Project

General

Profile

Actions

Bug #4208

closed

Suricata crashes with multi-threaded eve logger and HTTP/2 traffic

Added by Jeff Lucovsky over 3 years ago. Updated over 2 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Target version:
Affected Versions:
Effort:
Difficulty:
Label:
Needs backport to 6.0

Description

Suricata will crash if
- Multi-threaded eve logging is enabled
- HTTP/2 parsing and logging is enabled
- HTTP/2 traffic is received.

AddressSanitizer:DEADLYSIGNAL
=================================================================
==153358==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000008 (pc 0x7fc2c47f1d69 bp 0x7fc2a7676700 sp 0x7fc2a76754a0 T12)
==153358==The signal is caused by a READ memory access.
==153358==Hint: address points to the zero page.
[153358] 8/12/2020 -- 08:04:08 - (suricata.c:2637) <Notice> (SuricataMainLoop) -- Signal Received.  Stopping engine.
    #0 0x7fc2c47f1d68 in clearerr (/lib/x86_64-linux-gnu/libc.so.6+0x8dd68)
    #1 0x5579291ed3e7 in SCLogFileWrite /home/jlucovsky/src/jal/suricata/src/util-logopenfile.c:264
    #2 0x5579291f1258 in LogFileWrite /home/jlucovsky/src/jal/suricata/src/util-logopenfile.c:878
    #3 0x55792902151f in OutputJsonBuilderBuffer /home/jlucovsky/src/jal/suricata/src/output-json.c:1007
    #4 0x557928ffb5c9 in JsonHttp2Logger /home/jlucovsky/src/jal/suricata/src/output-json-http2.c:104
    #5 0x55792901768e in OutputTxLog /home/jlucovsky/src/jal/suricata/src/output-tx.c:298
    #6 0x557928fb6af4 in OutputLoggerLog /home/jlucovsky/src/jal/suricata/src/output.c:882
    #7 0x557928f78c25 in FlowWorker /home/jlucovsky/src/jal/suricata/src/flow-worker.c:545
    #8 0x55792917db4a in TmThreadsSlotVarRun /home/jlucovsky/src/jal/suricata/src/tm-threads.c:117
    #9 0x55792917fc6c in TmThreadsSlotVar /home/jlucovsky/src/jal/suricata/src/tm-threads.c:452
    #10 0x7fc2c5375608 in start_thread /build/glibc-ZN95T4/glibc-2.31/nptl/pthread_create.c:477
    #11 0x7fc2c4886292 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x122292)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/lib/x86_64-linux-gnu/libc.so.6+0x8dd68) in clearerr
Thread T12 (W#11) created by T0 (Suricata-Main) here:
    #0 0x7fc2c562b805 in pthread_create (/lib/x86_64-linux-gnu/libasan.so.5+0x3a805)
    #1 0x557929185a38 in TmThreadSpawn /home/jlucovsky/src/jal/suricata/src/tm-threads.c:1721
    #2 0x557929038203 in RunModeFilePcapAutoFp /home/jlucovsky/src/jal/suricata/src/runmode-pcap-file.c:227
    #3 0x557929040985 in RunModeDispatch /home/jlucovsky/src/jal/suricata/src/runmodes.c:391
    #4 0x557929172a60 in SuricataMain /home/jlucovsky/src/jal/suricata/src/suricata.c:2801
    #5 0x5579285cdc4b in main /home/jlucovsky/src/jal/suricata/src/main.c:22
    #6 0x7fc2c478b0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

==153358==ABORTING

Related issues 1 (0 open1 closed)

Copied to Suricata - Bug #4209: Suricata crashes with multi-threaded eve logger and HTTP/2 trafficClosedVictor JulienActions
Actions

Also available in: Atom PDF