Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7ffff1579700 (LWP 4566)] 0x0000000000000000 in ?? () (gdb) bt full #0 0x0000000000000000 in ?? () No symbol table info available. #1 0x0000000000439a57 in AppLayerParserGetTxCnt (ipproto=6 '\006', alproto=0, alstate=0x0) at app-layer-parser.c:708 No locals. #2 0x00000000004393be in AppLayerParserSetTransactionInspectId (pstate=0x0, ipproto=6 '\006', alproto=0, alstate=0x0, direction=10 '\n') at app-layer-parser.c:528 dir = 1 '\001' total_txs = 107872928 idx = 7938480864 state_done_progress = -671004464 tx = 0x439a57 state_progress = 0 #3 0x00000000004d4f94 in DeStateUpdateInspectTransactionId (f=0x1808db0, direction=10 '\n') at detect-engine-state.c:715 No locals. #4 0x000000000048185f in SigMatchSignatures (th_v=0x501eae0, de_ctx=0x196ae10, det_ctx=0x7fffd80148d0, p=0x15bc960) at detect.c:1553 sms_runflags = 3 '\003' alert_flags = 0 '\000' alproto = 1 idx = 0 flags = 10 '\n' alstate = 0x7fffd92b9ae0 smsg = 0x0 s = 0x0 sm = 0x0 alversion = 12 reset_de_state = 0 state_alert = 0 alerts = 0 app_decoder_events = 0 pflow = 0x1808db0 mask = 163 '\243' #5 0x0000000000481d75 in Detect (tv=0x501eae0, p=0x15bc960, data=0x7fffd80148d0, pq=0x5c7dc90, postpq=0x0) at detect.c:1708 det_ctx = 0x7fffd80148d0 de_ctx = 0x196ae10 r = 0 #6 0x00000000005c475f in TmThreadsSlotVarRun (tv=0x501eae0, p=0x15bc960, slot=0x5c97e40) at tm-threads.c:559 SlotFunc = 0x481c78 r = TM_ECODE_OK s = 0x5c7dc50 extra_p = 0x5c142c #7 0x0000000000587c99 in TmThreadsSlotProcessPkt (tv=0x501eae0, s=0x5c97e40, p=0x15bc960) at tm-threads.h:142 r = TM_ECODE_OK #8 0x000000000058a023 in AFPReadFromRing (ptv=0x7fffd80008c0) at source-af-packet.c:845 p = 0x15bc960 h = {h2 = 0x7fffbcbf5cd0, raw = 0x7fffbcbf5cd0} from = 0x7fffbcbf5cf0 emergency_flush = 0 '\000' read_pkts = 9607 loop_start = -1 #9 0x000000000058b013 in ReceiveAFPLoop (tv=0x501eae0, data=0x7fffd80008c0, slot=0x4fb7330) at source-af-packet.c:1049 packet_q_len = 509 ptv = 0x7fffd80008c0 fds = {fd = 15, events = 1, revents = 1} r = 1 s = 0x4fb7330 last_dump = 1391788723 current_time = {tv_sec = 1391788723, tv_usec = 368439} __FUNCTION__ = "ReceiveAFPLoop" #10 0x00000000005c502f in TmThreadsSlotPktAcqLoop (td=0x501eae0) at tm-threads.c:703 tv = 0x501eae0 s = 0x4fb7330 run = 1 '\001' r = TM_ECODE_OK slot = 0x0 __FUNCTION__ = "TmThreadsSlotPktAcqLoop" #11 0x00007ffff58509d1 in start_thread (arg=0x7ffff1579700) at pthread_create.c:301 __res = pd = 0x7ffff1579700 now = unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140737242437376, 9128486677365927647, 140737488335360, 140737242438080, 0, 3, -9128509559272886561, -9128500337849127201}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = pagesize_m1 = sp = freesize = #12 0x00007ffff5399b6d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115 No locals. --------------------------------------------------------------------------------------------------- (gdb) thread 8 [Switching to thread 8 (Thread 0x7fffed687700 (LWP 4569))]#0 pthread_cond_timedwait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:239 239 62: movq %rax, %r14 (gdb) bt full #0 pthread_cond_timedwait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:239 No locals. #1 0x0000000000451913 in SCPerfMgmtThread (arg=0x5f24360) at counters.c:340 tv_local = 0x5f24360 run = 1 '\001' cond_time = {tv_sec = 1391788729, tv_nsec = 0} __FUNCTION__ = "SCPerfMgmtThread" #2 0x00007ffff58509d1 in start_thread (arg=0x7fffed687700) at pthread_create.c:301 __res = pd = 0x7fffed687700 now = unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140737176434432, 9128486677365927647, 140737488344080, 140737176435136, 0, 3, -9128448361357627681, -9128500337849127201}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = pagesize_m1 = sp = freesize = #3 0x00007ffff5399b6d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115 No locals. --------------------------------------------------------------------------------------------------- (gdb) thread 7 [Switching to thread 7 (Thread 0x7ffff0577700 (LWP 4568))]#0 pthread_cond_timedwait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:239 239 62: movq %rax, %r14 (gdb) bt full #0 pthread_cond_timedwait@@GLIBC_2.3.2 () at ../nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_timedwait.S:239 No locals. #1 0x0000000000451ec2 in SCPerfWakeupThread (arg=0x50a8480) at counters.c:408 tv_local = 0x50a8480 run = 1 '\001' tv = 0x0 q = 0x0 cond_time = {tv_sec = 1391788725, tv_nsec = 0} __FUNCTION__ = "SCPerfWakeupThread" #2 0x00007ffff58509d1 in start_thread (arg=0x7ffff0577700) at pthread_create.c:301 __res = pd = 0x7ffff0577700 now = unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140737225651968, 9128486677365927647, 140737488344080, 140737225652672, 0, 3, -9128507365618340129, -9128500337849127201}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = pagesize_m1 = sp = freesize = #3 0x00007ffff5399b6d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115 No locals. --------------------------------------------------------------------------------------------------- (gdb) thread 6 [Switching to thread 6 (Thread 0x7ffff0d78700 (LWP 4567))]#0 __pthread_mutex_trylock (mutex=0x7ffff3bd9fe0) at pthread_mutex_trylock.c:30 30 { (gdb) bt full #0 __pthread_mutex_trylock (mutex=0x7ffff3bd9fe0) at pthread_mutex_trylock.c:30 oldval = id = #1 0x0000000000535207 in FlowTimeoutHash (ts=0x7ffff0d77520, try_cnt=0, counters=0x7ffff0d77530) at flow-manager.c:347 fb = 0x7ffff3bd9fd0 idx = 30975 cnt = 0 emergency = 1 #2 0x00000000005357f7 in FlowManagerThread (td=0x52f73f0) at flow-manager.c:483 counters = {new = 0, est = 0, clo = 0} flow_memuse = 33554176 len = 0 th_v = 0x52f73f0 ts = {tv_sec = 1391788723, tv_usec = 741326} established_cnt = 0 new_cnt = 0 closing_cnt = 0 emerg = 1 prev_emerg = 1 last_sec = 1391788566 cond_time = {tv_sec = 1391788723, tv_nsec = 100000} flow_update_delay_sec = 0 flow_update_delay_nsec = 100000 flow_mgr_cnt_clo = 1 flow_mgr_cnt_new = 2 flow_mgr_cnt_est = 3 flow_mgr_memuse = 4 flow_mgr_spare = 5 flow_emerg_mode_enter = 6 flow_emerg_mode_over = 7 __FUNCTION__ = "FlowManagerThread" #3 0x00007ffff58509d1 in start_thread (arg=0x7ffff0d78700) at pthread_create.c:301 __res = pd = 0x7ffff0d78700 now = unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140737234044672, 9128486677365927647, 140737488346176, 140737234045376, 0, 3, -9128506266643583265, -9128500337849127201}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = pagesize_m1 = sp = freesize = #4 0x00007ffff5399b6d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115 No locals. --------------------------------------------------------------------------------------------------- (gdb) thread 4 [Switching to thread 4 (Thread 0x7ffff1d7a700 (LWP 4565))]#0 __lll_lock_wait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:136 136 2: movl %edx, %eax (gdb) bt full #0 __lll_lock_wait () at ../nptl/sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:136 No locals. #1 0x00007ffff5852508 in _L_lock_854 () from /lib64/libpthread.so.0 No symbol table info available. #2 0x00007ffff58523d7 in __pthread_mutex_lock (mutex=0x1808df0) at pthread_mutex_lock.c:61 ignore1 = 128 ignore2 = 25202160 ignore3 = -512 type = id = 4565 #3 0x0000000000481964 in SigMatchSignatures (th_v=0x501e460, de_ctx=0x196ae10, det_ctx=0x7fffe40148e0, p=0x14912c0) at detect.c:1584 sms_runflags = 1 '\001' alert_flags = 0 '\000' alproto = 0 idx = 9 flags = 4 '\004' alstate = 0x0 smsg = 0x0 s = 0x296afc0 sm = 0x0 alversion = 0 reset_de_state = 0 state_alert = 0 alerts = 0 app_decoder_events = 0 pflow = 0x1808db0 mask = 150 '\226' #4 0x0000000000481d75 in Detect (tv=0x501e460, p=0x14912c0, data=0x7fffe40148e0, pq=0x4fb6cf0, postpq=0x0) at detect.c:1708 det_ctx = 0x7fffe40148e0 de_ctx = 0x196ae10 r = 0 #5 0x00000000005c475f in TmThreadsSlotVarRun (tv=0x501e460, p=0x14912c0, slot=0x5c7a5d0) at tm-threads.c:559 SlotFunc = 0x481c78 r = TM_ECODE_OK s = 0x4fb6cb0 extra_p = 0x5c142c #6 0x0000000000587c99 in TmThreadsSlotProcessPkt (tv=0x501e460, s=0x5c7a5d0, p=0x14912c0) at tm-threads.h:142 r = TM_ECODE_OK #7 0x000000000058a023 in AFPReadFromRing (ptv=0x7fffe40008f0) at source-af-packet.c:845 p = 0x14912c0 h = {h2 = 0x7fffc71cef60, raw = 0x7fffc71cef60} from = 0x7fffc71cef80 emergency_flush = 0 '\000' read_pkts = 630 loop_start = -1 #8 0x000000000058b013 in ReceiveAFPLoop (tv=0x501e460, data=0x7fffe40008f0, slot=0x5c93d20) at source-af-packet.c:1049 packet_q_len = 510 ptv = 0x7fffe40008f0 fds = {fd = 14, events = 1, revents = 1} r = 1 s = 0x5c93d20 last_dump = 1391788723 current_time = {tv_sec = 1391788723, tv_usec = 681966} __FUNCTION__ = "ReceiveAFPLoop" #9 0x00000000005c502f in TmThreadsSlotPktAcqLoop (td=0x501e460) at tm-threads.c:703 tv = 0x501e460 s = 0x5c93d20 run = 1 '\001' r = TM_ECODE_OK slot = 0x0 __FUNCTION__ = "TmThreadsSlotPktAcqLoop" #10 0x00007ffff58509d1 in start_thread (arg=0x7ffff1d7a700) at pthread_create.c:301 __res = pd = 0x7ffff1d7a700 now = unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140737250830080, 9128486677365927647, 140737488335360, 140737250830784, 0, 3, -9128508460298129697, -9128500337849127201}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = pagesize_m1 = sp = freesize = #11 0x00007ffff5399b6d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115 No locals. --------------------------------------------------------------------------------------------------- (gdb) thread 3 [Switching to thread 3 (Thread 0x7ffff257b700 (LWP 4564))]#0 0x00007ffff5390343 in __poll (fds=, nfds=, timeout=) at ../sysdeps/unix/sysv/linux/poll.c:87 87 int result = INLINE_SYSCALL (poll, 3, CHECK_N (fds, nfds), nfds, timeout); (gdb) bt full #0 0x00007ffff5390343 in __poll (fds=, nfds=, timeout=) at ../sysdeps/unix/sysv/linux/poll.c:87 __arg2 = 1 _a3 = 100 _a1 = 140737259216112 resultvar = __arg3 = 100 __arg1 = 140737259216112 _a2 = 1 resultvar = oldtype = 0 result = #1 0x000000000058abf2 in ReceiveAFPLoop (tv=0x5498fa0, data=0x7fffe00008c0, slot=0x53bf760) at source-af-packet.c:1021 packet_q_len = 509 ptv = 0x7fffe00008c0 fds = {fd = 13, events = 1, revents = 0} r = 0 s = 0x53bf760 last_dump = 1391788723 current_time = {tv_sec = 1391788723, tv_usec = 750482} __FUNCTION__ = "ReceiveAFPLoop" #2 0x00000000005c502f in TmThreadsSlotPktAcqLoop (td=0x5498fa0) at tm-threads.c:703 tv = 0x5498fa0 s = 0x53bf760 run = 1 '\001' r = TM_ECODE_OK slot = 0x0 __FUNCTION__ = "TmThreadsSlotPktAcqLoop" #3 0x00007ffff58509d1 in start_thread (arg=0x7ffff257b700) at pthread_create.c:301 __res = pd = 0x7ffff257b700 now = unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140737259222784, 9128486677365927647, 140737488335360, 140737259223488, 0, 3, -9128511757222400289, -9128500337849127201}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = pagesize_m1 = sp = freesize = #4 0x00007ffff5399b6d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115 No locals. --------------------------------------------------------------------------------------------------- (gdb) thread 2 [Switching to thread 2 (Thread 0x7ffff2d7c700 (LWP 4563))]#0 0x00000000005c06f4 in PacketPoolReturnPacket (p=0x14feac0) at tmqh-packetpool.c:125 125 PACKET_RECYCLE(p); (gdb) bt full #0 0x00000000005c06f4 in PacketPoolReturnPacket (p=0x14feac0) at tmqh-packetpool.c:125 No locals. #1 0x0000000000457829 in PacketFreeOrRelease (p=0x14feac0) at decode.c:145 No locals. #2 0x0000000000589b31 in AFPReleasePacket (p=0x14feac0) at source-af-packet.c:692 No locals. #3 0x00000000005c142c in TmqhOutputPacketpool (t=0x5b39d70, p=0x14feac0) at tmqh-packetpool.c:286 proot = 0 #4 0x0000000000587d40 in TmThreadsSlotProcessPkt (tv=0x5b39d70, s=0x501a1a0, p=0x14feac0) at tm-threads.h:156 slot = 0x3c0045784a r = TM_ECODE_OK #5 0x000000000058a023 in AFPReadFromRing (ptv=0x7fffe80008c0) at source-af-packet.c:845 p = 0x14feac0 h = {h2 = 0x7fffd706a520, raw = 0x7fffd706a520} from = 0x7fffd706a540 emergency_flush = 0 '\000' read_pkts = 3490 loop_start = -1 #6 0x000000000058b013 in ReceiveAFPLoop (tv=0x5b39d70, data=0x7fffe80008c0, slot=0x5080ec0) at source-af-packet.c:1049 packet_q_len = 509 ptv = 0x7fffe80008c0 fds = {fd = 12, events = 1, revents = 1} r = 1 s = 0x5080ec0 last_dump = 1391788723 current_time = {tv_sec = 1391788723, tv_usec = 611392} __FUNCTION__ = "ReceiveAFPLoop" #7 0x00000000005c502f in TmThreadsSlotPktAcqLoop (td=0x5b39d70) at tm-threads.c:703 tv = 0x5b39d70 s = 0x5080ec0 run = 1 '\001' r = TM_ECODE_OK slot = 0x0 __FUNCTION__ = "TmThreadsSlotPktAcqLoop" #8 0x00007ffff58509d1 in start_thread (arg=0x7ffff2d7c700) at pthread_create.c:301 __res = pd = 0x7ffff2d7c700 now = unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140737267615488, 9128486677365927647, 140737488335360, 140737267616192, 0, 3, -9128510658247643425, -9128500337849127201}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {prev = 0x0, cleanup = 0x0, canceltype = 0}}} not_first_call = pagesize_m1 = sp = freesize = #9 0x00007ffff5399b6d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:115 No locals. --------------------------------------------------------------------------------------------------- (gdb) thread 1 [Switching to thread 1 (Thread 0x7ffff7fea800 (LWP 4550))]#0 0x00007ffff535dcdd in nanosleep () at ../sysdeps/unix/syscall-template.S:82 82 T_PSEUDO (SYSCALL_SYMBOL, SYSCALL_NAME, SYSCALL_NARGS) (gdb) bt full #0 0x00007ffff535dcdd in nanosleep () at ../sysdeps/unix/syscall-template.S:82 No locals. #1 0x00007ffff5392e54 in usleep (useconds=) at ../sysdeps/unix/sysv/linux/usleep.c:33 ts = {tv_sec = 0, tv_nsec = 10000000} #2 0x00000000005bd47d in main (argc=6, argv=0x7fffffffe6f8) at suricata.c:2277 suri = {run_mode = 8, pcap_dev = '\000' , sig_file = 0x0, sig_file_exclusive = 0, pid_filename = 0x0, regex_arg = 0x0, keyword_info = 0x0, runmode_custom_mode = 0x0, user_name = 0x7fffffffe970 "suri", group_name = 0x7fffffffe97d "suri", do_setuid = 1 '\001', do_setgid = 1 '\001', userid = 498, groupid = 499, delayed_detect = 0, rule_reload = 0, disabled_detect = 0, daemon = 0, offline = 0, verbose = 0, checksum_validation = -1, start_time = {tv_sec = 1391788566, tv_usec = 223902}, log_dir = 0x9285a0 "/var/log/suricata/"} __FUNCTION__ = "main" de_ctx = 0x196ae10 engine_retval = 0 global_de_ctx = 0x7ffff7ffdfd8 __PRETTY_FUNCTION__ = "main"