Lua PANIC: unprotected error in call to Lua API (stack overflow)
HI, Suricata Team:
Since I need to hash and customize some fields, I tried to use Lua scripts to audit all HTTP traffic.The program will exit automatically after running for a period of time. The screen outputs error message: ' PANIC: unprotected error in call to Lua API (stack overflow). '
My Suricata is deployed on AWS, and the traffic mirror is from Nginx Server, so it is all HTTP traffic, about 1.5Gbps. Can Lua scripts not run in high-traffic environments?
My lua script (demo) code is in the attachment, please correct me my mistake, any help makes sense to me.
CPU: 1 CPU 36 core
Updated by xu hui almost 3 years ago
Andreas Herz wrote:
Just a side note, lua is quite expensive but good hardware should still deal with it at 1.5gbit/s rate.
Thank you for your reply! In my tests, this script works fine when specifying a URL.If no filter is specified, it will trigger this exception.
This is the detailed configuration of my hardware.
$ lscpu Architecture: x86_64 CPU op-mode(s): 32-bit, 64-bit Byte Order: Little Endian CPU(s): 36 On-line CPU(s) list: 0-35 Thread(s) per core: 2 Core(s) per socket: 9 Socket(s): 2 NUMA node(s): 2 Vendor ID: GenuineIntel CPU family: 6 Model: 63 Model name: Intel(R) Xeon(R) CPU E5-2666 v3 @ 2.90GHz Stepping: 2 CPU MHz: 2658.363 CPU max MHz: 3500.0000 CPU min MHz: 1200.0000 BogoMIPS: 5800.17 Hypervisor vendor: Xen Virtualization type: full L1d cache: 32K L1i cache: 32K L2 cache: 256K L3 cache: 25600K NUMA node0 CPU(s): 0-8,18-26 NUMA node1 CPU(s): 9-17,27-35 Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx pdpe1gb rdtscp lm constant_tsc rep_good nopl xtopology nonstop_tsc cpuid aperfmperf pni pclmulqdq monitor est ssse3 fma cx16 pcid sse4_1 sse4_2 x2apic movbe popcnt tsc_deadline_timer aes xsave avx f16c rdrand hypervisor lahf_lm abm cpuid_fault invpcid_single pti fsgsbase bmi1 avx2 smep bmi2 erms invpcid xsaveopt ida
top - 06:02:09 up 9 days, 21:58, 2 users, load average: 2.45, 2.04, 1.79 Tasks: 424 total, 1 running, 214 sleeping, 0 stopped, 0 zombie %Cpu(s): 4.5 us, 0.1 sy, 0.0 ni, 95.2 id, 0.1 wa, 0.0 hi, 0.1 si, 0.0 st KiB Mem : 61818916 total, 13097800 free, 34276372 used, 14444744 buff/cache KiB Swap: 0 total, 0 free, 0 used. 34206288 avail Mem
Updated by Andreas Herz 8 months ago
- Status changed from New to Closed
Hi, we're closing this issue since there have been no further responses.
If you think this issue is still relevant, try to test it again with the
most recent version of suricata and reopen the issue. If you want to
improve the bug report please take a look at