optimized out>,
|
|
p=<value optimized out>, data=<value optimized out>,
|
|
pq=<value optimized out>, postpq=<value optimized out>) at detect.c:1801
|
|
det_ctx = <value optimized out>
|
|
de_ctx = <value optimized out>
|
|
r = <value optimized out>
|
|
#4 0x00007f4f9905ee38 in TmThreadsSlotVarRun (tv=0x7f4f9e86ed10,
|
|
p=0x7f4f9be908a0, slot=<value optimized out>) at tm-threads.c:542
|
|
SlotFunc = <value optimized out>
|
|
r = <value optimized out>
|
|
s = 0x7f4f9f0999e0
|
|
extra_p = <value optimized out>
|
|
#5 0x00007f4f99039c30 in TmThreadsSlotProcessPkt (ptv=<value optimized out>)
|
|
at tm-threads.h:139
|
|
r = TM_ECODE_OK
|
|
#6 AFPReadFromRing (ptv=<value optimized out>) at source-af-packet.c:829
|
|
p = 0x7f4f9be908a0
|
|
from = <value optimized out>
|
|
emergency_flush = 0 '\000'
|
|
read_pkts = 15423
|
|
loop_start = -1
|
|
#7 0x00007f4f9903a174 in ReceiveAFPLoop (tv=0x7f4f9e86ed10,
|
|
data=0x7f4f840008f0, slot=<value optimized out>)
|
|
at source-af-packet.c:1030
|
|
packet_q_len = <value optimized out>
|
|
ptv = 0x7f4f840008f0
|
|
fds = {fd = 9, events = 1, revents = 1}
|
|
r = <value optimized out>
|
|
s = <value optimized out>
|
|
last_dump = 1372150258
|
|
current_time = {tv_sec = 1372150258, tv_usec = 534627}
|
|
__FUNCTION__ = "ReceiveAFPLoop"
|
|
#8 0x00007f4f9905ea76 in TmThreadsSlotPktAcqLoop (td=0x7f4f9e86ed10)
|
|
at tm-threads.c:682
|
|
tv = 0x7f4f9e86ed10
|
|
s = 0x7f4f9f4f7bc0
|
|
run = <value optimized out>
|
|
r = <value optimized out>
|
|
slot = 0x0
|
|
__FUNCTION__ = "TmThreadsSlotPktAcqLoop"
|
|
#9 0x00007f4f965c6851 in start_thread () from /lib64/libpthread.so.0
|
|
No symbol table info available.
|
|
#10 0x00007f4f9611090d in clone () from /lib64/libc.so.6
|
|
No symbol table info available.
|
|
|
|
-------------------------------------------------------------------------------------------------------------------------------
|
|
|
|
(gdb) thread 4
|
|
[Switching to thread 4 (Thread 0x7f4f92948700 (LWP 8244))]#0 0x00007f4f965ca7bb in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
|
|
(gdb) bt full
|
|
#0 0x00007f4f965ca7bb in pthread_cond_timedwait@@GLIBC_2.3.2 ()
|
|
from /lib64/libpthread.so.0
|
|
No symbol table info available.
|
|
#1 0x00007f4f9900fbf5 in FlowManagerThread (td=0x7f4f9f484fc0)
|
|
at flow-manager.c:543
|
|
counters = {new = 14, est = 11, clo = 4}
|
|
flow_memuse = <value optimized out>
|
|
len = <value optimized out>
|
|
th_v = 0x7f4f9f484fc0
|
|
ts = {tv_sec = 1372150278, tv_usec = 92}
|
|
emerg = 0
|
|
prev_emerg = 0
|
|
last_sec = <value optimized out>
|
|
cond_time = {tv_sec = 1372150279, tv_nsec = 0}
|
|
flow_update_delay_sec = 1
|
|
flow_update_delay_nsec = 0
|
|
flow_mgr_cnt_clo = 1
|
|
flow_mgr_cnt_new = 2
|
|
flow_mgr_cnt_est = 3
|
|
flow_mgr_memuse = 4
|
|
flow_mgr_spare = 5
|
|
flow_emerg_mode_enter = 6
|
|
flow_emerg_mode_over = 30224
|
|
__FUNCTION__ = "FlowManagerThread"
|
|
#2 0x00007f4f965c6851 in start_thread () from /lib64/libpthread.so.0
|
|
No symbol table info available.
|
|
#3 0x00007f4f9611090d in clone () from /lib64/libc.so.6
|
|
No symbol table info available.
|
|
|
|
-------------------------------------------------------------------------------------------------------------------------------
|
|
|
|
(gdb) thread 3
|
|
[Switching to thread 3 (Thread 0x7f4f92147700 (LWP 8245))]#0 0x00007f4f965ca7bb in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
|
|
(gdb) bt full
|
|
#0 0x00007f4f965ca7bb in pthread_cond_timedwait@@GLIBC_2.3.2 ()
|
|
from /lib64/libpthread.so.0
|
|
No symbol table info available.
|
|
#1 0x00007f4f98f75e30 in SCPerfWakeupThread (arg=0x7f4f9f482540)
|
|
at counters.c:547
|
|
tv_local = 0x7f4f9f482540
|
|
run = 1 '\001'
|
|
tv = <value optimized out>
|
|
q = <value optimized out>
|
|
cond_time = {tv_sec = 1372150280, tv_nsec = 0}
|
|
__FUNCTION__ = "SCPerfWakeupThread"
|
|
#2 0x00007f4f965c6851 in start_thread () from /lib64/libpthread.so.0
|
|
No symbol table info available.
|
|
#3 0x00007f4f9611090d in clone () from /lib64/libc.so.6
|
|
No symbol table info available.
|
|
|
|
-------------------------------------------------------------------------------------------------------------------------------
|
|
|
|
(gdb) thread 2
|
|
[Switching to thread 2 (Thread 0x7f4f91946700 (LWP 8246))]#0 0x00007f4f965ca7bb in pthread_cond_timedwait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
|
|
(gdb) bt full
|
|
#0 0x00007f4f965ca7bb in pthread_cond_timedwait@@GLIBC_2.3.2 ()
|
|
from /lib64/libpthread.so.0
|
|
No symbol table info available.
|
|
#1 0x00007f4f98f779d8 in SCPerfMgmtThread (arg=0x7f4f9e8754b0)
|
|
at counters.c:479
|
|
tv_local = 0x7f4f9e8754b0
|
|
run = 1 '\001'
|
|
cond_time = {tv_sec = 1372150281, tv_nsec = 0}
|
|
__FUNCTION__ = "SCPerfMgmtThread"
|
|
#2 0x00007f4f965c6851 in start_thread () from /lib64/libpthread.so.0
|
|
No symbol table info available.
|
|
#3 0x00007f4f9611090d in clone () from /lib64/libc.so.6
|
|
No symbol table info available.
|
|
|
|
-------------------------------------------------------------------------------------------------------------------------------
|
|
|
|
(gdb) thread 1
|
|
[Switching to thread 1 (Thread 0x7f4f98f11720 (LWP 8238))]#0 0x00007f4f960d4b8d in nanosleep () from /lib64/libc.so.6
|
|
(gdb) bt full
|
|
#0 0x00007f4f960d4b8d in nanosleep () from /lib64/libc.so.6
|
|
No symbol table info available.
|
|
#1 0x00007f4f96109d64 in usleep () from /lib64/libc.so.6
|
|
No symbol table info available.
|
|
#2 0x00007f4f9905539b in main (argc=-1807161352, argv=<value optimized out>)
|
|
at suricata.c:2047
|
|
opt = <value optimized out>
|
|
pcap_dev = "eth1", '\000' <repeats 123 times>
|
|
sig_file = 0x0
|
|
sig_file_exclusive = 0
|
|
conf_test = 0
|
|
pid_filename = 0x7fff9448f85c "/var/lock/subsys/suricata"
|
|
dump_config = 0
|
|
list_app_layer_protocols = 0
|
|
list_unittests = 0
|
|
list_cuda_cards = 0
|
|
list_runmodes = 0
|
|
list_keywords = 0
|
|
keyword_info = <value optimized out>
|
|
runmode_custom_mode = 0x0
|
|
daemon = 1
|
|
user_name = 0x7fff9448f88e "suri"
|
|
group_name = 0x7fff9448f89b "suri"
|
|
do_setuid = 1 '\001'
|
|
do_setgid = 1 '\001'
|
|
userid = 495
|
|
groupid = 491
|
|
build_info = 0
|
|
delayed_detect = 0
|
|
log_dir = 0x7f4f9b129ce0 "/var/log/suricata/"
|
|
buf = {st_dev = 64513, st_ino = 1061314, st_nlink = 2,
|
|
st_mode = 16888, st_uid = 0, st_gid = 491, __pad0 = 0, st_rdev = 0,
|
|
st_size = 12288, st_blksize = 4096, st_blocks = 24, st_atim = {
|
|
tv_sec = 1372094150, tv_nsec = 474505722}, st_mtim = {
|
|
tv_sec = 1372094179, tv_nsec = 166040094}, st_ctim = {
|
|
tv_sec = 1372094179, tv_nsec = 166040094}, __unused = {0, 0, 0}}
|
|
__FUNCTION__ = "main"
|
|
long_opts = {{name = 0x7f4f990df469 "dump-config", has_arg = 0,
|
|
flag = 0x7fff9448e36c, val = 1}, {name = 0x7f4f990dc7e8 "pfring",
|
|
has_arg = 2, flag = 0x0, val = 0}, {
|
|
name = 0x7f4f990df475 "pfring-int", has_arg = 1, flag = 0x0,
|
|
val = 0}, {name = 0x7f4f990df480 "pfring-cluster-id",
|
|
has_arg = 1, flag = 0x0, val = 0}, {
|
|
name = 0x7f4f990df492 "pfring-cluster-type", has_arg = 1,
|
|
flag = 0x0, val = 0}, {name = 0x7f4f990db381 "af-packet",
|
|
has_arg = 2, flag = 0x0, val = 0}, {name = 0x7f4f990dc162 "pcap",
|
|
has_arg = 2, flag = 0x0, val = 0}, {
|
|
name = 0x7f4f990df4a6 "unix-socket", has_arg = 2, flag = 0x0,
|
|
val = 0}, {name = 0x7f4f990df4b2 "pcap-buffer-size", has_arg = 1,
|
|
flag = 0x0, val = 0}, {name = 0x7f4f990df4c3 "unittest-filter",
|
|
has_arg = 1, flag = 0x0, val = 85}, {
|
|
name = 0x7f4f990df4d3 "list-app-layer-protos", has_arg = 0,
|
|
flag = 0x7fff9448e368, val = 1}, {
|
|
name = 0x7f4f990df4e9 "list-unittests", has_arg = 0,
|
|
flag = 0x7fff9448e364, val = 1}, {
|
|
name = 0x7f4f990df4f8 "list-cuda-cards", has_arg = 0,
|
|
flag = 0x7fff9448e360, val = 1}, {
|
|
name = 0x7f4f990df508 "list-runmodes", has_arg = 0,
|
|
flag = 0x7fff9448e35c, val = 1}, {
|
|
name = 0x7f4f990df516 "list-keywords", has_arg = 2,
|
|
flag = 0x7fff9448e358, val = 1}, {
|
|
name = 0x7f4f990db342 "runmode", has_arg = 1, flag = 0x0,
|
|
val = 0}, {name = 0x7f4f990cdf6b "engine-analysis", has_arg = 0,
|
|
flag = 0x7f4f99339998, val = 1}, {
|
|
name = 0x7f4f990df524 "pidfile", has_arg = 1, flag = 0x0,
|
|
val = 0}, {name = 0x7f4f990df52c "init-errors-fatal",
|
|
has_arg = 0, flag = 0x0, val = 0}, {
|
|
name = 0x7f4f990df53e "fatal-unittests", has_arg = 0, flag = 0x0,
|
|
val = 0}, {name = 0x7f4f990df6a4 "user", has_arg = 1, flag = 0x0,
|
|
val = 0}, {name = 0x7f4f990ea3d5 "group", has_arg = 1,
|
|
flag = 0x0, val = 0}, {name = 0x7f4f990df54e "erf-in",
|
|
has_arg = 1, flag = 0x0, val = 0}, {name = 0x7f4f990df555 "dag",
|
|
has_arg = 1, flag = 0x0, val = 0}, {
|
|
name = 0x7f4f990df559 "napatech", has_arg = 0, flag = 0x0,
|
|
val = 0}, {name = 0x7f4f990df562 "build-info", has_arg = 0,
|
|
flag = 0x7fff9448e34c, val = 1}, {name = 0x0, has_arg = 0,
|
|
flag = 0x0, val = 0}}
|
|
option_index = 21
|
|
short_opts = "c:TDhi:l:q:d:r:us:S:U:VF:"
|
|
temp_default_packet_size = 0x7f4f97e3f1d0 ""
|
|
c = <value optimized out>
|
|
de_ctx = 0x7f4f9c1b9bd0
|
|
start_time = {tv_sec = 1372094187, tv_usec = 291516}
|
|
end_time = {tv_sec = 139979845230552, tv_usec = 140735681195848}
|
|
milliseconds = <value optimized out>
|
|
global_de_ctx = <value optimized out>
|
|
__PRETTY_FUNCTION__ = "main"
|