# gdb --args suricata -c /etc/suricata/suricata.yaml --af-packet GNU gdb (GDB) Red Hat Enterprise Linux (7.2-60.el6_4.1) Copyright (C) 2010 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-redhat-linux-gnu". For bug reporting instructions, please see: ... Reading symbols from /usr/bin/suricata...Reading symbols from /usr/lib/debug/usr/bin/suricata.debug...done. done. (gdb) run Starting program: /usr/bin/suricata -c /etc/suricata/suricata.yaml --af-packet warning: no loadable sections found in added symbol-file system-supplied DSO at 0x7ffff7ffa000 [Thread debugging using libthread_db enabled] [17661] 23/7/2013 -- 16:08:52 - (suricata.c:1287) (main) -- This is Suricata version 2.0dev [17661] 23/7/2013 -- 16:08:52 - (util-cpu.c:166) (UtilCpuPrintSummary) -- CPUs/cores online: 4 [17661] 23/7/2013 -- 16:08:52 - (util-ioctl.c:85) (GetIfaceMTU) -- Failure when trying to get MTU via ioctl: 19 [New Thread 0x7ffff3485700 (LWP 17674)] [New Thread 0x7ffff2c84700 (LWP 17675)] [New Thread 0x7ffff2483700 (LWP 17676)] [New Thread 0x7ffff1c82700 (LWP 17677)] [New Thread 0x7ffff1481700 (LWP 17678)] [New Thread 0x7ffff0c80700 (LWP 17679)] [New Thread 0x7fffeda2c700 (LWP 17680)] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7ffff3485700 (LWP 17674)] 0x000055555557c1b4 in AppLayerTransactionGetInspectId (f=0x7fffdc50a890, flags=) at app-layer-parser.c:1210 1210 { Missing separate debuginfos, use: debuginfo-install GeoIP-1.5.1-1.el6.x86_64 file-libs-5.04-15.el6.x86_64 glibc-2.12-1.107.el6_4.2.x86_64 jansson-2.4-1.el6.x86_64 libcap-ng-0.6.4-3.el6_0.1.x86_64 libhtp-0.5.6-1.el6.x86_64 libnet-1.1.6-1.el6.x86_64 libpcap-1.0.0-6.20091201git117cb5.el6.x86_64 libyaml-0.1.4-1.el6.x86_64 nspr-4.9.2-1.el6.x86_64 nss-3.14.0.0-12.el6.x86_64 nss-softokn-3.12.9-11.el6.x86_64 nss-softokn-freebl-3.12.9-11.el6.x86_64 nss-util-3.14.0.0-2.el6.x86_64 pcre-jit-8.33-1.el6.x86_64 sqlite-3.6.20-1.el6.x86_64 zlib-1.2.3-29.el6.x86_64 (gdb) bt full #0 0x000055555557c1b4 in AppLayerTransactionGetInspectId (f=0x7fffdc50a890, flags=) at app-layer-parser.c:1210 No locals. #1 0x00005555555eaacb in DeStateFlowHasInspectableState (f=0x7fffdc50a890, alproto=1, alversion=, flags=10 '\n') at detect-engine-state.c:220 r = 0 #2 0x00005555555b6518 in SigMatchSignatures (th_v=0x55555c1c6c20, de_ctx=0x555556a18be0, det_ctx=0x7fffe80168d0, p=0x555556618940) at detect.c:1435 has_state = sms_runflags = 1 '\001' alert_flags = 0 '\000' alproto = 1 idx = flags = 10 '\n' alstate = 0x7fffabce7f40 smsg = 0x0 s = 0x0 sm = 0x0 alversion = 3 reset_de_state = alerts = 0 i = app_decoder_events = 0 mask = #3 0x00005555555b707f in Detect (tv=, p=, data=, pq=, postpq=) at detect.c:1852 det_ctx = de_ctx = r = #4 0x00005555556812a8 in TmThreadsSlotVarRun (tv=0x55555c1c6c20, p=0x555556618940, slot=) at tm-threads.c:542 SlotFunc = r = s = 0x55555c1febf0 extra_p = #5 0x000055555565bf10 in TmThreadsSlotProcessPkt (ptv=) at tm-threads.h:139 r = TM_ECODE_OK #6 AFPReadFromRing (ptv=) at source-af-packet.c:841 p = 0x555556618940 from = emergency_flush = 0 '\000' read_pkts = 1 loop_start = -1 #7 0x000055555565c454 in ReceiveAFPLoop (tv=0x55555c1c6c20, data=0x7fffe80008f0, slot=) at source-af-packet.c:1042 packet_q_len = ptv = 0x7fffe80008f0 fds = {fd = 12, events = 1, revents = 1} r = s = last_dump = 1374659849 current_time = {tv_sec = 1374659849, tv_usec = 485125} __FUNCTION__ = "ReceiveAFPLoop" #8 0x0000555555680ee6 in TmThreadsSlotPktAcqLoop (td=0x55555c1c6c20) at tm-threads.c:682 tv = 0x55555c1c6c20 s = 0x55555c1c5d00 run = r = slot = 0x0 __FUNCTION__ = "TmThreadsSlotPktAcqLoop" #9 0x00007ffff5866851 in start_thread () from /lib64/libpthread.so.0 No symbol table info available. #10 0x00007ffff53b090d in clone () from /lib64/libc.so.6 No symbol table info available. (gdb)