Bug #101
closedSegv inside of FlowPruneFlows
Description
Another flow related bug. I wonder it this has anything to do with bug #100. This came from a 7 gig pcap, trying to shrink it, will upload the pcap if successful.
#0 pthread_mutex_trylock (mutex=0x8) at pthread_mutex_trylock.c:34
34 pthread_mutex_trylock.c: No such file or directory.
in pthread_mutex_trylock.c
(gdb) bt full
#0 _pthread_mutex_trylock (mutex=0x8) at pthread_mutex_trylock.c:34
oldval = <value optimized out>
__PRETTY_FUNCTION = "_pthread_mutex_trylock"
#1 0x0000000000418ff2 in FlowPrune (q=0x723798, ts=0x7f9df97f9ca0) at flow.c:139
mr = 0
f = 0x7f9df0294050
timeout = 30
#2 0x0000000000419497 in FlowPruneFlows (q=0x723798, ts=0x7f9df97f9ca0) at flow.c:242
cnt = 75
#3 0x000000000041a59a in FlowManagerThread (td=0x7f9dfc0cc0a0) at flow.c:669
i = 1
th_v = 0x7f9dfc0cc0a0
ts = {tv_sec = 1249078706, tv_usec = 860451}
tsdiff = {tv_sec = 1249078705, tv_usec = 375747}
established_cnt = 10095
new_cnt = 93898
closing_cnt = 29741
nowcnt = 20
sleeping = 100
emerg = 0 '\000'
FUNCTION = "FlowManagerThread"
#4 0x00007f9e04aaea04 in start_thread (arg=<value optimized out>) at pthread_create.c:300
__res = <value optimized out>
pd = 0x7f9df97fa910
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {140316472486160, 8387449317884913224, 140735796990080, 0, 0, 3, -8404343316824496568, -8405337710984993208}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {
prev = 0x0, cleanup = 0x0, canceltype = 0}}}
not_first_call = <value optimized out>
robust = <value optimized out>
#5 0x00007f9e043c980d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
No locals.
#6 0x0000000000000000 in ?? ()
No symbol table info available.
Updated by Will Metcalf about 14 years ago
same pcap, still way to big to attach.
GNU gdb (GDB) 7.0-ubuntu
Copyright (C) 2009 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /home/coz/downloads/suricatafuzz4/src/.libs/lt-suricata...done.
[New Thread 27526]
[New Thread 27530]
[New Thread 27521]
[New Thread 27525]
[New Thread 27531]
[New Thread 27523]
[New Thread 27541]
[New Thread 27532]
[New Thread 27542]
[New Thread 27533]
[New Thread 27524]
[New Thread 26470]
[New Thread 27529]
[New Thread 27528]
[New Thread 27527]
warning: Can't read pathname for load map: Input/output error.
Reading symbols from /home/coz/downloads/suricatafuzz4/libhtp/htp/.libs/libhtp-0.2.so.1...done.
Loaded symbols for /home/coz/downloads/suricatafuzz4/libhtp/htp/.libs/libhtp-0.2.so.1
Reading symbols from /usr/lib/libpcap.so.0.8...(no debugging symbols found)...done.
Loaded symbols for /usr/lib/libpcap.so.0.8
Reading symbols from /usr/local/lib/libpfring.so...done.
Loaded symbols for /usr/local/lib/libpfring.so
Reading symbols from /usr/lib/libnet.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/lib/libnet.so.1
Reading symbols from /lib/libpthread.so.0...Reading symbols from /usr/lib/debug/lib/libpthread-2.10.1.so...done.
(no debugging symbols found)...done.
Loaded symbols for /lib/libpthread.so.0
Reading symbols from /usr/lib/libyaml-0.so.1...(no debugging symbols found)...done.
Loaded symbols for /usr/lib/libyaml-0.so.1
Reading symbols from /lib/libpcre.so.3...(no debugging symbols found)...done.
Loaded symbols for /lib/libpcre.so.3
Reading symbols from /lib/libc.so.6...Reading symbols from /usr/lib/debug/lib/libc-2.10.1.so...done.
(no debugging symbols found)...done.
Loaded symbols for /lib/libc.so.6
Reading symbols from /lib/libz.so.1...(no debugging symbols found)...done.
Loaded symbols for /lib/libz.so.1
Reading symbols from /lib64/ld-linux-x86-64.so.2...Reading symbols from /usr/lib/debug/lib/ld-2.10.1.so...done.
(no debugging symbols found)...done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Core was generated by `/home/coz/downloads/suricatafuzz4/src/.libs/lt-suricata -c suricata.yaml -r ./d'.
Program terminated with signal 6, Aborted.
#0 0x00007f228f3904b5 in *GI_raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
64 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory.
in ../nptl/sysdeps/unix/sysv/linux/raise.c
(gdb) bt full
#0 0x00007f228f3904b5 in *_GI_raise (sig=<value optimized out>) at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
pid = <value optimized out>
selftid = <value optimized out>
#1 0x00007f228f393f50 in *_GI_abort () at abort.c:92
act = {__sigaction_handler = {sa_handler = 0x7f228fb2c750, sa_sigaction = 0x7f228fb2c750}, sa_mask = {__val = {139786409552104, 139786394545376, 63, 139786394545616, 139786408700358, 206158430232, 139786394545632,
139786394545408, 139786408611240, 206158430256, 139786394545656, 139785963643984, 139785951772704, 5, 8028073637728183662, 140735894447534}}, sa_flags = -1891038829, sa_restorer = 0x7f228fb2c744}
sigs = {__val = {32, 0 <repeats 15 times>}}
#2 0x00007f228f389481 in *_GI_assert_fail (assertion=0x7f228fb2c750 "new_prio == -1 || (new_prio >= sched_fifo_min_prio && new_prio <= __sched_fifo_max_prio)", file=<value optimized out>, line=63,
function=0x7f228fb2c820 "_pthread_tpp_change_priority") at assert.c:81
buf = 0x7f2274b52450 "lt-suricata: tpp.c:63: _pthread_tpp_change_priority: Assertion `new_prio == -1 || (new_prio >= __sched_fifo_min_prio && new_prio <= __sched_fifo_max_prio)' failed.\n"
#3 0x00007f228fb2b02e in __pthread_tpp_change_priority (previous_prio=-1, new_prio=0) at tpp.c:61
tpp = <value optimized out>
__PRETTY_FUNCTION = "_pthread_tpp_change_priority"
priomax = <value optimized out>
newpriomax = <value optimized out>
result = 12
#4 0x00007f228fb23c3e in pthread_mutex_lock_full (mutex=0x7f228eea2f60) at pthread_mutex_lock.c:415
ceiling = 0
retval = <value optimized out>
kind = <value optimized out>
oldprio = -1
ceilval = <value optimized out>
oldval = <value optimized out>
_PRETTY_FUNCTION = "_pthread_mutex_lock_full"
#5 0x000000000041c47f in FlowGetFlowFromHash (p=0xabdf10) at flow-hash.c:151
pf = 0x7f2286a95180
f = 0x7f228eea2ee0
key = 50654
fb = 0x7f228f0969b0
#6 0x000000000041984d in FlowHandlePacket (tv=0xbd29d80, p=0xabdf10) at flow.c:378
f = 0xabdf10
#7 0x00000000004183cf in DecodeTCP (tv=0xbd29d80, dtv=0x2b40370, p=0xabdf10, pkt=0xabdfaa "\020\367\206\315II\364\031\371\372\324r\200\020t.\246\205", len=32, pq=0x13893430) at decode-tcp.c:279
No locals.
#8 0x00000000004142ad in DecodeIPV4 (tv=0xbd29d80, dtv=0x2b40370, p=0xabdf10, pkt=0xabdf96 "E", len=52, pq=0x13893430) at decode-ipv4.c:581
ret = 0
#9 0x0000000000410e80 in DecodeEthernet (tv=0xbd29d80, dtv=0x2b40370, p=0xabdf10, pkt=0xabdf88 "", len=66, pq=0x13893430) at decode-ethernet.c:29
No locals.
#10 0x00000000004101a1 in DecodePcapFile (tv=0xbd29d80, p=0xabdf10, data=0x2b40370, pq=0x13893430) at source-pcap-file.c:233
dtv = 0x2b40370
#11 0x000000000049c704 in TmThreadsSlot1 (td=0xbd29d80) at tm-threads.c:329
tv = 0xbd29d80
s = 0x13893400
p = 0xabdf10
run = 1 '\001'
r = TM_ECODE_OK
#12 0x00007f228fb21a04 in start_thread (arg=<value optimized out>) at pthread_create.c:300
__res = <value optimized out>
pd = 0x7f228e643910
unwind_buf = {cancel_jmp_buf = {{jmp_buf = {139786394548496, -1801768351466238505, 140735894442128, 0, 0, 3, 1782240124704148951, 1782240587744038359}, mask_was_saved = 0}}, priv = {pad = {0x0, 0x0, 0x0, 0x0}, data = {
prev = 0x0, cleanup = 0x0, canceltype = 0}}}
not_first_call = <value optimized out>
robust = <value optimized out>
#13 0x00007f228f43c80d in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:112
No locals.
#14 0x0000000000000000 in ?? ()
No symbol table info available.
Updated by Victor Julien about 14 years ago
- Status changed from New to Closed
This appears to be fixed in the most recent master. Please reopen if this isn't the case.