Project

General

Profile

Actions
Copy link

Bug #4277

closed

SIGABRT: rust panic HTTP2State

Added by Peter Manev almost 4 years ago. Updated over 3 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Philippe Antoine
Target version:
7.0.0-beta1
Affected Versions:
6.0.3
Effort:
Difficulty:
Label:

Description

Getting sigabrt with rust panic on live traffic.
full trace attached.

This is Suricata version 7.0.0-dev (e586d8526 2021-01-27)


#2  0x000000000091ba67 in std::sys::unix::abort_internal () at library/std/src/sys/unix/mod.rs:235
#3  0x000000000090a745 in std::sys_common::util::abort () at library/std/src/sys_common/util.rs:19
#4  0x000000000090c7be in std::panicking::rust_panic () at library/std/src/panicking.rs:644
#5  0x000000000090c636 in std::panicking::rust_panic_with_hook () at library/std/src/panicking.rs:612
#6  0x000000000090c0d7 in std::panicking::begin_panic_handler::{{closure}} () at library/std/src/panicking.rs:497
#7  0x000000000090713c in std::sys_common::backtrace::__rust_end_short_backtrace () at library/std/src/sys_common/backtrace.rs:141
#8  0x000000000090c069 in rust_begin_unwind () at library/std/src/panicking.rs:495
#9  0x0000000000972991 in core::panicking::panic_fmt () at library/core/src/panicking.rs:92
#10 0x00000000009728dd in core::panicking::panic () at library/core/src/panicking.rs:50
#11 0x00000000007feb23 in <brotli_decompressor::reader::DecompressorCustomIo<ErrType,R,BufferType,AllocU8,AllocU32,AllocHC> as brotli_decompressor::io_wrappers::CustomRead<ErrType>>::read (self=0x7f2221d2fcf0, buf=...)
    at /rustc/e1884a8e3c3e813aada8254edfa120e85bf5ffca/library/core/src/option.rs:386
#12 <brotli_decompressor::reader::DecompressorCustomAlloc<R,BufferType,AllocU8,AllocU32,AllocHC> as std::io::Read>::read (self=0x7f2221d2fcf0, buf=...)
    at /root/.cargo/registry/src/github.com-1ecc6299db9ec823/brotli-decompressor-2.3.1/src/reader.rs:85
#13 <brotli_decompressor::reader::Decompressor<R> as std::io::Read>::read (self=0x7f2221d2fcf0, buf=...) at /root/.cargo/registry/src/github.com-1ecc6299db9ec823/brotli-decompressor-2.3.1/src/reader.rs:178
#14 0x00000000007d321d in suricata::http2::decompression::http2_decompress (decoder=0x7f2221d2fcf0, input=..., output=0x7f33b18a3fe0) at src/http2/decompression.rs:120
#15 suricata::http2::decompression::HTTP2DecoderHalf::decompress (self=0x7f2221d2fce8, input=..., output=0x7f33b18a3fe0) at src/http2/decompression.rs:178
#16 0x0000000000774739 in suricata::http2::decompression::HTTP2Decoder::decompress (self=<optimized out>, input=..., output=0x7f33b18a3fe0, dir=8) at src/http2/decompression.rs:211
--Type <RET> for more, q to quit, c to continue without paging--
#17 suricata::http2::http2::HTTP2Transaction::decompress (self=<optimized out>, input=..., dir=8, sfcm=0xb3b1f0 <sfc>, over=<optimized out>, files=0x7f23f6406080, flags=8706) at src/http2/http2.rs:181
#18 suricata::http2::http2::HTTP2State::parse_frames (self=<optimized out>, input=..., il=<optimized out>, dir=<optimized out>) at src/http2/http2.rs:812
#19 0x0000000000775245 in suricata::http2::http2::HTTP2State::parse_tc (self=0x7f23f6405ff0, input=...) at src/http2/http2.rs:912
#20 suricata::http2::http2::rs_http2_parse_tc (flow=<optimized out>, state=0x7f23f6405ff0, _pstate=<optimized out>, input=<optimized out>, input_len=3155, _data=<optimized out>, _flags=<optimized out>) at src/http2/http2.rs:1029
#21 0x00000000005078e7 in AppLayerParserParse (tv=0x7f33e75f5650, alp_tctx=0x7f3372e99290, f=0x7f2184491490, alproto=29, flags=8 '\b', input=0x7f2221394281 "", input_len=3155) at app-layer-parser.c:1273
#22 0x00000000004cd8fa in AppLayerHandleTCPData (tv=0x7f33e75f5650, ra_ctx=0x7f3372e74df0, p=0x7f3372ddde30, f=0x7f2184491490, ssn=0x7f2606faf7d0, stream=0x7f33b18a43d0, data=0x7f2221394281 "", data_len=3155, flags=8 '\b')
    at app-layer.c:706
#23 0x00000000006730b6 in ReassembleUpdateAppLayer (tv=0x7f33e75f5650, ra_ctx=0x7f3372e74df0, ssn=0x7f2606faf7d0, stream=0x7f33b18a43d0, p=0x7f3372ddde30, dir=UPDATE_DIR_OPPOSING) at stream-tcp-reassemble.c:1174
#24 0x0000000000672a9d in StreamTcpReassembleAppLayer (tv=0x7f33e75f5650, ra_ctx=0x7f3372e74df0, ssn=0x7f2606faf7d0, stream=0x7f2606faf7e0, p=0x7f3372ddde30, dir=UPDATE_DIR_OPPOSING) at stream-tcp-reassemble.c:1237
#25 0x000000000067482b in StreamTcpReassembleHandleSegmentUpdateACK (tv=0x7f33e75f5650, ra_ctx=0x7f3372e74df0, ssn=0x7f2606faf7d0, stream=0x7f2606faf7e0, p=0x7f3372ddde30) at stream-tcp-reassemble.c:1808
#26 0x0000000000674689 in StreamTcpReassembleHandleSegment (tv=0x7f33e75f5650, ra_ctx=0x7f3372e74df0, ssn=0x7f2606faf7d0, stream=0x7f2606faf860, p=0x7f3372ddde30, pq=0x7f3372e74ae8) at stream-tcp-reassemble.c:1851
#27 0x000000000066c56d in HandleEstablishedPacketToServer (tv=0x7f33e75f5650, ssn=0x7f2606faf7d0, p=0x7f3372ddde30, stt=0x7f3372e74ae0, pq=0x7f3372e74ae8) at stream-tcp.c:2318
#28 0x0000000000660f36 in StreamTcpPacketStateEstablished (tv=0x7f33e75f5650, p=0x7f3372ddde30, stt=0x7f3372e74ae0, ssn=0x7f2606faf7d0, pq=0x7f3372e74ae8) at stream-tcp.c:2688
#29 0x000000000065b2cd in StreamTcpStateDispatch (tv=0x7f33e75f5650, p=0x7f3372ddde30, stt=0x7f3372e74ae0, ssn=0x7f2606faf7d0, pq=0x7f3372e74ae8, state=4 '\004') at stream-tcp.c:4703
#30 0x0000000000659349 in StreamTcpPacket (tv=0x7f33e75f5650, p=0x7f3372ddde30, stt=0x7f3372e74ae0, pq=0x7f3372e33b30) at stream-tcp.c:4889
#31 0x000000000065b95a in StreamTcp (tv=0x7f33e75f5650, p=0x7f3372ddde30, data=0x7f3372e74ae0, pq=0x7f3372e33b30) at stream-tcp.c:5225
#32 0x00000000005f1930 in FlowWorkerStreamTCPUpdate (tv=0x7f33e75f5650, fw=0x7f3372e33b00, p=0x7f3372ddde30, detect_thread=0x7f3377dfe400) at flow-worker.c:364
#33 0x00000000005f14f5 in FlowWorker (tv=0x7f33e75f5650, p=0x7f3372ddde30, data=0x7f3372e33b00) at flow-worker.c:524
#34 0x00000000006814b4 in TmThreadsSlotVarRun (tv=0x7f33e75f5650, p=0x7f3372ddde30, slot=0x7f341327a0c0) at tm-threads.c:117
#35 0x000000000064e0ce in TmThreadsSlotProcessPkt (tv=0x7f33e75f5650, s=0x7f341327a0c0, p=0x7f3372ddde30) at ./tm-threads.h:192
#36 0x000000000064d02e in AFPParsePacketV3 (ptv=0x7f337ffff600, pbd=0x7f2eab100000, ppd=0x7f2eab15ad10) at source-af-packet.c:1113
#37 0x000000000064cbb9 in AFPWalkBlock (ptv=0x7f337ffff600, pbd=0x7f2eab100000) at source-af-packet.c:1128
#38 0x000000000064afb7 in AFPReadFromRingV3 (ptv=0x7f337ffff600) at source-af-packet.c:1178
#39 0x000000000064a337 in ReceiveAFPLoop (tv=0x7f33e75f5650, data=0x7f337ffff600, slot=0x7f340122d7b0) at source-af-packet.c:1571
#40 0x0000000000686887 in TmThreadsSlotPktAcqLoop (td=0x7f33e75f5650) at tm-threads.c:312
#41 0x00007f34e4448fa3 in start_thread (arg=<optimized out>) at pthread_create.c:486
#42 0x00007f34e35f34cf in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95

Files

rust-core-HTTP2DecoderHalf.txt (92.7 KB) rust-core-HTTP2DecoderHalf.txt Peter Manev, 01/27/2021 11:14 PM
Actions
Copy link
 #2

Updated by Philippe Antoine over 3 years ago

  • Status changed from New to In Review
  • Assignee set to Philippe Antoine
  • Target version set to 7.0.0-beta1
  • Affected Versions 6.0.3 added
  • Affected Versions deleted (git master)
Actions
Copy link
 #3

Updated by Philippe Antoine over 3 years ago

  • Status changed from In Review to Closed
Actions
Copy link

Also available in: Atom PDF